PRIVACY POLICY



Privacy Policy Statement – Basecamp Gate

(Pursuant to Article 13 of the GDPR)

 

Version updated on 02/08/2024

  

DATA CONTROLLER

Name: MIGLIO 608 di Vigè Fabrizio

VAT No: 11890430017

Registered office: Via Rua n.1 – Frazione Montestrutto – 10010 Settimo Vittone (TO)

MIGLIO 608 di Vigè Fabrizio (hereinafter, “Controller”) as the data controller (“Controller”), informs you pursuant to Article 13 of EU Regulation No. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following manner and for the following purposes.

 

  1. Source and Categories of Data Processed

The Data Controller processes the identifying data you have communicated in the stages of registration and access to the services provided at the facility’s Basecamp Gate – self-service checkouts (by way of example: first name, last name, residential address, contact email) – hereinafter, “personal data” or also “Data” and the usage data generated indirectly through the use of the service. The Data Subject’s payment data may also be processed through payment service provider (the Data will not be processed and/or stored directly by the Data Controller).

 

  1. Purpose and legal basis for processing

Your personal data are processed for the following purposes:

(a) enable the user to use and interact with the service;

(b) process user payments through the payment service provider (payment data is processed by the service provider as a data controller and is not retained by the Controller);

  1. c) fulfill pre-contractual, contractual, accounting and tax obligations arising from existing relations with the user;

(d) handle user requests;

  1. e) fulfill the obligations required by law, regulation, European legislation or an order of the Authority.

For example, the data of the Users of the facility will be registered telematically at the Basecamp Gate – self-service checkouts and used in order to fulfill the communication to the competent public security authority in compliance with the regulations of the Royal Decree June 18, 1931, No. 773 ” Testo unico delle Leggi di Pubblica Sicurezza”, as well as for ISTAT statistical reporting purposes and for tax impositions (e.g. tourist tax).

(f) Acquire statistics and metrics to ensure the proper functioning of the service;

  1. g) exercise the rights of the Data Controller (e.g. the right to defense in court);

The legal bases of the processing operations listed above are as follows:

 

in relation to purposes a), b), c), d) the processing is necessary for the performance of a contract to which the data subject is a party or for the performance of pre-contractual measures taken at the request of the data subject;

in relation to the purposes e) the processing is necessary to comply with a legal obligation to which the data controller is subject.

In relation to purposes f) and g), the legal basis is the legitimate interest of the Data Controller, namely that of monitoring the proper functioning of the service and exercising the rights of the Data Controller such as defense in court.

The provision of Data for the purposes listed above is mandatory. In case of failure to provide the Data, it will not be possible for the Owner to allow you to use the service.

 

  1. Data Retention

Personal data will be kept for as long as necessary to fulfill the purposes outlined in this policy.
 In particular, the Controller will retain copies of correspondence of legal and commercial relevance (including transaction information) for ten years, as required by the Civil Code.

 

  1. Data Recipients

User Data will not be disseminated but may be made accessible, where necessary for the provision of services or by law:

▪ to employees and collaborators of the Data Controller in Italy and abroad, in their capacity as persons authorized to process personal data and/or system administrators;

▪ to third party companies or other entities performing outsourcing activities on behalf of the Data Controller, in their capacity as external data processors;

The Data Controller may communicate your Data for the purposes referred to in art. 2. to supervisory bodies, judicial authorities, public bodies to which it is mandatory to communicate the Data, as well as to those subjects to whom the communication is obligatory by law for the fulfillment of the said purposes.

 

  1. Extra- EU Data

Personal data are stored on servers located within the European Union, of the Data Controller and of third party companies contracted and duly appointed as Data Processors/Sub-Processors.

The Data Controller may transfer certain categories of User Data to countries outside the European Union. The Data will only be transferred to countries deemed appropriate by the European Commission or to companies that meet the guarantees set forth in Articles 44 – 50 of the GDPR.

 

  1. Rights of the data subjects

You may exercise, in relation to the data processing described therein, the rights provided by the GDPR (Articles 15-22), including:

  1. receive confirmation of the existence of the Data and access to its content (rights of access);
  2. update, modify and/or correct the Data (right of rectification);
  3. request deletion or limitation of the processing of Data processed in violation of the law including Data whose storage is not necessary in relation to the purposes for which the Data were collected or otherwise processed (right to be forgotten and right to limitation);
  4. object to the processing (right to object);
  5. lodge a complaint with the Supervisory Authority (Garante per la protezione dei dati personali www.garanteprivacy.it) in case of violation of the rules on the protection of personal data;
  6. receive an electronic copy of the Data concerning him/her as a Data Subject, when such Data has been rendered in the context of the contract and request that such Data be transmitted to another data controller (right to data portability).

 

  1. Processing of Data of Minors

With reference to the Personal Data of minors under the age of 18, in accordance with applicable laws, the exerciser of parental responsibility with the uploading of the digital ID of the minor in Basecamp Gate System consents to the collection of the Personal Data of the minor. This data will not be processed by the Data Controller but will be transmitted to the competent public security authority in compliance with the regulations of Royal Decree June 18, 1931, No. 773 ” Testo unico delle Leggi di Pubblica Sicurezza”.

In the event that Personal Data of minors under the age of 18 is involuntarily recorded, the Data Controller will promptly delete it upon request of the exercising parental responsibility.

 

  1. Ways of exercising rights and contact details of the Data Controller

The Data Controller is:
 MIGLIO 608 di Vigè Fabrizio with registered office in in Via Rua n.1 – Frazione Montestrutto – 10010 Settimo Vittone (TO)

You may at any time exercise your rights by sending:

▪ a registered letter with return receipt to: MIGLIO 608 in Via Rua n.1 – Frazione Montestrutto – 10010 Settimo Vittone (TO)

▪ an e-mail to: