This document provides information on the treatment of personal data collected to receipt Our VAT Smartbook. This notice is in compliance with EU regulation 2016/679 (hereinafter “Regulation”) and only to Download the VAT Smartbook. The service is provided by MailChimp platform, registered trademark of Rocket Science Group LLC.
1. JOINT HOLDERS
The Joint Controllers are the operating companies belonging to the SOS Yachting Group: SOS Yachting S.r.l., SOS Yachting d.o.o., SOS Yachting of Spain SL, SOS Yachting Sarl, SOS Yachting Greece PC. The contact details of the individual companies belonging to the group are further specified on the website accessible at the address https://www.sosyachting.com (hereinafter: "joint holders").
2. WHAT DATA ARE BEING PROCESSED?
To use this service, it is necessary to fill out the subscription form in which identifying data and contact details are requested (name, surname, E-mail address etc.). During the provision of service, data on e-mails reading or the number of clicks to links there contained are collected through the use of such technologies as cookies and pixel tracking, as well as the IP address of the user. For further information, please visit https://mailchimp.com/legal/cookies/
3. FOR WHAT PURPOSES?
We use the data spontaneously provided and collected automatically during the use of the service to:
a. Let the customer use this service;
b. Analyze the performance of the service;
c. Comply with legal and contractual requirements;
d. Protect legal rights.
4. WHAT ARE THE LEGAL BASIS OF THE TREATMENT?
For the purposes as mentioned in point 3, letter a. the treatment is based on a contract between the Joint Controllers and the person concerned. For the purposes as mentioned in point 3, letters b. and d. the treatment is entirely based on the legitimate interest of the Joint Controllers, considering the necessity to safeguard the joint holders for instance from an illicit use of the Service, that is, the best management of contents also according to the interest shown. In all other cases the legal basis is the respect of the legal obligations as imposed on the Joint Controllers of the treatment.
5. HOW LONG DATA WILL BE KEPT
Data will be kept for the time necessary for the achievement of the specified purposes. Namely:
a. in the event of treatments for contractual purposes and compliance of legal requirements: for the whole duration of the service and, after its termination, for a period not exceeding 10 years;
b. in the event of treatments required to safeguard the joint controllers’ rights: for the whole duration of the judicial litigations and in any case not exceeding the time limit allowed for the impugnment actions
c. in the event of required treatments for the analysis of the service: until the cancellation of consent and in any case for a period not exceeding 12 months.
After the aforementioned time limits, personal data shall be destroyed, deleted or made anonymous, in compliance with the technical deletion and backup procedures.
6. WHO TAKES PART IN THE TREATMENT PROCESS?
Personal data may be processed by employees, collaborators of the joint controllers or third party, appointed persons and responsible for the treatment, carrying out on behalf the joint controllers tasks of a technical and managerial nature, or functional activities suitable for the aforementioned purposes on behalf of the joint controllers. Such subjects were explicitly appointed to the treatment and received specific and adequate operational instructions. When necessary, we shall make use of the following categories of recipients: third party providing services to Companies, acting typically as in charge of the treatment, such as managers of communication services, E-mail, delivery of mail, technical services for the management of the Service or other providers of information services:
a) Companies providing support during the carrying out of market surveys;
b) Third party providing management and upkeep services of the joint controllers’ database;
c) Third party dealing with communication and marketing services.
d) Subjects, organizations or authorities to whom the disclosure of personal data is compulsory, by virtue of provisions laid down by law or by order of the authorities.
Such subjects shall only receive the data required for the related functions and shall commit to using them exclusively for the aforementioned purposes and process them in compliance with the applicable privacy regulation. The updated list of the subjects in charge of the treatment is available upon written request to the joint controllers.
7. ARE DATA PROCESSED OUTSIDE THE EUROPEAN UNION?
The joint controllers collect and process data for the newsletter service through a platform named MailChimp, owned by Rocket science Group LLC, with registered offices in the US and it complies with the Privacy Shield Frameworks (for further information: https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG), which imposes a level of protection of personal data equal to the standards requested by the Protection Authorities of the EU Countries. The aforementioned company shall process data of the concerned persons in compliance with the aforementioned standards (see disclosure: http://mailchimp.com/legal/privacy).
For any doubt or clarification it is possible to contact directly Rocket Science Group, LLC, Mailchimp Privacy Department, 512 Means St., Suite 404, Atlanta, Georgia 30318.
8. HOW IS DATA SECURITY MANAGED?
The joint holders are committed to the safeguard of users’ personal data, and work in compliance with the dispositions in matter of safety as provided by the applicable laws to prevent any data disclosure, illegitimate or illicit data use and unauthorized access to data, with specific but not exclusive reference to the current regulations on personal data protection.
Moreover, they refer to the responsible of the treatment presenting sufficient guarantees to take adequate organizational and technical measures, in compliance with the current regulations on personal data protection, guaranteeing an adequate safeguard of the concerned subjects
9. WHAT RIGHTS CAN BE EXERTED
It is possible to exert at any time the rights as specified in Chapter III of EU Regulation 679/2016. More specifically, the rights to request to the joint holders the access to date concerning the user, their amendment or cancellation, the integration of incomplete data, the limitation of the treatment; to request data provided in a structured format of common use and readable by an automatic device; to revoke the agreed consent regarding the treatment and to oppose, partially or entirely, to the usage of data; and to exert other rights granted by the applicable rules and regulations.
In the event the user believes that any of the treatments breaks the current regulation on personal data treatment, he can contact us to solve the problem. At any time, he may lodge a complaint to the Data Protection Authorities in compliance with Art. 77 of the aforementioned Regulations, even in the absence of any previous contact with us.
10. HOW TO EXERCISE YOUR RIGHTS
For further information or for the exertion of your rights it is possible to contact us by E-mail at the following address: privacy@sosyachting.com
11. NOTICE UPDATE
The joint holders shall keep the present notice constantly updated. The section “LAST REFRESH DATE” at the bottom of the page states the date on which the notice was last updated.
