You need to have Google read you

Insert your HTML/script code

Alex

@awpthorp

freepik__realistic-christmas-tree-in-a-cozy-indoor-setting-__70353.jpeg

Start creating your website with Flazio today, free forever!

Privacy Policy - www.flazio.com

Min

LAST HOURS to grab your 50% discount!

Activate Flazio PRO for €49

Claim it

This Application collects some Personal Data from its Users.

Data Controller

Flazio S.R.L. unipersonale – Via G. Mazzini 2, San Giovanni La Punta 95037 CT,
dpo@flazio.com

Categories and Types of Information Collected

This Application collects Personal Data in various ways, both directly and through third parties. Among the data collected are information such as first name, last name, email address, phone number, occupation, province, country, ZIP/postal code, date of birth, city, address, company name, website, miscellaneous information, gender, VAT number, Tax Code, business sector, User ID, geographic location, profile picture, personal description, data communicated while using the service, username, and camera-related permissions. The Application also collects unique device identifiers for advertising purposes, such as the Google Advertiser ID or the IDFA identifier.

Any additional Personal Data may be mentioned in other sections of this privacy policy or in notices displayed at the time the data is collected.

Personal Data may be provided voluntarily by the User or collected automatically during use of this Application.

Unless otherwise specified, all Data requested by this Application are mandatory. Refusal to provide such data may make it impossible for the Application to provide its services. Where some data are indicated as optional, Users may choose not to provide them without affecting the availability or functioning of the service.

Users who are uncertain about which Data are mandatory are encouraged to contact the Controller. The use of cookies or other tracking tools, unless otherwise specified, is intended to identify the User and store preferences for the provision of the service requested by the User.

The User is responsible for Personal Data of third parties obtained, published, or shared through this Application and confirms that they have the right to share or disclose them, thereby releasing the Controller from any liability toward third parties.

Methods of Processing

The Controller of Users’ Personal Data adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Data processing is carried out using IT and/or telematic tools, following organizational procedures and logics strictly related to the purposes indicated. In some cases, in addition to the Controller, certain categories of persons involved in the operation of the site (such as administrative, sales, marketing, legal staff and system administrators) may have access to the Data. Moreover, external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, and communication agencies) may be appointed, if necessary, as Data Processors by the Controller. An up-to-date list of Data Processors may always be requested from the Controller.

Legal Basis of Processing

The Controller processes the User’s Personal Data in the following cases:

When the User has given consent for one or more specific purposes. Please note that, in certain legal contexts, the Controller may process Personal Data without the User’s explicit consent or another legal basis, until the User objects (“opt-out”) to such processing. However, this does not apply where the processing of Personal Data is governed by European data protection legislation.

When processing is necessary for the performance of a contract with the User and/or for pre-contractual measures.

When processing is required to comply with a legal obligation to which the Controller is subject.

When processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller.

When processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.

It is always possible to request that the Controller specify the concrete legal basis for each processing activity, particularly whether it is based on law, on a contract, or is necessary to enter into a contract.

Place of Processing

The User’s Personal Data are processed at the operational headquarters of the Controller and in any other location where the parties involved in the processing are located. For further details, please contact the Controller directly.

The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information about the place of processing of Personal Data, please refer to the section providing details regarding the processing of Personal Data.

The User has the right to receive information regarding the legal basis for the transfer of Data outside the European Union or to an international organization governed by public international law or formed by two or more countries (e.g., the UN). The User may also request information on the security measures adopted by the Controller to protect the Data.

In the event that one of the transfers described above takes place, the User may refer to the relevant sections of this document or contact the Controller directly using the contact details provided at the beginning of this notice.

Retention Period

Personal Data are processed and stored for as long as required by the purposes for which they were collected, unless the User requests deletion of the data, which will be carried out immediately.

Consequently:

Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the contract has been fully performed.

Personal Data collected for purposes connected to the legitimate interests of the Controller will be retained until such interests have been satisfied. For further information on the legitimate interests pursued by the Controller, please refer to the relevant sections of this document or contact the Controller directly.

Where processing is based on the User’s consent, the Controller may retain Personal Data for a longer period until such consent is withdrawn. In addition, the Controller may be required by law or by order of an authority to retain Personal Data for a longer period.

Upon expiry of the retention period, Personal Data will be deleted. Therefore, after this period, the right of access, erasure, rectification, and the right to data portability can no longer be exercised.

Purpose of the Processing of Collected Data

The User’s Data are collected to allow the Controller to provide its Services, as well as for the following purposes: access to accounts on third-party services, contacting the User, contact management and message sending, payment management, handling support and contact requests, hosting and backend infrastructure, content commenting, social features, tag management, statistics, interaction with social networks and external platforms, heat mapping and session recording, interaction with live chat platforms, interaction with support and feedback platforms, location-based interactions, permissions to access Personal Data on the User’s device, protection against SPAM, advertising, registration and authentication, remarketing and behavioral targeting, testing content and feature performance (A/B testing), transfer of Data outside the European Union, and display of content from external platforms.

For more detailed information on the purposes of processing and the specific Personal Data relevant to each purpose, the User may consult the corresponding sections of this document.

Facebook Permissions Requested by this Application

This Application may request authorization to use certain permissions provided by Facebook, allowing the Application to interact with the User’s Facebook account and collect information, including Personal Data. This service allows this Application to connect to the User’s account on Facebook, which is provided by Facebook Inc.

For more details on the permissions mentioned, please refer to Facebook’s permissions documentation and Facebook’s privacy policy.

Basic Information

The basic information of a User registered on Facebook typically includes the following Data: ID, name, profile picture, gender, and locale/language. In some cases, the User’s Facebook “Friends” may also be accessible. If the User has made additional Data publicly available, such information will also be accessible.

“About Me” of Friends

Allows access to the “About Me” section of the User’s friends’ profiles.

Access to Private Data

Grants access to private data of the User and their friends.

Permissions to Access Personal Data on the User’s Device

Depending on the specific device used by the User, this Application may request certain permissions to access the User’s Data stored on the device, as described below. Such permissions must be granted by the User before any information can be processed. The User may revoke these permissions at any time. To revoke permissions, the User can use the system settings or contact the Controller using the details provided in this document.

Please note that revoking one or more permissions may affect the proper functioning of this Application. If the User grants the permissions listed below, the related Personal Data may be subject to processing—such as access, modification, or removal—by this Application.

Camera Permission

This permission is required to allow access to the camera or to capture images and videos from the device.

Details on the Processing of Personal Data

Personal Data are collected for the following purposes and using the following services:

Access to Accounts on Third-Party Services

These services allow this Application to access Data from your accounts on third-party services and to perform actions through them. Such services are not activated automatically, but require the User’s explicit authorization.

Access to the Facebook Account (this Application)

This service allows this Application to connect to the User’s account on Facebook, a social network provided by Facebook, Inc. The permissions requested include access to private data.
Place of data processing: United States. For further details on data handling, please refer to the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Access to the Twitter Account (Twitter, Inc.)

This service allows this Application to connect to the User’s account on Twitter, a social network provided by Twitter, Inc. Personal Data collected include various types of data, as specified in the service’s privacy policy.
Place of data processing: United States. For further details on data handling, please refer to the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Content Commenting

Commenting services allow Users to make and publish their comments regarding the content of this Application. Depending on the settings chosen by the Controller, Users may leave comments anonymously. If the User provides an email address among the Personal Data, it may be used to send notifications about comments on the same content. Users are responsible for the content of their own comments.

If a third-party commenting service is used, it may still collect web traffic data for the pages where the commenting service is installed, even if Users do not use the service.

Facebook Comments (Facebook, Inc.)

Facebook Comments is a service provided by Facebook, Inc. that allows the User to publish comments and share them on the Facebook platform. Personal Data collected by this service include Cookies and Usage Data.
Place of data processing: United States. For further details on data handling, please refer to the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Contacting the User

Mailing List or Newsletter (this Application)

By registering for the mailing list or newsletter, the User’s email address is automatically added to a contact list that may receive email messages containing information—including commercial and promotional information—related to this Application. The User’s email address may also be added to this list after registering with this Application or after making a purchase.

Personal Data collected include ZIP/postal code, city, last name, Cookies, date of birth, Usage Data, email, address, country, first name, phone number, occupation, province, company name, and website.

Telephone Contact (this Application)

Users who have provided their phone number may be contacted for commercial or promotional purposes related to this Application, as well as to respond to support requests.

Personal Data collected in this context include the phone number.

Contact Form (this Application)

By filling in the contact form with their Data, the User authorizes the use of these details to reply to requests for information, quotes, or any other kind of request indicated in the form’s header.

Personal Data collected through this process include ZIP/postal code, city, Tax Code, last name, date of birth, email, User ID, address, country, first name, phone number, VAT number, occupation, province, company name, gender, business sector, website, and various types of Data.

Social Features

Inviting and Suggesting Friends (this Application)

This Application may use Personal Data provided by Users to allow them to invite their friends—for example, through access to the address book, subject to authorization—and to suggest friendships or connections within the Application. Personal Data collected for this purpose may include different types of information.

Public Profile (this Application)

Users may have a public profile that can be viewed by other Users. In addition to the Personal Data provided, this profile may include the User’s interactions with this Application. Personal Data collected for the public profile may include city, last name, date of birth, email, image, address, country, first name, phone number, geographic location, occupation, province, and company name.

Contact Management and Message Sending

These services allow the management of a database of contacts, which may include email addresses, phone numbers, or other contact details used to communicate with the User. These services may also collect data concerning the date and time the User views messages, as well as the User’s interaction with them, such as information about clicks on links included in messages.

Mailgun (Mailgun, Inc.)

Mailgun is a service for managing email addresses and sending emails provided by Mailgun, Inc. Personal Data collected by this service include last name, Cookies, date of birth, Usage Data, email, address, country, first name, phone number, occupation, gender, and various types of Data.
Place of data processing: United States. For further details on data handling, please refer to the Privacy Policy.

ServerSMTP (TurboSMTP)

The Controller informs the User that, to enable the sending of electronic communications related to the Services offered, it may use an external email service provider called ServerSMTP (https://serversmtp.com/it/).
For this purpose, the User’s email address and any data strictly necessary for the delivery of the message may be processed by the provider, which acts as Data Processor pursuant to Art. 28 of Regulation (EU) 2016/679 (GDPR), under a specific contractual agreement with the Controller.

Processing by ServerSMTP will be carried out solely for the purposes connected to the transmission of communications and in compliance with appropriate technical and organizational security measures. The data will not be processed by the provider for additional purposes nor disclosed to unauthorized third parties.

Domain and Mailbox Management

These services enable the registration of domain names, hosting, and activation of mailboxes.

OpenSRS (Tucows Domains Inc)

Personal Data collected by this service include last name, Cookies, date of birth, Usage Data, email, address, country, first name, phone number, occupation, gender, as well as various types of Data, Tax Code, VAT number, and company name.
Place of data processing: Canada. For further details on data handling, please refer to the Privacy Policy.

Payment Management

Payment processing services enable this Application to process payments by credit card, bank transfer, or other means. The data used for the payment are acquired directly by the requested payment service provider and are not processed in any way by this Application. Some of these services may also allow for scheduled messages to be sent to the User, such as emails containing invoices or payment notifications.

Braintree (PayPal): Braintree is a payment service provided by Braintree, a division of PayPal, Inc. Personal Data collected are of various types, as specified in the service’s privacy policy. For further details, see PayPal’s privacy policy.

PayPal (PayPal): PayPal is a payment service provided by PayPal Inc., allowing the User to make online payments. Personal Data collected are of various types, as specified in the service’s privacy policy. For further details, see PayPal’s privacy policy.

Flazio PAY (Mangopay S.A.): Flazio PAY is a payment service provided by Mangopay S.A., allowing the User to make online payments. Personal Data collected are of various types, as specified in the service’s privacy policy. For further details, see Mangopay S.A.’s privacy policy.

Tag Management

These services are used for the centralized management of tags or scripts used on this Application. The use of such services involves the passing of the User’s Data through them and, where applicable, their storage.

Google Tag Manager (Google LLC): Personal Data collected include Cookies and Usage Data. Place of data processing: United States. For further details, please refer to the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Handling Support and Contact Requests

These services allow this Application to manage support and contact requests received via email or other tools, such as the contact form. The Personal Data processed depend on the information provided by the User in the messages and on the tool used for communication, e.g., the email address.

Zendesk (Zendesk, Inc.): A service for managing support and contact requests provided by Zendesk, Inc. Personal Data collected include various types of information, as specified in the service’s privacy policy. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Heat Mapping and Session Recording

Heat mapping services are used to identify the areas of a web page that attract the greatest User interest, based on data such as mouse movements or clicks. These services allow monitoring and analysis of traffic data to track User behavior. Some of these services may record sessions and make them available for later viewing.

Smartlook (Smartsupp.com, s.r.o.): A heat mapping and session recording service provided by Smartsupp.com, s.r.o. Personal Data collected include Cookies, Usage Data, and various types of information, as specified in the service’s privacy policy. Place of data processing: Czech Republic. For further details, see the Privacy Policy.

Hosting and Backend Infrastructure

Hosting services are intended to host Data and files that enable this Application to operate, distribute its content, and provide a ready-made infrastructure to deliver specific functionalities. Some of these services operate through geographically distributed servers, making it difficult to determine the exact location where Personal Data are stored.

Google Cloud Storage (Google Inc.): A hosting service provided by Google Inc. Personal Data collected include various types of information, as specified in the service’s privacy policy. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Interaction with Live Chat Platforms

These services allow interaction with third-party live chat platforms directly from the pages of this Application. This enables the User to contact the support service of this Application, or this Application to contact the User while they are browsing its pages. If a live chat interaction service is installed, it may collect Usage Data relating to the pages on which it is installed, even if Users do not use the service. Live chat conversations may also be recorded.

Facebook Messenger Customer Chat (Facebook, Inc.): A service for interacting with the Facebook Messenger live chat platform provided by Facebook, Inc. Personal Data collected include Cookies, Data communicated while using the service, Usage Data, and About-me information. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Interaction with Support and Feedback Platforms

These services allow direct interactions with platforms managed by third parties, directly from the pages of this Application. Even if Users do not explicitly use these services, Usage Data may still be collected on the pages where such services are installed.

Zendesk Widget (Zendesk, Inc.): A service for interacting with the Zendesk support and feedback platform provided by Zendesk Inc. Personal Data collected include last name, Cookies, Usage Data, email, first name, phone number, and username. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Interaction with Social Networks and External Platforms

These services allow the User to interact with social networks or other external platforms directly from the pages of this Application. Such interactions and the information obtained are subject to the User’s privacy settings for each social network.

Facebook Like button and social widgets (Facebook, Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Twitter Tweet button and social widgets (Twitter, Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

Pinterest “Pin it” button and social widgets (Pinterest Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: United States. For further details, see the Privacy Policy.

Google+ +1 button and social widgets (Google Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: United States. For further details, see the Privacy Policy. Please note that the entity adheres to the Privacy Shield.

LinkedIn button and social widgets (LinkedIn Corporation): Personal Data collected include Cookies and Usage Data. Place of data processing: United States.

PayPal button and widgets (PayPal Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: see PayPal’s privacy policy.

Tumblr button and social widgets (Tumblr Inc.): Personal Data collected include Cookies and Usage Data. Place of data processing: United States.

YouTube button and social widgets (Google Inc.): Personal Data collected include Usage Data. Place of data processing: United States. Please note that the entity adheres to the Privacy Shield.

Location-Based Interactions

Non-continuous Geolocation (this Application)

This Application collects, uses, and—if authorized by the User—shares data relating to geographic location in order to provide location-based services. The User’s geographic location is obtained only upon the User’s explicit request or when the User allows the Application to automatically detect location. Most browsers and devices provide tools to deny geolocation tracking, thereby allowing control over the sharing of such data. Personal Data collected in relation to geographic location include the User’s actual location.

Permissions to Access Personal Data on the User’s Device

This Application requires the User to grant certain permissions, thereby allowing access to data stored on their device, as indicated below.

Permissions to Access Personal Data on the User’s Device (this Application)

This Application requests authorization from the User to access the device’s camera. This allows the Application to capture images and videos from the camera for specific purposes as indicated herein.

Protection Against SPAM

Google reCAPTCHA is used by this Application to protect traffic from unwanted or SPAM content. This service helps determine whether a user is a human or a bot, thereby reducing the submission of unwanted messages. Personal Data collected by Google reCAPTCHA include cookies and Usage Data. For further details on privacy and terms of use, refer to Google’s privacy policy. This service is subject to the Privacy Shield, an agreement between the United States and the European Union establishing certain standards for the protection of personal data.

Advertising

These services allow the use of the User’s data for commercial communication purposes in various forms of advertising, including banners, which may be tailored to the User’s interests. Not all Personal Data are used for advertising; detailed information and conditions of use are specified below.

Some of the services mentioned may use cookies to identify the User or employ behavioral retargeting to display personalized advertising based on the User’s interests and behavior—even outside this Application. For further details, please consult the privacy notices provided by each service.

In addition to the opt-out options offered by the services listed, Users can opt out of receiving third-party cookies by visiting the Network Advertising Initiative opt-out page.

eADV (eADV s.r.l.)
Personal Data collected: Cookies and Usage Data.
Place of processing: Italy – Privacy Policy.

Facebook Audience Network (Facebook, Inc.)
Facebook Audience Network is an advertising service provided by Facebook, Inc. This service uses various identifiers, including the Android Advertising ID and the Advertising Identifier for operating systems (such as IDFA on iOS devices), to deliver targeted advertising to users. It also uses users’ advertising preferences to show relevant ads.

To control the sharing of your advertising preferences or to opt out of Audience Network’s targeting features, you can use your mobile device settings. You can change the advertising settings available on your mobile devices or follow the specific instructions for Audience Network found in the application’s privacy policy.

Please consult Facebook’s privacy policy for more details on Facebook’s data use and your privacy options. Facebook, Inc. is based in the United States.

Registration and Authentication

Registration and authentication services allow users to register or authenticate on an application, granting them access to specific services. In some cases, these services may be provided by third parties:

Facebook Authentication (Facebook, Inc.): Allows users to register or sign in using Facebook credentials. The service may provide the Application with certain information about the user registered via Facebook. For details about the types of data collected, see the service’s privacy policy. Based in the United States.

Log In with PayPal (PayPal, Inc.): Allows users to register or sign in using PayPal credentials. The service may provide certain information about the user. For details about the data collected, see the service’s privacy policy. Based in the United States.

Using these services can simplify registration and login, but users should be aware of what information is shared and follow the related privacy policies.

Remarketing and Behavioral Targeting

Remarketing and behavioral targeting services allow this Application and its partners to tailor advertising based on the User’s past use of the Application. This personalization is carried out using information collected through tracking Usage Data and the use of cookies.

Personalized ads may be displayed both within this Application and on third-party websites. The goal is to present advertising that is more relevant to the User’s interests and past behavior within the Application.

The User can opt out of this personalization via the privacy settings or opt-out options provided by the respective remarketing and behavioral targeting services. It is also possible to opt out of receiving third-party cookies by visiting the Network Advertising Initiative opt-out page.

AdWords Remarketing (Google Inc.): Uses cookies and Usage Data to personalize ads. You can opt out via Google’s opt-out page. Place of processing: United States – Privacy Policy – Opt Out.

Facebook Custom Audience (Facebook, Inc.): Uses cookies and email for remarketing. You can opt out following the instructions in the privacy policy. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

Facebook Remarketing (Facebook, Inc.): Similar to the above, but uses only cookies and Usage Data. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

LinkedIn Website Retargeting (LinkedIn Corporation): Uses cookies and Usage Data. You can opt out following the instructions in the privacy policy. Place of processing: United States – Privacy Policy – Opt Out.

Remarketing with Google Analytics for Display Advertising (Google Inc.): Connects Google Analytics tracking with the AdWords advertising network and the DoubleClick cookie. Uses cookies and Usage Data. Opt out via Google’s opt-out page. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

Statistics

The monitoring and analysis services listed in this section allow the Controller to collect and analyze traffic and user behavior data:

Matomo: An analytics service that examines and displays personal data of users visiting websites. Collects cookies and Usage Data. Opt-out via the privacy policy. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

Google Analytics (Google Inc.): Web analytics service provided by Google Inc. used to track and analyze use of this Application. Google may use the collected Personal Data to contextualize and personalize ads on its advertising network. Opt-out via the privacy policy. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

Google Analytics with anonymized IP (Google Inc.): This integration anonymizes the User’s IP address by shortening it within EU member states or other EEA countries. Opt-out via the privacy policy. Place of processing: United States – Privacy Policy – Opt Out. Adherent to the Privacy Shield.

ShinyStat (Triboo Data Analytics S.R.L.): Provides statistics and anonymizes the User’s IP address. Opt-out via the privacy policy. Place of processing: Italy – Privacy Policy – Opt Out.

ShinyStat Free (Triboo Data Analytics S.R.L.): Similar service by the same company, also anonymizing the IP address. Opt-out via the privacy policy. Place of processing: Italy – Privacy Policy – Opt Out.

Content and Feature Performance Testing (A/B Testing)

Google Website Optimizer (Google Inc.): An A/B testing service that allows the Controller to test changes to the Application and assess their effect on user response. Google may use collected Personal Data to personalize ads within its advertising network. Personal Data collected include cookies and Usage Data.
Place of processing: United States – Privacy Policy. Adherent to the Privacy Shield.

Transfer of Data Outside the EU

The Controller may transfer Personal Data collected within the European Union (EU) to third countries only in accordance with a specific legal basis. Such transfers take place according to one of the legal bases described below. For more detailed information on the specific legal basis applicable to each specific service, please contact the Controller or refer to the privacy notices for each service.

Transfer to Third Countries Based on Standard Contractual Clauses (this Application)

When the legal basis for transferring Personal Data from the EU to third countries relies on the Standard Contractual Clauses adopted by the European Commission, the transfer is carried out in compliance with EU data protection rules and standards.

In these circumstances, the recipients of Personal Data have agreed to process such Data in accordance with the protection levels required by European legislation. Users seeking additional information on the details of such transfers or on data protection mechanisms may contact the Controller directly. Contact details can be found in the privacy notice or the platform’s legal documents.

Personal Data collected in these circumstances may concern various types of information, but are processed in compliance with the protection standards set by the European Commission.

Transfer to Third Countries Based on Consent (this Application)

Where this is the legal basis, the transfer of Personal Data from the EU to third countries takes place only when the User has expressly consented to such transfer after being informed of the risks due to the absence of an adequacy decision and of the appropriate safeguards adopted.
In such cases, the Controller informs Users and collects their consent through this Application.
Personal Data collected: various types of Data.

Transfer of Data to Countries Guaranteeing European Standards (this Application)

Where this is the legal basis, the transfer of Personal Data from the EU to third countries is carried out on the basis of an adequacy decision adopted by the European Commission. The Commission adopts adequacy decisions for specific third countries that it considers to provide a level of protection of Personal Data comparable to that provided under European data protection law. The User may view the up-to-date list of adequacy decisions on the European Commission’s website.
Personal Data collected: various types of Data.

Transfer of Data from the EU and/or Switzerland to the United States Based on the Privacy Shield (this Application)

Where this is the legal basis, the transfer of Personal Data from the EU or Switzerland to the United States is based on the EU–US or Swiss–US Privacy Shield framework. In particular, Personal Data are transferred to entities that have self-certified under the Privacy Shield and therefore ensure an adequate level of protection. The services involved in such transfers are listed in the respective sections of this document. Among them, those adhering to the Privacy Shield can be identified by consulting their privacy policy or by verifying their status in the official Privacy Shield list.

Users’ rights under the Privacy Shield are described in an always-updated form on the website of the U.S. Department of Commerce.

The transfer of Personal Data from the EU or Switzerland to U.S. entities not (or no longer) listed under the Privacy Shield is permissible only on another valid legal basis. Users may request information from the Controller regarding such legal bases.
Personal Data collected: various types of Data.

Display of Content from External Platforms

These services allow the display of content hosted on external platforms directly from the pages of this Application and interaction with them. If such a service is installed, it may collect traffic data for the pages on which it is installed, even if Users do not use the service.

Google Fonts (Google Inc.): Allows this Application to incorporate font styles into its web pages. Personal information collected: Usage Data and various types of Data as indicated in the service’s privacy policy. Place of processing: United States – Privacy Policy. Adherent to the Privacy Shield.

Vimeo Video (Vimeo, LLC): A service for viewing video content managed by Vimeo, LLC, allowing this Application to embed such content. Personal information collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy.

Google Maps Widget (Google Inc.): A mapping service allowing this Application to include maps. Personal information collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Adherent to the Privacy Shield.

TripAdvisor Widget (TripAdvisor LLC): A content-display service allowing this Application to include TripAdvisor content. Personal information collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy.

Weather Widget (Open Weather): A service for displaying weather information. Personal information collected: Usage Data. Place of processing: Italy – Privacy Policy.

Instagram Widget (Instagram, Inc.): Allows inclusion of Instagram content. Personal information collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy.

SoundCloud Widget (SoundCloud Limited): A service for streaming audio content. Personal information collected: Usage Data. Place of processing: Germany – Privacy Policy.

YouTube Video Widget (Google Inc.): Allows inclusion of YouTube content. Personal information collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Adherent to the Privacy Shield.

YouTube Video Widget with No Cookies (Google Inc.): Same as above, but configured not to collect information or cookies from Users on this Application unless they play the video. Personal information collected: Usage Data. Place of processing: United States – Privacy Policy. Adherent to the Privacy Shield.

Additional Information on Personal Data

ShippyPro
https://www.shippypro.com/privacy.html

SMS Hosting
https://www.smshosting.it/it/privacy-smshosting

PayU
https://corporate.payu.com/payu-privacy-policy

Eadv
https://www.eadv.it/privacy.php

Pixabay
https://pixabay.com/it/service/privacy/

Analysis of User Data and Predictions (“Profiling”)

The Controller may process usage data collected through this Application to create or update user profiles. This type of processing allows the Controller to evaluate the User’s choices, preferences, and behavior for the specific purposes described in the relevant sections of this document.

User profiles may also be created using automated tools, such as algorithms, which may be provided by third parties. For additional details on profiling activities, the User can refer to the appropriate sections of this document.

The User always has the right to object to such profiling. For more information on the User’s rights and how to exercise them, please refer to the section of this document concerning Users’ rights.

Personal Data Collected from Sources Other than the User

The Controller of this Application may have lawfully obtained the User’s Personal Data without the User’s direct involvement, using third-party sources. This is done in accordance with the legal bases described in the section on legal bases for processing.

If the Controller has collected Personal Data in this way, the User can find specific information on the sources used in the relevant sections of this document or by contacting the Controller directly.

Push Notifications

This Application may send push notifications to the User.

Sale of Goods and Services Online

Personal Data are used to provide services to the User or to sell products, including payment processing and, where necessary, delivery of goods. Personal Data collected to facilitate payments may include information related to the credit card, the bank account used for bank transfer, or other accepted payment methods. The payment data collected by this Application depend on the payment system used.

Users’ Rights

Users have the right to exercise specific rights regarding the data processed by the Controller. In particular, the User has the right to:

Withdraw consent: The User may withdraw consent at any time where they have previously given consent to the processing of their Personal Data.

Object to processing: The User may object to the processing of their Data when it occurs on a legal basis other than consent. Further details on the right to object are provided in a section below.

Access their Data: The User has the right to obtain information about the Data processed by the Controller, on certain aspects of the processing, and to receive a copy of the Data being processed.

Verify and seek rectification: The User may verify the accuracy of their Data and request that it be updated or corrected.

Obtain restriction of processing: When certain conditions apply, the User may request the restriction of the processing of their Data. In this case, the Controller will not process the Data for any purpose other than storing it.

Obtain erasure or removal of their Personal Data: When certain conditions apply, the User may request the deletion of their Data by the Controller.

Receive their Data or have it transferred to another controller: The User has the right to receive their Data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transmitted to another controller. This right applies when the Data are processed by automated means and the processing is based on the User’s consent, on a contract to which the User is party, or on pre-contractual measures related thereto.

Lodge complaints: The User may lodge a complaint with the competent supervisory authority for personal data protection or take legal action.

Details on the Right to Object

Users have the right to object to the processing of their Personal Data when such Data are processed in the public interest, in the exercise of official authority vested in the Controller, or for the purposes of the Controller’s legitimate interests, on grounds relating to their particular situation.

Furthermore, where Users’ Personal Data are processed for direct marketing purposes, Users may object to such processing at any time without providing any justification. Users can check whether the Controller processes Personal Data for direct marketing purposes by consulting the appropriate sections of this document.

How to Exercise Rights

To exercise their rights, Users may send a request using the contact details provided by the Controller as indicated in this document. Requests are handled free of charge and the Controller undertakes to respond as soon as possible, and in any case within one month.

Additional Information on Personal Data

Sale of Goods and Services Online

Personal Data are used to provide services to the User or to sell products, including payment processing and, where necessary, delivery of goods.

Personal Data collected to facilitate payment may include information relating to the credit card, the bank account used for bank transfer, or other accepted means of payment. The types of payment data collected by this Application depend on the specific payment system used.

Further Information on Processing

Defense in Court: The User’s Personal Data may be used by the Controller in court or in the stages leading to possible legal action arising from improper use of this Application or the related services by the User. The User acknowledges that the Controller may be required to disclose Data upon request of public authorities.

Specific Information: At the User’s request, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific services or the collection and processing of Personal Data.

System Logs and Maintenance: For operation and maintenance purposes, this Application and any third-party services may collect system logs, i.e., files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information Not Contained in this Policy: For additional information regarding the processing of Personal Data, you may contact the Controller using the contact details provided.

Exercise of Rights by Users

Individuals to whom the Personal Data refer have the right to:

Obtain confirmation as to whether or not their data are being processed by the Controller.

Know the origin and content of the Data and request a copy of all Data processed.

Verify the accuracy of the Data or request the updating, rectification, anonymization, or blocking of Data processed in violation of the law.

Object, on legitimate grounds, to the processing of Personal Data.

Request deletion of the account and of the Data processed.

Requests relating to these rights should be addressed to the Controller.

With regard to the processing of data on Flazio.com, requests may be sent to privacy@flazio.com. To delete your account, you can do so via a specific link provided.

However, please note that this Application does not support “Do Not Track” requests. To verify whether any third-party services used support such requests, please consult their respective privacy policies.

Changes to this Privacy Policy

The Controller reserves the right to make changes to this privacy policy at any time, providing notice to Users on this page. Users are therefore kindly requested to check this page regularly and refer to the date of the last modification indicated at the bottom.

In the event that the User does not accept the changes made to this privacy policy, the User must discontinue use of this Application and may request that the Controller remove their Personal Data. Unless otherwise specified, the previous version of this privacy policy will continue to apply to Personal Data collected up to that time.

Information Concerning Users of Services Made Available by Users of the Flazio Platform

Flazio manages and processes personal and non-personal information relating to users who visit or interact with our users, but only in the name and on behalf of the latter. Flazio users may import data from third-party services or collect new data through their website.

Accordingly, in line with the legal definitions set out by the European Data Protection Directive (GDPR), Flazio is considered a Data Processor and not the Data Controller with regard to information relating to our users’ users.

Consequently, Flazio users must be regarded as the Controllers of the information of their own users and are required to comply with all applicable privacy and data protection laws. Users are responsible for the security and authorized use of their users’ information, as well as for obtaining the necessary consents for the collection and use of information in compliance with applicable laws.

Flazio users must also publish privacy notices on their website, in accordance with applicable laws and regulations, and must ensure that their users have accepted such privacy policies.

Flazio does not directly process the data of users who use services offered by Flazio’s users. Therefore, to request access to, modification, or deletion of information concerning them, users should contact the Data Controller directly, as indicated above.

Definitions and References

Personal Data (or Data): Data relating to an identified or identifiable natural person, even indirectly.

Usage Data: Data collected automatically by this Application or by third-party applications used by this Application, such as IP addresses, URI addresses, request times, and other data relating to use of the application.

User: The person using the application, who must be the Data Subject or be authorized by the Data Subject.

Data Subject: The natural or legal person to whom the Personal Data refer.

Data Processor (or Processor): The entity that processes Personal Data on behalf of the Data Controller.

Data Controller (or Controller): The natural person, legal person, or entity that determines the purposes and means of the processing of Personal Data.

This Application: The hardware or software by which the Users’ Personal Data are collected, i.e., the application itself.

Cookies: Small sets of data stored on Users’ devices.

Legal References: This privacy notice is based on various laws, including Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR) and the Swiss Federal Act on Data Protection (FADP).

Contacts: For questions regarding this privacy policy, you can contact: dpo@flazio.com.

Date of last revision: 24 October 2023