Data Controller
Andrea Palermo
Palimex Srl GmbH
Via Sommacampagna, 38
37137 Verona VR
VAT No.: 340 230 2449
Email of the Data Controller: info@palimex.it
Types of Data Collected
Among the Personal Data collected by this Application—either independently or through third parties—are: Tracking tool; Usage data; first name; last name; phone number; email; geographical location.
Full details on each type of data collected are provided in the respective sections of this privacy policy or through specific informational texts displayed prior to data collection.
Personal Data may be freely provided by the User or, in case of Usage Data, automatically collected during the use of this Application.
Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to provide it, it may be impossible for the Application to provide the Service. When this Application indicates some Data as optional, Users are free to refrain from providing such Data without any impact on the availability of the Service or its operation.
Users who are uncertain about which Data is mandatory are encouraged to contact the Data Controller.
Unless otherwise specified, the use of Cookies—or other tracking tools—by this Application or by the controllers of third‑party services used by this Application, is aimed at providing the Service requested by the User, as well as for the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for third-party Personal Data obtained, published, or shared through this Application, and asserts they have the right to communicate or disclose such Data, releasing the Controller from any liability towards third parties.
Methods and Location of Data Processing
Processing Methods
The Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or unauthorized destruction of Personal Data.
Processing is carried out through IT and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated. Besides the Controller, in some cases, other subjects involved in the organization of this Application (administrative, commercial, marketing, legal staff, system administrators) or external parties (such as third‑party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data. These may also be appointed, if necessary, as Data Processors by the Controller. The updated list of Processors can be requested from the Data Controller at any time.
Legal Basis for Processing
The Controller processes Personal Data relating to the User if at least one of the following applies:
-
The User has given consent for one or more specific purposes;
-
Processing is necessary for the execution of a contract to which the User is party or to take steps at the request of the User prior to entering into a contract;
-
Processing is necessary for compliance with a legal obligation to which the Controller is subject;
-
Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller;
-
Processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party.
The User may request clarification on the specific legal basis for each processing purpose.
Location
Data is processed at the Controller’s operational offices and at any other locations where the parties involved in the processing are located.
Personal Data may be transferred to a country other than the one in which the User resides. For more information on this, please refer to the section “Details on Personal Data Processing.”
The User has the right to request information on the legal basis for transfers of Personal Data outside the European Union, as well as on the security measures adopted by the Controller.
Retention Time
Data is retained for the time necessary for the purposes for which it was collected.
Specifically:
-
Personal Data collected for contractual purposes will be retained until the contract is fully executed;
-
Personal Data collected for legitimate interest will be retained until such interest is satisfied;
-
When processing is based on consent, Data may be kept until consent is withdrawn, unless longer retention is required by law.
After the retention period expires, Personal Data will be deleted. After that point, rights to access, correction, portability, and deletion can no longer be exercised.
Purposes of Data Processing
User Data is collected to enable the Controller to provide the Service, comply with legal obligations, respond to inquiries or enforcement actions, protect rights and interests, detect fraudulent activity, and for other purposes including: third‑party account access, statistics, embedding content from external platforms, contacting Users, interacting with social networks, location‑based interaction, and tag management.
For more detailed information on processing purposes, Users can refer to the section “Details on Personal Data Processing.”
Facebook Permissions Requested by This Application
The Application may request certain Facebook permissions to perform actions with the User’s account and collect information, including Personal Data. Permissions are only activated explicitly by the User.
When accessing the Facebook account, the requested permission is: “About Me” of the User’s friends.
Location of processing: United States – Privacy Policy.
Details on Personal Data Processing
This Application may use the following services:
Third‑party account access: e.g., Facebook account access (User consent required).
Contact form: collects first name, last name, email, phone number.
Tag management: Google Tag Manager (data processed in Ireland).
Social interaction: LinkedIn and Facebook widgets (processed in the US and Ireland).
Location‑based interaction: Geolocation on request.
Analytics: Google Analytics with or without IP anonymization (processed in Ireland).
External content display: Google Fonts (processed in Ireland).
User Rights
The User can exercise the following rights:
-
Withdraw consent at any time;
-
Object to Data processing;
-
Access personal Data;
-
Rectify incorrect Data;
-
Restrict processing;
-
Erase personal Data;
-
Receive Data in a structured format or have it transferred;
-
Lodge a complaint with a supervisory authority.
For marketing-related processing, Users can object at any time without justification.
How to Exercise Rights
Requests can be made to the contact details at the beginning of this document. They will be processed free of charge within one month.
Additional Information
Data may also be used for legal defense or for system logs and maintenance.
This Application does not support “Do Not Track”; to check third‑party support, consult their privacy policies.
The Controller reserves the right to modify this policy at any time. The User will be notified and re-consent may be required.
Last updated: November 20, 2021
