Privacy Policy

Information on Data Processing in accordance with Art. 13 and 14 GDPR (General Data Protection Regulation - Reg. EU 16/679)

We wish to inform you about the processing of your personal data and your entitlements and rights under data protection Regulation EU 16/679 ("GDPR").

1. Data Controller

The Data Controller is:

DeepGlance s.r.l.
VAT: IT10324820967
Establishment: Via Marina 6, 20121 Milano, Italy
Email: info@deepglance.com

2. Data Protection Officer (DPO)

The Data Controller has appointed a Data Protection Officer (DPO) who is fully available to provide data subjects with any request in line with GDPR Art. 38(4) and to liaise with the Data Protection Authority according to GDPR Art. 39.

DPO Contact: dpo@deepglance.com

3. Purposes of Processing

Data will be processed to achieve the following purposes:

• a) Any steps related to commercial and pre-commercial contracts
• b) Deployment of products and services according to signed contracts (including warranty and maintenance services)
• c) To fulfill various financial and legal obligations, according to Italian laws and EU Regulations
• d) To elaborate market research including feedback collection from customers, with the aim to improve our services or to advertise new products/services
• e) Provision of information according to Authorities' requests, to prevent fraudulent behavior or to perform activities according to GDPR Art. 2(2)

4. Categories of Personal Data

According to GDPR Art. 4, we may process the following categories of personal data:

• Personal data (Name, Surname, Fiscal Code, Telephone Number, Business email) of the Customer's Legal Representative
• Identification data (e.g., ID or Passport copy) of Customer's Legal Representative
• Personal data of Customer's employees or staff (in this case, the Customer acts as personal data source and ensures consent and transfer to third parties)
• Voice and data traffic, limited to service deployment or maintenance services

5. Legal Basis for Processing

You are not obliged to provide data which is not relevant to the performance of the contract or which is not required by law.

• Purposes a), b), c): Based on GDPR Art. 6(1,b) - necessary for the performance of the contract. If you do not provide this data, we may not be able to conclude or perform the contract.
• Purpose d): Based on GDPR Art. 6(1,f) - legitimate interest of the Data Controller.
• Purpose e): Based on GDPR Art. 6(1,f) - legitimate interest to prevent illegal or fraudulent behavior.

6. Data Recipients

Personal data collected are processed by authorized personnel of the Data Controller, acting on specific instructions concerning purposes and arrangements of such processing.

According to legal obligations, Authorities or recipients appointed by us (companies in banking services, IT services, logistics, printing services, telecommunications, advice and consulting, sales and marketing) may have access to the data. They may be appointed as data processors according to GDPR Art. 28. The full list of data processors is available at the Data Controller's establishment.

7. Data Retention Period

Data processing is performed at the Data Controller's or Data Processors' establishments. Retention periods are as follows:

• Purposes a), b): For as long as necessary to fulfill contractual obligations (including warranty and maintenance period)
• Purpose c): For as long as necessary to fulfill legal obligations or applicable law
• Purpose d): Until the withdrawal of consent
• Purpose e): For as long as necessary to fulfill legal obligations or applicable law

8. Data Processing Methods

The Data Controller performs data processing (collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, dissemination, alignment, restriction, erasure or destruction) whether or not by automated means.

The Data Controller adopts proper security measures according to GDPR Art. 32. Any automated decision-making pursuant to GDPR Art. 22 is excluded. If we use this procedure in individual cases, we will inform you separately.

9. Data Transfer Outside European Union

Personal data transfer outside the European Union does not take place, except as outlined in Section 6.

10. Data Subjects' Rights

Data subjects have the right to obtain from the Data Controller, where appropriate:

• Access to their personal data (Art. 15)
• Rectification of inaccurate data (Art. 16)
• Erasure of personal data ("right to be forgotten") (Art. 17)
• Restriction of processing (Art. 18)
• Data portability (Art. 20)
• Object to processing (Art. 21)

To exercise these rights, contact the DPO at: dpo@deepglance.com

11. Right to Lodge a Complaint

Data subjects who believe that the processing of their personal data through this website is in violation of GDPR have the right to lodge a complaint with the Supervisory Authority (Art. 77) or to seek judicial remedy (Art. 79).