How and where data is processed
The owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of data.
Data processing is carried out using computers or IT tools, following procedures and organizational modes closely related to the purposes indicated. In addition to the owner, data may be accessible, in certain cases, to certain categories of persons in charge of the operation of this service (administration, sales, marketing, legal department, developers, system administration) or to external parties (such as third-party technical service providers, courier services, hosting providers) designated, where applicable, as subcontractors by the owner. The updated list of these parties may be requested from the owner at any time.
Legal basis for processing
The Owner may process personal data relating to users if one of the following conditions applies:
- users have given their consent for one or more specific purposes ;
- the provision of data is necessary for the performance of an agreement with the user or for any pre-contractual obligation of the user;
- processing is necessary to comply with a legal obligation to which the owner is subject;
- processing is connected with a task carried out in the public interest or in the exercise of public authority vested in the owner;
- processing is necessary for the purposes of the legitimate interests pursued by the owner or by a third party.
In all cases, the owner will be happy to help you clarify the specific legal basis that applies to the processing, and in particular whether the provision of personal data is a legal or contractual requirement, or a requirement necessary to enter into a contract.
Place of processing
Data is processed at the owner's headquarters and at all other locations where the parties responsible for processing are located. Depending on the user's location, data transfers may involve the transfer of the user's Data to a country other than his or her own.
If more extensive protection standards are applicable, users also have the right to know the legal basis for data transfers to a country outside the European Union or to any international organization governed by public international law or created by two or more countries, such as the UN, as well as the security measures taken by the owner to safeguard their data.
Should such a transfer take place, users can find out more by consulting the relevant sections of this document or enquire with the owner using the information provided in the contact section.
Personal data is processed and kept for as long as required for the purpose for which it was collected.
- Personal data collected for purposes related to the performance of a contract between the owner and the user shall be retained until the full performance of the contract.
- Personal data collected for the purposes of the Owner's legitimate interests shall be retained for as long as necessary to achieve those purposes. Users can find specific information regarding the legitimate interests pursued by the Owner in the relevant sections of this document or by contacting the Owner.
The Owner may be authorized to retain personal data longer whenever the user has given consent to such processing, for as long as such consent is not withdrawn. In addition, the Owner may be obliged to retain personal data for a longer period whenever this is required for the performance of a legal obligation or by order of an authority.
Once the retention period has expired, the personal data will be deleted. Consequently, the right of access, the right of erasure, the right of rectification and the right to data portability cannot be applied after the retention period has expired.
- Personal data: 3 months from collection.
- Conversation script: 3 months from collection.