top of page
prova-1-refSchermata-2022-07-19-alle-10.57.32.jpg

Reefill App Privacy Policy

CUSTOMER INFORMATION ON THE TREATMENT AND PROTECTION OF PERSONAL DATA
(art. 13 of EU Regulation n. 679/2016)

This information describes the processing of personal data collected in the context of contractual or pre-contractual relationships between our company and you or your company/company/organization and is provided pursuant to article 13 of EU Regulation 679/2016 ( hereinafter "GDPR") and the applicable national legislation on privacy and protection of personal data.


1. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER
The data controller of your personal data is Reefilla Srl (VAT number 12462450011) with registered office in 10132 – Turin (TO), Via Bardassano n. 7, in the person of the pro tempore legal representative, registered with the Chamber of Commerce of Turin, under no. REA: TO – 1293114, of the Company Register, e-mail: privacy@reefilla.com (hereinafter “Reefilla” or the “Company” or “Owner”).
In the event that the Data Controller makes use of managers or sub-managers of the treatment pursuant to art. 28 GDPR, the updated list of data processors and data processors is kept at the registered office of the Data Controller.


2. WHAT TYPES OF PERSONAL DATA WE PROCESS 
The types of personal data we collect depend on the purpose for which it is collected.
In general, we may collect the following types of personal data directly from you: 

  • personal contact data (such as name, surname, e-mail address, certified e-mail address, address, city, telephone number);

  • data relating to your corporate, entrepreneurial or corporate organization such as the identification and contact data of shareholders, directors, employees, collaborators and consultants (such as name, surname, e-mail address, certified e-mail address, address, city , telephone number);

  • bank and tax identification data;

  • personal data provided directly by you through communications or attachments to communications;

  • geolocation of your vehicle in the performance of the professional activity carried out by the Company.

 

hereinafter "Personal Data".


3. WHY WE PROCESS YOUR PERSONAL DATA AND ON WHAT LEGAL BASIS
The processing of your Personal Data by the Data Controller takes place:
 

A) without your express consent (art. 6 letter b) - f) GDPR), for the following purposes:

- conclude contracts with the Owner;
- fulfill the pre-contractual, contractual and tax obligations deriving from existing relationships;
- fulfill the obligations established by law, by a regulation, by community legislation or by an order of the Authority;
- pursue a legitimate interest of the Data Controller or of third parties, provided that your interests or your fundamental rights and freedoms that require the protection of personal data do not prevail (e.g. the Data Controller's right of defense in court)._cc781905-5cde -3194-bb3b-136bad5cf58d_
 

B) Only with your specific and distinct consent (art. 6 letter a) and art. 7 GDPR), for the following marketing purposes:

- send newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller via e-mail, post and/or SMS and/or telephone contacts and survey the degree of satisfaction with the quality of the services;

 

If you have denied your consent, it will not be possible to carry out the aforementioned activities under B) and if you have given your consent to the processing activities under B), you will in any case have the right to revoke the consent given at any time.


4. HOW LONG WE KEEP AND PROCESS YOUR PERSONAL DATA
Your Personal Data will be processed by the Data Controller only for the period of time necessary to achieve the purposes of the processing referred to in the previous article 3, after which they will be kept only in execution of the legal obligations in force on the matter, for administrative and/or to assert or defend one's right and, in any case, no later than the terms established by law for the limitation of rights. 
In particular, for marketing purposes, the User's Personal Data will be kept by the Owner for a maximum of 24 months.
 

5. HOW WE PROCESS YOUR PERSONAL DATA
The Personal Data are subjected to both paper and electronic and/or automated processing for the time necessary to achieve the purposes for which they were collected by the Data Controller or by subjects duly authorized and/or appointed to carry out these tasks, constantly identified and/or appointed, suitably instructed and made aware of the constraints imposed by law, as well as through the use of security measures designed to guarantee the protection of confidentiality and to avoid the risk of loss or destruction, unauthorized access, processing not permitted or not compliant with the above purposes.
 

6. TO WHOM WE MAY DISCLOSE YOUR PERSONAL DATA
For the purposes indicated above, your collected data may be made accessible or communicated:

- employees and collaborators of the Data Controller, in their capacity as authorized data processors, within the scope of their respective duties and in accordance with the instructions received. However, these individuals are subject to confidentiality and confidentiality obligations;


- to third parties who carry out outsourced activities on behalf of whose activity is connected, instrumental or supportive to that of the Data Controller (e.g. management and/or marketing software in the cloud);


- to all those public and/or private subjects, natural and/or legal persons (legal, administrative and tax consultancy firms, credit recovery companies, Judicial Offices, Chambers of Commerce, Chambers and Labor Offices, etc.), if the communication is necessary or functional for the correct fulfillment of the contractual obligations assumed, as well as the obligations deriving from the law;


- to all those subjects (including the Public Authorities) who have access to personal data by virtue of regulatory or administrative provisions;

 

In any case, your personal data collected will not be resold or transferred to third parties for marketing purposes and will not be disseminated. 


7. TRANSFER OF PERSONAL DATA OUTSIDE THE EU AREA
The management and storage of your Personal Data will take place in Europe. In any case, it is understood that the Data Controller, if necessary, will have the right to have your Personal Data processed outside the EU Area (EEA). In this case, the Data Controller ensures from now on that the transfer of data outside the EU will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses envisaged by the Commission European.


8. YOUR RIGHTS
Pursuant to articles 15 et seq. of the GDPR and the applicable national legislation on privacy and protection of personal data, you have the right to:

  • obtain confirmation from the Data Controller as to whether or not personal data concerning you is being processed and, if so, to obtain access to personal data and the following information:

    • the purposes of the processing;

    • the categories of personal data in question;

    • the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;

    • when possible, the envisaged retention period of personal data or, if this is not possible, the criteria used to determine this period;

    • the existence of the right of the interested party to ask the data controller to rectify or cancel personal data or limit the processing of personal data concerning him or to oppose their treatment;

    • the right to lodge a complaint with a supervisory authority;

    • if the data are not collected from the interested party, all the information available on their origin;

  • Obtain from the Data Controller the rectification of inaccurate personal data concerning him without unjustified delay. Taking into account the purposes of the processing, the interested party has the right to obtain the integration of incomplete personal data, also by providing a supplementary declaration.

  • Obtain from the Owner the cancellation of personal data concerning him without unjustified delay and the Owner has the obligation to cancel personal data without unjustified delay within the limits and in the cases provided for by current legislation.

  • Obtain the limitation of treatment from the Owner.

  • Receive the personal data concerning you provided to the Data Controller in a structured format, commonly used and readable by an automatic device and you have the right to data portability and therefore to transmit such data to another data controller without impediments by the data controller treatment to which you have provided them if the treatment is based on consent or on a contract and the treatment is carried out by automated means. 

  • Oppose at any time, for reasons connected to your particular situation, to the processing of personal data concerning you if the processing is necessary for the execution of a task of public interest or connected to the exercise of public powers vested in the Data Controller o the processing is necessary for the pursuit of the legitimate interest of the Data Controller or of third parties.

  • If you believe that your rights have been violated by the Data Controller, lodge a complaint with the Guarantor Authority for the protection of personal data (Piazza Montecitorio 121, 00186 Rome (RM) - www.garanteprivacy.it) and/or with another competent supervisory authority under the GDPR

Following the exercise of the rights referred to in points 2), 3) and 4), the Data Controller informs each of the recipients to whom the personal data have been transmitted of any corrections or cancellations or limitations of processing within the limits and in the forms provided for by current legislation. legislation.
To exercise the rights listed above towards the owner, you must submit a written request by sending a registered letter with return receipt to the address Reefilla Srl 10132 – Turin, Via Bardassano n. 7, or by sending an email to privacy@reefilla.com.
 

9. WHAT HAPPENS IN THE EVENT OF CHANGE TO THE PRIVACY POLICY
This information may be modified and/or updated at any time. If the Data Controller intends to process your Personal Data for purposes other than those provided for in the previous art. 4, undertakes to provide you, before this further processing, with adequate information regarding these different purposes and to carry out this further processing in compliance with current legislation, collecting your specific consent where necessary.


ACKNOWLEDGMENT AND CONSENT TO THE PROCESSING OF PERSONAL DATA
Having read this information, the undersigned declares to acknowledge the information received from the Data Controller.
The undersigned also declares to give his specific written consent to the processing of data for further marketing purposes and in particular for carrying out direct marketing activities, such as sending e-mails, mail and/or sms and/or telephone contacts, newsletters, commercial communications and/or advertising material on products or services offered by the Data Controller (for example, business partners).


 

bottom of page