Information on the processing of personal data

The purpose of this document (the "Policy") is to inform each user (the "User" and, in plural, the "Users") of the website https://faire.ai (here in after the "Site") on how the personal data of the User (the "Personal Data") itself will be collected and processed in accordance with the obligations under the Regulation (EU) 2016/679 ("GDPR").

This Policy may be modified at any time by the Owner, as defined below, in whole or in part by updating it. In this case, the Owner will give notice by publishing it on the Site when the aforementioned changes will become effective and binding for the user.

1. Owner of the treatment

The data controller (the "DataController") is Faire Labs S.r.l. with registered office in Milan, Via Abbadesse 20, 20141 ("Faire").

2. Nature of the data

The types of Personal Data collected through the Site are:

1. Personal and contact data such as, for example, name, surname, e-mail address and/or mobile phone number that the User voluntarily provides to the Site by subscribing to the newsletter using the appropriate form;
2. Data collected automatically, during the use of the Site by the User as a result of the use of technology necessary for the operation of the Site itself. This information is not collected in order to be associated with identified Users, but by its very nature could, through processing and association with personal data held by third parties, allow Users to be identified. This category includes IP addresses, or the domain names used by the Users who connect to the Website, the URI(Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.;
3. Data collected through the use of cookies and other technologies, which involve the collection of Personal Data on the pages, the links activated and other actions taken to use the Site. They are stored in order to be retransmitted on subsequent visits by the same User.

3. Purpose of processing

The Personal Data collected may be used to fulfil contractual, pre-contractual and any other obligation arising from a legal provision. Additional purposes include:

1. Management of User databases: to organize, access and modify User data;
2. Mailing list management: to contact the User;
3. Commercial purposes: to convey advertising information more relevant to the user based on his browsing behavior or preferences;
4. Analysis purposes: to analyze the characteristics of data traffic related to the Site;
5. E-mail address verification purposes: to counter fraudulent use of e-mail and/or the Site by third parties.

4. Data processing

The processing of Personal Data shall be carried out by means of analogue instruments, including information technology, with organisational and logical methods strictly related to the purposes indicated in paragraph 3 above. If necessary, the Data Controller may entrust third parties with part of the processing of Personal Data, also by virtue of a specific appointment of data processors by the Data Controller. By way of example, the User's Personal Data may be processed by the hosting service provider for the operation of the Site as well as by other service providers for the maintenance of the Site and/or the provision of other services by the Owner.

5. Legal basis of processing

The processing of Personal Data is based on the following legal bases:

1. the consent given by the User for one or more purposes;
2. need to perform the treatment to fulfill a contractual obligation assumed by the Owner;
3. the need to carry out the processing for the pursuit of a vital interest of the Controller or a third party;
4. the need to carry out the processing for a legitimate interest of the Owner or of Third Parties

For further information on the legal basis of each processing, the User may at any time send an e-mail to the contact addresses indicated in paragraph 10 of this Policy.

6. Place of storage and transfer of data abroad

Personal Data will be stored at the operational headquarters of the Data Controller and at any other location where the parties involved, including any external data controllers, are located. It is also envisaged that Personal Data will also be stored in cloud computing mode at servers made available by Amazon Web Services (Amazon AWS) in compliance with the GDPR regulations. The transfer abroad of the User's Personal Data is not envisaged.

The User may at any time request further information on the methods of storage of Personal Data by sending an email to the addresses indicated in paragraph 10.

7. Retention period

Personal Data will be kept for the period of time strictly necessary to fulfil the purposes for which they have been collected. Personal Data will be kept for the duration of the User's use of the Site, for the time necessary to fulfil further purposes (for example, the storage of the User's contact details in the Data Controller's database for promotional purposes related to the provision of services), for the time necessary to comply with applicable legal and regulatory obligations, as well as for own or third party defence purposes.

If the processing of Personal Data is based on the User's consent, Personal Data may be retained by the Controller until the consent is revoked. However, Personal Data may be kept for a longer period if necessary to comply with a legal obligation or by order of an authority. All Personal Data will be deleted or stored in a form that does not allow identification of the User(anonymisation) within 30 days after the end of the retention period.

8. Automated processing

The Personal Data collected will not be subject to any treatment and / or automated decision-making process, including profiling, which may produce legal effects for the User or which may affect him significantly.

9. User Rights

A User may exercise his/her rights at any time by communicating this will to the Data Controller. In particular, the User may:

1. where you can withdraw your consent at any time;
2. oppose the processing of their Personal Data;
3. access their Personal Data;
4. verify their Personal Data and request changes or updates;
5. obtain the limitation of processing where possible given the nature of the Personal Data processed and the purposes of processing;
6. obtain the cancellation or removal of their Personal Data;
7. receive their Personal Data or have them transferred to another Data Controller;
8. propose a complaint.

10. Contact details

For any information relating to this informative note and/or the exercise of any of the rights or faculties indicated herein, the interested party may send an email to dpo@faire.ai.

In the event that the user wishes to make a complaint may do so by sending an appropriate communication to the following addresses: Garante per la protezione dei dati personali, Piazza Venezia 11, 00187 Roma, PEC: protocollo@pec.gpdp.it.