PRIVACY DISCLAIMER MINOR PHOTOGRAPHIC IMAGES
With this documentHCH Srl, VAT number 04680590280, with registered office in via dell'Industria, 11, 35028 - Piove di Sacco (PD), as the data controller (hereinafter also referred to as the "Controller"), it informs users, pursuant to art. 13 of EU Regulation 2016/679 (hereinafter also "GDPR"), that the personal data shared by the user (hereinafter also only "Data") through the sitewww.bubblekid.it (hereinafter also just "Site"), with specific reference to the section dedicated to uploading photographic images, will be processed for the purposes and in the manner indicated below.
1. HOLDER OF THE TREATMENT
The data controller is HCH Srl, VAT number 04680590280, with registered office in via dell'Industria, 11, 35028 - Piove di Sacco (PD).For any information concerning the processing of personal data collected, the user can contact the Data Controller by sending a communication to the following e-mail address: email@example.com
2. PURPOSE AND LEGAL BASIS OF THE PROCESSING
The personal data collected (name, e-mail address, photographic image) may be processed exclusively for the purposes related to their upload and publication on the Site. The legal basis of the processing is the consent of the interested party, or of the natural person to whom refer to the Data being processed (Article 6, paragraph 1, letter a) of the GDPR). If the interested party is a minor, the consent to the processing must be given by the subjects exercising parental responsibility.
3. NATURE OF DATA CONFERENCE AND CONSEQUENCES OF REFUSAL
In relation to art. 2 above, we inform users that the provision of data is optional.
Failure to provide them, however, makes it impossible to upload the Data (name, photographic image, e-mail) on the page of the Site dedicated to their publication.
In the event that consent has been given to the processing of the data of the interested party for the purposes referred to in art. 2, the same can be revoked at any time, without affecting the lawfulness of the treatments carried out up to the date of revocation.
4. DATA PROCESSING METHOD
The data processing is carried out with the aid of electronic, computerized, telematic tools and supports, with organizational and logical methods strictly related to the purposes indicated in the aforementioned art. 2, in full compliance with current legislation, as well as the principles of lawfulness, correctness, necessity, transparency, relevance and not excess, and in order to protect your confidentiality. For the pursuit of the purposes referred to in art. 2 above, the Data subject to processing will be kept and controlled in such a way as to minimize, through the adoption of adequate and preventive security measures, the risks of destruction or loss, even accidental, of the data itself, of unauthorized access. and / or processing that is not permitted and / or does not comply with the purposes of the collection.
5. DATA STORAGE TIMES
The Data will be stored in compliance with the principle of proportionality and not excess and, in any case, for a period of time not exceeding that necessary to achieve the purpose for which they were collected and consequently processed. In particular, the Data will be kept for 5 months from the date of collection.
6. COMMUNICATION OF DATA
Within the scope of the purposes indicated in this Notice, the Data collected may also be communicated and processed by:
- subjects internal to the Data Controller, for the purposes of their respective competence, as persons expressly authorized to process data, such as shareholders, employees and / or collaborators;
- professionals and / or IT companies in charge of carrying out maintenance activities on the IT system and the website of the Data Controller;
- third parties for any legal obligations or for specific requests from the Judicial Authority and / or Public Authorities;
- letithappen App.
The subjects listed above operate, in some cases, in total autonomy as separate data controllers, in other cases, as subjects authorized by the Data Controller to carry out the processing pursuant to art. 29 of the GDPR or as subjects appointed by the Data Controller as external managers pursuant to art. 28 of the GDPR. The complete and updated list of the subjects to whom the personal data may be communicated is available at the headquarters of the Data Controller or can be requested by the interested party by e-mail to be sent to the following address firstname.lastname@example.org
The Data of the interested party (name, photographic image) may be disseminated, subject to consent and in compliance with the purposes referred to in art. 2, by publication on the Bubblekid website (www.bubblekid.it).
8. TRANSFER OF DATA ABROAD
The data of the interested party will not be transferred outside the European Union.
9. RIGHTS OF THE INTERESTED PARTY
Pursuant to art. 15, 16, 17, 18, 19, 20 and 21 GDPR, we inform you that, as an interested party, you have the right, at any time:
a) to request and obtain access to the Data, confirmation of the existence or otherwise of the same and their communication in an intelligible form;
b) to obtain an indication of the origin of the Data and to verify its accuracy, request its integration and / or updating, or correction if inaccurate;
c) to request and obtain the cancellation of data if no longer necessary with respect to the purposes for which they were collected and processed, the transformation of the same into anonymous form or the blocking of data processed in violation of the law;
d) to request and obtain the limitation of processing if the Data are inaccurate, are no longer necessary with respect to the purposes for which they were collected and processed or in the event of their unlawful processing;
e) to oppose in any case, for legitimate reasons, to the processing of the data.
f) pursuant to art. 20 of the GDPR, we also inform you that you have the right to receive the Data concerning you, provided to the Data Controller and processed by automated means and to transmit them to another data controller, without impediments by the Data Controller, as well as, if technically feasible, to obtain the direct transmission of the Data from the Data Controller to whom he provided them to another data controller.
The Data Controller will take charge of your request and provide you, without undue delay, the information relating to the action taken regarding your request.
Any corrections or deletions of the Data or limitations of the processing, carried out at your request and unless this proves impossible or involves a disproportionate effort, will be communicated by the Data Controller to each of the subjects to whom the Data were transmitted.
The Data Controller, upon your request, will also inform you of the recipients to whom the Data have been communicated.
Pursuant to art. 13, paragraph 2, lett. d) of the GDPR, we finally inform you that you can exercise your rights by submitting a complaint to the Guarantor Authority for the protection of personal data, based in 00186 - Rome, Piazza di Montecitorio, 121.