Data Subjects: Newsletter web users
Blulink S.r.l. in its capacity as Data Controller of your personal data, pursuant to and by the effects of EU Regulation 2016/679, hereinafter GDPR, is writing to inform you that the aforementioned regulation provides for the protection of data subjects with respect to the processing of personal data and that said processing shall be marked by the principles of correctness, lawfulness, transparency and the protection of your confidentiality and rights.
Your data shall be processed in accordance with the legislative provisions of the aforementioned regulation and the confidentiality obligations therein provided for.
Purposes and legal basis for the processing as per the GDPR: our personal data can be used, subject to your consent, used to fulfil the request for sending the newsletter and its registration in the mailing list concerning direct marketing activities, newsletters, sending promotional, commercial and advertising material or relating to events and initiatives of the Data Controller, also by inserting them in the corporate CRM.
The provision of data for the aforementioned purposes is optional, however, in the absence of the data marked as mandatory, it will not be possible to provide the service. However, on receipt of any email, you may easily object to the sending of further newsletters by using the “unsubscribe” link or by application to the Data Controller at the contacts provided in this statement.
Method of processing: your personal data may be processed with electronic means, automated contacts, data input into company CRM, outsourcing of processing action and reports. By means of said reports, the Controller can find out, for example the number of readers, openings, one-time “clickers” and clicks, details of emails sent according to date/time/minute; details of emails delivered and otherwise, of forwarded emails; the list of those who unsubscribed from the newsletter; who opened an email or clicked on a single link; users who experienced problems in viewing the message; link tracking (i.e. the number of clicks on the links in the message); click tracking (which links were clicked and by whom). All these data are used for the purpose of comparing, and possibly improving, the results of communications.
Any processing occurs in compliance with the procedures as per arts. 6 and 32 of the GDPR and through the adoption of suitable safety measures as provided. Your data shall be processed only by staff expressly authorised by the Data Controller and, in particular, Direction, the Sales department and the Marketing department.
Communication: your data may be communicated to external individuals or legal entities for a correct management of the relationship and, in particular, to the following categories of Recipients, including all duly appointed Data Processors or autonomous Data Controllers such as:· Company that manages the website limited to technical access for maintenance and management needs of the web server;
- Service company for sending newsletters.
Dissemination: Your personal data will not be disseminated in any way.
Your personal data could also be transferred, only for the above-mentioned purposes, to CEE countries
Retention period: we inform you that, in compliance with the principles of lawfulness, purpose limitation and data minimization, pursuant to art. 5 of the GDPR, the period of storage of your personal data is established as for a period of time not beyond the accomplishment of the purposes for which they have been collected and processed for the execution and completion:
- established for a period of time not exceeding the performance of the services provided, until the interested party objects and until you show interest in our communications
The Data Controller: the Data Controller, pursuant to the Law, is Blulink S.r.l. (Via Cirillo Manicardi, 2 , 42124 Reggio Emilia (RE); e-mail: firstname.lastname@example.org; phone: 0522.511416; VAT: 01432110359) in the person of the pro-tempore legal representative.
You have the right to obtain from the Data Controller or from the Data Protection Officer the erasure (Right to be forgotten), the limitation, the updating, the rectification and the portability of the data, and opposition to the processing of personal data pertaining to you, as well as, in general, to exercise all the rights provided for by arts. 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR and request the complete list of data processors by writing to email@example.com. You can also lodge a complaint with the competent supervisory authority if you believe that the processing of your data is contrary to the legislation in force
Regulation (EU) 2016/679: Articles 15, 16, 17, 18, 19, 20, 21, 22 – Rights of the Data Subject
- The data subject has the right to obtain confirmation as to whether or not personal data concerning him or her exist, regardless of their being already recorded, and disclosure of such data in an intelligible form, and the right to lodge a complaint with the supervisory authority.
- The data subject has the right to be informed of:
- the source of the personal data;
- the purposes and methods of the processing;
- the logic applied if the data are processed by electronic devices;
- the identification data concerning the Data Controller, the Data Processors and the representative designated as per article 5, comma 2;
- the entities or categories of entity to whom or which the personal data may be disclosed and who or which may get to know said data as designated representative in the State’s territory, as data processors or as persons in charge of the processing.
- The data subject is entitled to obtain:
- the updating, rectification or, where interested therein, integration of the data;
- the erasure, anonymisation or blocking of data that have been unlawfully processed, including data whose retention is not necessary for the purposes for which they were collected or subsequently processed;
- certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were disclosed or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared to the right that is to be protected;
- the portability of the data.
- The data subject has the right to object, in whole or in part:
- on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
- to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.