Privacy Policy

1. Introduction - Identity and contact details of the data controller

This privacy policy concerns the processing of data carried out by Search On Media Group S.r.l., with registered office at Via Ugo Bassi, 7 - 40121 – Bologna (BO), VAT ID 02418200800, phone 0510951294, email info@searchon.it (hereinafter the "Data Controller"), in accordance with EU Regulation 2016/679 (hereinafter "GDPR"). The policy is also available at the Data Controller's premises. If expressly requested, the information provided here can also be given orally, provided that the identity of the requester is proven through a telephone request. Since the Data Controller is established in Italian territory, no representative has been appointed.

2. Information on the processing of data through the website

With regard to the processing of personal data through this website, specific information is expressly referred to in the relevant section.

3. Third-party data

Before providing materials containing personal data of third parties, it is necessary to provide the third party with this information and inform them that their personal data will be processed in accordance with what is provided here, requesting their consent within the terms provided by current regulations.

4. Purpose of the processing, legal basis for the processing, optional consent and consequences of non-consent

4.1. Direct marketing

Personal data will be processed for the following purposes:

To send direct marketing communications, newsletters, advertising materials, through traditional contact systems and automated computer systems, including commercial or promotional communications via email or SMS, or for market research and analysis. In this case, the legal basis is consent, given in accordance with this information. The communication of personal data is not an obligation of a contractual nature, so there is the option to provide personal data; however, in case of non-communication of such data, it will not be possible to carry out any marketing activities.

4.2. Speaker, Moderator or Presenter

Personal data will be processed for the following purposes:

For purposes related to participation as a speaker, moderator, or presenter of workshops at the event. In this case, the legal basis is the consent of the data subject. With regard to personal data processed and stored for this purpose, the communication of personal data is not an obligation of a contractual nature. The data subject has the option to provide their personal data; however, in case of non-communication of such data, it will not be possible to allow participation in the event as a speaker, moderator, or presenter of workshops.

4.3. Legal Obligations

Personal data will be processed for the following purposes:

For purposes related to legal obligations if processing has been carried out for such purposes. In this case, the legal basis is the Data Controller's legal obligation to process such personal data in accordance with applicable national regulations. The communication of personal data is a legal obligation. There is an obligation, in this case, to provide personal data; however, in case of non-communication of such data, it will not be possible for the Data Controller to proceed with the related activity.

4.4. Contractual

Personal data will be processed for the following purposes:

For purposes related to the fulfillment of the contract or pre-contractual measures requested by you. In this case, the legal basis is the Data Controller's obligation to process such personal data for the fulfillment of contractual obligations and/or related to the execution of pre-contractual measures. There is no obligation, in this case, to provide personal data; however, in case of non-communication of such data, it will not be possible to fulfill the contract or pre-contractual measures.

4.5. Profiling

Personal data will be processed for the following purposes:

  1. For purposes related to profiling activities. In this case, the legal basis is the data subject's consent. The communication of personal data is not an obligation of a contractual nature. There is no obligation, in this case, to provide personal data; however, in case of non-consent, profiling activities will not be possible.

4.6. Accreditations

Personal data will be processed for the following purposes:

  1. For purposes related to the fulfillment of the contract or pre-contractual measures requested by you for accreditation. In this case, the legal basis is the Data Controller's obligation to process such personal data for the fulfillment of contractual obligations and/or related to the execution of pre-contractual measures. There is no obligation, in this case, to provide personal data; however, in case of non-communication of such data, it will not be possible to fulfill the contract or pre-contractual measures and proceed with accreditation.

5. Consent Expression Method

Consent may be expressed by subscribing to an electronic document, including through specific checkbox selections. In the case of contractual and/or pre-contractual purposes, consent is not required as your personal data will be processed for the purpose of fulfilling contractual and/or pre-contractual measures.

6. Processing Methods and Logic

6.1. Classic

Regarding personal data processed and stored for the purposes specified in point 4 of this notice, the processing will take place through paper-based tools, automated logic, and the use of CRM-type management software - including the management system named Ibrida - which will allow the optimal management of personal data processing.

6.2. Dissemination

Personal data may also be disseminated through telematic communication networks, including the Internet and social networks.

6.3. Marketing

Regarding personal data processed for marketing purposes, the treatment will be carried out using commercial information delivery software, as well as paper-based tools.

7. Source of Origin of Personal Data

Only personal data provided in accordance with this information will be processed, collected through a specific form. Personal data from publicly accessible sources will not be processed.

8. Recipients and Possible Categories of Recipients of Personal Data

The recipients of personal data may include:

  • companies offering information society services, including, in particular, those providing hosting services;
  • communication companies conducting commercial communication and profiling activities on behalf of the Data Controller, where consent has been given, and which qualify as data processors;
  • companies conducting statistical and market research, where consent has been given;
  • partners of the Data Controller's initiatives;
  • auditing companies.

9. Categories of Data

Personal data will be processed. In no case will data belonging to special categories as defined in Article 9 of the GDPR, such as health-related data, be processed.

10. Transfer of Data

The Data Controller does not intend to transfer Personal Data to entities established in a third country outside the European Union or to an international organization.

11 - Data Retention Period

11.1. Contractual Purpose

Personal data processed and stored for contractual purposes, as mentioned above (4.4), is processed for a period not exceeding 10 years from the day of submission, unless different legal provisions apply.

11.2. Direct Marketing Purpose

Personal data processed for the purposes of 4.1 for marketing purposes is processed and stored until the data subject requests its deletion and/or revocation. The Data Controller reserves the right to periodically request the renewal of the consents given.

11.3. Consent

Personal data processed for the purposes of 4.2 in this information is processed and stored until the data subject requests its deletion and/or revocation. The Data Controller reserves the right to periodically request the renewal of the consents given.

12. Right to Object

The data subject has the right to object as follows:

  • The right to object at any time, for reasons related to their particular situation, to the processing of personal data concerning them pursuant to Article 6, paragraphs 1, letters e) or f) of the GDPR, including profiling based on these provisions. The Data Controller refrains from further processing personal data unless they demonstrate compelling legitimate grounds for the processing that override the interests, rights, and freedoms of the data subject or for the establishment, exercise, or defense of legal claims;
  • If personal data is processed for direct marketing purposes, there is the right to object at any time to the processing of personal data concerning them for such purposes, including profiling to the extent that it is related to such direct marketing;
  • In case of opposition to processing for direct marketing purposes, personal data is no longer processed for these purposes. It is specified that the data subject's right to object to the processing of their personal data for the aforementioned purposes may be exercised in part, i.e., by objecting, for example, to the sole sending of promotional communications made through automated and/or digital tools, or the sending of paper communications;
  • If personal data is processed for scientific or historical research or statistical purposes in accordance with Article 89, paragraph 1 of the GDPR, the data subject, for reasons related to their particular situation, has the right to object to the processing of personal data concerning them, except where the processing is necessary for the performance of a task carried out for reasons of public interest.
  • If personal data is processed for direct marketing purposes, there is the right to object at any time to the processing of personal data concerning them for such purposes, including profiling to the extent that it is related to such direct marketing;
  • In case of opposition to processing for direct marketing purposes, personal data is no longer processed for these purposes. It is specified that the data subject's right to object to the processing of their personal data for the aforementioned purposes may be exercised in part, i.e., by objecting, for example, to the sole sending of promotional communications made through automated and/or digital tools, or the sending of paper communications.

13. Other Rights

The Data Controller also intends to inform about the existence of the following rights:

  • Right of Access: The data subject has the right to obtain from the Data Controller confirmation as to whether or not personal data concerning them is being processed and, where that is the case, access to the personal data and specific information in accordance with Article 15 of the GDPR;
  • Right to Rectification: The data subject has the right to obtain from the Data Controller the rectification of inaccurate personal data concerning them without undue delay. Taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, including by providing a supplementary statement, in accordance with Article 16 of the GDPR;
  • Right to Erasure of Data, including the right to withdraw consent: The data subject has the right to obtain from the Data Controller the erasure of personal data concerning them without undue delay, and the Data Controller has the obligation to erase personal data without undue delay, or to withdraw consent if there are grounds defined in Article 17 of the GDPR. Regarding the right to withdraw, the data subject also has the right to withdraw consent at any time without affecting the lawfulness of the processing based on consent before its withdrawal;
  • Right to Restriction of Processing: The data subject has the right to obtain from the Data Controller the restriction of processing in cases specified by Article 18 of the GDPR;
  • Right to Data Portability: The data subject has the right to receive their personal data in a structured, commonly used, and machine-readable format and has the right to transmit those data to another controller without hindrance from the Data Controller in cases and under the conditions specified in Article 20 of the GDPR;

14. Exercise of Rights

Requests for the exercise of the rights indicated in this information, including, in particular, the right to erasure and the right to withdraw consent, must be addressed directly to the Data Controller at the email address info@searchon.it. Alternatively, you can exercise your rights by sending a registered letter with acknowledgment of receipt to the address Via Ugo Bassi, 7, 40121 Bologna.

15. Contact Details of the Data Protection Officer

The Data Controller has appointed its own Data Protection Officer, who can be contacted at the address dpo@searchon.it.