Privacy Policy MyCampy 3.0

Privacy policy for use of the “MyCampy 3.0” Application

Introduction:

Campagnolo srl offers to enthusiasts who purchase its products the benefit of the MyCampy Application for optimal use of the instruments.

Campagnolo srl hereby informs you, in accordance with Regulation EU 2016/679 (“GDPR”) and the legislation - including domestic - on the protection of personal data applicable from time to time (“Privacy Legislation”), that your data will be processed by the methods and for the purposes specified below:

1. Data controller:

Campagnolo S.r.l, based in Via della Chimica 4, 36100 Vicenza – Italy, e-mail: privacy@campagnolo.com

2. Data Protection Officer:

The Controller has appointed a Data Protection Officer (DPO) who can be contacted at the following email address dpo@campagnolo.com .

3. Type of data processed

The Controller processes the following personal data (hereafter “Data” or “Personal Data”):

  • identification (e.g. first name and surname, date of birth, gender, location, email address, etc.) voluntarily disclosed by you upon completing the accreditation process and using the App (hereafter “App”);
  • anonymised browsing data on the App, internet connection address and identification code of the hardware used (Device ID);
  • your preferences and interests (e.g. contents viewed and services used via the App).

4. Purpose and legal basis of processing

Your Data may be processed for the following purposes and legal bases of processing:

  1. for the performance of the service which is free and can be used via the App, in particular:

  • to allow you to register for, use, update and maintain the App on the supported devices and to benefit from all the related services;
  • to provide, administer and manage all services requested by you and to send service and/or support communications;
  • to provide you with technical assistance;
  • to ensure the performances of the App are optimal.

  1. subject to your consent and in particular:
  • to send, via email, SMS, social networks and other instant messaging apps, promotional communications (including the newsletter) relating to products, services and events of the Controller, as well as to send you communications concerning initiatives, offers and/or commercial promotions, even via notifications to your smartphone;
  • to analyse your preferences and your interests (e.g. use of the services and of the App, features used, processing of data relating to your choices, habits and preferences, etc.) as well as for the creation of profiles (individual and/or aggregated) with the aim of offering you customised and targeted services, initiatives and offers that may be of interest to you.
  1. For the pursuit of the legitimate interest of the Controller and, in particular:

  • to exercise the rights of the Controller, for example the right to defend legal claims;
  • to manage complaints and any disputes,
  • to prevent and/or repress fraud and/or unlawful activities.
  1. For legal obligations and in particular:
  • to fulfil any obligation envisaged by law and/or an order of the Public Authority.

Your Data are processed by electronic and paper means, through the operations of collection, recording, update, organisation, storage, consultation, processing, modification, selection, extraction, comparison (e.g. of details), use, interconnection, restriction, erasure and destruction of Data. Your personal data are stored in databases in Europe.

5. Storage of Data

We store your Personal Data for the time necessary to fulfil the purposes indicated above and in any case:

  • until the request for erasure by you using the function “Erase User Data” which directs you to a form with 2 requests to be flagged:
    • erasure of data and profile from the MyCampy App: this erases (or anonymises) the data in the MyCampy back-end relating to you;
    • erasure of all “Campagnolo” data: this generates an erasure request, managed with an internal workflow, which involves a request for erasure of your profile from CRM, from Azure and from everything involving use of your credentials. The workflow ends with an email sent to you confirming the erasure of your data.

  • for no more than 2 years from your last contact and/or request for the Service Purposes;
  • until withdrawal of consent or, failing that, for 24 months from the date of the last interaction with the Controller for direct marketing and/or profiling activities.

In any case, the Data are processed for the period established by law and in accordance with the timescales defined by the applicable legislation, also in relation to personal data protection. Once those periods have elapsed, the data will be erased and/or anonymised.

6. Access to Data

The following persons may access your Data for the purposes indicated above:

  • employees and/or collaborators of the Controller, in their capacity as processing officers;
  • third party companies or other entities that perform activities on behalf of the Controller, in their capacity as external processors, providing activities connected, instrumental or in support to those of the Controller, for example: providers of App maintenance services, providers of management services of the Information Technology systems.

7. Disclosure of Data

Your Data may be disclosed, even without your consent, to supervisory authorities, law enforcement agencies or public authorities, at their explicit request. These entities will process them in the capacity of autonomous controllers for institutional purposes and/or by virtue of the law during investigations and controls.

8. Provision of data

The provision of Data for the purposes of the App Service is mandatory: these Data are required in order to register to the App, as well as to use its services; if you decide not to provide the Data, you will not be able to use the App services.

The provision of Data for the marketing and profiling purposes is not mandatory.

10. Security measures

The Controller processes the personal data adopting appropriate and adequate security measures aimed at preventing unauthorised accesses, disclosure, modification or destruction of the data, in accordance with the provisions of the applicable domestic legislation and the GDPR.

11. Rights of the data subject

You may, at any time, exercise the rights indicated by Articles 15 to 21 GDPR, identified below, if applicable:

Right of access to personal data

To exercise the indicated rights, you can send your requests to the contact details of the Controller and/or the Data Protection Officer indicated above. If you believe that your personal data are being processed in breach of the provisions of Regulation EU 2016/679, you may lodge a complaint with the Data Protection Supervisory Authority, which can be contacted via the internet website www.garanteprivacy.it  

 

  
   

Right to rectification

   
   

Right to be forgotten or to erasure of data

   
   

Right to restriction of processing

   
   

Right to data portability

   
   
   

Right to object to processing

   
   
   

Revision May 2023