GENERAL INFORMATION
All the general information about privacy policy
This privacy notice explains the purposes and methods of processing personal data collected
for the website www.entaksi.eu, as well as for the products and services
provided by Entaksi Solutions SpA, including their scope of communication and dissemination,
and the nature of data provision.
Regarding data collected by Entaksi for the provision of its services, the general terms and conditions
and the privacy policy are available in the contractual document provided to the customer during the
activation process of the specific service.
The notice is provided to customers in accordance with Articles 13 and 14 of Regulation (EU) 679/2016.
Data Controller
The Data Controller is Entaksi Solutions SpA, with registered office at Via la Piana no. 76,
(51028) Frazione Pontepetri - San Marcello Piteglio (PT).
Within the company, data may be processed by employees, who operate as "persons in charge",
under the authority of the Data Processor and Data Controller.
The updated list of data processors and person in charge of
data processing is kept at the Data Controller’s headquarters.
Contact Information and data protection officers
If the data subject wishes to exercise their rights or submit any requests, can send an email to
privacy@entaksi.eu.
The data subject can also contact the Data Protection Officer at any time at the e-mail address
dpo@entaksi.eu.
PURPOSE OF THE PROCESSING
Why we collect your personal data
The personal data collected for processing ( such as identification, administrative, accounting and tax,
commercial, IT, and, where applicable, judicial data directly related to the customer or,
in the case of essentially identification and IT data, to other interested parties such as collaborators,
employees, representatives, etc.) are in the execution and performance of relationships with the Data Controller,
in compliance with data processing and protection regulations, are used for the pursuit of
instrumental and/or complementary purposes to the activities legally expressed and for the execution
of the contractual or pre-contractual relationship with the data subject concerning the requested services.
The data collected on the platforms for services provided by Entaksi are used for contractual
or pre-contractual purposes. If the registration for the services is not completed,
the data will be deleted within 6 months.
If consent has been provided, the data will also be processed for sending informational messages,
commercial and promotional communications related to the Data Controller’s activities and services,
through means such as email and SMS, as well as traditional methods like operator-assisted phone calls,
in full compliance with the principles of lawfulness and fairness and legal provisions.
There is no automated decision-making process in the processing of personal data.
PERSONAL DATA
What personal data we collect
Through the Entaksi sites you can register for services, for which personal registration data related
to the use of the services (name, surname, email) are requested.
The optional, explicit and voluntary submission of data as requested by various
sections of this site are used in order to process user requests (example is indicative and not exhaustive:
when information or clarifications are requested by calling the numbers indicated
on the site or by writing to email addresses therein).
Any specific summary information is reported or displayed on the Site pages prepared
for on-demand services, in order to pay attention to user to the processing of his personal data.
Access to services may also occur through third-party services (Google, Apple, Microsoft).
In this case, personal data (name, surname, email) will be acquired in accordance with
the authorizations issued for these services.
Navigation data
During their normal operation, the IT systems and software procedures used to operate this website and the
applications provided by Entaksi acquire some personal data whose transmission is implicit in the use of
Internet communication protocols.
This is information are not collected to be associated with identified users but do to their nature,
they could allow to identify users through processing and associations with data held by third parties.
This category of data includes the IP addresses or domain names used by users who connect to the site,
the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request,
the method used to submit the request to the server, the file size obtained in response,
the numerical code indicating the status of the response given by the server (success, error, etc.),
and other parameters related to the user’s operating system and IT environment.
The data collected in this way may be used to ascertain responsibility in the event of any cybercrimes against the site.
Cookies
No personal user data is purposely acquired by the site. The site does not use cookies
for the transmission of personal information, nor so-called persistent cookies or systems for tracking users are used.
The use of so-called session cookies (which are not persistently stored on the user’s computer and disappear
upon closing the browser) is strictly limited to the transmission of session identifiers
(consisting of random numbers generated by the server) necessary to ensure safe and efficient browsing of the site.
The so-called session cookies used on this site avoid the use of other IT techniques potentially prejudicial
to the privacy of users' browsing and do not allow others to acquire user’s identifiers personal data.
For more information, please consult our cookies policy.
Mobile devices
With Google Play Store consent, Entaksi’s applications may process geolocation data fin order to provide the services
requested by the user, only if he has requested or consented to the use of the location function on his device.
This is required to provide location-based services. However, the function can still be disabled by the user.
In addition, access to the device camera or microphone may be required, also due to the services provided.
All data obtained is for the purpose of the service (eg: sending images by the application),
and the authorization for these functions can be disabled by the user through the consents data on the application,
but in this case this could affect the product functioning.
Minors' data
Entaksi Solutions SpA does not allow the provision of personal data of children under 18 years for the execution
of its contracts. Access to services is not offered to minors whose age makes the processing of
their personal data illegal or requires parental consent for the processing of such data under GDPR or other local laws.
MODALITIES OF PROCESSING
How we process your personal data
The data processing is carried out through paper and computer media. The data are stored through
electronic instrumentation that controller uses with the adoption of minimum security
measures provided by the legislator.
With the exception of navigation data, which is necessary to carry out IT and electronic protocols,
the provision of personal data by users for access to services and Entaksi’s products is free and optional.
However, failure to provide such data will result in the inability to process the requests submitted
or that the user intends to submit.
Retention periods
The data will be retained for the time necessary to carry out administrative,
accounting and tax purposes related to the relationship established as well as for obligations
prescribed by law, within the limitation periods set for the rights and obligations underlying the processing.
With reference to the processing for purposes of sending commercial and promotional communications about
the Data Controller’s services and for sending information messages related to its activities,
the data will be retained for no longer than two years from the first contact, except for the objection
to processing by the data subject. The data subject may object to processing independently
for either method of communication.
Communications data
The data collected will not be subject to unauthorized disclosure or dissemination.
Communication to third parties, other than the data controller, internal and external Data Processors,
and the designated processors, is provided by article 23 of the Regulation, to safeguard national and public security,
defence, prevention, investigation, detection and prosecution of criminal offences, objectives in the interests
of the Union or a Member State, in judicial proceedings and civil actions, for control and inspection by public authorities.
In any case, the processing by third parties is explained in the customer information and takes place according
to correctness and compliance with the provisions of law in force.
RIGHT OF THE DATA SUBJECT
How you can manage your personal data
The rights of the data subject are regulated pursuant to art. 15 EU Regulation 679/2016.
data subject has the right to obtain from the data controller confirmation that personal
data concerning him or her are being processed or not and, in that case,
to obtain access to personal data and the following information:
a) purposes of processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated,
particularly if they are recipients in third countries or international organizations;
d) when possible, retention period of personal data provided or the criteria used to determine such period;
e) the right for the data subject to request from the controller the rectification or erasure
of personal data or the restriction of processing of personal data concerning him or her,
or to object to their processing;
f) the right to complain to a supervisory authority;
g) if the data are not collected from the data subject, all available information about their origin;
h) the existence of automated decision-making, including profiling as referred to in Article 22 paragraphs 1 and 4,
and at least in such cases significant information about the logic used, as well as the significance
and expected consequences of such processing for the data subject.
The data subject may request access to their personal data from the Data Controller at any time and request data portability.
The data subject has the right to revoke consent at any time without affecting the lawfulness of the processing based
on the consent given before the revoke, and has the right to lodge a complaint with a supervisory authority.
Data Transfer and portability
The data controller does not transfer the personal data of data subjects to third countries or other organizations.
The data subject has the right to receive their personal data provided to the Data Controller in a structured,
commonly used, and machine-readable format, and has the right to transmit such data to another data controller
without hindrance.
He or She also have the right to request the direct transmission of personal data from one controller to another,
if technically feasible.
Consent to the processing personal data
Pursuant to art. 6 letters b) and e) of EU Regulation 679/2016, consent for the processing
of the aforementioned data is not necessary as they are collected to comply
with legal obligations and/ or for the execution of obligations arising from the current
contract or those so-called pre-contractual.
Any other consents for the processing of data (e.g. for the acquisition of data related to biometric identification)
are requested at the time of execution of individual processes, and provision is voluntary and is aimed at the
completion of the service contract. The right to object to processing is always exercisable,
but it may result in the inability to execute the service contract.
According to Article 13 of EU Regulation 679/2016 consent to the processing of the aforementioned data is necessary
concerning additional and specific purposes beyond those explicitly stated in the contract. In particular,
at the conclusion of the service contract (therefore not for the simple pre-contractual access to the Console)
consent is required to use the data for marketing purposes related to the services offered by the data controller.
Communications will be sent using both traditional and automated means. It is specified that the data subject has the right to object to such processing; in particular, he or she has the possibility to object specifically and separately to the sending of communications through traditional means and/or through automated means by contacting the email address provided by the data controller.
Updated to 15/10/2024