Privacy Policy

Data Controller

A.M.S. S.R.L.

VIA 1 MAGGIO, 5-7 36050 SOVIZZO (VI)

VAT number: 00142830249

Types of Data Collected

Among the Personal Data collected by this Application, independently or through third parties, there are: email, Cookies, Usage Data, password, first name, last name, and Email. Detailed information on each type of data collected is provided in the relevant sections of this privacy policy or through specific informative texts displayed before data collection. Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during use of this Application. Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide the Data, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data without any consequence on the availability or operation of the Service. Users who have doubts about which Data are mandatory are encouraged to contact the Controller. The possible use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application, unless otherwise stated, is intended to provide the Service requested by the User, in addition to other purposes described in this document and in the Cookie Policy, if available. The User is responsible for the Personal Data of third parties obtained, published, or shared through this Application and guarantees that they have the right to communicate or disseminate them, releasing the Controller from any liability towards third parties.

Methods and Location of Data Processing

Processing Methods

The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data. Processing is carried out using IT and/or telematic tools, with organizational methods and with logics strictly related to the indicated purposes. In addition to the Controller, in some cases, Data may be accessible to other persons involved in the organization of this Application (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, postal carriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Controller. The updated list of Processors may be requested from the Data Controller at any time.

Legal Basis of Processing

The Controller processes Personal Data relating to the User if one of the following conditions applies:

The User has given consent for one or more specific purposes; Note: in some jurisdictions, the Controller may be authorized to process Personal Data without the User’s consent or any other legal basis specified below, as long as the User does not object (“opt-out”) to such processing. However, this is not applicable if the processing of Personal Data is regulated by European legislation on Personal Data protection;
Processing is necessary for the performance of a contract with the User and/or for pre-contractual obligations;
Processing is necessary for compliance with a legal obligation to which the Controller is subject;
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.

It is always possible to ask the Controller to clarify the specific legal basis that applies to each processing operation and in particular to specify whether the processing is based on the law, is required by a contract, or is necessary to conclude a contract.

Location

Data is processed at the operational offices of the Controller and in any other locations where the parties involved in the processing are located. For further information, contact the Controller. The User’s Personal Data may be transferred to a country other than where the User is located. To obtain further information on the place of processing, the User can refer to the section concerning the details of the processing of Personal Data. The User has the right to obtain information regarding the legal basis of Data transfers outside the European Union or to any international organization governed by public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Controller to protect the Data. If any of the transfers described above takes place, the User may refer to the respective sections of this document or inquire with the Controller using the contact details provided at the beginning.

Data Retention Period

Data are processed and stored for the time required for the purposes for which they were collected. Therefore:

Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until such contract has been fully performed.
Personal Data collected for purposes attributable to the Controller’s legitimate interests will be retained as long as needed to fulfill such purposes. The User may obtain further information regarding the legitimate interests pursued by the Controller in the relevant sections of this document or by contacting the Controller.

When processing is based on the User’s consent, the Controller may retain Personal Data for a longer period until such consent is revoked. Furthermore, the Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority. Once the retention period expires, Personal Data will be deleted. Therefore, at the expiration of that term, the right of access, deletion, rectification, and the right to Data portability can no longer be exercised.

Purpose of Data Processing

The User’s Data is collected to allow the Controller to provide its Services, as well as for the following purposes: Contacting the User, Interaction with social networks and external platforms, Registration and authentication, Access to third-party accounts, Managing payments, Infrastructure monitoring, Interaction with live chat platforms, Remarketing and behavioral targeting, Managing contacts and sending messages, Statistics, Displaying content from external platforms, Affiliate marketing, Interaction with support and feedback platforms, Managing user databases, Managing support and contact requests, and Hosting and backend infrastructure. For detailed information on the purposes of processing and on the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.

Facebook Permissions Requested by this Application

This Application may request some Facebook permissions allowing it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the Facebook social network, provided by Facebook Inc. For more information on the following permissions, refer to the documentation on Facebook permissions and Facebook’s privacy policy.

The requested permissions are as follows:

Basic Information

Basic information of the User registered on Facebook, including the following Data: id, name, picture, gender, locale, and, in some cases, Facebook “Friends.” If the User has made additional Data publicly available, it will be available.

Email

Provides access to the User’s primary email address.

Page Management

Allows the application to retrieve access_tokens for Pages and Applications that the user administers.

Insights

Provides access to Insight data for pages, applications, and domains that the user owns.

User Rights

Users may exercise certain rights regarding their Data processed by the Controller. In particular, Users have the right to:

Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
Object to the processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the relevant section below.
Access their Data. Users have the right to learn if Data is being processed by the Controller, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data being processed.
Verify and seek rectification. Users have the right to verify the accuracy of their Data and request that it be updated or corrected.
Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Controller will not process their Data for any purpose other than storing it.
Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Controller.
Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract of which the User is part, or on pre-contractual obligations thereof.
Lodge a complaint. Users have the right to bring a claim before their competent data protection authority or before a court.

Details about the Right to Object

When Personal Data is processed in the public interest, in the exercise of official authority vested in the Controller, or for the purposes of the legitimate interests pursued by the Controller, Users may object to such processing by providing a ground related to their particular situation to justify the objection.