Extended privacy policy- Wollol - Create the memories of tomorrow

Privacy statement

1. Introduction

In compliance with the obligations resulting from the national (Legislative Decree 30.6.2003 No. 196, Code for the protection of personal data) and communitarian (EU Regulation No. 2016/679 - GDPR) law and subsequent amendments, this site respects and protects the privacy of its visitors and users, putting in place every possible and proportionate effort not to harm the user rights.

On this point, this Privacy Policy is intended to explain the way in which the information shared and authorized by the user can be used on the website www.wollol.net, or in the mobile app "Wollol", for the purposes specified therein, better specified and defined in the informative note about the Terms and Conditions of Use of the Service.
Particularly, the Service manages, processes and cares the personal and sensitive data of the subscribed Users, both those collected from the interested part with his consent, as well as those not collected from the interested part and therefore obtained without his direct consent.

1.1 Definitions

Personal data: information relating to the natural person, identified or identifiable, even indirectly, by reference to any other data;
Data Subject: it is the natural person to whom the personal data refer;
Portability: possibility for the Data Subject involved in the process of personal and sensitive data to hand over such data to another Data Controller;
Data Processor: the natural person, legal person, public administration and any other body, association or organization appointed by the data controller to process personal data;
Service: means the social and interactive features made available to the User by Wollol s.r.l.s., in person of the l.r.p.t., p. VAT and c.f. 01919360436, with headquarters in 62010 Montecosaro (MC), via F.lli Cervi n. 32, Italy, by the subscription of the User on the website www.wollol.net;
Data Controller: the natural person, legal person, public administration and any other body, association or organization responsable, including with other data controller, for decisions about the purposes, methods of processing personal data and the tools used, including the security profile;
Treatment: any operation or set of operations, also performed without the help of electronic tools, about the collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, deletion and destruction of data, even if not recorded in a database;
User/s: it is the natural person, consumer or entrepreneur, company, association, consortium, foundation or cooperative, belonging to the European Union or not, or all of them, who subscribed, or who accesses to the web site www.wollol.net and who intends to take advantage of the features provided therein. When subscribing to the site, the User could specify his/her status as private individual, company, public figure or as a supporter of third parties.

2. Processing subject

The Data Controller, as an example but not exhaustive, deals with the following personal and identifying data:
- name, date of birth, address and anything else provided during registration to the site;
- technical information necessary for the website to work properly including the kind of browser and device in use (IP address and domain names of computers and mobile devices used by the user to connect himself to the website, addresses in URI notation ( Uniform Resource Identifier);
- type of search and time, the method used for the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error etc.) and any other relative parameter to the operating system and to the user's computer environment;
- touch screen data and accelerometer and gyro sensor information of the device;
- photo, audio, video, contacts and descriptive texts and comments;
- Information about the kind of user's subscription and his interactions with the Service, for instance audiovisual content
- User's content published on the Service, including messages sent and / or received through the Service
- cookie data, types of devices used to access or connect to the Service, unique device ID, device attributes, type of network connection (eg WiFi, 3G, LTE) and operator, network and device performance, browser type, language, information enabling the management of digital rights, operating system and version of the Wollol application;
- if the User decides to use the methods of authentication through third-part social media (eg access through other social networks and browsers), Wollol s.r.l.s. may have access to some data published therein (eg name, surname, public profile picture, e-mail, and so on.), entered by the User in the account created with these third parties, based on the conditions of use of such platforms and on basis of the privacy settings of the latter
- the information relating to the User's credit card or debit card and other financial data necessary to process the payment of non-free services offered by Wollol s.r.l.s. - in relation to these services, you should read the Terms and Conditions of Use - or make other purchases through the Service.
- the postal code, mobile number and details of the transaction history;
- if the user chooses to pay with invoice, Wollol s.r.l.s. can collect and store further information such as VAT number, registered office and tax code and provide it to the people in charge of processing the payments used for issuing invoices, in order to allow credit checks and sending invoices.

3. Treatment aim

The User's personal data are processed:

A) without the User's express consent for the following purposes:

1. fulfill the service contract stipulated by the User with Wollol s.r.l.s. when subscribng to the Service;
2. fulfill the related and consequent activities deriving from the same contract, such as the administrative, legal and technical management of the data provided by the User by the consultants, including external consultants, of Wollol s.r.l.s;
3. fulfill the tax obligations arising from the contractual relationship with the User;
4. fulfill the obligations established by the law, by a regulation, by communitarian regulations or by an order of the Authority, including the one to protect the rights, property or safety of Wollol s.r.l.s., of its users or of any other person or the copyrighted content of the Service;
5. exercise the rights of the Data Controller, for example the right of defense in court.

B) Only with the User's express consent, or the following purposes:

1. the use of non-technical cookies and other technologies;
2. any transfer of information to non-EU countries;
3. the collection, use, sharing and other processing of their information, including for commercial and advertising purposes;
4. profiling activities, including automated activities, as well as developing new products and services and analyzing the use of the Service by the user, including his interaction with applications, advertising, products and services made available through links or offered through the Service;
5. to participate in promotions and/or surveys through the Service (any special promotion may be regulated by a Privacy Policy and/or by the Terms and Conditions which are additional to or replace this information or the Terms and Conditions of use.
If the terms of the privacy notice or the terms and conditions of the offer are in conflict with this informative document or with the current conditions of use, the additional or separate clauses will prevail.
If the user profits from the special offer proposed by Wollol s.r.l.s., the same offer can request additional information as stated in this Privacy Policy.
The additional information may be combined with other account information, and may be used and shared as described in this Notice);
6. provide, customize and improve the user experience with the Service and the products, services and advertising (including for third-parts products and services) made available in or outside the Service (included in other sites visited by the user);
7. communicate with the user, for purposes related to the Service or to research, using e-mail, notifications, SMS messages or other information, marketing and promotional methods through an automated communication system
8. provide the user with functionality, information, advertising or other content influenced by its location and its position compared to other users of the Service (eg geolocation).

4. Treatment modality and retention period

The processing of the User's personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.

For the purposes of the processing subject of this notice, the retention period of personal data by the Data Controller will have a duration equal to the use of the Service by the User, who may decide to interrupt the treatment, in all or in part, through the termination of the use of the Service offered by Wollol srls at any time with a specific written request to be sent to the address indicated in the following art. 7, or proceeding to the portability of the same personal data to another service provider, as specified therein.
The same criterion for determining the processing period is used for the consequent activities resulting from the execution of the same contract for the supply of the Service offered by Wollol srls, as administrative, legal and technical management of the data supplied by the consultant, also external, of the Data Controller.

5. Sharing Information within Wollol

The User / Data Subject has the right to get from the Data Controller the confirmation that a Personal Data Processing is being processed and in this case, to get access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated
d) when possible, the retention period of the personal data provided or, if not possible, the criterias used to determine this period;
e) the existence of the right of the Data Subject to request the data controller to rectify or delete personal data or to limit the processing of personal data concerning him or to oppose himself to their processing;
f) the existence of the right to lodge a complaint with a supervisory authority which is for Italy, the Guarantor for the protection of personal data, has its office in Rome (Italy), Piazza di Monte Citorio n. 121, cap 00186, e-mail garante@gpdp.it fax: +39 06 696773785;
g) if the data are not collected from the data subject, all information available on their origin;
h) the existence of an automated decision-making process, including the profiling referred to in Article 22 (1) and (4) of the GDPR, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject;
i) if personal data are transferred to a third party country or to an international organization, the data subject has the right to be informed of the existence of adequate guarantees of the third party country pursuant to Article 46 of EU Reg. 2016/679, related to the transfer of such data;
l) the existence of the right for the data subject to ask to the Data Controller to rectify and integrate his personal data without undue delay;
m) the existence of the right to get from the Data Controller the deletion of personal data (right to be forgotten) which affect him without unjustified delay when:
personal data are no longer necessary to the purposes for which they were collected or otherwise processed;
- the User/Data Subject revokes the consent on which the processing is based and if there are no other legal basis for the processing;
- the User/Data Subject opposes the processing and there are no legitimate overriding reasons to proceed to the processing itself, or opposes the processing for profiling purposes;
- personal data have been processed unlawfully;
- personal data must be deleted to fulfill a legal obligation under Union or Member State law to which the data controller is subject to;
- personal data have been collected regarding the offer of information society services to minor users.
The Data Controller, if he has made public personal data and is obliged, in the cases specified above, to delete them, taking into account the available technology and implementation costs, adopts reasonable measures, including technical, to inform third parties (consultants, credit institutes, public authorities, and so on.) who are processing personal data, of the request of the User/Data Subject to delete any link, copy or reproduction of his personal data.
n) the existence of the User's right to limit the processing when:
- the Data Subject disputes the accuracy of personal data, for the period necessary for the Data Controller to check the accuracy of such personal data;
- the processing is illegal and the User/Data Subject opposes to the deletion of personal data but asks its use be limited;
- although the Data Controller no longer needs it for processing purposes, personal data are necessary for the User/Data Subject to ascertain, exercise or defend a right in court;
- the Data Subject objects the processing, pending verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to those of the Data Subject;
o) the existence of the right to transmit personal and sensitive data concerning him to another Data Controller without hindrance, making a specific request to the Data Controller by registered mail a.r. at Wollol s.r.l.s., Via F.lli Cervi n. 32, 62010 Montecosaro (MC), Italy;
p) the right to cancel your subscription to Wollol by following the process described in the terms and conditions of use of the Service.
This cancellation determines the conclusion of the processing of personal and sensitive data communicated by the User at the time of subscription, involving either their destruction, or the transfer of these data to another Data Controller (if requested by the User and if anyway intended for processing in terms compatible with the purposes for which your data were collected), or still stored for exclusively personal purposes and not intended for systematic communication or dissemination, or lastly retained or transferred to another Data Controller, for historical, statistical or scientific purposes , in compliance with the law, regulations, communitarian legislation and codes of deontology and good conduct in terms of privacy.
The Data Controller, where it is expressly requested, provides a copy, without prejudice, of the personal data being processed. In case of further copies requested by the data subject, the Data Controller may charge a reasonable fee contribution based on administrative costs. If the User/Data Subject submits the request by electronic means, and unless otherwise specified by the User/Data Subject, the information is provided in a commonly used electronic format.

6. Right to lodge objections

In implementation of the art. 21 of the EU Regulation no. 2016/679, we inform the data subject that he has the right to object at any time, for reasons connected with his particular situation, to the processing of your personal data pursuant to Article 6, paragraph 1, letters e) or f), including profiling on the basis of these provisions.
The Data Controller refrains from further processing personal data unless he demonstrates the existence of binding legitimate reasons to proceed with the processing which prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or the defense of a right in court.
If personal data are processed for direct marketing purposes, the Data Subject has the right to object at any time to the processing of personal data concerning him for such purposes, including profiling in so far as it is related to such direct marketing.
If the data subject objects to the processing for direct marketing purposes, personal data are no longer processed for these purposes.

7. How to exercise the rights

You may exercise your rights at any time by sending a registered mail to the following address Wollol srls in 62010 Montecosaro, Via F.lli Cervi n.32 - Italy.

8. Access to data

User data may be made accessible for the purposes referred to art. 3.A) and 3.B):

to collaborators of the Data Controller in Italy and abroad, in their capacity as persons in charge of processing and/or system administrators;
to third-part companies or other subjects (for instance, credit institutes, professional firms, legal or IT consultants) who carry out outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.

9. Communication of data

Without the need of an express consent, the Data Controller may communicate your data for the purposes referred to in art. 3, A) to those subjects to whom the communication is mandatory by law for the accomplishment of the said purposes.

10. Processing of personal and sensitive data and transfer in other Countries

Wollol s.r.l.s., in order to provide the Service as fully and correctly as possible, transfers, processes and stores information on its Users on proprietary or third-party servers located in different countries. As a result, user information may be shared with third parties to perform the activities specified in this notice. Wollol s.r.l.s may also subcontract the processing of personal and sensitive data, or share these information, with third parties located in countries different than the one of the user's residence. Personal information may therefore be subject to privacy laws other than those existing in the user's country of residence, where there may be a risk of having less legal rights.
In any case, Wollol srls, at the time this notice is written, proceeds to use for the operation of the Service offered and for the storage of personal and sensitive data of Users, servers located in the territory of the European Union, in particular in France.

11. Suppliers and partners of the Service

Wollol s.r.l.s. can also receive information about the user from service providers and partners used to customize the user experience, measure the quality of advertisements and their responses, and to view ads that may be more relevant to the user.

12. Shared information

The name and/or username, the profile and cover image, the date of birth, the number of memories, Wow and pages and profiles followed (Timeliners), the latest activities, the most used hashtags, the motto and public memories are always publicly available, that is to say they will still be visible to third parties.
User's activities in the Service are accessible to users who follow the user or view his profile. However, the user can limit the sharing of information to other users.
In any case, some information is always publicly available and may therefore be consulted by third parties.

13. User's preferences

Wollol s.r.l.s. offers the user the possibility to choose whether to receive notifications when he is tagged, when a wow or a comment is added to his memories, as well as manage his public information and set his sharing preferences. However, some information may always be publicly available to others, while others are by default. Furthermore, in the case of sharing information with third parties, such information is visible on the Service, regardless of the selected privacy settings.
To change the possibility of publishing some information, it is possible to act on the information of your account in the appropriate section of the profile settings.

14. External links

The Service may display third-part advertisements and other content which acts as a link to third-part websites. Wollol s.r.l.s. is not able to control and can not be held responsible for the practices and privacy contents of any third party. Please read the privacy statements of third parties to find out how they collect and process the personal information of our users.

15. Safety

The Service undertakes to protect the information of its users. Passwords protect user accounts, so that users can restrict access to the computer and the browser. It is understood that no security measure is completely safe, and this also applies to the password chosen by the user to protect his account and, therefore, the Service can not guarantee the total security of users' information.

16. Minors

The Service is not designed for children under the age of 16. The Service does not purposely collect personal information from children under the age of 16 or the different age limits in the respective countries of residence of the user. Users who do not exceed the said age limit must not use the Service, nor provide personal information to the Service. Parents of minors who do not exceed the age limit who are aware some personal information have bencommunicated to the Service by their minor children, are asked to contact Wollol s.r.l.s. to the contacts provided and available on the website www.wollol.net.

17. Access and updating of user's information

The information provided by users can be viewed and modified by the user holder through the account and profile pages of the user. For any questions about privacy within the Service, this Privacy Statement or the information that Wollol s.r.l.s. collect on its users, please contact Wollol s.r.l.s. to the contacts provided and available on the website www.wollol.net.

18. Changes to the Privacy policy

Wollol s.r.l.s. can make changes to the agreements at its discretion. In case of material changes to the agreements, Wollol s.r.l.s. will inform users as appropriate according to circumstances, for example by viewing the information within the Service or by sending an e-mail. The acceptance by the user of any changes, or the protraction of the use of the Service after the execution of the changes, refines the effectiveness of the changes.

19. Cookie policy

This website uses different types of cookies to ensure the proper functioning of the procedures and improve the experience of using online applications. This document provides information on the use of cookies and similar technologies, how they are used by the site and how to manage them.

19.1 Definitions
Cookies are small text files that the sites visited by users send to their terminals, where they are stored before being re-transmitted to the same sites during the next visit. Cookies of the "third parties" are, however, set by a website different than the one the user is visiting. This is because on each site there may be some elements (images, maps, sounds, specific links to web pages of other domains, and so on.) which are located on different servers than the site visited.

19.2 Types of cookies

Based on the characteristics and the use of cookies we can distinguish different categories:
- Technical cookies. Technical cookies are those used for the sole purpose of "transmitting a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service" (see Article 122, paragraph 1, of the Privacy Act). They are not used for other purposes and are normally installed directly by the Data Controller or operator of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website; analytics cookies, similar to technical cookies when used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site; functional cookies, which allow the user to navigate according to a series of selected criteria in order to improve the service offered. For the installation of these cookies, the prior consent of users is not required, while there is an obligation to provide information pursuant to art. 13 of the Code.
- Profiling cookies. Profiling cookies are designed to create profiles related to the user and are used in order to send advertising messages in line with the preferences expressed by the user in the context of navigating on the Internet. Because of the particular invasiveness that such devices can have in the private sphere of users, European and Italian legislation requires the user to be adequately informed about their use and express their valid consent. The art. 122 of the Code whereby "the storage of information in the terminal device of a contractor or a user or access to information already filed is permitted only on the condition that the contractor or the user has given his consent after being informed with the simplified procedures referred to in Article 13, paragraph 3 "(Article 122, paragraph 1, of the Code).
- "Third party" cookies. By visiting this website you may receive cookies from sites managed by other organizations ("third parties"). These are cookies generated directly by the aforementioned sites and integrated into the web page of the visited host site. The presence of these plugins involves the transmission of cookies to and from all sites managed by third parties. The management of information collected by "third parties" is governed by the relevant information to which reference is made. To ensure greater transparency and convenience, the following web addresses are given below:

Facebook: https://www.facebook.com/policies/cookies/

Twitter: https://help.twitter.com/it/rules-and-policies/twitter-cookies

Google: https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=it

https://www.google.com/analytics/learn/privacy.html?hl=it

20. Duration of the cookies

Some cookies (session cookies) remain active only until the browser is closed or when a logout command is executed. Other cookies "survive" when the browser is closed and are also available during following visits by the user. These cookies are called persistent and their duration is set by the server when they are created. In some cases a deadline is set, in other cases the duration is unlimited.

21. Management of cookies

The user can decide whether or not to accept cookies using the settings of his browser.
Attention: with the total or partial disabling of technical cookies you could compromise the optimal use of the site.
The disabling of "third-part" cookies does not affect the navigability in any way.

Adresses of the main browsers to desactivate cookies:

Chrome: https://support.google.com/chrome/answer/95647?hl=it

Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie

Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies

Opera: https://help.opera.com/en/latest/web-preferences/#cookies

Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT

https://support.apple.com/kb/ph21411?locale=it_IT