Privacy Policy

Download the Privacy Policy

Hello, we are Massimago S.S. AGR. and this is the Privacy Policy drafted pursuant to Art. 13 EU Reg. 679/2016 (“GDPR“) in which we explain how we process, protect and store the data of each visitor (“the User“) collected through https://massimago.com/ (“the Site“).

 

  1. Who processes your data?

(Data controller)

 

💡 Who is the data controller?

The data controller is the natural or legal person who determines the purposes and means of data processing. It is, in fact, the person who collects and manages your personal data, taking responsibility for it by law.


The Data Controller is Massimago S.S. AGR., hereinafter, (“Data Controller” or “Massimago“) with registered office in Via Giare, 21, Mezzane di Sotto, VR – 37030, C.F. and P.IVA n. 04206570238.

 

  1. What data do we process?

 

  • Browsing data including: 

IP address, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment (“Browsing Data”).

Data provided by the user including: 

first name, last name, email address, professional information, address, zip code, city (“Contact Data”).

    • Dettagli di pagamento tra cui: IBAN, informazioni relative alla banca dell’Utente (“Payment Data”).
  • History of purchased products and services (“Operations History”).

In the event that the Data Subject prefers not to provide data that is mandatory and/or necessary for the fulfillment of certain purposes, Massimago reserves the right not to provide the service.

 

  1. Assumptions and purposes for which we process your data

 

💡What is the legal basis for processing?
The legal basis is the condition by which IUSE can lawfully process personal data. For more details, you can read article 6 of the Regulation (EU) 2016/679 (“GDPR“) here.

 

💡 What legal basis do we base the processing on?

There may be several legal bases that justify data processing. 

Consent: the processing of data takes place because the User has given his consent. 


Performance of a contract: Data processing is necessary to conclude or perform our contract.

Legal obligation: data processing is required by a specific regulatory provision.

Legitimate interest: The processing of data is necessary to satisfy a legitimate interest of ours. For each processing based on this legal basis, we have carefully checked that your rights and interests do not override ours.

 

  1. A) Send communications and responses to inquiries pertaining to Massimago’s activities.

Massimago will process the User’s Contact Data.

 

Legal Basis: Contract art. 6.1(b) GDPR

 

  1. B) Carry out room and experiences reservations, purchase products.

 

Massimago will process the User’s Contact Data as well as the Payment Data.

 

Legal Basis: Contract art. 6.1(b) GDPR

 

  1. C) Managing service delivery & customer care.

 

Massimago will process User Contact Data, Payment Data as well as transaction history.

 

Legal Basis: Contract art. 6.1(b) GDPR

 

  1. D) Send newsletters and/or other materials for marketing communication purposes.

Massimago will process Users’ Contact Data.

 

Legal Basis: Consent art.6.1(a) GDPR

 

  1. E) Send communications in connection with products and services similar and contiguous to those purchased.

 

Massimago will process Users’ Contact Data.

 

Legal Basis: Legitimate interest art 6.1(f) GDPR

 

  1. F) Perform profiling aimed at direct marketing personalization and behavioral advertising.

 

Massimago will process Users’ Contact Data as well as Operations History

 

Legal Basis: Consent art.6.1(a) GDPR

 

  1. G) Improve the website by analyzing how Visitors or Users browse and/or use the website.

Massimago collects and stores User Navigation Data.

 

Legal Basis: Legitimate interest art 6.1(f) GDPR

 

  1. H) To enable the Data Controller to fulfill formalities required by law, including those of a fiscal nature.


Massimago will process the User’s Contact Data.

 

Legal Basis: compliance with a legal obligation art.6.1 (c) GDPR

 

  1. I) Detect or prevent fraudulent activities and exercise Data Controller’s rights in court 

 

Massimago will process Users’ Contact Data

 

Legal Basis: Legitimate interest art 6.1(f) GDPR

 

  1. Processing modalities

The processing is carried out using automated and/or manual computer and telematic tools designed to guarantee the appropriate security measures to prevent access, disclosure, loss, incorrect, illegal or unauthorized use of the data.

  1. Data processing location

Personal data is processed at the Data Controller’s premises, as well as in the servers hosting the website https://massimago.com/.  Personal data is stored in servers located in the EU territory and will under no circumstances be transferred outside the EU. The Data Controller ensures that when using cloud providers, services or platforms established outside the EEA, the processing of personal data by these recipients is carried out in accordance with applicable law. Transfers are made by means of appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission, or other safeguards required by the GDPR.

 

 

  1. How long may we process your data?

We retain your data for:

    • the period necessary for response regarding the sending of communications and responses to inquiries related to Massimago’s activities and in any case never for a period exceeding 12 months;
    • until the end of service performance and in any case not later than 24 months from the date of last contact with respect to service delivery and customer care;
  • until consent is withdrawn regarding the sending of newsletters and/or other materials for marketing communication purposes and in any case never for a period longer than 24 months; 
    • until consent is withdrawn with respect to profiling and in any case never for a period longer than 12 months;
    • according to applicable regulations to enable the Data Controller to fulfill formalities required by law, including those of a fiscal nature for a period of up to 10 years;
  • 10 years to detect or prevent fraudulent activities and exercise the Data Controller’s rights in court.

 

After that time we will completely delete or anonymize the data.

 

  1. Who do we share your data with?

The subject(s) who may come to know your personal data, to the extent strictly necessary to fulfill the purposes indicated in paragraph 3, are subjects formally appointed by Massimago.

In addition to internal staff – specifically authorized under Article 29 GDPR – to ensure the provision of the service, personal data may be disclosed to external parties who may act as autonomous data controllers or data processors. 

In particular, your data may be disclosed to:

 

  • Internet service providers and platforms used by the Data Controller as organization tools, communication and/or promotion channels, web conference video platforms;
  • authorities whose right of access to personal data is expressly recognized by law, regulations or measures issued by the competent authorities.

Relationships with the entities listed above are – and will be – formalized with a contract in accordance with Article 28 GDPR (Appointment as Data Processor).

To find out who are the data processors appointed by Massimago you can contact us at the email address carlo@massimago.com

 

  1. Your privacy rights

 

💡 What are privacy rights?
The GDPR recognizes important rights that you can exercise by contacting the Data Controller. To learn about your rights in depth, you can read Chapter 3 of the GDPR.

 

You have the opportunity to exercise the following rights:

  • Right of access to data;
  • Right of rectification;
  • Right to be forgotten or erased;
  • Right to limitation of processing;
  • Portability rights;
  • Right of opposition;
  • Right to file a complaint with the competent national authority (Data Protection Authority).

9.To whom you can turn

 

For any communication regarding the processing of your data, including the exercise of your rights, you can write to us by e-mail at: carlo@massimago.com

 

  1. Amendments 

 

Massimago reserves the right to change or simply update the privacy Policy, in part or in full, including due to changes in applicable legislation. Massimago will inform Users of such changes as soon as they are introduced and they will be binding as soon as they are published on its website or otherwise transmitted to them. Massimago therefore invites customers to pay attention to the latest version of the information displayed through these channels so that they are always up-to-date on the data collected and Massimago’s use of it.

Shopping cart0
There are no products in the cart!
Continue shopping
0