1. Data Controller
Hoplo S.r.l., Data Controller with respect to the Personal Data processed, owns Infomail, an online Platform for sending communications (emails or newsletters) to email addresses lists owned by Infomail’s users.
Hoplo provides the following information regarding the processing of data that users may provide or that Hoplo itself may collect when browsing the websites owned by Hoplo S.r.l. or when using the Platform.
This privacy notice is provided in accordance with Article 13 of Italian Legislative Decree no. 196/2003, the “Personal Data Protection Code,” and Article 13 of the EU Regulation 2016/679, the “GDPR.”
In this privacy notice, the following terms have the meanings indicated below:
Internet Sites: infomailelementor.kinsta.cloud
Visitor: anyone who visits the Internet Sites owned by Hoplo S.r.l
Customer: the natural person or legal entity who has created a professional or agency account to use our Platform, or who uses any of the other services provided by Hoplo S.r.l (for example, sending newsletters).
Personal Data: information that identifies or can identify a Customer or a Visitor (e.g. name, surname, date of birth, email address…)
Address List / Mailing List: the list of recipients uploaded by a Customer onto our Platform (consisting primarily, but not exclusively, of email addresses). It is up to the Customers to upload further personal information related to the recipients on the list (e.g. adding their name, surname or address of residence…).
Platform / Service: the online platform accessible via the Internet in SaaS mode (“Software As A Service”): the platform allows Customers to independently manage digital marketing campaigns, using various tools and communication channels (email, social…).
3. Mode of processing personal data
Hoplo S.r.l processes personal data through the operations indicated in Art. 4 of the Privacy Code and Art. 4 no. 2) of the GDPR, specifically: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of data. Personal data may be processed both in paper and electronic and/or automated form.
4. Privacy for visitors
This section is addressed to Users (i.e. those who browse the websites owned by Hoplo S.r.l) and applies to all Personal Data collected and processed as the data controller.
What data are processed by the data controller?
- Personal data that are automatically tracked when you browse our websites. The technology, software, and computer systems underlie our websites and ensure their functioning, also through automated procedures, collecting some personal data in a way consistent with the use of Internet communication protocols.
These include, for example, the type of browser or device used to access the site, operating system in use, etc.
- Personal data voluntarily provided when you browse our websites. Some pages on our websites have form fields where the User can voluntarily provide some Personal Data (such as name, surname, or email) to activate trial accounts or to send general inquiries or support requests.
How are Personal Data used by the data controller (purpose of processing)?
The data controller uses Personal Data to:
- verifying that the use of the website is in line with its purposes;
- allowing the activation of Service accounts;
- responding to questions and support requests received;
- sending communications, such as newsletters, commercial communications, updates and news, ongoing initiatives, reports;
- collecting anonymous statistical information on the use of the website.
What are the legal references for the processing of Personal Data?
The legal basis that legitimizes the processing of Personal Data that are automatically collected while browsing our Website depends on the case:
- the legitimate interest in making the Website’s functionalities usable following the User’s access.
5. Privacy for Customers
This section applies to Customers or Prospective Customers (i.e. those who use the Platform or Services owned by Hoplo S.r.l) and applies to all Personal Data collected and processed as the data controller.
What Personal Data is processed by the data controller Personal
- Data collected automatically during the use of the Platform. When a Customer accesses and uses the Platform, the data controller may collect the following information:
- usage data of the Platform (e.g. the date and time of access to the Platform or tracking of activities performed during browsing);
- information on devices used to access the Platform (e.g. IP address, operating system in use, or browser data);
- log data (e.g. log files that detect when a device accesses the data controller’s servers, recording the type of each access and the IP address of origin);
- Platform statistics.
- Personal Data voluntarily provided by the Customer to create an account or purchase our Platform.
To access and use the Service, Customers must voluntarily provide some data, aimed at creating and activating their account:
- registration information (e.g. name, surname, email address, username, password, company name, address);
- administrative and accounting data (e.g. VAT number or billing address).
- Personal Data collected automatically during email or communication sending.
In sending emails or messages, some tracking systems are used (e.g. hidden pixels) to detect the opening of a message, clicks made on the links (i.e. hyperlinks) present in the sent communication, from which IP address or with which type of browser the email is opened, and other similar details.
How Personal Data is used by the Data Controller (processing purposes)
The Data Controller uses Personal Data to:
- provide the services that constitute the functionalities of the Platform;
- improve the quality of the services provided and provide adequate support to Platform users;
- carry out monitoring and quantitative analysis on the Platform;
- profile Customers in order to identify and predict possible choices and behaviors in the future;
- promote Hoplo Srl’s services;
- verify compliance with the license agreement;
- prevent, detect, and discourage illegal activities and activities that do not comply with the license agreement;
- send invoices and administrative communications;
- comply with legal requirements or respond to any requests from public authorities;
- communicate directly with Customers, responding to questions and requests, providing assistance and support.
What are the legal references for the processing of Personal Data
The legal basis that legitimizes the processing of Personal Data voluntarily provided or collected automatically during the sending of communications and emails is the performance of a contract of which the Customer is a party or the performance of pre-contractual measures adopted at the request of the Customer. The legal basis for the processing of Personal Data that is collected automatically during the use of the Platform is the legitimate interest in improving the use and enjoyment of the Platform, carrying out monitoring aimed at research and analysis on the Platform itself, and preventing illegal or unauthorized activities.
6. Common provisions
Adopted security measures
Personal data may be processed with electronic and automated tools, or through manual processing in software with logic strictly related to the purposes for which personal data was collected, and in any case, ensuring their safety.
Hoplo applies pseudonymization and encryption procedures for personal data saved and stores data in a cloud environment, availing itself of data processors specifically appointed.
How long we keep your personal data
Hoplo retains personal data for the time strictly necessary for the purposes for which the data was collected, in compliance with current legislation. Hoplo will process personal data for the time necessary to fulfill the above purposes and in any case, for no more than 10 years from the termination of the relationship for Service Purposes and for no more than 2 years from the data collection for Marketing Purposes.
Who are the authorized subjects and the processors who handle your data
Users’ and Customers’ personal data are processed by our employees specifically appointed and authorized, in their capacity as internal processors and/or system administrators, and/or external processors.”
If necessary for the indicated purposes, the collected personal data may be shared with third-party processors appointed as responsible for the processing; among these, we indicate:
1. subjects (individuals or companies) who perform services connected and instrumental to the execution of specific purposes of services provided by the Platform (for example: market research, management of payments by credit card, technological maintenance).
2. subjects (individuals or companies) who provide assistance and consultancy activities to our Company (for example: IT infrastructure managers, system administrators).
In the presence of specific consent, personal data may be transferred abroad, to companies belonging or not belonging to our corporate group, even outside the European Union. In this case, the Data Controller assures in advance that the transfer of data outside the EU will take place in compliance with applicable legal provisions, following the signing of standard contractual clauses provided by the European Commission.
In any case, your personal data will never be disclosed.
What are your rights
Users and Customers may access their own personal data, object to processing, and request cancellation, modification, or updating of all archived personal data, exercising the right to limit processing and the right to data portability.
7. Visitor and Customer Rights
Visitors and Customers have the rights set forth in Article 7 of the Privacy Code and Article 15 of the GDPR, specifically:
to obtain confirmation of the existence of personal data concerning them and their communication in an understandable form;
the updating, rectification or, where interested therein, integration of data;
the erasure, anonymization or blocking
To object, in whole or in part, a) for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of the collection; b) to the processing of personal data for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, by means of automated calling systems without the intervention of an operator via email and/or traditional marketing methods such as telephone and/or postal mail. Visitors and Clients enjoy the rights under articles 16-21 GDPR (Right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Data Protection Authority.