PRIVACY POLICY

Minalla digital Studio, VAT no. 10861180965, 20144, Milano, Italy (later described as “Holder”), as owner of the data processing, inform You under Article 13 D.Lgs. 30.6.2003 n. 196 (later described as “Privacy Code”), and the Article 13 UE Regulation n. 2016/679 ( later described as “GDPR”) that Your data will be processed with the following modes and purposes:

1) Subject of the data processing and purposes

This data processing sees as subject all the personal data, biographical and/or identifying, given from You at the moment to the conclusion of the contract for the services offered by the Holder.

Moreover, further data may be automatically gathered and processed, such as technical data (for example IP address, browser type, location data) and/or cookies ( please go to section “Cookie”).

Your data is used for:

a) Ensuring the access to the services You negotiated by contract and providing You with the concerning assistance (for example messaging service with the Hotel and/or the generic Customer Care services);

b) Communicate our commercial initiatives (for example promotional and marketing material about new services and events)

c) Conduct analysis activities and reports connected to the use of the negotiated services;

The possible refusal to give your consent to the data processing for the unique “purposes of provision of the service” – reported sub a) – will make it impossible to use the service itself.

Your data will never be used for purposes other than those above indicated.

2) Processing mode

The processing of Your personal data is implemented through the operations indicated under the Article 4 of the Privacy Code and Article 4 n.2) GDPR and precisely: data gathering, registration, organization, conservation, consultation, elaboration, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction. Your personal data are subject to paper and electronic and/or automated processing.

Data is gathered by the subjects indicated in point 4, under the indications of the relevant legislation, with particular attention to the security measures under the GDPR (art.32) for its processing through computer, manual and automated tools and with logics closely related to the purposes explained above in point 1, and anyway to ensure the data safety and confidentiality.

The data processing is carried by the Holder and/or the controller and/or sub processor.

3) Retention period

For the purposes in point a) the Holder will retain the personal data for the necessary period to fulfil the above objectives, while complying with current laws, and in any case not over the legislative deadline under Article 2946 c.c. (10 years).

For purposes of direct marketing and possible profiling- as in point b) and c) – personal data will be retained for a maximum period equal to the one provided for in the applicable rules, i.e. 24 and 12 months.

Invoices, accounting documents and data concerning the commercial activities, will be retained, according to the law, for a maximum period of 10 months.

4) We collect the following information about you:

1.1 Personal information you provide to us when you use our website or register for an account with us, this may include first and last name, date of birth, credit card information, username and password, proof of age and identity, billing address, home address, email address, phone number or other contact information;

1.2 Technical information about your device and the platform such as administrative and traffic information including but not limited to: source IP address, time of access, date of access, type of devise, web page(s) visited, language use, your location, roaming trace, software crash reports and type of browser used. This information is essential for the provision and quality of the Services.

1.3 Your public profile, including, name, photo and other information you make available to us when you like, post or otherwise interact with our social media pages such as Facebook, Twitter and Google+.

1.4 We keep records of communications when you contact us or otherwise interact with us, including via e-mail, letter, text message (SMS), online, messaging Apps such as WhatsApp and Skype, telephone or live chat function on our Website;

1.5 Other information from third parties databases to comply with our legal and regulatory obligations;

1.6 We may collect additional information about you where you provide such information to us through your use of our services.

5) Entities data can be transmitted to

Your data are available for the purposes shown in Article 1:

a) To the employees and collaborators of the Holder in their quality of responsible and/or officer in charge and/or internal sub processors of the data processing.

b) Companies playing a role strictly connected and useful to the efficient operation – also technical – of the services offered by the Holder, like for example providers of the services of direct marketing and/or generally companies offering technical units to the provision of some service functions.

c) Institutions and government authorities as required by law.

5.1) In accordance with your preferences:

a) Subject to your marketing preferences (if applicable) , we will use your personal information to deliver marketing communications which may be of interest across various platforms, such as email, text message (which includes WhatsApp, and Skype instant messenger), telephone, mail post, online, inbox messaging, push notifications or other available channels to provide you with information regarding our products, services and promotions.

b)To share your contact details with selected media partners and affiliates for the purposes of them being able to offer their own marketing services to you.

c) To enter you into surveys or promotions you have agreed to.

d) We place cookies and use similar technologies in accordance with our Cookies Notice for more information please refers to our Cookie Notice.

e) On other occasions where we ask you for your permission, we will use your personal information for the purpose which we explain at that time.

f) Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. You can opt-out of this at any time by updating you marketing preference.

The personal data will be retained on servers located in the USA, subject to the Holder’s faculty to transfer its location. The personal data can be transferred towards Countries belonging to the European Union and towards third party countries outside of the European Union, exclusively under the purposes stated in point 1.

In this case, we ensure that the transfer takes place in the accordance of the existing legislation and that an adequate level of protection for the data processing is guaranteed, based on an adequacy decision, on standard clauses defined by the European Commission or Binding Corporate Rules.

6) Rights of the data subject

As subject concerned, is entitled to exercise its rights under the Article 7 of the Privacy Code, and Article 15 and ss. GDPR, and precisely can:

a) Obtain from the Holder, at any moment, information about the existence of his personal data, its origin, the purposes and processing mode, and when available, to obtain access to the personal data and to the information under Article 15 of the GDPR;

b) Ask for the update, rectification, integration, cancellation, limitation of the data processing in the event that any of the following conditions under Article 18 of the GDPR is fulfilled, the anonymous transformation or the block off the personal data, processed infringed the law, including those in which it is not necessary the storage concerning the purposes the data has been gathered and processed for.

c) Oppose, totally or partly, for legitimate reasons, to the data processing, albeit relevant to the goal of the gathering and processing of the personal data for the purposes of commercial information or to send advertising material or of direct sale, i.e. the completion of market research or business communication.

Every user has also the right to withdraw his consent at any moment, without prejudice to the lawfulness of the data processing based on the consent given before the withdrawal.

d) Receive the personal data, submitted knowingly and actively through the enjoyment of the service, in a structured format, customary and machine readable, and transmit it to another holder of the processing without obstacles.

e) Lodge a complaint to the Responsible Authorities for the protection of personal data in USA.

7) Procedures for the right exercise

You will be able at any moment to exercise Your rights sending a registered letter to hello@theharlequinadeball.com

8) Holder, responsible and DPO

Not concerning the list specified under Article 37 of the UE Regulation 2016/679, considering also the indications of the guideline WP243, the person in charge for the data protection has not been designated.