2.1 In this Section we have set out:
(a) the general categories of personal data that we may process;
(b) the purposes for which we may process personal data; and
(c) the legal bases of the processing.
2.2 We may process data about your use of our website and services ("usage data"). The usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths, as well as information about the timing, frequency and pattern of your service use. Our analytics tracking system (Google Analytics) processed these data and produces aggregate anonymous reports for the purposes of analyzing the use of the website and services.
The legal basis for this processing is our legitimate interests of monitoring and enhancing our website and services (article 6.1.f), applicable because the anonymous form of the report does not present any risks for the individual data subjects.
2.3 We may process information contained in any enquiry you submit to us via telephone, email, web or social networks regarding our goods and/or services ("enquiry data"). Enquiry data may include Name, Last Name, language, telephone or fax number, email. Enquiry data may be processed for the purposes of offering and selling relevant services to you.
The legal basis for this processing is to take steps at the request of the data subject prior to entering into a contract (art. 6.1.b).
2.4 We may process your personal data that are provided by you in the course of the use of our services ("service data"). The service data may include your name, last name, telephone number, email address, gender, date and place of birth, place of residence, identity document numbers. The source of the service data is you or your employer. The service data may be processed for fulfilling the contract for providing our services.
The legal basis for this processing is the performance of a contract between you and us (art. 6.1.b) and a legal obbligation (art. 6.1.c) that we, as Data Controller, have to register your stay with the Police (art. 109 of the Italian TULPS).
2.5 Within the Service Data we may process only Name, Last Name, Telephone and email to perform direct marketing activities for goods and services similar to the ones you have already purchased from us.
The legal basis for this processing is the art. 130 of the Italian Privacy Code (D.Lgs 108/18) that allows us to perform direct marketing activities without consent of the data subject, provided that he can exercise the right to stop such processing.
2.6 We may process information relating to transactions, including purchases of goods and services, that you enter into with us and/or through our website ("transaction data"). The transaction data may include your contact details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased goods and services and keeping proper records of those transactions.
The legal basis for this processing is the performance of a contract between you and us (art. 6.1.c) a legal obbligation (art. 6.1.c) that we, as Data Controller, have to maintain proper fiscal records of the transactions.
2.7 We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters ("notification data"). The notification data are Name, Last Name and email may be processed for the purposes of sending you the relevant notifications and/or newsletters.
The legal basis for this processing is consent (art. 6.1.a).
2.8 We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
2.9 We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
2.10 In addition to the specific purposes for which we may process your personal data set out in this Section 2, we may also process any of your personal data where such processing is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
2.11 Please do not supply any other person's personal data to us, unless we prompt you to do so.