Privacy Policy

This Privacy Policy refers exclusively to the website https://www.irondames.ch/ (hereinafter the “Website“) and does not concern other websites that may be consulted by clicking links that redirect to external websites. In accordance with the European Regulation on Data Protection [Regulation (EU) 2016/679, hereinafter also “GDPR“] and the relevant Italian legislation (hereinafter, collectively, the “Applicable Law“), this Privacy Policy is provided to the individual who interacts with the Website, consulting its pages (hereinafter the “User” or “Users”).

With respect to cookies, please refer to the Cookie Policy. The latter is integral part of this Privacy Policy and available at the link that the User can find in the footer of the Website.

1. Data Controller and contact details

The Data Controller is IRON LYNX S.R.L, with registered office in Via Civinelli, 950 – 47522, Cesena (FC), P.IVA 04345820403, hereinafter also “Data Controller” or just “Controller“.
For any clarification, information, or exercise of the rights listed in this Privacy Policy, the User can contact the Data Controller at the following contact details: tel. +39 0547 1825743, e-mail welcome@ironlynx.it, PEC ironlynxsrl@pec.it.

2. Personal data subject to processing

The personal data processed through the Website are the following:

a. Navigation data

The computer systems and software procedures used to operate the Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These personal data are not collected to be associated with identified data subjects, but, considering their nature and intrinsic characteristics, they could, through processing and association with data held by third parties, enable users to be identified. This category of data includes IP addresses or domain names of the computers used by Users who connect to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources. This data is used for the sole purpose of obtaining aggregate or anonymous statistical information on the use of the Website and to check its correct functioning to identify anomalies and/or abuse and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes or at the request of the Public Authority.

b. Data provided on a voluntary base:

By means of the Website, the User may voluntarily provide personal data such as, for example:

Please note that the User is not expected or required to register on the Website to access its pages. The User, therefore, will not have a personal account in which data and information referring to the same will be stored and accessible by the User for consultation and/or modification.

The Data Controller shall process personal data in compliance with the Applicable Law, assuming that they refer to the User or to third parties who have expressly authorised the User to provide them or whose personal data that the User was entitled to provide. With respect to these assumptions, the User undertakes to indemnify and hold harmless the Data Controller from any dispute, claim or request for compensation for damage caused by the processing of personal data that may be received from such third parties.

3. Purposes and legal basis of the processing

The following table provides the purposes and legal basis concerning the processing of the above-mentioned personal data:

Purposes and Legal Basis
PURPOSES LEGAL BASIS
Providing feedbacks to any requests for information sent and/or clarifications functional also to any requests to exercise the rights of the User. The implementation of pre-contractual measures taken at the User’s request and/or the contract to which the User is a party [Article 6 (1)(b) of the GDPR].
Complying with legal obligations to which the Data Controller is bound, included to respond to any requests to exercise the User’s rights as a data subject under current data protection legislation. The compliance with legal obligations to which the Data Controller is bound [Article 6(1)(c) of the GDPR].
Verifying any fraudulent or illegal use of the Website in general and ensure its security and functionality in the interest of the Users and the Data Controller. The legitimate interest of the Data Controller and the Users themselves to prevent or identify any fraudulent or otherwise illegal use of the Website [Article 6(1)(f) of the GDPR].
Carrying out research/statistical analysis on aggregate or anonymous data, without therefore being able to identify the User, to measure traffic and assess usability and interest with respect to the Website. The legitimate interest of the Controller to verify the usability and appeal of the Website [Article 6(1)(f) of the GDPR].
Ascertaining, exercising rights of Data Controller, or defending against legal claims or whenever courts are acting in their judicial capacity. The legitimate interest of the Data Controller to ascertain, exercise its rights, or defend itself against legal claims or whenever the courts are acting in their judicial capacity [Article 6(1)(f) of the GDPR].
4. Consequences of failure to provide personal data

Failure to provide the personal data, in whole or in part, may determine the impossibility to respond to any requests for information and/or clarification and/or requests to exercise the rights of the User.

5. Methods of personal data processing

Personal data are processed with manual and/or paper-based and/or computer-based and/or telematic instruments and/or supports, in any case in such a way as to guarantee their security and confidentiality.

To this end, the Data Controller has adopted and implements security measures, both technical and organisational, appropriate to the level of risk related to the processing of personal data carried out.

In particular, the Website functionality is provided on HTTPS encrypted connection and personal data are collected, filed, and stored on secure servers, protected by firewalls, and physically located within the European Union.

6. Recipients of personal data

The personal data of the User may be shared, for the purposes set out in paragraph 3 above, with:

7. Transfers to non-EU countries and/or organisations

The Data Controller’s hosting provider’s servers are located within the European Union. Some of the Data Controller’s suppliers or the servers of such suppliers, however, may be located in countries outside the EU.

For more information the User can contact the Data Controller at the following e-mail address welcome@ironlynx.it.

8. Period of retention of personal data

The personal data of the User will be retained for a period not exceeding the fulfilment of the above-mentioned purposes for which they are processed.

In particular, personal data will be kept for the period necessary to provide feedbacks to any requests for information and/or clarifications received and, in any case, for a period not exceeding 10 years from the moment the User provided those personal data, in fulfilment of the legal obligations to which the Data Controller is bound. This maximum retention period may be extended, where the conditions are met, in order to allow the User to exercise and defend a right in court or whenever the judicial authority exercises its functions and/or at the request of the latter.

9. Rights of the data subject

We inform the User that, as the data subject, he/she is entitled:

The Data Controller shall inform each of the recipients to whom the User’s personal data have been transmitted of any rectification, cancellation and/or restriction of processing carried out, except when this proves impossible or involves a disproportionate effort.

10. Exercise of rights of the data subject

As data subject, the User may exercise the above-mentioned rights at any time by sending an e-mail to the following e-mail address: welcome@ironlynx.it.
If the User wishes to lodge a complaint, he/she may use the forms available on the website of the Italian Data Protection Authority.

11. Changes to this Privacy Policy

This Privacy Policy may be amended and/or integrated and/or updated periodically, also as a consequence of the updating of the Applicable Law.
In this case, the Data Controller shall inform the User of any amendments and/or additions and/or updates to this Privacy Policy by publishing the updated version of the Privacy Policy on the Website.

Last Update: 05/06/2023

STAY
UPDATED

Subscribe to our newsletter