Information on the processing of personal data for the website Portal Bit2win

Pursuant to Articles 13 and 14 of the EU Regulation 679/2016


INTRODUCTION

This document (hereinafter, “Privacy Policy”) was drafted in accordance with Articles 13 and 14 of the Regulation EU 2016/679 (hereinafter “Regulation” or “GDPR”) as well as of Legislative Decree no. 196/2003, and subsequent amendments, and is intended to make the users of the of the Website https://academy.bit2win.com/ (hereinafter, “Users”) aware of the methods of processing of their Personal Data.

“Personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

The processing of Personal Data shall be carried out in compliance with the principles of correctness, lawfulness, transparency, purpose and retention limitation, data minimization, accuracy, integrity, confidentiality and accountability pursuant to article 5 of the GDPR. Users’ Personal Data will therefore be processed in accordance with the data protection regulations and other applicable laws.

1. DATA CONTROLLER

The data controller is the company Bit2win S.r.l., with registered office in Via Aurelia, 547 - 00156 Rome, VAT number 11386070962.

2. PERSONAL DATA INVOLVED

a) Navigation data

The use of Internet communication protocols itself implies the transmission of some data, which, however, are not collected to be associated with identified subjects. For example, this category includes the IP addresses of the computers used by the Users, the time of the Users’ requests, the parameters relating to the User’s operating system and IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its correct functioning, to allow the correct provision of services and for security reasons.

b) Data voluntarily provided by the User

Users can voluntarily provide the Data Controller with personal information, for example:

(i) through the “Profile” section on the Website;

(ii) by sending messages to the e-mail addresses indicated in the Website;

(iii) by applying for the courses offered through the Website.

c) Data provided by third parties 

User’s email address is initially provided to the Data Controller by the party having and interest to provide the User with access to the Website.

d) Cookies

What are the cookies?

Cookies are small text files that the sites visited by the User send to the latter’s terminal, where they are stored before being re-transmitted at the next visit by the same User.

Some Cookies (so-called “technical” cookies) are strictly necessary to guarantee the technical functioning of the sites, to respond to user requests, to navigate and use all the relative functions. These are mostly so-called “session cookies”, automatically deleted when the browser is closed. These cookies do not collect information about the user or track web browsing. The installation of these cookies is a necessary condition for the correct use of a site; blocking them may compromise the navigation. The use of these cookies does not require the user’s prior consent.

Other cookies (so-called “analytics” cookies) are used to analyse accesses / visits to the site, exclusively for statistical purposes, by collecting information in an anonymous and aggregate form. The use of these cookies does not require the user’s prior consent.

Other cookies, called “Targeting” or “Advertising” Cookies, control the user’s navigation, tracking the user in order to monitor and profile the same. The use of these cookies allows to know which web pages are visited by the user, what the users reads, purchases, etc. The user can be profiled by tastes, habits, consumer choices etc., also with the purpose of sending personalized advertising to the user. The use of these cookies requires the prior consent of the user.

Which cookies are used through the Website? How to disable them?

The Website uses the following Cookies:



          

Cookie


Duration


Description

 

session_id (Odoo)

 

Until the end of the session or 3 months maximum

 

Are used to authenticate the user, protect data and manage the services offered. These cookies are necessary for the website to function properly.


 

fileToken (Odoo)

 

Until the end of the session or 3 months maximum

 

Are used to authenticate the user, protect data and manage the services offered. These cookies are necessary for the website to function properly.


 

frontend_lang (Odoo)

 

Until the end of the session

 

Personal preferences and settings of the site (e.g. choice of language and time zone). Refusing or deleting these cookies does not prevent the use of the site.


 

odoo_no_push (Odoo)

 

Until the end of the session

 

Personal preferences and settings of the site (e.g. choice of language and time zone). Refusing or deleting these cookies does not prevent the use of the site.


 

tz (Odoo)

 

Until the end of the session

 

Personal preferences and settings of the site (e.g. choice of language and time zone). Refusing or deleting these cookies does not prevent the use of the site.




At any time, the User will have the right to accept or to refuse the use of Cookies. The User can change browser parameters relating to Cookies in the manner specific to each individual browser. Here is the path to follow to modify the parameters of the following browsers:

• Internet Explorer:  https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies  

• Safari:  https://support.apple.com/it-it/guide/safari/sfri11471/mac 

• Chrome:  https://support.mozilla.org/it/kb/Bloccare%20i%20cookie  

• Firefox:  https://support.google.com/chrome/answer/95647  

• Opera:  https://help.opera.com/en/latest/web-preferences/#cookies

To disable Google Analytics cookies, you can download the Google Analytics browser opt-out extension: https://tools.google.com/dlpage/gaoptout.

 
3. PURPOSE OF THE PROCESSING

Users’ Personal Data will be processed for the following purposes:

a. to allow the access to the Website and the provision of any related services requested by the User (e.g., to provide the courses offered through the Website, and the relevant certificates, to comply with Users’ request to receive newsletters, to inform the User about any relevant update to the services);

b. to comply with User’s specific requests addressed to the Data Controller;

c. to fulfill the obligation provided for by any applicable laws or regulations, or to comply with the requests received by any public authorities;

d. for statistical purposes, with no identification of the User.

 
4. LEGAL BASIS OF THE PROCESSING   

- The legal basis for the processing of Personal Data for the purposes referred to in sections 3.a. and 3.b. is article 6 (1) (b) of the Regulation (“[...] processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;”), since the relevant processing is necessary to provide the Users with the services requested.

- The processing referred to in section 3.c. represents a legitimate processing of personal data pursuant to article 6 (1) (c) of the Regulation (“[…]processing is necessary for compliance with a legal obligation to which the controller is subject”). 

- The processing referred to in section 3.d. it is not carried out on Personal Data and therefore can be freely carried out.

 
5. RECIPIENS OF PERSONAL DATA

The User’s Personal Data may be shared with:

a. subjects who act as data processors on behalf of the Data Controller, namely: i) subjects who provide assistance and advice to the Data Controller in relation to the provision of services; ii) subjects with whom it is necessary to interact for the provision of services (for example hosting providers); iii) subjects delegated to carry out technical maintenance activities (including maintenance of network equipment and electronic communication networks);

b. subjects, bodies or authorities to whom it is mandatory to communicate Personal Data by virtue of legal provisions or orders of the authorities, or in the event of reports of abuse to investigate complaints and identify the source of messages received from Users;

c. persons authorized by the Data Controller to process Personal Data to carry out activities strictly related to the provision of services, who are committed to confidentiality or have an adequate legal obligation of confidentiality (e.g. employees of the Data Controller).

The complete list of data processors can be requested by the User by writing to the following email address:  info@bit2win.com 


6. TRANSFER OF PERSONAL DATA

In the provision of certain services, some Personal Data may be transferred outside the European Economic Area. In such cases, the relevant processing will take place according to one of the methods allowed by the applicable law, e.g., the consent of the interested party, the adoption of Standard Clauses approved by the European Commission, the selection of subjects adhering to international programs for free circulation of data or operating in countries considered safe by the European Commission on the basis of an adequacy decision. For more information please send a n request to the Data Controller.


7. RETENTION OF PERSONAL DATA

- Personal Data processed for the purposes referred to in section 3.a. and 3.b. will be kept for the time strictly necessary to achieve the same purposes.

- Personal Data processed for the purposes referred to in section 3.c. will be kept for the time required by the applicable law.

More information about the data retention period and the criteria used to determine this period can be requested by writing to the following address:  info@bit2win.com.

In any case, the Data Controller can always keep the Personal Data for the time permitted by Italian law to protect Data Controller’s interests, according to art. 2947 (1) (3) of the Italian Civil Code


8. DATA SUBJECTS RIGHTS

Under Articles 15 and following of the GDPR, the User, as a data subject, is entitled to request the Data Controller, at any time, access to the Personal Data, the rectification pursuant to Art. 16, the erasure pursuant to Art. 17; the right to restriction, pursuant to Art. 18; as well as to object to the processing according to Article 21 of the GDPR. The User is also entitled to obtain the Personal Data in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the Regulation. 

Requests should be made in writing to info@bit2win.com 

In any case, the User will always be entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority); pursuant to Article 77 of the GDPR, if the User believes that the processing of the Personal Data violates the applicable law. 

9. AMENDMENTS TO THIS PRIVACY POLICY

9. AMENDMENTS TO THIS PRIVACY POLICY

The Data Controller may modify or simply update this information, in full or in part, also as a result of changes in the laws and regulations governing the matter.

Users are recommended to check for any changes and / or updates on a regular basis.