Welcome to the website Swemax.com – Boost Your Athletic Performance/
The processing of personal data will be based on the principles of lawfulness, transparency, fairness and protection of confidentiality and your rights, always in accordance with national and European legislation currently in force.
Pursuant to Articles 4 and 24 of the GDPR, the Data Controller is Biometrica S.r.l., with registered office in Via Enzo Ferrari n. 6, Varano de’ Melegari – 43040 (PR) and operational headquarters in Largo Cacciari n. 1, 43122 – Parma, E-mail address email@example.com
Type of data processed
The Data Controller can collect and process the following data:
- Navigation data. The computer systems and software procedures used for this web site operation acquire, during their normal operation, personal data, whose transmission is implicit in the use of Internet communication protocols. However, this information is not collected to be associated with identified data subjects but are information which could – through processing and associations with data held by third parties – allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the website, requested resources addressed in URI (Uniform Resource Identifier) notation, the browser, the time of the request and other parameters relating to the operating system and computer environment of the User. These data are used only to receive anonymous statistical information on the use of the website and to check its proper functioning. They are deleted immediately after processing.
- Data collected when the User sends an e mail message to the e-mail addresses indicated on the website to receive information or request a specific service. In this case the e-mail address and all personal data included in the message are processed. These data are used exclusively for the purpose of fulfilling the User’s requests.
- Chat with us. Data provided by the User through the chat window (any personal data provided voluntarily in the message area) may be processed. These data are used exclusively to carry out to the User’s requests.
Legal basis and purpose of the processing
Data are processed for the following purposes:
- To carry out the User’s requests and answer the questions asked through the contact e-mail address indicated or though the chat window. The legal basis is the legitimate interest of the Data Controller (art. 6, letter f) GDPR) to provide a careful customer service, to provide information on the services offered, to improve and develop new product and services and to be more efficient;
- to send – to the e-mail address provided at the time of signing the purchase contract – information about goods or services such as those already purchased (so-called soft spam) and to detect the degree of satisfaction with the quality of the services used. The legal basis is the legitimate interest of the Data Controller (art. 6, letter f) GDPR). At any time, the User can oppose the processing of data by writing to the e-mail address of the Data Controller or by clicking on unsubscribe link in the received e-mails.
- to allow the User to join our community and receive e-mail communications to stay updated from the indiegogo compaign. The legal basis is the execution of contractual measures (Article 6, letter b), GDPR). At any time, the User can request to be removed from the community and / or to stop receiving communications by writing to the e-mail address of the Data Controller or by clicking on the unsubscribe link in the e-mails;
- for marketing and advertising purposes, in order to send news about products, services or promotions of Biometrica, by e-mail, phone or other digital communication tools. In this case the legal basis is the consent of the User (Article 6, letter a) GDPR). At any time, the User can withdraw consent by writing to the e-mail address of the Data Controller or by clicking on the unsubscribe link present in the e-mails;
- to fulfil orders, make shipments, manage payments, assistance and customer support. The legal basis is the execution of contractual and pre-contractual measure adopted at the request of the customer (Article 6, letter b), GDPR) and the fulfilment of legal, fiscal, accounting and administrative obligations (Article 6, letter c), GDPR).
Mandatory or optional nature of data provision and consequences of refusal to provide data
The provision of the data requested in the fields marked with an asterisk (*) is mandatory. Refusal to provide the data marked as mandatory may make it impossible to perform the contract and provide the services available. The provision of further data is optional.
The processing of personal data is carried out by the Data Controller using mainly electronic and telematic methods, using internal staff specifically authorized. Adequate security measures are taken in order to minimize the risk of destruction or loss – even accidental – of data, unauthorized access or treatment that is not allowed or does not conform to the purposes of collection. Data are processed at the Data Controller’s headquarter and in any other place where the parties involved in the processing are located, as well as at the host servers. For further information, please contact the Data Controller.
The data are processed for the time necessary to carry out the service requested by the User or in general until the purposes for which they were collected is achieved. For marketing purposes, the retention period is 24 months from the last useful interaction.
If the User decides to subscribe to the community, his data will be kept until he decides to unsubscribe. Subsequently, the personal data will be automatically deleted or permanently anonymised.
The User’s personal data will not be disclosed to unspecified subjects, however, may be communicated to professionals, collaborators, legal professionals and third parties who provide technical and organizational services on behalf of the Data Controller. These parties will be able to process the data as Data Controllers, Joint Controllers or Data Processors under art. 28 of GDPR; they are provided only with the information necessary to carry out their functions. A complete and updated list of the Data Processors is available upon request. The data may also be communicated or made available to the authorities who have the right to access the data under the provisions of the law, regulation or European legislation, within the limits and for the purposes provided by these rules.
Personal data will not be transferred to countries outside the EU that do not ensure adequate levels of data protection. If necessary, within the limits strictly related to the pursuit of the activities described, the Data Controller ensure that the transfer of data is carried out only based on standard contractual clauses and decision of adequacy, in compliance with the provisions of art. 44 et seq. of GDPR.
Links to other sites, platforms and social networks
There are specific legal rights in relation to the personal information we hold about the User which are recognized by Articles 15-22 EU Regulation 679/2016. These rights include:
- obtaining a copy of data and knowing if the Data Controller holds and/or processes personal data relating to the User. On this occasion the User may also have the right to obtain access to personal data and information regarding the processing purposes, the categories of personal data in question, the receivers or categories of receivers to whom the personal data have been or will be communicated (right of access);
- verifying, updating and obtaining the rectification of inaccurate data or the integration of incomplete personal data with no unjustified delay;
- obtaining the cancellation or removal of personal data;
- obtaining the restriction of processing;
- when applicable, receiving the personal data provided to the Data Controller, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Controller (right to portability);
- objecting to the processing;
- lodging a complaint with the competent data protection supervisory authority (Italian Privacy Authority http://www.garanteprivacy.it/) or take legal action.
The exercise of rights, except for letter g), may take place by sending a request to the e-mail address firstname.lastname@example.org