(or Privacy Policy)
The purpose of this document (hereinafter "Privacy Policy") is to inform Users about personal data, understood as any information that allows the identification of a natural person (hereinafter referred to as i ").Personal Data"), collected from the website www.ciceroexperience.com (below "Application").
The Data Controller, as subsequently identified, may modify or simply update, in whole or in part, this Information Notice by informing Users. The changes and updates will be binding as soon as they are published on the Application. The User is therefore invited to read the Privacy Policy at each access to the Application.
In case of non-acceptance of the changes made to the Privacy Policy, the User is required to stop using this Application and may request the Data Controller to remove his/her Personal Data.
- Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
- Content and information provided voluntarily by the User
- Contact details and contents: are those Personal Data that the User voluntarily provides to the Application during its use, such as, for example, personal data, contact details, access credentials to the services and/or products provided, personal interests and preferences and other personal content, etc.
Failure by the User to provide Personal Data, for which there is a legal or contractual obligation, or if it is a necessary requirement for the use of the service or for the conclusion of the contract, will make it impossible for the Owner to provide all or part of its services.
The User who communicates to the Owner Personal Data of third parties is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.
- Data and content automatically acquired during the use of the Application:
- Technical data: the computer systems and software procedures used to operate this Application may acquire, during normal operation, certain Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Users, but by its very nature, could, through processing and association with Data held by third parties, allow Users to be identified. This category includes IP addresses, or domain names used by Users who connect to the Application, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc..
- Usage data: Personal Data relating to your use of the Application may also be collected, such as the pages you visit, the actions you take, the features and services you use.
- Geolocation data: the Application may collect Personal Data about your location which may be GNSS (Global Navigation Satellite System, e.g. GPS data) data, as well as data identifying the nearest repeater, Wi-Fi and Bluetooth hotspots, communicated when you enable products or location-based features.
- Personal data collected through cookies or similar technologies:
The Application uses cookies, web beacons, unique identifiers and other similar technologies to collect Personal Data on the pages, links you visit and other actions you take when using our services. They are stored for retransmission the next time you visit the same User.
You may view the full Cookie Policy at https://ciceroexperience.com/privacy-policy.
- Purpose
The Personal Data collected may be used for the performance of contractual and pre-contractual obligations and for legal obligations as well as for the following purposes:
- User registration and authentication: to enable the User to register on the Application in order to log in and be identified .
- Support and contact with the User: to respond to your requests and help you in case of problems.
- Comment and feedback: to allow the User to submit reviews or comments.
- Live chat communication: to allow you to interact with live chat on the Application.
- External processing of payments by credit card, bank transfer or other instruments: to manage Users' payments through external platforms that acquire payment data without the Application owner having access.
Personal Data is communicated to https://stripe.com/en-it/privacy
- Statistics only with anonymous data: to perform statistical analysis based on aggregated data or data that do not allow the User to be identified.
Personal Data is communicated to https://mailchimp.com/legal/privacy
- Monitoring, analysis and tracking of User behavior: to monitor and analyze how the User behaves on the Application.
Personal Data is communicated to https://mailchimp.com/legal/privacy
- User Profiling: to group and analyze in an automated way the characteristics or behaviors of the User and provide him/her with personalized services or messages.
Personal Data is communicated to https://mailchimp.com/legal/privacy
- Sending emails or newsletters and mailing list management: to contact you with emails containing commercial and promotional information related to the Application.
Personal Data is communicated to https://mailchimp.com/legal/privacy
- Market research and third-party surveys: to do market research and third party surveys.
Personal Data is communicated to https://mailchimp.com/legal/privacy
- Treatment modalities
The processing of Personal Data is carried out using computerized and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated.
In some cases, subjects involved in the Owner's organisation (such as, for example, personnel management staff, sales staff, system administrators, etc.) or external subjects (such as IT companies, service providers, postal couriers, hosting providers, etc.) may also have access to Personal Data. Such subjects may, if necessary, be appointed as Data Processors by the Data Controller, as well as access the Personal Data of Users whenever necessary and will be contractually obliged to keep the Personal Data confidential.
The updated list of Managers can be requested by email at [email protected].
- Legal basis for the treatment
The processing of Personal Data relating to the User is based on the following legal bases:
- the consent given by the User for one or more specific purposes;
- the treatment is necessary for the execution of a contract with the User and/or the execution of pre-contractual measures
- the processing is necessary to fulfil a legal obligation to which the Controller is subject
- the processing is necessary for the performance of a task in the public interest or for the exercise of public authority vested in the Controller
- the processing is necessary for the pursuit of the legitimate interest of the Controller or third parties
- the treatment is necessary for the pursuit of a vital interest of the Owner or of third parties.
However, it is always possible to ask the Owner to clarify the legal basis of each processing at [email protected].
- Location
Personal Data are processed at the headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller at the following email address [email protected] or at the following postal address via Fratelli Cairoli 12, Lecco 23900.
- Security measures
The Processing is carried out according to methods and with instruments suitable to guarantee the security and confidentiality of Personal Data, as the Data Controller has adopted appropriate technical and organisational measures that guarantee, and allow to demonstrate, that the Processing is carried out in compliance with the reference legislation.
- Data Retention Period
Personal Data will be kept for the period of time necessary to fulfil the purposes for which it was collected.
In particular, Personal Data will be stored for the entire duration of the contractual relationship, for the performance of the obligations inherent and consequent to the same, for compliance with applicable legal and regulatory obligations, as well as for its own defensive purposes or those of third parties.
Where the processing of Personal Data is based on the User's consent, the Data Controller may retain the Personal Data until the withdrawal of consent.
Personal Data may be retained for a longer period if necessary to comply with a legal obligation or by order of an authority.
All Personal Data will be deleted or stored in a form that does not allow identification of the User within 30 days after the end of the retention period. Upon expiry of this period, the right of access, deletion, rectification and portability of Personal Data may no longer be exercised.
- Automated decision-making processes
All Personal Data collected will not be subject to any automated decision making process, including profiling, that may produce legal effects for the person or significantly affect the person.
- User Rights
Users may exercise certain rights with regard to Personal Data processed by the Owner. In particular, the User has the right to:
- revoke consent at any time;
- oppose the processing of your Personal Data;
- access your Personal Data;
- check and ask for correction;
- to obtain the limitation of treatment;
- obtain the deletion of your Personal Data;
- receive your Personal Data or have it transferred to another data controller;
- lodge a complaint to the Personal Data Protection Supervisory Authority and/or take legal action.
To exercise their rights, Users may address a request to the contact details of the Owner indicated in this document. Requests are made free of charge and processed by the Owner as soon as possible, in any case within 30 days.
- Owner of the treatment
 The Data Controller is Cicero s.r.l., with registered office in via Carlo Cattaneo 54, Lecco 23900, Fiscal Code / VAT No. 03901570139, e-mail address [email protected], PEC address [email protected].