Update effective October 15, 2019.
The company Insidre LLC (30-1207424) with legal office in 478 E Altamonte Drive, Suite 108-560 Altamonte Springs, FL 32701, as controller of data processing (hereinafter the “Controller”) of the website insidre.us (hereinafter the “Site”) informs its visitors (hereinafter “Subjects”) according to the provision of art. 13 of the European Regulation n. 2016/679 entitled General Data Protection Regulation (hereinafter “GDPR”).
Controller is aware of the importance of personal data (hereinafter “Data”) processing of the Subjects and informs the latters on what type of Data are being processed and the related modalities.
The Subject is informed that proceeding through the navigation of the Site or expressing its will to use the services provided by the Controller, the former declares to have read and accepted the present information on Data processing (hereinafter “Information”).
For any doubt redarding the Information please contact the following email address: info@insidre.us
What are the rights of the Subject?
Subject is entitled with the following rights:
- Right to be informed about a Data processing regarding its person and access to its Data;
- Right of rectification
- Right of cancellation (erase) of Data;
- Right of limitation of processing
- Right of Data portability in order to receive or disclose to another controller its Data in a format that shall be structured, commone use and readable from authomatic devices
- Right of opposition to processing
- Right of withdrawal of any given consent
- Right of complain before the competent supervisor authority redarding suspected violation of Data processing
How to excercise rights?
Subject may excersise its rights sending a request to the indicated email address. Controller will not charge any additional cost to Subjects for their request (unless it is deemed to be far exceeding the rights) and the former may request additional information in order to comply with request.
Request are usually complied within 30 days, but in case the request is deemed to be complex or the Controller is overwhelmed from requests or it helds a certain level of complexity, it may require additional time (not exceeding 60 days) and, thus, Subject will be promptly informed by the Controller.
What Data are processed?
Controller process Data that are provided by the Subject and from third parties in order to fulfil with Subject request of being contacted or receive services of the Controller (hereinafter together “Services”).
- Data provided from Subject
Cathegories of Data | Type of Data |
---|---|
Common Data | Name, surname, residence, email, phone, fiscal code/Vat number |
Position Data | Location |
Technical Data | IP address and cookies |
- Data collected from third parties
Third parties | Type of data |
---|---|
Analytics provider | Behavioural DataTechnical Data |
Aggregated Data
Controller may collect, use and share and disclose aggregated data, such as statistics, for any purpose
Aggregated Data may be related to Data of the Subject, but once aggregated such Data cannot identify any Subject and are not to be considered a personal data. However, in case aggregated Data are cmbined or connected with Data of the Subject and it is identified, Controller will process aggregated Data as stated in the present Information.
Particular Data
Controller does not process any particular Data (particular Data are personal data related to etnic origin, religious or filosophycal convinctions, sexual orientation, political opinions, genetic, bio and health data) as does not process any Data related to crime convictions of Subjects.
Why Data are processed?
Controller process Data regarding the purposes listed as follows.
GDPR requires that Controller shall have a legal base for each purpose of processing and one of the legal bases is the consent of the Subject.
Consent may be revoked at any time, but prior processing of consent revocation will not be influenced.
Here follows a table of purposes, description and processig period
Purpose | Description | Processing period |
---|---|---|
Providing Services | Subject may request to be contacted or being provided with a specific service of the Controller | Data will be processed until the Services are being provided. |
Providing support to Subjects | Subjects may incur in technical problems during the navigation and, consequently, request assistance from the Controller | Data will be processed until requests are completed |
Newsletter | Subject can subscribe to Controller newsletter in order to receive update on Controller activity | 2 years |
Comply with law and regulations, provisions of public and judicial autorities | Controller may process Data in order to respect laws and regulations, provisions of public and judicial autorites | Period of processing is determined by law and regulations, provision of public and judicial autorities. |
What if Subject does not provide Data?
Controller will not provide Services or support to Subjects in case necessary Data are not provided by the Subject. In case such shall occure, Controller may request to the Subject to provide or integrate Data or, in case the latter does not provide or integrate, the former is entitled to delite Data and not providing Services or support.
For differente purposes from the above mentioned providing Data is not mandatory and it will not influence Services or support.
Are Data disclosed or spreaded?
- Disclosure
Data can be disclosed to third parties as follow:
Receiving third party | Purpose of disclosure |
---|---|
Suppliers | Suppliers that support Controller with Services |
Advisors | In case it is mandatory for legal or autorities provisions, Controller can disclose Data to external advisors |
Public or judicial autority | Controller can disclose Data to such third parties in case it is mandatory by the law or by a specific provision of a public authority |
- Spread
Data will not be spreaded to third parties and will not be spreaded to the public
Where are Data stored
Controller stores Data in paper and digital archives both in its legal office and within the European Union. Controller may store Data outside European Union if it is necessary for purposes of processing and, in such case, it assures that Data are processed according to GDPR provisions, adequacy decision of the European Committee, Privacy Shields and agreements in order to provide an adequate level of Data security (last 2 requirements only if necessary/mandatory).
How does the Controller process Data?
Controller process Data by adopting the suitable security measures in order to prevent non-authorised access, disclosure, alteration and destruction of personal data. Processing is executed through IT procedures and through paper, whether is deemed to be necessary, by authorized internal subjects and external processors appointed by the Controller
What is the policy for processing minors’ Data?
Controller is aware of the delicacy of minors’ Data processing. In particular, Services are not intended to be provided to minors of age 16 and Controller does not process voluntarily such data: to this effect, Controller requests to Subject to not request Services in case they have less than 16 years old.
Controller requests to whom holds parental responsibility to control that Services are not requested by minors less than 16 years old. In case such event shall be acknowledged by the Controller, it will proceed to delite Data of the above mentioned Subjects.
What if there are links to other websites?
Controller informs Subjects that the present Information applies only to the Site and in case there are links to other websites, Subjects are informed to consult the related privacy policy.
Controller shall not be liable for Data provided by the Subjects to other websites
Changes to the present Information
Controller reserves the right to amend the present Information at any time. In case of amendments Controller will update the amended Information to the Site and communicate the amendment to Subjects.
Subject is informed that by using the Site after the amendments it accepts such amended.