Privacy Policy

PRIVACY POLICY – WEB GENERAL

Personal data processing Informative according to and for the effect of Section 13 of EU Reg.2016/679

According to Regulation (EU) 2016/679 (General Data Protection Regulation) we provide you with the due information concerning the processing of collected personal data. This privacy policy is given pursuant to art. 13 Regulation UE 2016/679

This notice is not to be considered valid for other websites attainable trough links and data processor shall not be held responsible for third parties web pages.

This notice is provided pursuant to art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation) and according to the provisions of the Directive 2002/58/CE, as amended by Directive 2009/136/CE on Cookies, as well as according to the Provision of the Data Protection Authority dated 08.05.2014 on cookies.

Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can directly or indirectly be identified, in particular by reference to an identifier such as a name, an identification number, a location data, an online identifier or to one or more specific factors to the physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30).

DATA CONTROLLER

pursuant to art. 4 and 24 of the Reg. (EU) 2016/679, is Locker Inpost Italia S.r.l. with registered office in Via Calabiana 6 – 20139 Milano (MI), represented by the legal representative pro tempore.

PURPOSES AND LAWFULNESS OF THE PROCESSING

Purpose of processing

Legal Basis

Data retention

Data conferral

A)

Website browsing

Activities strictly related to site operations and to platform browsing service provision

Legitimate interest | Data subject rights

Art. 6 lett. f) and recital 47 GDPR

the processing is necessary for pursuing the legitimate interest of data controller or third parties’

Single browsing session

Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms

B)

Allow the performance of offered services and for related administrative and accounting purposes (in eg. keeping accounting records, and implementing the legislation on taxation)

Contract

Art. 6 lett. b) GDRP

10 years

Necessary for the performance of a contract the data subject is part of

C)

Contact or information request

via telephone call or via the dedicated “Sales” form available in the Website section “Use the form”

Legitimate interest | Data subject rights

Art. 6 lett. f) and recital 47 GDPR

the processing is necessary for pursuing the legitimate interest of data controller or third parties’

1 year

Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms

D)

Direct marketing;

promotional communication and/or invitation to events promoted or organized by the Data Controller, by e-mail, SMS, MMS, phone call also without operator, mail, or other communication tool;

Consent

ConsentArt 6.1.a) GDPR:

the data subject has given consent to the processing of his or her personal data for one or more specific purposes;

Until opposition

Optional: in case of denial the data controller won’t be able to send you promotional communication

E)

Locker Videosurveillance

Legitimate interest

Art. 6 lett. f) GDPR:

legitimate interest of the Controller or of third parties (security and protection of corporate assets and individuals), provided that the interests or fundamental rights and freedoms of the data subject requiring the protection of personal data do not prevail.

48 hours

Necessary for the legitimate interest of data controller with due regard to user’s rights and fundamental freedoms

Cookies

For more information, please visit our cookies policy

RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Personal data may be communicated to recipients who will act as Processors (art. 28 of the Reg. EU 2016/679) and/or persons acting under the authority of the Controller and the Processor (art.29 of the Reg. UE 2016/679) for the purposes pointed ahead. Precisely, your data may be communicated to recipients part of the following categories:

  • subjects providing services for the management of the information system used by Locker Inpost Italia S.r.l. and telecommunications networks:
  • studies or companies in the context of assistance and consultancy relationships;
  • subjects providing services related to the management of the above mentioned purposes (communication, brochure printing, fliers, websites, videos);
  • platform operators for the abovementioned services (websites hosting, etc);
  • Group companies;
  • Competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request;
  • external subjects in charge of the management/maintenance/administration of the video-surveillance system;
  • public official and/or judicial authorities, in case of request.

List of data processors always updated is available at the headquarters of the data controller or by writing to privacy@inpost.it.

PROCESSING METHODS

With reference to the video surveillance of the lockers, the processing will be carried out in automated form, with methods and tools to ensure maximum security and confidentiality, by persons specifically appointed for this purpose. In compliance with the provisions of art. 5 paragraph 1 letter e) of EU Reg. 2016/679, the personal data collected will be stored in a form that allows the identification of data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

There is no existence of an automated decision-making process.

DATA TRANSFER TO A THIRD COUNTRY AND/OR INTERNATIONAL ORGANISATION

Personal data provided could be transferred to a third Country inside the European Union, within limits and conditions set forth in art. 44 of the Reg. (EU) 2016/679;

Only personal data provided in the context of the activities referred to in letter C) may be transferred to countries outside the EEA (including, in particular, the USA).

DATA SUBJECT’S RIGHTS

You may freely exercise your rights at any time under Reg. EU 2016/679 –GDPR, Sections 15 and following contacting the Data Controller - Locker Inpost Italia S.r.l. in person of its legal representative sending an email to privacy@inpost.it

You have the right, at any time, to obtain confirmation from the Data Controller as to whether or not personal data concerning you are being processed, request their rectification or erasure.

Moreover You have the right, at any time, to oppose to personal data processing without prejudice to lawfulness of processing.

Without prejudice to any other administrative or judicial remedy, in case you consider your data processing in contrast with Reg. UE 2016/679, pursuant to article 15 lett. f) of Reg. UE 2016/679, you have the right to lodge a complaint with a supervisory authority ( www.garanteprivacy.it).

Exercising your right to data portability, the Data Controller may provide your personal data in a structured, commonly used and machine-readable format subject to the provisions set forth in paragraphs 3 and 4 of art. 20 of Regulation EU 2016/679.

Date of review: 25/03/22

DATA CONTROLLER

Locker Inpost Italia S.r.l.