The aim of this Privacy Policy is to describe the methods and purposes for which Giravolt S.r.l. as Data Controller, via the website www.doppiaa.it, collects and processes personal data relating to users who interact with the Website and with the various web services offered thereby.

The information contained in this Privacy Policy is provided pursuant to Article 13 of EU Regulation no. 679 dated 27 April 2016 (the “Regulation”), the Provisions issued by the Italian Personal Data Protection Authority and in accordance with the applicable European legislation.

Information regarding data processing is provided only for the Website and for the processing operations performed by the Company. It does not extend to the processing operations performed by third-parties that may be consulted by the User via a link. As regards said further processing, the Company does not assume any liability in that regard, thus the User must refer to the individual Privacy Policies of third-party websites.

  • Data Controller and Place of Processing

The Data Controller is the company Giravolt. S.r.l. with registered office located at via della Spiga 1 – 20121 MILAN (MI) – VAT No. 03656300989.

Data is mainly processed at the Data Controller’s registered office and is handled by technical staff at the Company appointed as data processors within the European Union and, in relation to the services entrusted of offered by third parties, also outside of Italy and/or outside of the European Union. In the event of the transfer of data to countries that do not have protection standards equal to those of Italy, the Company undertakes to take the measures necessary for this transfer.

  • Data Processing Methods

The Company processes User data by taking all appropriate security measures aimed at preventing unauthorised access, disclosure, modification or unauthorised destruction of data. Data processing is carried out using both manual and computerised and/or electronic tools, using organisational methods and logic that is strictly related and limited to the specified purposes.

  • Purposes of Data Processing and Legal Basis for Data Processing

The Company, via the Website, may process User data for the following purposes:

  1. Handling and responding to requests for information submitted by the User. After filling in the appropriate section of the Website, by entering his/her personal details, i.e., name and surname, date of birth (optional), mobile number and email address, through which the User can request specific information regarding the services offered by the Company. To this end, the User’s personal data shall be processed by the Company to take charge of, correctly handle and respond to the User’s request for information The Company, based on the request received, shall contact the User via the channel deemed most appropriate for the purposes of processing said request properly. The legal basis of the data processing is represented by the performance of the service expressed requested by the User. Any refusal to provide personal data shall result in the Company’s inability to handle and respond to the request for information.
  2. Marketing: When requesting information in the appropriate section of the Website, the User can freely express his/her consent, by selecting the appropriate tick box, to the use of his/her personal data and contact details entered by him/her (e.g. email address) for the purposes of receiving marketing communications, such as newsletters, invitations to participate in surveys and market research, informative and promotional material on Company services and/or offers, via both automated (e.g.. email, SMS) and traditional (e.g.. operator telephone calls) methods. The legal basis for data processing, in this case, is the express consent of the User, who can freely choose whether or not to consent to the marketing purposes: In fact, the provision of said consent by the User is entirely optional and shall not, in any way, preclude the possibility of using the services of the Company or Website, nor that of receiving the information requested in the form. The User may object to said submission and withdraw his/her consent via the appropriate link in the emails.
  3. Pursuing the legitimate interests of the Company and/or third parties: The User’s data may also be used to exercise the rights and legitimate interests of the Company and/or third parties, such as the right to defence in court, the handling of complaints and litigation, the possible recovery of receivables, the prevention of fraud and/or illegal activities. In these cases, even if the provision of the User’s personal data is not mandatory, said provision still necessary given that such data is closely related and instrumental to the pursuit of the aforementioned legitimate interests, which do not prevail over the User’s rights and fundamental freedoms. Any refusal to provide said data may result in the inability to provide the requested services (e.g. requesting information from the Company).
  4. Fulfilling legal obligations and/or applicable obligations: The Company may also use the personal data provided by the User or otherwise obtained during the User’s interaction with the Website for purposes associated with the implementation of legal obligations, regulations, national and EU legislation, as well as provisions issued by authorities legitimised to that effect, which represent the legal basis for data processing, therefore, without the User’s prior consent.
  • Data Categories Subject to Processing

The Company receives and collects, via the Website, information relating to the Users who visit the Website pages and who use the web services available thereupon. The Company specifically obtains and processes the following information:

    1. Data collected via browsing and via cookies

When the User visits the Website, the latter collects certain data, such as the pages displayed, the links or buttons clicked by the User, the date and time of access, the User’s IP address, the browser and operating system used (known as “browsing data”). Browsing data could, by its very nature, allow the User to be identified, including through processing and associations with data held by third parties. However, the Company uses this data for the sole purpose of obtaining statistical and anonymous information on the use of the Website for purposes strictly related to the operation of thereof. Browsing data could also be used to ascertain liability in the event of any computer crimes committed against the Website.

Secondly, in relation to the collection of User data through cookies and similar technologies, please see the Cookies Policy.

    1. Data provided voluntarily by the User

The Company limits the collection of information provided voluntarily by the User in relation to the pursuit of the purposes described in paragraph 3 above, as well as the services expressly requested.

The Company may also collect and process additional personal data, where said data are provided voluntarily by the User as part of the services offered by the Website, such as in the event that the User contacts the Company to report inadequate services or malfunctions or to exercise his/her rights regarding the processing of personal data, etc. This data shall be processed by the Company solely for the purposes strictly associated with the User’s request. Failure to provide personal data may result in the inability to obtain the requested service.

  • Disclosure of Data to Third Parties

The data provided by the User, as well as that collected by the Website as part of the related services (e.g. IP address) shall not be disseminated and may be disclosed, within EU or non-EU countries for the purposes and procedures described above, to the categories of parties specified below:

  • companies of Group to which the Company belongs, for administrative and accounting purposes pursuant to Article 24, paragraph 1, section i-ter of the Privacy Code, for the pursuit of the legitimate interests of the Company and/or third parties and for the purposes of performing the services expressly requested by the User;
  • collaborators, consultants and freelance professionals whom the Company uses to perform tasks of a technical or organisational nature (such as, for example, IT service providers), or with whom the Company collaborate, for the purpose of providing and operating its services, or for marketing activities;
  • people, companies or professional firms that provide the Company with support and advisory activities, with specific, but not exclusive, reference to accounting, administrative, legal, tax and financial matters;
  • other Companies of the Group, for the marketing purposes described in paragraph 3 above and, where required by law, subject to the User’s prior consent;
  • parties whose right to access data is acknowledged by legal provisions or by orders of the authorities.

The parties belonging to the categories specified above shall use the data as independent data controllers, in accordance with the law, or as data processors duly appointed by the Company.

Specifically, in the event that said parties are established in non-EU countries, the Company shall take the measures provided for by the Privacy Code and the Regulation to legitimise the transfer of personal data thereto. The list of parties to whom the data are or may be disclosed, as well as an indication of the privacy measures taken to legitimise non-EU transfers, may be specifically requested from the Company via the contact details specified in the section “User Rights and Contact Details”.

  • Data Retention

Data shall be processed for the time necessary to provide the services requested by the User and to conduct the activities associated with and instrumental to said services, as specified in paragraph 3 above and shall be deleted when the purposes for which they were collected and processed no longer apply. The Company shall specifically delete the personal data of Users who requested information promptly after having correctly processed the related request, in the event that said User do not consent to the receipt of marketing communications nor subscribes and/or signs up for the Company’s services. Secondly, the Company shall retain the personal data contained in the CVs of Users who sent their application for jobs within the Company for 12 months after receiving said application. After this period, the Company shall send a notification requesting the User’s consent to retain the personal data contained in their CV for an additional period and, should the User not consent thereto, the Company shall delete his/her personal data, in the event that the applicant has not established an employment/collaboration relationship with Company.

Lastly, data collected for the Company’s marketing purposes shall be retained until the User unsubscribes/objects and, in any case, until the purposes for which said data was collected and processed no longer apply. At the end of this period, the data shall be retained in anonymous form for analytical and statistical purposes.

  • User Rights and Contact Details

The User is entitled to contact the Company, via the methods specified below, to obtain:

  • confirmation of the existence or non-existence of his/her personal data and, in the case of the affirmative, to access the personal data held by the Company, as well as the following information:
  1. a) the purposes of the processing;
  2. b) the categories of personal data processed;
  3. c) the recipients or categories of recipients to whom the personal data have been or shall be disclosed, especially if located in third-party countries (and, in this case, an indication of the relevant adequate guarantees legitimising said disclosure of data);
  4. d) the data retention period or, if this is not possible, the criteria used to determine said period.

Furthermore, where applicable, the User may also exercise the rights pursuant to Articles 16 to 21 of the Regulation, specifically:

  • data rectification, i.e., the updating or amendment thereof;
  • data deletion;
  • processing limitation;
  • data portability.

The User is also entitled to object, for legitimate reasons, to the processing of data and, even partially with respect to the various means of communication, to said data being used for the purposes of commercial information, advertising, marketing or market research by the Company or third parties.

Lastly, the User is entitled to file a complaint with the Italian Personal Data Protection Authority in relation to the processing referred to in this Privacy Policy.

These rights can be exercised directly by sending a notification to the following email address: info@doppiaa.com

  • Amendments to the Privacy Policy

The Company reserves the right to make changes to this Privacy Policy at any time, giving notice thereof by means of publication on the Website. The User is asked to check said updates on the Website.

If the changes are particularly significant and/or substantially affect the User’s rights, the Company may report them to the User, including via a different method (for example, by sending an email).