Privacy policy

PRIVACY STATEMENT

The European Regulation on the Protection of Personal Data (GDPR) replaces European Directive 95/46/EC. The aim of the Regulation is to give a modern, uniform and solid frame for data protection in Europe based on the principle of accountability. The new principles have an organisational, operative and technological impact, and at the same time establish a sanctioning system that was more severe than the previous one.

The biggest change in the regulations on data protection involves the extended jurisdiction of the GDPR, because it applies to personal data processing carried out by a data controller or data processor in the European Union, no matter whether processing is carried out in Europe or not. In addition, the Regulation applies to the processing of personal data of data subjects who are located in the European Union carried out by a data controller or a data processor that is not established in the European Union, when processing involves: the offer of goods or the presentation of services to said data subjects in the European Union, independently from the data subject’s obligation to pay or not; or, the monitoring of their behaviour in as much as said behaviour takes place within the European Union.
The Regulation also applies to the processing of personal data by a data controller that is not established in the European Union, but in a place that is subject to the right of a Member State in virtue of public international right.

The GDPR asks companies to activate technical and organisation measures that are suitable for implementing the principles of data protection and for protecting individual rights: what is known as Data Protection by Design and by Default.

Data Protection by Design and by Default guarantees that the company considers problems involving data privacy and protection during the design phase of any system, service, product or process, and as such during its life cycle.
Data Protection by Design and by Default requires Clover IT S.r.l. to guarantee that the company will elaborate only the data needed to reach a specific scope and for a period of time that does not exceed the time needed for the purpose for which the data were collected and subsequently processed.

Clover IT S.r.l. has implemented a Personal Data Protection Management Model pursuant to the GDPR, considering also what is established with Italian legislative decree 196/2003 as modified by Italian legislative decree 101/2018, defining regulations and procedures that are binding for the company and for its individual employees. Clover IT S.r.l. periodically reviews and updates its Information Safety and Data Protection Policy whenever necessary and defines evolutionary standards that translate into a plan for implementing updates. In compliance with art. 13 of the GDPR, Clover IT S.r.l. supplies all the information required by law in the different documents that appear in the “Privacy” section; this information differs according to the purposes for which the Personal data of the data subject were processed. For any further clarification regarding the Information note, please contact our reference person for the pertinent matter at: clover@clover.it.

INFORMATION NOTE ON PERSONAL DATA PROCESSING PURSUANT TO ART.13 OF GDPR 2016/679

In this document Clover IT S.r.l. (hereinafter also “Company”), owner of the Website www.clover.it (hereinafter also “Website”), gives information on the methods used to manage its Website in relation to the processing and protection of personal data of those who navigate in it (data subjects or users).
This document is an information note as established by art. 13 of European Regulation 679 of 27 April 2016 (GDPR); it is valid only and exclusively for the Website owned by the Company and not for other websites that can be consulted by users through any links that may be used from the Website.
This information note can be modified if new regulations are introduced or if the Website is modified, therefore we invite users to visit this section periodically for updates.

1. Data controller
The Data controller is Clover IT S.r.l. located in Via Tezze di Cereda 32, Cornedo Vicentino (VI), Post Code 36073 VAT no. 03729640247.
To implement the rights indicated in the Regulation and for any request about your personal data, you can contact the Data controller by sending an email to: clover@clover.it.

2. Purposes and lawfulness of processing
The lawfulness of processing indicated in this information note is that indicated in art. 6 point a) of the European Regulation: “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”.
The purposes for which processing is pre-ordained are:

a) Requests for information
The data are collected and processed to answer the requests for information made by the data subjects.

b) Creation of a personal account on the Website www.clover.it
The data collected using the online form in the “Create account” section are collected to permit user access to documents or information about one specific service or product offered by Clover IT S.r.l.
With the user’s consent, the data collected for this purpose can also be used to send newsletters that contain informative and promotional material and/or information about new products or updates and novelties about Clover IT S.r.l. products.

c) Newsletter Section:
The data are collected and processed to send newsletters that contain informative and promotional material and/or information about new products or updates and novelties about already-existing products. The lawfulness of processing resides in art. 6(1) point a) of the GDPR (“consent of the data subject”) and/or in art. 6(1) point f) of the GDPR (“legitimate interests pursued by the controller”) considering the reasonable expectations nurtured by Data subjects on the basis of their relationship with the Controller, as indicated in Recital 47 of the GDPR.

d) E-Shop
The data are collected and processed to manage online purchases: order receipt and elaboration, product and service supply, payment processing, and sending communication about orders. The lawful basis is given in art. 6(1) point b) of the GDPR. Before purchasing the product online, users should read the General Sales Conditions carefully.

3. Type of personal data that is processed
Data supplied by the user
Data obtained to pursue the purposes indicated above will be processed as listed below:
a) Request for information: Name, Surname, email address, phone number, user address (Street, City, Post Code, Province, Country);
b) Creation of an account on www.clover.it name, surname, email address, phone number, tax code, user address (Street, City, Post Code, city and country);
c) Newsletter: name, surname, email address, phone number, user address (Street, City, Post Code, Province, Country);
d) E-shop: name, surname, email address, phone number, delivery address, tax code, VAT number, information about payment methods.

Data we collect automatically
While working normally, the computer systems and software procedures required for Website operation acquire some data whose transmission is implicit for Internet communication protocol use. The information is not collected to be associated with identification purposes, but because of its nature could make it possible to identify users if elaborated and associated with data held by third parties. IP addresses or the dominion names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the requested resources, the request time, the method used to make the request to the server, the size of the file obtained in reply, the numeric code that indicates the state of the answer given by the server (successful, error, etc.) and other parameters relative to the user’s operative system and computer environment are included in this category. These data are only used to obtain anonymous statistical data about Website use and to check correct Website operation. The data may be used to ascertain responsibility in the event of hypothetical computer crimes that damage the Website or other users, but only if requested by the pertinent supervisory bodies.

4. Processing methods
The collected data are treated exclusively by authorised subjects using instruments that are automated and not, with methods that are suitable for guaranteeing data safety and confidentiality and for the time needed to fulfil the purposes for which said data were collected. Giving data for the purposes indicated in point 2 is optional. Refusing to give us your personal data or authorisation for processing either fully or in part can make it impossible for Clover IT S.r.l. to supply the services indicated in the “Purposes” section.

5. Possible personal data receivers or categories of receiver
The personal data that Clover IT S.r.l. comes into possession of can be diffused. Said data can be communicated inside the Company and made known to authorised data processors and controllers nominated by Clover IT S.r.l.

6. Transfer of personal data to other countries
The Company will not transfer your personal data to Third countries outside the European Union.
In the event of this happening, CLOVER IT Srl guarantees that said transfer will be made:
– to companies that are part of the CLOVER group and which use the same procedures to protect personal data (Binding Corporate Rules approved by the competent supervisory authority);
– to non-EU countries which the European Commission has decided ensure an adequate level of protection (art. 45 GDPR), or upon the stipulation of standard contract clauses approved by the European Commission.
Any waivers to the above can only occur in respect of art. 49 of the GDPR.

7. Personal data preservation period

Request for information: Personal data relative to requests for information made by unregistered users will be kept for the time required to supply the answer, and in any case for no longer than three months from when the request was made.

Creating an Account on www.clover.it: the personal data supplied during the registration phase will be kept until a request for account cancellation is made by the data subject. Data subjects have the right to cancel their own account at any moment; after account elimination, all the personal data will be cancelled, unless they have to be preserved to handle possible contract relations that were established in the meantime, or requirements set by legislative provisions (e.g. current tax law on the preservation of sales invoices).

Newsletters: the personal data that are supplied will be kept by the company for no more than 24 months from when consent was given.

E-Shop: the data that are collected when an online product is purchased will be kept for the whole duration of the contract and subsequently for a period of no more than 10 years.

In the event of the data subject having consented to informative and promotional material and/or communications about new products or updates being sent, the data will be preserved for no longer than 24 months from when consent was given.
The personal data can be preserved for a longer period if requested by the Public Administration or by other legal, government or regulatory organs, or if this company is involved in legal procedures involving the treatment of the personal data supplied by it.

8. Obligatory and optional granting of data
Your personal data is essential for fulfilling points a), b) and d) above; if you do not give your data to Clover IT Srl, the company will not be able to continue with any contractual relationship or supply the services you requested.
Giving your authorisation to process your personal data for marketing as indicated in point a) above is optional. Your refusal will prevent Clover It Srl from carrying out marketing activities with you, except for the soft spam hypothesis, for which current legislation allows business communication to be sent without needing the specific consent of those who are already our clients, excluding the right to oppose.

9. Rights granted to the data subject
Data subjects have the right to obtain access to their personal data from the Data controller. In particular, the data subject has the right to obtain: a) an indication of the origin of the personal data, the processing purposes and methods, the logic applied in the case of processing using electronic instruments; b) data updating or rectification; c) cancellation or restriction of the processing of their personal data (transformation to an anonymous form, stopping data processing if laws are violated, including those where preservation is not necessary for the purposes for which said data were collected or subsequently processed); d) data portability in a structured manner.
Data subjects have the right to revoke consent to process their personal data. Revoking processing consent does not, in any case, prejudice the lawfulness of processing based on the consent given before revocation.
Data subjects living in Italy have the right to make complaints to a supervisory authority, represented in Italy by Garante per la Protezione dei Dai Personali, with headquarters in Piazza Monte Citorio, 121, Rome. Data subjects outside Italy can make complaints to the supervisory authority in their country of residence.
We inform you that pursuant to article 21 of European Regulation 2016/679, in the event of the data being processed for direct marking purposes (sending newsletters), you have the right to oppose processing for said purpose at any time.

10. Non-existence of an automated decision-making process
Clover IT S.r.l. does not subject the processing indicated in this Information note to automated decision-making processes.

COOKIES AND OTHER TECHNICAL INFORMATION

Third party cookies
By visiting this Website you can receive cookies, some session, others permanent, from sites managed by third parties.
A common example is the use of what are known as “social plugins” for the main social networks, which are parts of the visited page that are integrated directly into the page of the hosting site.
In particular, Facebook and YouTube plugins are present on this Website, to improve the user’s navigation experience through the sharing of contents on the social network. Management of the information collected by the third parties is disciplined by the relative information notes, which should be referred to for clarification. The Data controller is not responsible if third-party cookies/plugins operate on its Website. However, for commodity and transparency, the Web addresses of the different information notes follow. Check:
– the Facebook privacy information note, which can be found on:
https://www.facebook.com/policies/cookies/;
– the YouTube privacy information note, which can be found on:
https://policies.google.com/privacy?hl=it;

Cookies are small text files that visited Websites send to the navigation device used by the user (usually a browser). They are saved in the corresponding browser file while the user visits a Website, and are then re-transmitted to the same Websites during subsequent visits.

They are used to improve navigation, save already-inserted user preferences (username, password and similar), trace the user’s tastes and preferences, making it possible to manage specific marketing initiatives or supply services connected with the Controller’s business such as newsletters, Website service communications, etc. Limiting their use has effects on the usability of the Website contents during consultation. The user can always block cookies beforehand or remove them from the browser cache, but doing so can prevent full use of the services offered by the Web application.

The Website www.clover.it uses these types of cookie:

Technical cookies
These cookies are essential for allowing navigation and using all the Website functions. They do not collect information that makes it possible to identify the user. If disabled, Website content use can be compromised, impossible or greatly limited.

Session cookies
These are technical cookies that save the user’s choice in the Website, and are eliminated when the Website is left. They are tightly limited to the transmission of session id identifiers (made up of casual numbers generated by the server), which are necessary for permitting safe and efficient Website exploration.

Analytic cookies
The Website uses Google Analytics third-party analytic cookies to analyse how visitors navigate on the Website and to monitor accesses. This allows us to offer a top quality experience, modifying the Website on the basis of the pages that are effectively visited by the users. The Website www.clover.it does not collect information that makes it possible to identify the user. All the data that are recorded and shared with Google Inc. are made anonymous (through the elimination of important components of the IP address, of both the IpV4 and the IpV6 type) and are only used to improve Website operation. For legal purposes, the third party Analytics cookies that are made anonymous are equated to technical cookies and do not need informative banners, informed consent and notification to the Data Protection Authority.

The Website www.clover.it does not use third-party profiling cookies
They are cookies used by third parties to trace user navigation on the network and to create profiles about their tastes, habits, choices, etc. Through these cookies, advertising material in line with the preferences already shown by the user during online navigation can be transmitted to the terminal.

Browser settings on Cookie use
Users can consent to or negate the installation of cookies on their device (computer). However, if cookie use is disabled, some functions of our Website may not be available to or usable. The settings regarding this choice can be verified and modified using the configuration parameters of the Browser being used.

How can I disable cookies?
Your browser settings can be modified by following a very simple procedure to disable cookies.

Firefox
o Open Firefox.
o Press the “Alt” key on the keyboard.
o In the tool bar, which is in the top part of the browser, select “Tools” and then “Options”.
o Select “Privacy”.
o Go to “Settings Chronology”, then to “Use personalised settings”. Disable “Accept cookies from sites” and save the preferences.

Internet Explorer
o Open Internet Explorer
o Click on “Tools”, then on “Internet options”
o Select “Privacy” and move the scroll device to the level of Privacy you want to set (move it up to block all cookies and down to permit them all)
o Click “Ok”

Google Chrome
o Open Google Chrome.
o Click on the “Tools” icon.
o Select “Settings”, then “Advanced settings”.
o Select “Content settings” in “Privacy”.
o You can fully or partially block cookies in the “Cookies” option. You can look for and eliminate specific cookies by accessing the “Site Cookies and data” option.
or
Enter chrome://settings/cookies in the address bar and click on Send.

Safari
o Open Safari.
o Select “Preferences” on the tool bar, then select the “Safety” panel in the window that appears.
o You can specify if and when Safari is to save cookies from Websites in the “Accept cookies” section. For more information click on Help (signalled by a question mark).