Politique de confidentialité

PRIVACY POLICY

Hereunder are described the methods for the PayCloud platform management with reference to the processing of data belonging to clients and users that utilise it.

This is an information note provided in compliance with art. 13 of Leg. Dec. No. 196/2003 –Personal data protection code – to those interacting with the web/app services of the Payment Technologies s.r.l. Company, accessible on line through address http://paycloud.paytec.it and from the PayTools application for tablets and smartphones.

The information note is provided only for website http://paycloud.paytec.it and from the PayTools application for tablets and smartphones.

The information note identifies the requisites for collecting personal data on-line and, in particular, the procedures, timing and the nature of the information with which the users must be provided by the data processing controllers when they connect to web pages, regardless of the purpose of the connection.

We therefore invite you to view our Privacy Policy, illustrated hereunder.

The Privacy Policy and Standards to which Payment Technologies s.r.l.. refers to for the protection of personal data, are founded on principles of responsibility, transparency, pertinence, usage purpose, verifiability and safety.

DATA PROCESSING CONTROLLER

Once this site has been consulted, data relative to identified and identifiable persons can be processed. Their Data Processing Controller is the Payment Technologies s.r.l. Company, with registered office at 47 Via Fabio Filzi, Milan.

PLACE OF PROCESSING AND PERSONS THAT CAN ACCESS THE DATA

In compliance with art. 13 of Leg. Dec. 196/2003, Paytec informs the Client, who acknowledges it, that the personal data provided will be processed at the registered office of the Payment Technologies S.r.l. Company and will be controlled by its pro tempore legal representative, and/or by eventually appointed, internal and/or external persons in charge, and by internal collaborators entrusted with the processing.

For the purposes of contract performance, the data being processed can be communicated to third party suppliers of Paytec, with foreign offices in European Union countries, in compliance with the limits set forth by art. 42 of Leg. Dec. No. 196/2003, and abroad in extra EU foreign countries complying with the limits as provided for by art. 43 of Leg. Dec. No. 196/2003.

The Client expressly consents to Paytec transmitting his data to concerns delegated by it, in their turn bound by the confidentiality agreement, for implementing technical and administrative services connected with the purpose of this Contract.

For completeness, it is emphasised that in some instances the Authority (Guarantor or deputies) can request news or information in compliance with art. 157 of Leg. Dec. No. 196/2003, aimed at monitoring the processing of personal data. In these cases the reply is compulsory under pain of a fine.

TYPES OF DATA PROCESSED

Navigation data. During their normal operation, the information systems and the software procedures controlling the operation of this website collect several personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected in order to be associated to identified interested parties, but because, given their very nature, they could allow the users to be identified through processing and associations with data held by third parties.

In this category of data fall the IP addresses or domain names of the computers used to connect to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method adopted for submitting the request to the server, the size of the file obtained in response, the numeric code indicating the response status provided by the server (successful, error, etc.), as well as other parameters relative to the operative system and the information system environment of the user.

These data are used only to extract anonymous statistical information on the use of the site and to check its correct operation, and get deleted immediately after processing.

Data could get used to ascertain responsibilities in case of hypothetical IT crimes against the site: apart from this eventuality, at this point data on web contacts shall not be kept longer than seven days.

Data voluntarily provided by the user

The eventual voluntary submission of data by the user through his own private profile and through the PayTools app means that the data entered by the user as well as any other information contained in the message, gets collected; these personal data will be used in order to improve and optimise the service.

WAY IN WHICH THE PROCESSING OF DATA VOLUNTARILY PROVIDED BY THE USER GETS CARRIED OUT AND DATA PROTECTION POLICY

Automated instruments are used to process personal data for just the time strictly necessary for attaining the purposes for which they were collected.

Specific security measures are taken to prevent loss of the data, illicit or incorrect use and unauthorised accesses. The Payment Technologies s.r.l. Company uses “safe” architectures and technologies to protect personal data from undue divulging, alteration or improper use. In particular, protections activated for personal data are proposed to reduce to a minimum the risks of even accidental destruction or loss of data, unauthorised accesses or processing that is forbidden or does not conform to the purposes of the collection. Said security measures obviously respond to the minimum requisites indicated by the Legislator (Technical Discipline on the matter of minimum security measures as provided for by articles 33 to 36 of Leg. Dec. No. 196/03).

Periodic “Risk analysis” activities are carried out to check compliance with the Standards defined and to eventually adopt new safety measures following organisational changes and technological innovations or changes in the typology of the collected data. Safety measures are constantly checked and periodically verified.

At any given time, the individuals to whom the personal data refer are entitled to obtain confirmation on whether the data themselves exist or not, to know their content and origin, check their correctness or ask for their integration or updating, or even their rectification (art. 7 of Leg. Dec. No. 196/03). According to this same article, the interested party is entitled to order their cancellation, transformation into anonymous form or, where data has been processed in violation of the law, their blocking, as well as, in any case and for legitimate reasons, opposing their processing. These requests must be made to electronic mailing address paycloud@paytec.it.

For your convenience the above-mentioned article is integrally provided:

Legislative Decree No.196/2003, Art. 7 - Right of access to personal data and other rights

1. The interested party is entitled to obtain confirmation on whether personal data concerning him actually exist or not, even if not yet registered, and their communication in intelligible form.

2. The interested party is entitled to obtain information on:

a. the origin of the personal data;

b. the purpose of the processing and the way in which it gets carried out;

c. the logic applied in case of processing being carried out with the aid of electronic equipment;

d. the particulars identifying the controller, the persons in charge and the designated representative in compliance with article 5, clause 2;

e. the individuals or categories of individuals to whom the personal data could be communicated or that could gain knowledge of them in their capacity as a designated territorial representative of the Country to which the persons in charge or delegated belong.

3. The interested party is entitled to obtain:

a. the updating, rectification or, should he be interested, integration of the data;

b. the cancellation, transformation in anonymous form or the blocking of data processed in violation of the law, including those for which storage is unnecessary in relation to the purposes for which the data were collected or subsequently processed;

c. certification that the operations as per letters a) and b) were reported, also as regards their content, of all those to whom the data were communicated or revealed, excepting where this cannot be accomplished or where means manifestly disproportionate in relation to the right protected would have to be used.

4. The interested person has the right to totally or partially oppose:

a. for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection;

b. the processing of personal data concerning him for the purposes of forwarding advertising material or direct sales or to carry out market or commercial communication research.

Final provision

References to applicable legislation are to be understood as automatically modified and/or adapted to whatever envisaged on the matter of subsequent statutory provisions and/or regulations.