PRIVACY POLICY NOTICE pursuant to Article 13 of GDPR 679/2016
This document constitutes the privacy policy notice of Easy4Cloud Spa and describes the type of data collected and their processing.
1. Data Collected
By processing personal data, we mean any operation or set of operations performed with or without the aid of automated processes applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication through transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction. We inform you that the personal data subject to processing will consist of – depending on your decisions on how to use the services offered – an identifier such as name, surname, email address, tax code, phone number, province, VAT number, company name. Easy4Cloud collects navigation data whose acquisition is necessary for the use of internet communication protocols and therefore essential for the functioning of the website. These data are used solely to obtain anonymous statistical information in aggregate form about the use of the site and to ensure its proper functioning. This information is necessary for the fulfillment of the requested service by the user/data subject. The site does not use its own cookies for the transmission of personal information. Any use of cookies to facilitate and personalize navigation will be strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site.
2. Purposes of Processing
The processing of data will be carried out lawfully, fairly, and in accordance with the principles of lawfulness, necessity, and proportionality. The collected data will be processed for the following purposes:
a. to provide the requested services;
b. to respond to requests from data subjects/users;
c. to tailor the website’s content to the preferences of the users/data subjects;
d. to ensure that the content provided through the site is presented most effectively to users/data subjects;
e. to allow participation in interactive site features and improve its use;
f. to comply with legal obligations;
g. for promotional, advertising, commercial information, marketing, and direct sales activities of services and/or commercial products in the business market, also through the sending of free SMS, emails, advertising brochures, and/or magazines;
h. statistical analyses.
The use of personal data is in any case permitted by applicable data protection regulations when it is necessary for the pursuit of the data controller’s legitimate interests in pursuing the above purposes; when necessary to comply with legal or regulatory responsibilities, such as communication to authorities, government, or regulatory bodies; when necessary for the performance of a task carried out in the public interest or to initiate or defend against legal actions, or when processing concerns personal information that is manifestly public. Easy4Cloud does not perform fully automated processing, including profiling, that could harm the rights of the data subject. Data are retained for the period strictly necessary to fulfill contractual obligations and generally legal obligations. Specifically, the retention period of personal information depends on the purpose for which the data are processed and the tools used to process such personal information, therefore it is not possible to indicate the retention period unambiguously in this notice. However, the criteria used to determine the retention period are: (i) the need to retain the data in relation to the relevant purpose, (ii) the retention of the data for the time necessary to fulfill the relationship with the user/data subject, (iii) retention for the period required by applicable laws.
3. Legal Basis and Mandatory or Optional Nature of Processing
The legal basis for the processing of personal data for the purposes set out in Section 2 (A-B-C-D-E) is Article 6(1)(b) of the Regulation as the processing is necessary for the provision of the contracted services. Providing personal data for these purposes is optional, but failure to do so would make it impossible to activate the requested services. The purpose referred to in Section 2(F) represents a legitimate processing of personal data pursuant to Article 6(1)(c) of the Regulation. Once personal data are provided, the processing may indeed be necessary to comply with legal obligations to which Easy4Cloud is subject. The processing carried out for marketing purposes described in Section 2(G) is based on the release of your consent pursuant to Article 6(1)(a) of the Regulation. Providing personal data for these purposes is entirely optional and does not affect the use of the Services. Should the data subject wish to object to the processing of their data for marketing purposes, as described in Section 2(G) and 2(H), they may do so at any time by sending a request to privacy@easy4cloud.com.
4. Data Retention
Easy4Cloud may share data when it needs to (i) engage third parties such as suppliers, contractors, or third-party agents, (ii) transmit data or technical and administrative documentation to the competent authorities, (iii) use individuals authorized by Easy4Cloud to process personal data necessary to carry out activities strictly related to the provision of the Services, who have committed to confidentiality or have an adequate legal obligation of confidentiality, such as Easy4Cloud employees. In all cases, the data remain under the control of Easy4Cloud, which ensures their protection through appropriate transmission tools. The data provided to third parties as mentioned above are not processed by third parties except for legal obligations. Easy4Cloud specifically requests suppliers, contractors, or third-party agents to comply with the GDPR requirements to ensure that the data continue to be processed with an adequate level of protection.
5. Data Transfer Outside the European Union
Personal data may be transferred and processed in one or more countries inside or outside the European Union. In the latter case, Easy4Cloud will transfer the data outside the EU only to countries that the European Commission considers to provide an adequate level of protection.
6. Data Security
Although data transmission over the internet can never be completely secure, Easy4Cloud has adopted a privacy policy with strict operational procedures and high technical security standards to prevent any unauthorized access, modification, deletion, or transmission of data. In the event of a particularly serious data breach, as required by Regulation 679/2016, Easy4Cloud will notify the Data Protection Authority.
7. Data Subject’s Rights
Pursuant to Article 13 of GDPR 679/2016 applicable to data protection, the data subject has the right to access and obtain a copy of their personal data; to request confirmation of the actual processing of their personal data. The data subject may also request an electronic or digital copy of their data; the data subject has the right to rectify and/or update their personal data if they can demonstrate the inaccuracy of the personal data held by the data controller concerning them; the data subject has the right to erasure (“right to be forgotten”). The request can be made at any time, and Easy4Cloud will evaluate the terms of acceptance within the limits that may arise from rights or legal obligations that may require data retention. If there are no specific hindering reasons, Easy4Cloud will proceed with the deletion without delay. To exercise the above rights, the data subject can write directly to the following email address: privacy@easy4cloud.com. Easy4Cloud does not have systems that allow data portability. Where the lawfulness of personal data processing is based on previously expressed consent, the data subject also has the right to withdraw consent at any time. However, the withdrawal does not affect the lawfulness of any processing based on previously expressed consent. The Data Controller is Easy4Cloud Spa, represented by the legal representative pro-tempore, with its headquarters at Via Francesco Sforza, 14 – 20122 Milan MI – Italy. If the data subject believes their rights have been violated, they may file a complaint with the Italian Data Protection Authority.
8. Marketing Communications
Easy4Cloud will send marketing communications via email only if the data subject has expressly consented to receive such communications. If the data subject no longer wishes to receive marketing communications, they may send a communication to privacy@easy4cloud.com, clearly indicating their name, email address, and the specific communications they no longer wish to receive.
9. Changes to the Privacy Policy
The conditions of this notice may change, also as a result of any legislative changes or updates. Easy4Cloud will publish any changes to this notice through communication on its website www.easy4cloud.com or by directly contacting the data subject through other authorized channels.
Browsing the sites www.easy4cloud.com, www.corem.cloud, www.xbp.cloud, www.easyofficecloud.com, www.easycallcloud.com, www.speedycrm.com, www.easysocialcloud.com is free and does not necessarily require registration.
