Privacy and Cookie Policy of the Website

1. Introduction

In compliance with the obligations set forth by Regulation (EU) No. 2016/679 of the European Parliament and of the Council of 27 April 2016 (hereinafter, the “Regulation” or “GDPR“) and the applicable national legislation, DOUBLE EM SRL respects and protects the personal data of visitors and users (hereinafter, the “Data Subjects“) of the website www.ebsa2025.eu/ (hereinafter, the “Website“). This document provides information on the processing of personal data collected by DOUBLE EM SRL through the Website and, therefore, constitutes a privacy notice to Data Subjects pursuant to the aforementioned legislation. It does not apply to personal data collected by DOUBLE EM SRL through channels other than the Website. As established by the Regulation, the processing of personal data of Data Subjects is carried out in accordance with the principles of fairness, lawfulness, transparency, and confidentiality.
This Website contains links to other websites:
This privacy notice does not apply to other websites that may be accessed by the Data Subjects via specific links. These websites may have their own privacy policies that differ, in whole or in part, from this notice. DOUBLE EM SRL therefore invites all Data Subjects to carefully read the privacy policies of each website they visit, especially before entering any personal information.

2. Identity and contact details of the Data Controller

The Data Controller is DOUBLE EM SRL (hereinafter, “DOUBLE EM SRL” or the “Data Controller“), VAT No. 02437180991, with registered office at Via Eugenio Baroni 2/3 sc.DX 16129 – Genoa (GE), Italy (Tel: +39 3470597385; email: marengo@double-em.it).

3. Types of data processed through the Website

The Data Controller, through the Website, may process the following data:
Automatically collected data – traffic and navigation data
The IT systems and software procedures used for the operation of this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols.
This category of data includes IP addresses or domain names of the computers and terminals used by users, browser type, Internet Service Provider name, URI/URL (Uniform Resource Identifier/Locator) addresses of requested resources, the date and time of visit, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the server’s response (success, error, etc.), the referring and exit web pages, and other parameters related to the user’s operating system and computing environment.

Data voluntarily provided by the Data Subjects
The optional, explicit, and voluntary sending of messages to the Data Controller’s contact addresses, as well as the completion and submission of contact forms on the Website, involves the acquisition of the sender’s contact data necessary to respond, as well as any personal data included in the communication (such as, for example, name, surname, email address).
In all cases, Data Subjects must provide accurate and truthful information and promptly inform the Data Controller of any updates.

4. Cookies and other tracking systems

This Website uses cookies and similar technologies. For more information, please refer to our Cookie Policy.

5. Purpose and legal basis of the processing

The Data Controller processes traffic and navigation data for the following purposes: (a) to manage, administer, and improve the Website; verify the correct functioning of services offered; (b) to comply with legal obligations and/or regulations and/or judicial orders; (c) to prevent and/or detect fraudulent and/or harmful activities against the Website; (d) to conduct technical and/or commercial analysis; to gather statistical information on the use of services (most visited pages, number of visitors by time slot or day, geographical origin, etc.). The processing of such data is necessary in order to navigate the Website.
The Data Controller processes the data provided by Data Subjects for the following purposes:
(e) to respond to support requests and, in general, to any questions and/or inquiries from users;
(f) to send administrative and/or technical support emails to users (e.g., technical notes, reminders, updates);
(g) to send newsletters, commercial communications, and/or advertising material on products and/or services offered by the Data Controller via postal mail and/or email.
Processing of personal data for the above purposes requires the consent of Data Subjects. Consent is always optional but, in its absence, DOUBLE EM SRL will not be able to process the collected data for these purposes.

6. Data disclosure

Personal data collected may be disclosed to supervisory bodies, judicial authorities, and any subjects to whom disclosure is mandatory by law and/or necessary for the fulfilment of the purposes described above.

7. Methods of data processing and retention period

Collected data may be processed either on paper or electronically and/or via automated means. In any case, the Data Controller will process the collected personal data for the time strictly necessary to fulfil the purposes set out in this policy and, in any case, for a period not exceeding that required by applicable law (including tax regulations).

8. Possible transfer of personal data

Data management and storage will take place on servers located within the European Union, owned or used by the Data Controller and/or by duly appointed data processors. Currently, the servers are located in Italy. Nevertheless, the Data Controller reserves the right to move servers to Italy and/or elsewhere in the EU and/or outside the EU if necessary. In such cases, the Data Controller assures that any data transfer outside the EU will comply with legal requirements, including, where necessary, the stipulation of agreements ensuring adequate protection and/or the adoption of standard contractual clauses as approved by the European Commission.

9. Security measures

The Data Controller processes Data Subjects’ information lawfully and fairly, adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the data, as well as unlawful uses. Processing is carried out using IT and/or telematic tools with organizational and technical procedures strictly related to the stated purposes. Data is stored in secure environments with access limitations and personnel verification. Access to personal information is strictly limited to authorized personnel. The Website is continuously monitored to detect any security breaches. In some cases, categories of individuals involved in the Website’s operations (administrative, sales, marketing, legal staff, system administrators) or external parties (third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) may also access the data, operating under specific instructions from the Data Controller. In any case, the Data Controller invites Data Subjects to adopt appropriate safeguards to prevent unauthorized access to their reserved area and/or personal computer.

10. Rights of Data Subjects

In accordance with Chapter III of the GDPR, Data Subjects may exercise their rights at any time, including:
Right of access: to obtain confirmation from the Data Controller as to whether or not personal data concerning them is being processed, and if so, to receive information about the processing purposes, the categories of data involved, recipients or categories of recipients to whom personal data is or will be disclosed, the storage period or criteria used to determine it (Art. 15, GDPR);

Right to rectification: to obtain without undue delay the rectification of inaccurate personal data and the completion of incomplete personal data (Art. 16, GDPR);

Right to erasure: to obtain the deletion of personal data without undue delay, in the cases provided by the GDPR (“right to be forgotten” – Art. 17, GDPR);

Right to restriction: to obtain restriction of processing in the cases provided by the GDPR (Art. 18, GDPR);

Right to data portability: to receive personal data in a structured, commonly used, and machine-readable format and to transmit such data to another controller, where technically feasible (Art. 20, GDPR);

Right to object: to object, on grounds relating to their particular situation, to the processing of personal data, including processing for direct marketing purposes (Art. 21, GDPR).

Requests may be submitted at any time by contacting DOUBLE EM SRL via postal mail at: DOUBLE EM SRL, Via Eugenio Baroni 2/3 sc.DX, 16129 – Genoa (GE), Italy; or via email at: marengo@double-em.it.
Consent given for this privacy policy may be withdrawn at any time using the same contact methods, without affecting the lawfulness of processing based on consent before its withdrawal.
Any communications and actions taken by DOUBLE EM SRL following the exercise of the rights listed above will be carried out free of charge, except as provided by Art. 12, paragraph 5 of the GDPR.
Data Subjects may also contact DOUBLE EM SRL by phone at +39 3470597385 for further information or clarification regarding personal data processing through the Website.

11. Right to lodge a complaint

Data Subjects who believe that the processing of their personal data via the Website violates the Regulation have the right to lodge a complaint with the Supervisory Authority, as provided by Art. 77 of the Regulation, or to take legal action (Art. 79 of the Regulation).

12. Protection of minors

The Data Controller does not allow individuals under the age of 16 to use its services and, therefore, does not intentionally collect information about them. If the Data Controller becomes aware that it has collected data from individuals under the age of 16 without verifiable parental consent, such data will be deleted as quickly as possible.

13. Periodic updates to this privacy policy

This privacy policy is effective as of May 25, 2018, and may be subject to changes over time, including as a result of changes or updates to applicable law. If the Data Controller makes any material changes to this document, they will inform Data Subjects through the means deemed most appropriate (e.g., homepage publication and/or newsletter sent to the email address provided by the Data Subject).
This privacy notice was last updated on May 25, 2018.