Information on the Processing of Personal Data
(Privacy Code - Legislative Decree June 30, 2003 n. 196)
Dada.net S.p.A. hereby undertakes to protect your privacy online.
This document will explain our privacy policy so that you can better understand how your personal information is managed when using our services. The present document will also allow you to give your explicit consent for the processing of your personal data in sections of the site where your personal data is requested.
We would like to remind you that in some sections of the site dada.net.com (hereinafter the “Site”) where your personal data is gathered, some specific information is published, in accordance with article 13 of the Privacy Code, which must be viewed before providing the requested data.
The information and data provided by you or otherwise acquired by us during your registration to various Dada services, such as for example those available in the “People”, “Blog”, “Photo”, “Audio”, “Video”, “Mail”, “Love”, “Cell”, “Forum” sections (hereinafter altogether the “Services”), will be subject to processing in accordance with provisions and Italian laws regarding the protection of personal data (Legislative Decree 196/2003), with Recommendations from the Group of European Authorities (n. 2 May 17, 2001) and with the privacy obligations that inspire Dada.net S.p.A.’s business.
For the processing of personal data we mean any operation or operations carried out even without the aid of electronic devices, concerning the collection, registration, organization, keeping, consultation, processing, modification, selection, extraction, comparison, use, interconnection, cancellation, communication, deletion and/or destruction of data, even if the data is not registered in a databank. We would also like to inform you that personal data which is subject to processing could include (depending on how you decide to use the Services) textual information, photographs, videos, audio tracks, cellular use, or any other information which reveals the identity of the data subject, according to the Services requested.
According to the provisions of the Code, the processing carried out by Dada.net S.p.A. will be characterized by the principles of honesty, legality, transparency and the protection of your privacy and your rights.
Purpose of Data Processing
The purpose of the data processing that we intend to carry out is to supply the user with the Services he/she requested. This is done by registering the user and creating an account for him/her and also includes the gathering, keeping and processing of data for setting up said account and for the operative, technical and administrative management of subsequent relations (as well as the subsequent management of the account created by the user), both of which related the supply of the Services, as well as the management of all correspondence regarding the development of the relations established. The data will also be processed to absolve legal, accounting and fiscal obligations.
Personal data may also be processed in order to allow for navigation and consultation of the Dada Group’s websites.
Remember that some Services are supplied through commercial collaborations with other suppliers (e.g. telecommunications companies) and that the respective suppliers, each within the area of their own competence, are the autonomous data controllers of the processing, held to observe the obligations imposed by the Privacy Code.
Furthermore, we hereby specify that the purposes of the data processing are also related to the gathering, keeping and elaboration of your data for carrying out statistical analyses in anonymous and/or aggregate forms, without the possibility of identifying the user, aimed at verifying the quality of the services offered.
Finally, the data may be processed – only when the user has given his/her specific consent – for marketing and advertising purposes in a broad sense, to provide information and/or formulate offers on products, services and initiatives offered or promoted by the Dada Group (and/or affiliated and/or controlled companies, such as commercial partners and outsourcers) and this does not imply that data was transferred to a third party.
Processing arrangements.
Your personal data will predominantly be processed with electronic or automated means.
Communication and dissemination of personal data.
Your personal data may be communicated to:
1. people, companies or professional firms which provide assistance or consultancy to the Dada Group regarding accounting, administration, legal, tax services connected with the supply of the Services;
2. subjects, organizations or authorities to whom the communication of your personal data is mandatory according to provision of the law or orders from the authorities;
3. subjects delegated and/or made responsible by the Dada Group to carry out activities strictly related to the supply of the Service and its technical maintenance (including network equipment and electronic communications networks);
4. commercial partners in the event that you gave your specific consent;
Furthermore, subjects or categories of subjects to whom your data may be communicated or made known, as Data Processors (if nominated) or as Persons in Charge of the Processing, are: the Dada Group companies, in Italy and abroad, employees of the Dada Group who are in charge of the administrative and/or technical management of the Services and/or who are responsible for the technical platform through which the Services are supplied.
With reference to the dissemination of your personal data, any and all personal data which is necessary for the activation of the Services will not be subject to dissemination. It is implied that your decision to use the Services to consciously disseminate information that concerns you on the on the Internet (e.g. publication of photos and videos), does not constitute dissemination by the Data Controller.
Optional or mandatory consent.
The conveyance of personal data is optional for the activation of the Services (registration, technical maintenance of the account, etc.), however if any personal data is missing it may not be possible to activate the Services requested.
Consent for the processing of personal data for the following activities is also completely optional and non-mandatory: drawing up studies, research and market analyses; sending information and advertisements; executing direct sales activities and selling products and services; sending out commercial information; carrying out interactive commercial communications also according to article 58 of Legislative Decree 206/2005 through the supplier’s use of telephone, electronic mail, and automated call systems without the use of an operator or a fax. Consent is also optional for receiving unsolicited commercial communications according to article 9 of Legislative Decree April 9, 2003 n.70 in acknowledgement of the so-called Directive 2000/31/EC of the European Parliament on Electronic Commerce, which provides that unsolicited commercial communications shall be immediately and unequivocally identifiable as such and must contain information which states that the receiver of the message can object to receiving these communications in the future.
If you decide not to give distinct consent for data processing operations for the above mentioned commercial purposes – when requested in particular sections of the Site – this refusal will not lead to any consequences. When you give your optional consent for the aforementioned processing operations, you may be admitted to participate in promotional contests organized by the Dada Group or by its commercial partners.
Processing sensitive data.
In using some of the Services for which registration is required (e.g. subscription to a dating service, the option of publishing photos, videos or audio tracks), it may occur that personal data which falls into the category of “sensitive” personal data according to article 4, paragraphs 1 and 26 of the Code, could be or shall be processed, with special reference to data which could reveal racial or ethnic origins, religious, philosophical or any other kind of beliefs, political opinions, memberships to parties, trade unions, associations or organizations of a religious, philosophical, political, or unionist nature, as well as personal data which reveals health or sex life.
For this reason Dada.net S.p.A. requires mandatory user consent when these Services are activated. This is due to the fact that if it were not mandatory for you to provide your consent (in the sense that registration will not conclude properly if your consent for processing sensitive data is not given) you could (even unknowingly) publish photos or videos or provide information containing sensitive personal data (without giving your specific consent as required by the Privacy Code) making it illegal for Dada.net S.p.A. to process this data.
When consent to process your sensitive data is optional, we hereby remind you that without your consent (although this option allows you to register anyway), it will not be possible to use Services that process your sensitive personal data. Before using these services you will need to modify your subscription card and give your specific consent. If you do not proceed to give us your consent for the processing of your sensitive data for whatever reason and subsequently use the Services for which said processing is necessary (e.g. if you publish photos that provide information of a sensitive nature), we hereby inform you that Dada.net S.p.A shall not be held liable in any way, nor shall Dada.net S.p.A. undertake in any kind of disputes, since the publication of sensitive data (including the dissemination via web) is handled exclusively and autonomously by you on the webpage which is made available to you when you register and start using the Services. We hereby specify the importance, as mentioned above, of modifying your registration card to express your specific consent for the processing of sensitive data should you decide to make use of the Services which necessarily lead to the use of such information.
Sensitive data – with special reference to data which could reveal sexual habits or preferences – will not be communicated (apart from legal obligations) or disseminated by Dada.net S.p.A. It is implied that your decision to use the Services to consciously communicate or disseminate your personal sensitive data on the Internet does not constitute a case of communication or dissemination by Dada.net since such operations were carried out autonomously by you on web pages reserved for you, or in any case within the limits of normal use of the Services.
We invite you to not publish sensitive data if it is not strictly necessary. In any case, apart from certain exceptions according to article 26, paragraph 4 of the Code, such data can be processed only with the written consent or equivalent (“equivalent consent” is also a demonstration of acceptance online through procedures such as clicking the “accept” or “send” button on a webpage, etc. or checking the box next to the word “accept”) from the data subject and in accordance with the General Authorizations from the Italian Authorities on sensitive data processing and with previous authorization from the Italian Authorities for the protection of personal data, which can authorize in a general and preventative way – without affecting the written consent of the data subject – certain categories of processing. Specifically, in addition to requesting written consent or equivalent consent, our activities are previously authorized by General Authorizations 2, 4 and 5 of 2006.
Processing the personal data of third parties provided by the data subject.
In using the Services for which you are required to register (e.g. the option to publish photos, videos, or audio tracks), third parties' personal data (and sensitive data), which you published or which was sent to the Service provider by you, may be processed. In this case, you shall be the autonomous Data Controller and you assume all legal obligations and responsibilities. In this sense, you hereby indemnify and keep harmless Dada.net S.p.A. against all suits and claims for compensation for damages from data processing etc. which may reach the Data Controller from third party subjects whose personal data was published through your use of the Services in violation of the applicable laws on the protection of personal data. In any case, if you provide or in any other way process the personal data of third parties in your use of the Services, you must guarantee as from now – assuming any and all connected responsibilities – that you have previously obtained the consent of the third party subject whose personal data was processed and published by you.
Navigation data.
The information processing systems and software procedures which run the dada.net site acquire, over the course of their normal activity, personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not gathered for the purpose of being associated with identified data subjects, however due to its nature, through elaborations and associations with data from third parties, it allows for the identification of the users.
This category of data includes IP addresses or domain names of computers used by the users who connect to the site, the addresses in URI notation (Uniform Resource Identifier) of requested resources, the hour of the request, the method used for submitting the request to the server, the dimension of the file obtained in the reply, the numeric code indicating the status of the reply provided by the server (executed, error, etc.) and other parameters related to the user’s operating system, computer system, applications, and any and all other electronic/computerized aspects related therein.
This data is used only for the purpose of drawing up anonymous statistical information on the use and proper functioning of the site and it is cancelled immediately after it has been elaborated. The data could be used to verify responsibility in cases of computer related crimes which damage the Site or third parties: apart from this possibility, the website contact data is not permanently stored in any way, unless the user requests otherwise (e.g. access to the user’s personal pages on Dada.net that list the services used, the information published, etc.).
With reference to the use of cookies or permanent user tracking/monitoring systems, we hereby inform you that access to the Site can lead to the sending – by the server at the PC terminal of the user – of text files which are used to obtain information on the navigation on the site. According to article 122 of the Privacy Code, we hereby inform you that the sending of non-persistent cookies is necessary in order to allow certain parts of the Service, which require the path of users to be tracked on various pages of the site, to function properly. For any access to the site, independently from the presence of a cookie, the following information is recorded: type of browser (e.g. Internet Explorer, Netscape), operating system (e.g. Windows, Macintosh), the host and the URL of the visitor, in addition to information regarding the page requested. This data can be used in an aggregated and anonymous form for statistical analysis on the use of the site. Finally, the use of the so-called session cookies (which are not memorized in a persistent way on the computer of the user and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (made up of random numbers generated by the server) necessary for allowing safe and efficient navigation on the site.
You can always turn off the cookies by modifying the configurations on your browser.
Data Controller and Data Processor.
The identification data of the Data Controller for the processing of the data which you provided, is the following: Dada.net S.p.A. with registered offices in piazza Pietro Annigoni 9/b, Firenze, CAP 50122.
The updated list of Data Processors (if appointed), is available in the document below the present notice.
Pursuant to article 29 of the Privacy Code, you may contact the Data Processors at any time – by contacting the Offices of the Data Controller Dada.net S.p.A. – to exercise the rights provided for by article 7 of the Privacy Code.
Data Keeping and Security Measures.
Data will be kept for amounts of time defined by current laws and regulations and stored on the server of Dada.net S.p.A sites at the server Farm Inet S.p.A in Italy, Settimo Milanese (MI), via Darwin 17, designated for this purpose Data Processor. A copy of the data, in order to guaranty the ongoing supply of the service and to guarantee that the data will be saved even in the case of a disastrous event, is saved on the server of Upoc Networks, Inc., a company within the Dada Group, with headquarters at 536 Broadway, 3rd Floor, New York, NY 10012, designated for this purpose Data Processor. The physical location of the server farm is at Qwest Communications Corporation, 350 East Cermak, Chicago, IL 60616-1428. In any case, the amount of time that your data will be kept shall be equal to the amount of time it take to fulfill the aforementioned purposes and equal to the length of the service relationship between you and the Data Controller. If you want to cancel your account, and stop using the Services, your data will be cancelled, save the need to fulfill contractual, administrative, fiscal, accounting or legal obligations subsequent to your cancellation of the service. As soon as these above-mentioned obligations have been fulfilled, your data will be cancelled.
We hereby also inform you that your data will be gathered, processed and kept in full respect of the law, according to articles 31 and in accordance with the arrangements laid down by the Privacy Code and the Technical Specifications – as per Annex B of the Code – regarding security measures.
The data will also be processing in accordance with self-governing laws regarding the processing of personal data contained in the sector’s current Code of ethics.
Article 7 (Right to access personal data and other rights)
You can contact the Data Controller or Data Processor at any time, without formal obligations or by using the special form prepared by the Italian Authority for the protection of personal data (available free of charge at www.garanteprivacy.it ) to exercise your rights as provided for by article 7 of the Code, which for your convenience is entirely reported below:
Article 7 Legislative Decree 30 June 2003, n. 196.
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him/her exists, regardless of their being already recorded, and communication of such data in intelligible form.
2. The data subject shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning the data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have to right to obtain:
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated, or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part:
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
Contacts
For any information and to exercise the above reported rights (article 7 legislative decree 196/2003) the data subject can write to:
Dada.net S.p.A.
piazza Pietro Annigoni 9/b
50122 – Firenze
The data subject can also send a request via e-mail to support-it@crm.dada.net