Privacy information pursuant to art. 13 of the European Regulation n. 679/2016.
Escape Room Business as owner of the processing of personal data (here in after also the “Owner”) informs you pursuant to art. 13 of the European Regulation n. 679/2016 (here in after, “RGPD”) that your data will be processed in the manner and for the purposes indicated below.
In this regard, the Data Controller invites you to carefully read this information (here in after, “Information”), as it contains important information on the protection of personal data and on the security measures adopted to guarantee its confidentiality in full compliance with the RGPD.
It is intended to be made to interested parties who consent and / or request to receive communication about promotional, commercial and advertising activities on Escape Room Business events, initiatives or partnerships.
1. HOLDER OF THE TREATMENT
The Data Controller is Escape Room Business.
2. PERSONAL DATA OBJECT OF TREATMENT
The Owner wishes to inform you about the products, services, promotions and commercial events offered.
Due to the commercial communications it intends to send to you, the Data Controller collects and processes the following personal data:
a) on behalf;
c) telephone number;
d) e-mail address.
3. PURPOSE AND LEGAL BASIS OF THE PROCESSING
The personal data you provide when completing the collection form will be processed for the following purposes:
1) Direct marketing: carrying out marketing activities, such as processing statistics and market research, sending you our newsletter or other information and promotional material relating to the activities, products and services of Escape Room Business, sending you surveys to improve the service (“customer satisfaction”).
Such communications may be made via automatic messages, via e-mail, via SMS / MMS, via fax, via paper mail and / or the use of the telephone with operator; it is specified that the Data Controller collects a single consent for the marketing purposes described here, pursuant to the General Provision of the Guarantor for the Protection of Personal Data “Guidelines on promotional activities and the fight against spam”, of 4 July 2013; if, in any case, you wish to oppose the processing of your data for marketing purposes carried out with the means indicated here, you can do so, at any time, according to the procedures set out in point 6 of this information;
2) Analysis and reporting: carry out analysis and reporting activities connected to promotional communication systems, such as, for example, the detection of the number of open e-mails, clicks made on the links present within the communication, the type of device used to read the communication and the relative operating system.
The legal basis for the processing of your data for the purposes referred to in point 1) is art. 6 (1) (a) of the GDPR, i.e. your consent. The legal basis for the processing of your data for the purposes referred to in point 2) is art. 6 (1) (f) of the GDPR, i.e. the legitimate interest of the Data Controller in the management and monitoring of its direct marketing activity.
The provision of your personal data for the purposes referred to in point 1) is optional, but failure to provide it would make it impossible for Escape Room Business to send you communications of a commercial nature.
4. PERIOD OF CONSERVATION
Personal data are kept only for the period necessary for the purpose for which they are processed or within the terms established by applicable national and community laws, rules and regulations. In any case, consistently with the provisions of the applicable legislation, your data will not be kept for a period exceeding 24 (twenty-four) months starting from your conferment. At the end of this period, your data will be permanently deleted or made anonymous.
5. RECIPIENTS OF DATA PROCESSING AND TRANSFER
Your data may be shared with:
1) other companies belonging to the Group;
2) subjects who act as data processors and / or sub-processors;
3) persons authorized by Escape Room Business to process personal data who are committed to confidentiality or have an adequate legal obligation of confidentiality.
Your data may be transferred outside the European Economic Area only to subjects bound by standard European contractual clauses permitted pursuant to art. 26 (2) of Directive 95/46 / EC or in the event that the territory in which the treatment is carried out has an adequacy assessment pursuant to art. 25 (6) of Directive 95/46 / EC (including, for the avoidance of doubt, the US / EU Privacy Shield).
6. WITHDRAWAL OF CONSENT AND RIGHTS OF THE INTERESTED PARTY
We remind you that pursuant to art. 7 (3), GDPR, you have the right to withdraw your consent at any time by sending an email to firstname.lastname@example.org. In any case, the withdrawal of consent does not affect the lawfulness of the processing based on consent before the withdrawal.
You also have the right to ask the Data Controller at any time to access your personal data, to correct or delete them or to oppose their processing, you have the right to request the limitation of processing in the cases provided for by art. 18 of the RGPD, as well as to obtain the data concerning you in a structured format, commonly used and readable by an automatic device, in the cases provided for by art. 20 of the GDPR.
Requests can be sent to the e-mail address: email@example.com.
We also remind you that you always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the Protection of Personal Data), pursuant to art. 77 of the RGPD, if you believe that the processing of your data is contrary to the legislation in force.
The Data Controller reserves the right to update the Information at any time and make users aware of it through the use of the most appropriate tools, for any further information or question it is possible to contact the Data Controller at the e-mail address: firstname.lastname@example.org.