PRIVACY POLICY

INFORMATION AND ACCESS TO PERSONAL DATA

The EU Regulation 2016/679 on “protection of individuals with regard to the processing of personal data, as well as the free circulation of such data” (hereinafter “EU Reg. 2016/679” or “GDPR”) contains a series of direct rules to ensure that the processing of personal data is carried out in compliance with the individuals rights and freedoms.

In accordance with articles 13 and 14 GDPR, we would like to inform you that the personal data that you will provide to data controller – who is the data controller – and when requesting information sent through use of the “contacts” form inwww.thedholes.com, will be processed in full compliance with the provisions of the privacy code.

This information relates only to the website www.thedholes.com and does not concern other websites that may be consulted by the user through links contained therein

  1. DATA CONTROLLER

Thed Holes is the Data Controller

3. PERSONAL DATA

The personal data provided by you will be processed in order to

  1. Browsing data

When connecting to the Site, the computer systems and software procedures used to operate them automatically and indirectly administer and / or acquire some information (such as the “cookies” as specified in the Cookie Policy above mentioned) whose transmission it is in the use of the internet. The processing of this data allows the Data Controller to guarantee the best possible browsing experience as well as to provide all the functions and services offered through the Site. This information is not collected to be associated with identified data subjects, but which by its very nature, could, through processing and association with data held by third parties, allow browsing Users to be identified. This category of data includes:

  •  IP address and domain name
  •  the time to the request
  • Uniform Resource Identifier
  • the method used in submitting the request to the web server
  • the size of the file
  • the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters

The navigation data are generally deleted at the end of each treatment but they may be used and stored by the Data Controller to ascertain any liability in the event of computer crimes against the Site or other sites connected or linked to it. Except for this circumstance and as indicated in the Cookie Policy of the Site, the navigation data are kept for a limited period of time, in compliance with the law. It is possible to limit the processing of the personal data indicated above by using some features made available by the Site (in particular, to the transmission of cookies or similar tools, please refer to what is specified in the Cookie Policy of the Site) or by the device or browser / navigation application. In this case, navigation on the Site may be limited and some of its functions / services may be inaccessible.

B)      Data provided by the data subject

The interaction with the “Contacts” section of the web-Site and the voluntary sending of messages to the contact addressespublished on the Site using the appropriate form on the Site, involves the collection and subsequent processing of further personal data from part of the Owner.These additional personal data are freely provided by the User. Unless otherwise specified in the forms on the Site, the requested data are strictly necessary to process the requests received from the interested party.the Data Controller collects the following types of personal data ·         contact data (email, social profiles, and wallet address) that the data subject provides by communicating directly with the Data Controller using the form in the “Contacts” section of the Site, or by e-mail to the addresses indicated on the Site The processing of such additional personal data will be based to ensure fair and transparent processing

4. PURPOSES OF THE PROCESSING AND LEGAL BASIS

The personal data will be collected in order to:

a)answer to theData Subject’requests form “Contacts” or information.

personal data that are not strictly necessary will not be processed by the Data Controller. It will not be processed in any way, and the owner is therefore invited not to communicate any data belonging to particular categories (data suitable for revealing racial and ethnic origin, religious, philosophical or other gender, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as relating to the state of health and sexual life of the interested party);

b) send to the interested party advertising, promotional and / or commercial material, including newsletters, relating to the products offered and / or the promotional and sales initiatives promoted by the Owner. This can be done through electronic communications (e-mail) and social channels.

c) optimize the operation of the Site and allow the use of services and features present in the same also through the use of technical cookies, as specified in the Cookie Policy; d)comply with Law and regulations to which the Data Controller is subject and / or execute orders from Authorities.

Purposes of the processing  Legal basis Data Time Retention
a Consent Personal Data 24 months from the consent subject to withdrawal
b Consent Personal Data 24 months from the consent subject to withdrawal
c legitimate interests pursued by the controller Personal Data Legal retention
d processing is necessary for compliance with a legal obligation to which the controller is subject Personal Data Legal retention

5. CONDITIONS FOR CONSENT 

You have the right to withdraw your consent at any time. It shall be as easy to withdraw as to give consent.

The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Prior to giving consent, the data subject shall be informed thereof. The processing of personal data takes place using manual, IT tools and, in any case, in such a way as to guarantee the security and confidentiality of the data in compliance with current regulations. 

6. TIME RETENTION 

The collected data will be kept for a period of time not exceeding the achievement of the purposes for which they are processed (“retention limitation principle”, art. 5 GDPR), without prejudice to compliance with a legal obligation or a order of an Authority entitled to do so. The verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically At the end of the retention period, personal data will be deleted, destroyed or made anonymous, without prejudice to any retention terms established by law. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

7. PROCESSOR

Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of this Regulation and ensure the protection of the rights of the data subject.persons authorized to process and / or system administrators to third party service providers and, more generally, to companies and / or freelancers who collaborate in various capacities with the Data Controller (for example legal, administrative or accounting consultancy firms);supervisory authority The complete and updated list of the processors is kept at the Data Controller’s registered office.

8. TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS 

The personal data of the data subject are stored on servers located at the headquarters of the Data Controller within the European Union. If for technical and / or operational reasons it is necessary to make use of subjects located outside the European Union, the transfer of personal data to these subjects will be regulated in accordance with the provisions of the GDPR. All necessary precautions will therefore be taken in order to guarantee the total protection of personal data, basing this transfer: a) on adequacy decisions of the recipient third countries expressed by the European Commission; b) on the provision of adequateguarantees to protect the interested party (by way of example, standard data protection clausesadopted by the European Commission or a nationalsupervisory authority, codes of conduct, adhoc contractualclauses, etc.); c) on the specific conditions of derogation provided for by art. 49 of the GDPR including the explicit consent of the interested party. 

9. PALCE OF PROCESSING

The data will be processed by the Data Controller at Milan, (Italy)

10. DATA SUBJECT RIGHTS

According to artt. 15 e ss. GDPR data subject has the following rights:

  • Right of access by the data subject
  • Right of Rectification and erasure
  • Right of withdrawal consentSometimes
  • Right to object
  • Right to erasure (‘right to be forgotten’)
  • Right to restriction of processing
  • Right to data portability

In any case, the interested party has the right to lodge a complaint with the Guarantor for the protection of personal data in the event that they believe that their personal data are being processed in violation of Reg. (EU) 2016/679

11. DATA RIGHTS 

You may exercise your rights at any time by writing to info@thedholes.com

12. UNDER 18

The under 18 cannot give personal data. The data controller invites you to use the network and the website responsibly.

13. UPDATE

The Data Controller can updateat any time this policy. Please check this page periodically.   “I declare that I have read the Privacy Policy Statement and  Consent or not consent to process my personal data for promotional, commercial and marketing purposes as set out in the privacy statement, in order to stay informed about promotional and sales initiatives”.  answer to the Data Subject’ requests form “Contacts” or information.