Following a policy of transparency and fairness, in compliance with current regulations and with particular reference to the applicable national legislation and the European Privacy Regulation No. 679/2016 ("GDPR", hereinafter "Privacy Code"), The Raise Projects provides some information regarding the processing of personal data provided by the user.
The Raise Projects is a registered trademark and web portal owned by The Raise Projects.
It should be noted that, according to Article 4, paragraph 1, letter a) of the Privacy Code, processing shall mean: "any operation or set of operations, carried out even without the help of electronic means, concerning the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, erasure and destruction of data, even if not registered in a database".
1. PURPOSE OF PROCESSING
1.1. The data provided or otherwise acquired by the Owner directly from the User or from third parties are processed by our company and/or our appointees for the following purposes:
1. a) to carry out its activities in the execution, management, conclusion, fulfillment, of the existing pre-contractual and contractual relations, to provide the services requested or planned in favor of the User, as well as to carry out the strictly related activities;
2. b) for the fulfillment of obligations under laws, regulations, provisions issued by authorities and supervisory and control bodies;
3. c) for the performance of commercial activities for the promotion of services and products offered by the Holder and/or its Business Partners, including the sending of advertising material or periodic communications.
1.2. The Owner will proceed to collect or process the data. However, such data may subsequently be acquired and processed by the Controller's Partner entities that are to deliver the goods or provide the services purchased, always to the extent that such processing is instrumental for the specific purpose pursued by the transaction or services requested.
1.3. The data collected will also be processed by the Data Controller, without the need for explicit consent in accordance with the provisions of Article 130, paragraph 4, of the Privacy Code and the provision of the Guarantor "Simplifications of certain fulfilments in the public and private sector with respect to processing for administrative and accounting purposes" of 19/06/2008, for commercial communication, the offer of products or services, the sending of advertising material, and the performance of market research by the Data Controller through paper mail and electronic mail. Pursuant to Article 7, paragraph 4, of the Privacy Code, the customer may object at any time "to the processing of personal data concerning him/her for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication."
2. DATA PROCESSING METHODS
2.1. The processing in question is carried out in the manner provided for by the Privacy Code, including by means of computer and automated tools, non-exhaustively through operations of collection, recording, organization, storage, processing, selection, comparison, use, interconnection, consultation, communication, cancellation, destruction, and blocking of data, according to principles of security/protection, accessibility, confidentiality, and integrity. The same data are processed and held in terms of what is mandatorily required by law, within the limits and in the manner specified by the same. The processing is carried out directly by the organization of the Data Controller and by subjects external to that organization, being part of the network of its Business Partners, delegated as appointees/responsibilities of the same company and/or subjects strictly related to the operation of the same and/or the performance of the activities contractually provided for and requested by you (in addition to what is specified in point 4). The data are not subject to dissemination.
2.2. INFORMATION SPECIFIC TO THE The Raise Projects APP
The The Raise Projects app may require the use of the user's location. If explicitly requested by the app, this permission is for the sole purpose of ensuring its proper technical functioning.
User location data is NOT collected by the data controller in any way.
3. PROVISION OF DATA
The provision of personal data is necessary for the conclusion, management of the contract and for the best execution of the contractual services provided, as well as for the performance of activities closely related to the fulfillment of these services. The provision of data may be mandatory by law, regulation, EU legislation.
Any refusal of express consent to the processing of data will result in the impossibility of concluding or executing the contract and/or performing the services requested, or contractually provided. The provision of personal data for the purpose of information and commercial promotion of the services and offers promoted by the Owner is optional and has no consequences with regard to the contractual relationship.
4. SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA
4.1. The data provided may be disclosed by virtue of the purposes described in Section 1.1 a) and to be subjected to processing for the same purposes, to the following entities:a) Collaboratori del Titolare;
1. b) Subjects external to the organization of the Owner who carry out activities related and instrumental and aimed at the management of the contractual relationship, including, trusted personnel, lawyers, appraisers, business consulting companies, consultants, professional firms, data and service management entities, debt collection companies, entities and bodies that carry out electronic data management and means of payment companies that carry out printing, transmission, enveloping, transportation and sorting of communications to customers, documentation archiving services and companies specializing in data entry services, provision of computer services, administrative and accounting management services, through individuals appointed by the Data Controller.I dati potranno poi essere comunicati per le finalità di cui al punto 1.1 c) a collaboratori nonché incaricati del Titolare.
4.2. Personal data will not be disseminated, made available or given for consultation in any form to parties other than those mentioned in Section 4.1 above or to unspecified parties.
5. RIGHTS OF THE DATA SUBJECT IN RELATION TO THE PROCESSING OF PERSONAL DATA
5.1. The data subject, has the rights under Art . 7 Privacy Code and Art. 15 (right of access) of EU Regulation EU 2016/679 i.e. the rights to:
1. obtain confirmation of the existence or non-existence of personal data concerning him/her, even if not yet registered, and their communication in an intelligible form.
2. obtain the indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out with the aid of electronic instruments; d) the identification details of the owner, managers and the designated representative under Art. 5, paragraph 2 Privacy Code and Art. 3, paragraph 1,GDPR; e) the subjects or categories of persons to whom the personal data may be communicated or who can learn about them as appointed representative in the State territory, managers or agents.
III. obtain : a) the updating, rectification or, when interested, the integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
1. to object, in whole or in part: a) on legitimate grounds, to the processing of personal data concerning him/her, even if pertinent to the purpose of collection; b) to the processing of personal data concerning him/her for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications;
2. the right to lodge a complaint with the Supervisory Authority for any matter pertaining ii said data processing. Pursuant to Articles 16 to 22 of EU Regulation EU 2016/679 The data subject may exercise:
3. the right of rectification (Art. 16),
VII. The right to be forgotten (deletion art. 17),
VIII. The right to restriction of Processing (Art. 18),
1. the right to obtain notification from the Controller to the recipients to whom the data have been transmitted of any rectification or deletion or restriction of processing (Art. 19),
2. the right to portability (art. 20),
3. the right to object (art. 21),
XII. The right to refuse automated processing (Art. 22).
This allows you to access your data to:
Verify their veracity;
Modify them in case they become inaccurate;
Supplement them also with supplementary declaration;
Request their deletion;
Limit their processing;
Object to the processing.
The interested party may revoke at any time the consent expressed in relation to the distinct purposes indicated above, except for the impossibility of the continuation of business relations as indicated and without prejudice to the processing of data previously acquired for the fulfillment of fiscal and tax obligations dependent on the contracts concluded.
DELETION OF DATA
The Data Controller in compliance with the corresponding right of access to the data subject, has prepared procedures whereby data subjects may request the deletion without undue delay of personal data or the restriction of the processing of personal data concerning them for the following reasons: - Because the data are no longer necessary for the purposes for which they were collected; - Because the data subject has withdrawn consent; - Because the data subject objects to the processing; - Because the data are processed unlawfully.
5.2 In order to exercise the rights just summarized, you may contact the Data Controller directly, in the manner described in Article 9 of the Privacy Code. In particular, you may send a communication by registered letter addressed to: The Raise Projects, based in Athens
6. DATA CONTROLLER
6.1. The data provided may be processed by the Holder and all its collaborators and/or employees.
6.2. The data provided may be processed by third parties, who may be called upon to carry out processing operations on behalf of the Data Controller, appointed for this purpose as external data processors:
1. a) parties linked to the Holder by an agency relationship pursuant to Articles 1742 et seq. of the Civil Code;
2. b) companies that perform transmission, enveloping, transportation and sorting of communications to customers;
3. c) companies that perform archiving services of the documentation related to the relationships held with customers;
4. d) survey companies about: quality of services provided, customer satisfaction, new product offerings, etc;
5. e) companies that perform services related to the provision, measurement and optimization of websites and communication campaigns through the Internet.
6.3. The list of Processors is constantly updated and can be requested by sending a communication in the manner indicated in Section 5.2.
7. TYPES OF DATA COLLECTED
7.1. Among the Personal Data collected by this Platform, either independently or through third parties, are: Website, First Name, Last Name, Telephone Number, Business Name, VAT Number, Address, Province, E-mail, Cookies, Usage Data, Type of Service chosen by the prospect, and Password.
7.3. Failure by the User to provide certain Personal Data may prevent this Platform from providing its services.
7.4. The User assumes responsibility for the Personal Data of third parties published or shared through this Platform and warrants that he or she has the right to communicate or disseminate it, releasing the Owner from any liability to third parties.
8. FURTHER INFORMATION ON TREATMENT
8.1. Minimum security measures and how to store collected data
Pursuant to Article 31 of the Privacy Code, a series of measures must be taken to ensure the security of the data collected and the systems, minimizing the risks of destruction, loss, even accidental, of the data themselves and preventing any type of unauthorized access of processing that is not permitted or does not conform to the purposes of the collection. The data provided will be collected by the Data Controller using electronic means and for this reason, in compliance with the requirements of Annex B of the Privacy Code, additional security measures will be observed, such as:
1. a) the adoption of a computer authentication system;
2. b) the adoption of an authorization system, if authorization profiles of different scope are identified for the appointees.
In the first case, authentication credentials consist of either a code for identification of the processor associated with a keyword or an authentication device, both of which are confidential and known only to the processor. The code for identification cannot be assigned to several appointees, even at different times, while the credentials for authentication are deactivated either in case of prolonged inactivity (at least six months) or in case of loss of the quality that allowed the appointee to be able to access personal data.
In the second hypothesis, on the other hand, the authorization profiles must be identified and configured prior to the start of the processing of personal data and the existence of the conditions for their preservation must be verified, at least annually.
The Raise Projects, in its capacity as data controller, undertakes to equip itself with suitable electronic tools, updated at least every six months, designed to protect the personal data collected against the risk of intrusion and against the risk of dissemination of computer programs aimed at damaging or interrupting the computer system. Programs aimed at preventing the vulnerability of electronic tools will be updated annually, while at least weekly technical instructions must be given in order to save the collected data. In cases where the Owner uses personnel from outside its structure, a written statement of the intervention carried out must always be issued in order to certify its compliance with regulatory requirements.
8.2. Personal data security measures
Pursuant to Art.32 of the European Regulation EU 2°16/679 appropriate security measures will be taken to ensure the security of personal data and in case of their violation this will be communicated to the National Supervisory Authority in the ways reported in Art.33 of the same European Regulation, also bei cases provided for in the following Art.34 the violation will be communicated to the person concerned.
8.3. Litigation defense
The User's Personal Data may be used for the defense by the Owner in court or in the preparatory stages of its possible establishment, from abuse in the use of the same or related services by the User.
8.4. Specific disclosures
8.5. System logs and maintenance
For operation and maintenance purposes, this Platform and any third-party services used by it may collect System Logs, which are files that record interactions and may also contain Personal Data, such as the User IP address.
8.6. Information not contained in this policy
More information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.
8.7. Exercise of Rights by Users
The subjects to whom the Personal Data refer have the right at any time to obtain confirmation of the existence or non-existence of the same at the Data Controller, to know its content and origin, to verify its accuracy or request its integration, deletion, updating, rectification, transformation into anonymous form or blocking of Personal Data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing. Requests should be addressed to the Data Controller. This Platform may not support "do not track" requests, i.e., those that do not allow tracking of the User. To find out whether any third-party services used support them, please consult their privacy policies.
In compliance with Measure No. 229 issued by the Guarantor for the Protection of Personal Data on 8 May 2014, The Raise Projects provides the following information on cookies, their functions and how to possibly disable them.
What is a cookie?
A cookie is a small file that is downloaded to a user's browser for the purpose of storing data that can be retrieved by the entity responsible for its installation. Cookies are essential for the functioning of the Internet and, in addition, facilitate navigation.
What is the purpose of a cookie?
Cookies are used to store various types of information. There are many types of cookies, they can be classified according to the entity managing it (own or third-party cookies), the period of time they remain active (session or persistent cookies), or according to the purpose (technical, personalization, advertising analysis or behavioral advertising cookies). For example, a cookie is one that allows us to remember a user's session start data (if we store data on your computer such as your preferences and configurations, these, such as language, can be automatically re-established on your next visit without you having to set them again), obtain information about your browsing habits (so that we can improve your experience), or be able to present you with the most relevant advertising based on the information collected.
How can I revoke my consent and delete cookies?
What you can do is configure your browser to stop accepting cookies or to alert you whenever you visit a web page that uses them. Keep in mind that if you revoke your assent there are likely to be sections or applications of the website that you will not be able to use.
Types of cookies used by The Raise Projects
- Performance improvement cookies
These types of cookies save your preferences for certain services or settings (such as language or currency) so that you don't have to reconfigure them every time you visit our portal. In some cases, these changes may be made by third parties.
- Statistical analysis cookies
These cookies allow us to count the number of visitors and statistically analyze users' use of our Platform. This data can be processed by us or by third parties and thanks to them we can study the navigation within our Platform and improve its appearance.
- Geolocation cookies
They are used to geographically locate the location of computers, Smartphones or tablets in order to be able to offer the most appropriate content and services based on where they are.
- Registration Cookies
When you register on our Platform, cookies are generated that identify you as a registered user. They can be used to identify your user profile and associated services and remain saved unless you log out of your profile, turn off your computer or device. These cookies can be used by combining analytical data to individually identify your preferences in our portal.
These are those that allow us to effectively manage the promotional spaces of our Partners, so that we can adapt the content of the ad to your use of our web page. They can be processed by us or by third parties and thanks to them we will be able to know your Internet browsing habits and show you advertisements related to them.
- Other third-party cookies
The Raise Projects also possibly install cookies from Partners that allow us to manage and improve the services they offer.
The Raise Projects through its IT Platform at The Raise Projects may use the above types of cookies for communications with commercial profiling purposes and for direct marketing, which will only take place with the consent to online profiling from the interested party (this consent is optional and is requested, along with others, when the user registers in the Platform).
In the event that a user via his or her browser requests the deletion of cookies, our cookies will actually be removed (this is not one of those cookies that resist the request for deletion made via the browser). Therefore, we recommend that all interested parties who do not want our cookie simply delete it by going to the privacy settings of their web browser and selecting the option to delete cookies.
The use of other persistent cookies and session cookies (which are not stored persistently on the user's computer and vanish when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the website.
The cookies used in this site avoid the use of other computer techniques potentially detrimental to the confidentiality of users' browsing and do not allow the acquisition of personal identification data of the User.