This Policy is made in accordance to regulation 679/2016 – General Data Protection Regulation (European Personal Data Processing Regulation).
With this Policy, the Data Controller, as defined below, aims to inform you about the purposes and methods of processing your Personal Data and the rights that are recognized by the Regulation (EU) 2016/679 on protection of natural persons, with regard to the processing of Personal Data and their free circulation (“GDPR”). This Policy may be supplemented or modified by the Data Controller from time to time.
Who is the Data Controller
The Data Controller is DOTS s.r.l., with registered address in Piazza IV Novembre Milano, 20124, Italy.
You can contact the Controller to exercise your rights, as well as to receive any information relating to them and / or this Policy, by sending an email to: [email protected]. The Controller, through the designated structures, will take care of your request and provide you, without unreasonable delay, information relating to the action taken regarding your request.
We inform you that if the Controller has doubts about the identity of the individual submitting the request, you may receive a request for further information necessary to confirm the identity of the person concerned.
Following the consultation of theSites, data related to persons identified or voluntarily identified through the contact forms on the Site, can be processed.
What data are collected by DOTS
When opening an account on one of our Sites or to report a secondary effect occurring as a result of using one of our products or providing us with you Personal Data through the compilation of any form in our Sites; for any questions regarding the availability, purchase, handling, or reimbursement of any of the services marketed by us; for the execution of an order; for the conclusion of a contract; for the refinement and execution of a contract;; to report a quality defect or send us a claim in connection with one of our services; for sending newsletters or completing a possible survey , we collect contact details, which you consent and provide us;, such as email, address and name and surname of the contact person, company name, address, telephone numbers, VAT number, language, order number, email address of the recipient of the invoice, also sensitive addresses, directly supplied by you.
It should be noted that the optional, explicit and voluntary sending of e-mail address or other data included in the contact form to the official addresses (Information and Contacts) indicated on the Site entails the subsequent acquisition of the sender address necessary to respond to requests and any other Personal Data included in the message. Specific summary information could be progressively reported or displayed on the pages of the Site prepared for particular services on request.
The web navigation data, the computer systems and the software procedures used to operate theSite acquire, during their normal operation, some Personal Data and technical data (technical cookies), whose transmission is implicit in the use of internet communication protocols (technical and / or persistent cookies).
This is information that is not collected to be associated with identified or identifiable interested parties, but which by their very nature could, through processing and association, allow the user to be identified.
This category of data include IP addresses or domain names of the computers used by users connecting to the Site, the addresses in Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used in the submit the request to the server, the file size obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc..) and other parameters related to the operating system and the user’s computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use and access of the site, to check its correct functioning.
The data could be used and held for the purpose and for the ascertainment of responsibility in case of computer crimes according to the GDPR 679/2016.
“End User Data”
The visitors to the Site are called “End Users“.
User data are generated by End Users who browse the Site. When an End User sends a consent form, the following data will be automatically registered by DOTS.
User data includes:
- The IP address of the End User.
- Basic Personal Data, which includes End User’s name, gender, title, organization, phone number, email address, and all those identified in the GDPR.
- The date and time of consent.
- The End User’s browser user agent.
- The URL from which consent was sent.
- An anonymous, random and encrypted key value.
- The state of consent of the End User, which constitutes proof of consent.
The key and the status of the consent are also saved on the End User’s browser with a first-party cookie, so that the Site can read and automatically respect the consent of the End User on subsequent requests of the page and future sessions of the End User for the time strictly necessary to achieve the purposes for which they were collected.
The key is used as evidence of consent and to verify that the status of consent saved in the browser of the End User is unchanged from the original consent sent to DOTS.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The processing of your Personal Data by the Data Controller may also be connected to the fulfilment of obligations required by laws, regulations and / or European Community regulations, or by supervisory and control bodies or other legitimate authorities.
Your Personal Data will be processed by the Controller by the Assignees of DOTS, or by third parties who carry out instrumental activities for the pursuit of the purposes, including non-EU countries, in compliance with current legislation.
In this case the third parties are identified among those who, by experience, ability and reliability provide a suitable guarantee of full compliance with the current provisions on treatment, including the security profile. These third parties are designated as Data Processors and their updated list is available at any time, and can be accessed by contacting the Controller.
Purpose of the processing
Every single data collected is processed with automated systems and can be used for one or more of the following purposes:
- To customize the user experience and to improve our Sites. The processing is necessary for our legitimate interest and to help us improve a better services to our Site’s users;
- To consider your professional/job application. The processing is necessary for the purposes of recruitment.
- To manage our business operations and client relationship. The processing is necessary in order to perform our obligations under our contracts with our clients.
- To provide aggregated information on the choices of End Users in relation to the types of cookies accepted and to generate a graphic representation in the management system of the service. This is necessary for our legitimate interest to monitor how our Sites are used and to detect any misuse or fraud.
- To provide relevant marketing such as information about events or services that may be of your interest. It is necessary for our legitimate interests to process this information in order to provide you with tailored and relevant marketing, updates and invitations.
- To comply with any legal obligation, such as checking your identity to prevent money laundry and/or fraud. This is necessary for the purpose of complying with legal requirements.
Personal Data protection measures:
The server operating system, in which the web application and database are allocated, is able to guarantee high levels of integrity, availability and confidentiality of information.
Personal data retention period:
Your Personal Data will be processed actively for the time necessary to manage the existing relationship and / or the execution of the contract and / or tax or legal requirements.
In any case, the data are processed for the time strictly necessary to achieve the purposes for which they were collected, and in any case they will not be stored for longer than permitted by current legislation.
Legal basis of processing: General Data Protection Regulation (GDPR) in the EU 679/2016
The processing of Personal Data is based on the consent explicitly given or on the fact that processing is necessary and legitimate according with the GDPR (ref. see Article 6 of the GDPR) or anything else indicated in the paragraph “purposes of processing”.
DOTS in its capacity as Data Controller, intends to process your Personal Data in order to send commercial communications of products and services, invitations to conferences, including direct marketing conducted using the results of the analysis, as well as proceeding with direct sales and carrying out surveys or market research.
Personal data retention period referred to marketing operations
If you decide to withdraw your consent or to oppose the processing for marketing purposes, you can do so by sending a written notice to [email protected].
On our Sites we use technology to gather information to improve your online experience.
We reserve the right to change this Policy at any time. Any change in this Policy will take effect from the date of publication on the Site.
Cookies are small text strings that the Sites visited by the user send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user.
During the navigation on a website, the user can also receive cookies on their device that are sent from different websites or web servers (so-called “third parties”), on which some elements may exist (such as, for example, images, maps, sounds, specific links to pages of other domains) on the site that the user is visiting.
Cookies, usually appears in users’ browsers in very large numbers and sometimes even with long temporal persistence, they are used for different purposes: execution of computer authentication, monitoring of sessions, storage of information on specific configurations concerning users accessing the server.
In order to aim to a correct cookies regulation, it is necessary to distinguish them since there are no technical characteristics that differentiate them from one another precisely on the basis of the aims pursued by those who use them.
THIRD PARTY, analytical cookies
Analytical cookies, also called “analytics“, allow the creation of detailed statistics on visitors to a Site such as, for example, the display of certain pages, the number of visitors, the time spent on the site by users and the arrival methods.
To view all the cookies used on this site click
Below is the list of the most common browsers with links to the settings for managing cookies:
The browsers provide for the “private” browsing mode, by activating which cookies are always deleted after the closing of each browsing session.
It is always possible to revoke the consent previously given by the methods indicated in the paragraph: “MANAGEMENT OF COOKIES”.
To view all the cookies used on this site click on https://www.dots-it.com/how-we-use-a-cookies.
In relation to the processing described in this Policy, as an interested party you can, under the conditions established by the GDPR, exercise the rights established in the GDPR and, in particular, the following rights:
- Right of access: Article 15 GDPR: the right to obtain confirmation that a Personal Data processing is in progress for you and, in this case, obtain access to your Personal Data, including a copy thereof.
- Right of rectification: Article 16 GDPR: right to obtain, without undue delay, the correction of inaccurate Personal Data concerning you and / or the integration of incomplete Personal Data;
- Right to cancel (right to be forgotten) – Article 17 GDPR: right to obtain, without undue delay, the deletion of Personal Data concerning you.
- Right to limitation of processing – Article 18 GDPR: right to obtain limitation of treatment, when:
- the interested party disputes the accuracy of Personal Data, for the period necessary for the holder to verify the accuracy of such data;
- the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
- personal data are necessary for the interested party to ascertain, exercise or defend a right in court;
- The interested party opposed the treatment pursuant to art. 21 GDPR, during the waiting period for verification of the possible prevalence of legitimate reasons of the Data Controller with respect to those of the interested party.
- Right to object – Article 21 GDPR: allows to object, at any time for reasons connected with your particular situation, to the processing of Personal Data concerning you based on the lawfulness of legitimate interest or the performance of a task in the public interest or exercise of public powers, including profiling, unless there are legitimate reasons for the Data Controller to continue processing that prevail over the interests, rights and freedoms of the data subject or for the assessment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if Personal Data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing
- RIGHT to revoke:
The interested party has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation.
- RIGHT to lodge a complaint:
The interested party has the right to lodge a complaint with the Italy Data Protection Authority for the protection of Personal Data
The above rights may be exercised against the Controller, by contacting the references described above.
The exercise of your rights as an interested party is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Controller may charge a reasonable fee, in light of the administrative costs incurred to manage your request, or deny the satisfaction of your request.
Communication to third parties and / or sharing of data
For the purposes of this Policy we inform you that your data may be disclosed to third parties, designated in written form, if this is necessary to fulfil an obligation under the law, to perform obligations arising from a contract of which you are or you will be part, and to fulfil, before the conclusion of the contract, specific requests.
The recipients of the personal data communications of the data subject are also identifiable in the following categories of recipients, by way of example but not limited to: supervisory bodies; judicial authorities; public administrations or other structures designated for the execution of processing related to the fulfilment of administrative, accounting and management obligations related to the ordinary performance of the Controller‘s business operation (legal obligations); banks, financial institutions, professionals, professional firms and consultants to whom the communication of the aforesaid data is necessary for the performance of the activity of the Controller and, in particular,in relation to the fulfilment of the contractual obligations assumed towards the data subject (contractual obligations);
The data may transferred within the European Union and countries outside the European Union, provided, however, that such Extra-EU transfer does comply with specific legal requirements.
If you have questions or comments regarding this Privacy & Cookies Statement or our privacy practices, please contact us here:
Piazza IV Novembre 1