DATA CONTROLLER AND COUNTER DATAISCIANIGIOCHI S.P.A. is the Data Controller of personal data processed through the website www.liscianigroup.com The registered office is in Via Giacomo Ruscitti, Zona Ind.le Sant’Atto, 64100 Teramo (Te), P.IVA 00723030672. For all privacy issues you can contact the following email address: [email protected], or the telephone number tel. +39 0861 2311. The institutional website has the following address: https://www.liscianigroup.com

DESCRIPTION OF THE PROCESSING AND CATEGORIES OF THE INTERESTED PARTIESPersonaldata collected through the website will be processed in full compliance with applicable legislation, ensuring the security, confidentiality and protection of the data it holds, respecting the fundamental rights and freedoms that are recognized to the data subjects, in accordance with European Regulation 2016/679, hereinafter GDPR.

TYPES OF DATA COLL ECTED Data are collected from the data subject. The computer systems and software procedures used to operate this website acquire, in the course of their normal operation, some personal data whose transmission is implicit in the use of the Internet. Among the personal data collected by this website are: technical, statistical and profiling cookies, website usage data, time spent on the website. The various information we collect includes information that can identify you as an individual (“personal data”) and some device-related data, e.g. anonymized IP address of your device and activity in relation to the types of services you use, may be processed, including with your consent where applicable. The personal data processed through the website are as follows: A. Automatically collected browsing data: the information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow the identification of browsing users. This category of data includes the “IP addresses” or domain names of the computers used by users connecting to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested. IP addresses are saved in “anonymized” form. The visible portions of information are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to control the proper functioning of the website of LISCIANIGIOCHI S.p.A. B. Cookies : the site uses some cookies and the data collected through them may be used to access parts of the site or for statistical and profiling purposes or to make the browsing experience more pleasant and more efficient in the future, trying to assess user behavior and to modify the content offer according to their behavior. More information regarding cookies is available one in the section “Cookies Policy” below. C. Data related to websites, third-party services, plug-ins: the site may contain links to other websites or applications. The site also incorporates social media plug-ins and/or buttons to enable easy sharing of content on your favorite social networks. Such plug-ins are programmed not to set any cookies when you access the page, to safeguard your privacy. Eventually cookies are set, if so provided by the social networks, only when the user makes actual and voluntary use of the plug-in. Keep in mind that if the user browses while being logged into the social network then he/she has already consented to the use of cookies conveyed through this site at the time of registration with the social network: services may be used that analyze the traffic of this website, potentially containing personal data of users, in order to filter it from parts of traffic, messages and content recognized as SPAM (Google reCAPTCHA, SPAM protection service provided by Google Inc.). The collection and use of information obtained by means of plug-ins are governed by the respective privacy policies of the social networks, to which please refer.

PURPOSE OF THE PROCESSINGThesite requires certain information from the browser for the purpose of providing quality service. These are browsing preferences, logins, and cookies used for the smooth operation of the site and in order to offer a better and better service. The Data Controller may process the data to: – administering the website, services and for internal operations, including troubleshooting and, if legitimate, data analysis, testing, statistical purposes and surveys; – improving the website and ensuring that the content is presented in the most effective way for browsing; – if legitimate, for trend monitoring, marketing and advertising; – keeping the site secure and for liability investigation in case of cybercrime against the website and legal protection.

LEGAL BASISTheuse of technical cookies does not require consent as it is necessary for the execution of a contract or pre-contractual measures (Art. 6 par.1.b of the GDPR) of the Owner so that the functionalities of the company’s website are usable and usable as a result of the navigation carried out by the user. The use of profiling cookies is carried out with the consent of the data subject (Art. 6 par.1.a of the GDPR)

POLICY ON COOKIES AND SIMILAR TECHNOLOGIES

RECIPIENTS AND CATEGORIES OF RECIPIENTSThepersonal data processed by the Controller are not disseminated. On the other hand, they may be communicated to workers employed by the Data Controller, and to external parties who collaborate with it designated as Data Processors (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies, website management personnel, website cookie and consent management platform) or authorized to process them as they operate under the authority of the Data Controller, or other parties involved in the organization of this website (administrative, sales, marketing, legal, system administrators). Finally, they can be communicated to the subjects entitled to access them by virtue of provisions of the law, regulations, EU regulations. For requirements of compliance with regulatory obligations or to ascertain responsibility in case of computer crimes to the detriment of the site, data may be communicated to, or allocated at, third parties. The updated list of the Responsible Parties can always be requested from the Data Controller. This is without prejudice to the obligation of LISCIANIGIOCHI S.p.a. to communicate the data to Public Authorities upon specific request.

TRANSFER TO FOREIGNCOUNTRIESData are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located, so the Data Controller does not transfer this personal data to third countries or to international organizations. However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided by Article 46 GDPR 2016/679. The equivalent levels of protection adopted for the processing of personal data of its employees will be required for the processing of the information and data that may be communicated to these parties. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the prescribed regulatory tools will be applied.

DURATION OFTHE PROCESSINGBased on the principle of storage limitation (art.5, GDPR), the verification on the obsolescence of the stored data in relation to the purposes for which they were collected is carried out periodically. In particular: a) data collected automatically are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to check its regular operation, including for security purposes or in accordance with the deadlines provided for by law; b) data provided voluntarily by the user will be kept for a period of time not exceeding the achievement of the purposes for which they are processed or in accordance with the deadlines provided for by law.

METHODS AND NATURE OFDATA HANDLINGDataare collected and recorded lawfully and fairly for the purposes indicated above in accordance with the principles and requirements of Article 5 par. 1 of the GDPR. The processing of personal data is carried out using manual, computerized and telematic tools with logics strictly related to the purposes themselves and, in any case, in such a way as to guarantee their security and confidentiality. The provision of data for the aforementioned purposes is entirely optional. Any refusal on the part of the interested party to confer personal data, the lack of consent or its revocation for one or more purposes, will result in the impossibility of using the services related to them. The interested party may refuse to confer his navigation data to the Data Controller. To do so, he or she must disable cookies by following the instructions provided by the browser in use. Disabling cookies may worsen or prevent the navigation and enjoyment of the site’s functionalities.

---

SECURITY MEASURES The transfer, storage and processing of the Data Subject’s data collected through the website, are ensured through the appropriate technical and security measures, specifically: All the Data Subject’s information is protected with the access keys that the user himself has chosen, passwords are not recorded in plain text. The site has an HTTPS encrypted connection. A secure e-commerce platform with built-in security protocols is used. Complex passwords are used. Data from Data Subjects are collected, stored and maintained on a secure, firewall-protected server physically located in an access-controlled web farm located in the EU.

RIGHTS OF THE INTERESTED PARTIESInaccordance with, within the limits and under the conditions provided for by the legislation on the protection of personal data regarding the exercise of the rights of the Interested Parties (Articles 15 to 22), with regard to the processing operations covered by this information notice, as an interested party, users may exercise certain rights with reference to the data processed by the Data Controller. In particular, the Data Subject has the right to: – Withdrawal of consent at any time – Opposition to the processing of their data – Access to their Data – Verification and rectification – Limitation of processing – Deletion or removal of their personal data – Portability In addition, the data subject has the right to lodge a complaint with the competent Data Protection Supervisory Authority or take legal action, if they believe that the processing operations concerning them violate the rules of the GDPR, pursuant to Article 77 of the GDPR. The data subject may revoke any consent given at any time.How to exercise your rights If you wish to request further information about the processing of your personal data or for the possible exercise of your rights, you may contact us in writing at [email protected] using the appropriate “Rights Exercise Form“. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

AUTOMATED PROCESSINGIn no case, with respect to the processing operations below, does the Controller carry out processing operations that consist of automated decision-making on the data of natural persons.

CHANGES TO THIS PRIVACY POLICYThe Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users via email and on the Website. The Data Controller will collect the consent of the Data Subject again, if necessary. Last modified: 14/10/2021

DATA CONTROLLER AND CONTACT INFORMATION

LISCIANI GIOCHI S.P.A. is the Data Controller of personal data processed through the website www.liscianigiochi.com and within the LISCIANIGIOCHI App Ecosystem.
The registered office is in Via Giacomo Ruscitti, Zona Ind.le Sant’Atto, 64100 Teramo (Te), P.IVA 00723030672. For all privacy issues you can contact the following email address:[email protected] the telephone number tel. +39 0861 2311.
The institutional website has the following address: https: //www.liscianigroup.com

PRIVACY FOR MINORS

Registration is allowed only to users who have completed 18 years of age; therefore, no personal information should be provided to LISCIANIGIOCHI by minors. For this reason, the parent and / or exercising parental authority will provide their own registration in the restricted area and / or definition of one or more player profiles (USER). It is requested not to use the real name and surname of minors when creating a profile and/or avatar. If, despite the prohibition herein, a parent or guardian becomes aware of the fact that the minor child has directly provided us with information, the same should contact us at the email address [email protected] for the cancellation / modification.
LISCIANIGIOCHI disclaims any responsibility for the hypothesis that the user gives incorrect data, untrue, or relating to third parties, including minors, for which he is not entitled and / or expressly authorized to confer and express consent to treatment. The user assumes full responsibility for such conduct.

DESCRIPTION OF PROCESSING AND CATEGORIES OF AFFECTED PARTIES
This policy explains how personal information of users obtained within the various sections of the company website and in the use app Liscianigiochi.
In particular, personal data are collected through:

(a) filling out the registration form for the restricted area;
(b) the request for assistance through helpdesk service;
(c) online purchase of products (order management, sale and delivery of products, management of returns and warranties and other activities necessary for the sale of products through e-commerce) with or without access to the restricted area;
d) account registration for app use of the Liscianigiochi App ecosystem and in the use of the device (tablet, robot, phone) by players;
(e) filling out the online contact form;
The personal data collected will be processed in full compliance with the applicable legislation, ensuring the security, confidentiality and protection of the data it holds, respecting the fundamental rights and freedoms that are recognized to the data subjects, in accordance with the European Regulation 2016/679 (GDPR).

TYPES OF DATA COLLECTED AND ORIGIN OF DATA

Data are collected from the data subject and are provided directly when creating an account in the restricted area, requesting assistance, making a purchase, registering on tablets, when using apps, sending a contact request.
Data collected: first name, last name, email, telephone, address, type of user and profession, VAT number, tax code, date of birth, system logs, data relating to purchases made, method of payment.
In particular, with reference to the use of apps on Ecosystem LISCIANIGIOCHI, the following categories of personal data are processed:

A. ECOSYSTEM Lisciani APP:
– COMMON DATA: first name, last name, date of birth, email address, phone number, postal address of registered users; data entered in the player profile (USER), such as image, name or game pseudonym. The profile of each player can be personalized by the inclusion of a picture: LISCIANIGIOCHI does not recommend uploading photographs of minors within the player profile.
– INFORMATIC DATA: basic data of branded devices (phones, tablets, robots) and parent devices associated with them (e.g., cell phone); friendship structure between nicknames; access/exit logs.
– APPLICATION DATA: identifier of the applications downloaded from the LISCIANIGIOCHI store and log of the specific application used by the player.
B. APP TUTOR: The APP TUTOR collects information about activities to enable parental authority officers to monitor children’s play activities (game screens, results and score achieved, voice recordings). LISCIANIGIOCHI does not perform any processing of this information but only stores it and makes it available to the registered user for appropriate verification.
Use of microphone and camera: some APPs use the microphone and camera for some game functionalities and store locally (i.e. in a memory location of the device) the information collected, which therefore does not enter in any way in the dispobility of LISCIANIGIOCHI, not even for the purpose of simple storage; in the same place are stored any voice recordings or images collected with the device outside the game context. All of this information can be managed and deleted at any time by the registered user.
It will therefore be the user’s responsibility to remember to delete any personal data that APPs or players store within the device before disposing of it or giving it to third parties.

PURPOSE OF PROCESSING

Personal data are processed for the following purposes:
1. authorize access to the Reserved Area and provide the required services, maintain and manage the account created;
2. notify the person concerned that content and documents of interest are available in the Restricted Area;
3. provide customer support on its products/services;
4. to fulfill all legal obligations to the same connected with the related administrative, accounting, tax and financial processes related to the delivery of the product or service provided;
5. in case of loss of login credentials, activate the procedure that allows password recovery and reset;
6. to protect contractual rights and pursue the legitimate interests of the Owner, including, where appropriate – to assert or defend a right in court;
7. process requests for information regarding the products/services offered and any commercial or other requests made by filling out the forms;
8. allow the online purchase of products/services and conclusion of the purchase contract through e-commerce;
9. process reporting and internal controls;
10. ensure security within the website and the LISCIANIGIOCHI APP Ecosystem, manage and block fraudulent or illegal uses;
11. allow the use of APPs available in the LISCIANIGIOCHI Ecosystem (it should be noted that for the use of camera and voice recorder is the prior consent of the user.

LEGAL BASIS.

With reference to the processing of personal data for the purposes described in the previous point, the legal bases are:
– the performance of a contract or pre-contractual measures (Art. 6 par.1.b of the GDPR) for purposes 1, 2, 3, 5, 7, 8, 11;
– the fulfillment of legal obligations (Art. 6 par.1.c of the GDPR) for purposes 4, 9;
– the pursuit of the legitimate interest of the Data Controller (Art. 6 par.1.f of the GDPR) for purposes 6, 10.

RECIPIENTS AND CATEGORIES OF RECIPIENTS

Personal data processed by the Holder are not disseminated.
They may, however, be communicated to external parties designated as Data Processors (such as third party technical service providers, hosting providers, IT companies, communication agencies, postal couriers, providers of website management and development services, server and network support and maintenance services, online shop infrastructure provider, customer support services suppliers who develop, manage and maintain the ecosystem APP LISCIANIGIOCHI and who deal with the registration of users) or to persons authorized to process as operating under the authority of the data controller, or other persons involved in the organization of this website (administrative, sales, marketing, legal, system administrators).
Finally, they may be communicated to the subjects entitled to access them by virtue of provisions of law, regulations, EU regulations. For the needs of compliance with regulatory obligations or to ascertain responsibility in case of computer crimes against the site, the data may be communicated to, or allocated at, third parties.
For credit card data, the Stripe platform is used (https://stripe.com/it), the data are not processed by Liscianigiochi Spa, but only by said platform. For transactions carried out by the User / Interested Party through the Stripe platform, see the information: https://stripe.com/it.
The updated list of Responsible Parties can always be requested from the Data Controller.

TRANSFER ABROAD

Data are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located, therefore the Data Controller does not transfer this personal data to third countries or to international organizations outside the EU.
However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR. The equivalent levels of protection adopted for the processing of personal data of its employees will be required for the processing of the information and data that may be communicated to these parties. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and regulatory instruments will be applied.

DURATION OF TREATMENT

The Data Controller retains and processes personal data for the time necessary to fulfill the stated purposes, i.e., for the period for which the Data Controller will keep the service active.
Specifically:
– registration data will be processed until the closure of the account, taking into account the technical time required for the same;
– data processed for legal obligations, will be kept for 10 years, from the end of the contractual relationship;
– the data processed for the performance of pre-contractual activities, in case of non-finalization of the purchase, will be deleted after 5 months of data acquisition;
– data voluntarily provided by the user by filling out the form in the “Contact” area, i are kept for a maximum of 12 months or for the duration of the warranty on the products (as requests may also refer to technical assistance on the products during the warranty period);
– in the case of court litigation, throughout the duration of the litigation, until the time limits for appeal actions are exhausted;
– registered user and player profile information will be retained for as long as the LISCIANIGIOCHI APPs are used, plus 12 months, unless it is necessary to retain it longer to fulfill fiscal or legal obligations incumbent upon us or to address claims. APP users are those who use the LISCIANIGIOCHI device at least once within a 12-month period (“active accounts”). If the device is not used for a consecutive 12-month period (“inactive account”), a notice email sent by LISCIANIGIOCHI will inform the user that all of his/her data will be deleted upon the expiration of an additional 30 days of inactivity; a new access of the device to LISCIANIGIOCHI APPs will again qualify the account as active for an additional 12 months;
– log records are retained for up to 6 months.
After these terms have elapsed, the data will be deleted or transformed into anonymous form, unless their further storage is necessary to fulfill contractual obligations that have arisen, legal obligations or to comply with orders issued by Public Authorities and/or Supervisory Bodies, as well as to prevent fraudulent activities or in case of litigation.

METHODS AND NATURE OF THE CONFERMENT
The data are collected and recorded lawfully and fairly for the purposes indicated above in accordance with the principles and requirements of Article 5 par. 1 of the GDPR.
The processing of personal data is carried out using manual, computer and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure their security and confidentiality.
The conferment of data for the aforementioned purposes is entirely optional. Any refusal by the interested party to provide personal data, lack of consent or its revocation for one or more purposes, will result in the impossibility of using the services related to them.
Failure to provide it may result in the impossibility of receiving the services requested or the impossibility of accessing the LISCIANIGIOCHI APP Ecosystem and making full use of the device.

---

SECURITY MEASURES
The transfer, storage and processing of the Data Subject’s data collected through the website are ensured through the appropriate technical and security measures. Some of the main security measures are that:
– all of the Data Subject’s information is protected with the access keys that the user has chosen himself, passwords are not recorded in plain text;
– the website is equipped with HTTPS encrypted connection;
– a secure e-commerce platform is used, with built-in security protocols;
– complex passwords are used;
– Data Subjects’ data are collected, stored and maintained on a secure server, protected by firewalls and physically located in an access-controlled web farm located in the EU.

RIGHTS OF INTERESTED PARTIES

In accordance with, within the limits and under the conditions provided for by the legislation on personal data protection regarding the exercise of the rights of the Data Subjects (Articles 15 to 22), with regard to the processing operations covered by this notice, as a data subject, users may exercise certain rights with reference to the data processed by the Data Controller.

In particular, the Interested Party has the right to:

– Revocation of consent at any time

– Opposition to the processing of one’s own data

– Access to your Data

– Verification and rectification

– Limitation of treatment

– Deletion or removal of one’s personal data

– Portability

In addition, the data subject has the right to lodge a complaint with the relevant Data Protection Supervisory Authority or take legal action if he or she believes that the processing operations concerning him or her violate the rules of the GDPR, pursuant to Article 77 of the GDPR.

The data subject may revoke any consent given at any time.

How to exercise rights

If you would like to request further information about the processing of your personal data or for the possible exercise of your rights, you may contact us in writing at [email protected] using the appropriate “Rights Exercise Form“. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

AUTOMATED PROCESS

Under no circumstances, with respect to the processing operations below, does the Controller carry out any processing that consists of automated decision-making on the data of natural persons.

CHANGES TO THESE PRIVACY POLICIES

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users via email and on the Website. The Data Controller will collect the consent of the Data Subject again, if necessary.
Last modified: 21/06/2024

DATA CONTROLLER AND CONTACT INFORMATION

LISCIANI GIOCHI S.P.A. is the Data Controller of personal data processed through the website www.liscianigiochi.com and within the LISCIANIGIOCHI App Ecosystem.
The registered office is in Via Giacomo Ruscitti, Zona Ind.le Sant’Atto, 64100 Teramo (Te), P.IVA 00723030672. For all privacy issues you can contact the following email address:[email protected] the telephone number tel. +39 0861 2311.
The institutional website has the following address: https: //www.liscianigroup.com

DESCRIPTION OF THE PROCESSING AND CATEGORIES OF THE INTERESTED PARTIES
The personal data of newsletter subscribers are collected through the subscription form to the same.
The processing is carried out in full compliance with applicable legislation, ensuring the security, confidentiality and protection of the data it holds and the fundamental rights and freedoms that are recognized, in accordance with the rules set by the GDPR.

TYPES OF DATA COLLECTED AND ORIGIN OF DATA

The personal data processed are those voluntarily provided by the user by filling out the online forms by subscribing to the newsletter. Only the EMAIL of the data subject is collected.

PURPOSE OF PROCESSING

1. Newsletter/direct marketing activities of the Data Controller: by registering for the newsletter, the data subject’s email address is automatically added to a mailing list to which emails containing informational messages, including those of a technical, commercial, promotional and/or marketing nature, may be sent periodically.
2. Customer satisfaction surveys: personal data are processed for the purpose of sending customer satisfaction questionnaires via e-mail.

LEGAL BASIS.

The legal basis for the processing is consent given by declaration regarding the sending of newsletters and sending of satisfaction questionnaires (Art. 6(1)(a) GDPR). With reference to Article 7 of the GDPR, the data subject may revoke any consent given at any time. Revocation of consent, which can be done through the appropriate link in the footer of the email newsletter, results in the suspension of the sending of the newsletter. Any revocation does not affect the lawfulness of the processing given before the revocation.

RECIPIENTS AND CATEGORIES OF RECIPIENTS

Personal data processed by the Holder are not disseminated.
They may, on the other hand, be disclosed to external parties designated as Data Processors (such as third-party technical service providers, hosting providers, IT companies, communications agencies, website management and development service providers, server and network support and maintenance service providers, newsletter management platform providers) or to parties authorized to process the data because they operate under the authority of the data controller, or other parties involved in the organization of this website (administrative, sales, marketing, legal, system administrators).
Finally, they may be communicated to the subjects entitled to access them by virtue of provisions of the law, regulations, EU regulations. For the needs of compliance with regulatory obligations or to ascertain responsibility in case of computer crimes to the detriment of the site, the data may be communicated to, or allocated at, third parties.
The updated list of Data Processors can always be requested from the Data Controller.
In particular, the infrastructure for managing and sending newsletters is entrusted to Brevo Sas, registered office at 55 rue d’Amsterdam, 75008 Paris, France.

TRANSFER ABROAD

Data are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located, therefore the Data Controller does not transfer this personal data to third countries or to international organizations outside the EU.
However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR. The equivalent levels of protection adopted for the processing of personal data of its employees will be required for the processing of the information and data that may be communicated to these parties. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the prescribed regulatory tools will be applied.

DURATION OF TREATMENT

The Data Controller retains and processes personal data for the time necessary to fulfill the stated purposes, i.e., for the period for which the Data Controller will keep the service active, unless the data subject revokes consent. In each message the User will be reminded that he/she has the option to unsubscribe from the service with a special link in the footer of each email.

METHODS AND NATURE OF PROVISION
The data are collected and recorded lawfully and fairly for the purposes indicated above in accordance with the principles and requirements of Article 5 par. 1 of the GDPR.
The processing of personal data is carried out using manual, computer and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure their security and confidentiality.
The provision of data for the above purposes is entirely optional. Any refusal by the person concerned to provide personal data, lack of consent or His revocation for one or more purposes will result in the impossibility of using the services related to them, or the impossibility of receiving the newsletter.

---

SECURITY MEASURES
The transfer, storage and processing of the Data Subject’s data collected through the website are ensured through the appropriate technical and security measures. Some of the main security measures are that:
– all of the Data Subject’s information is protected with the access keys that the user has chosen himself, passwords are not recorded in plain text;
– the website is equipped with HTTPS encrypted connection;
– a secure e-commerce platform is used, with built-in security protocols;
– complex passwords are used;
– Data Subjects’ data are collected, stored and maintained on a secure server, protected by firewalls and physically located in an access-controlled web farm located in the EU.

AUTOMATED PROCESS

Under no circumstances, with respect to the processing operations below, does the Controller carry out processing that consists of decisions based on automated processes on individuals’ data.

RIGHTS OF INTERESTED PARTIES

In accordance with, within the limits and under the conditions provided for by the legislation on personal data protection regarding the exercise of the rights of the Data Subjects (Articles 15 to 22), with regard to the processing operations covered by this notice, as a data subject, users may exercise certain rights with reference to the data processed by the Data Controller.

In particular, the Interested Party has the right to:

– Revocation of consent at any time

– Opposition to the processing of one’s own data

– Access to your Data

– Verification and rectification

– Limitation of treatment

– Deletion or removal of one’s personal data

– Portability

In addition, the data subject has the right to lodge a complaint with the relevant Data Protection Supervisory Authority or take legal action if he or she believes that the processing operations concerning him or her violate the rules of the GDPR, pursuant to Article 77 of the GDPR.

The data subject may revoke any consent given at any time.

How to exercise rights

If you would like to request further information about the processing of your personal data or for the possible exercise of your rights, you may contact us in writing at [email protected] using the appropriate “Rights Exercise Form“. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

CHANGES TO THESE PRIVACY POLICIES

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users via email and on the Website. The Data Controller will collect the consent of the Data Subject again, if necessary.
Last modified: 21/06/2024

DATA CONTROLLER AND CONTACT INFORMATION

LISCIANI GIOCHI S.P.A. is the Data Controller of personal data processed through the website www.liscianigiochi.com and within the LISCIANIGIOCHI App Ecosystem.
The registered office is in Via Giacomo Ruscitti, Zona Ind.le Sant’Atto, 64100 Teramo (Te), P.IVA 00723030672. For all privacy issues you can contact the following email address:[email protected] the telephone number tel. +39 0861 2311.
The institutional website has the following address: https: //www.liscianigroup.com

DESCRIPTION OF THE PROCESSING AND CATEGORIES OF THE INTERESTED PARTIES
The processing of your personal data, as a potential customer/supplier and/or customer/supplier of goods and services, will be carried out in compliance with the security measures set out in Article 32 of the EU Regulation 2016/679.
The management of the contractual relationship with customers/suppliers (mainly legal persons) necessarily involves the processing of personal data (identification, telephone numbers, email) relating to the persons with whom you come into contact. Therefore, this notice is given to individuals working with clients/suppliers. In view of the difficulty of getting it directly to the data subjects, the information notice is made available to them on the website of the Data Controller, with a request to notify the data subjects.
The data subjects involved in the processing activities are the natural persons who, in the employment or other nature of relationship with the legal persons customers/suppliers, operationally are involved in commercial, pre-contractual and contractual communications. In addition, natural person clients/suppliers, consultants, freelancers or sole proprietorships may also be processed.

TYPES OF DATA PROCESSED

Personal data processed are identifying data (e.g., first name, last name, company name, address, telephone, e-mail, bank and payment references).

PURPOSE OF PROCESSING

Data are processed for the management of customers and suppliers , more specifically for:
1. concluding contracts for the services/products of the Owner or supplier; fulfilling pre-contractual, contractual and tax obligations arising from existing relationships;
2. fulfilling obligations under the law;
3. exercising the Owner’s rights, e.g. the right to defense in court and management of litigation;
4. commercial communications and marketing.

LEGAL BASIS.

– For the purposes set out in point 1: the processing is necessary for the performance of a contract to which the data subject is party or the execution of pre-contractual measures taken at the request of the data subject (Art. 6 par.1 lett. b) of the GDPR).
– For the purpose set forth in point 2: The processing is necessary to comply with a legal obligation to which the data controller is subject. (Art. 6 par.1(c) of the GDPR).
– For the purpose stated in point 3: the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties (Art. 6 par.1(f) GDPR).
– For the purpose stipulated in item 4: consent of the data subject.

RECIPIENTS AND CATEGORIES OF RECIPIENTS

The personal data processed by the Data Controller are not disseminated, i.e. they are not made known to unspecified parties, in any possible form, including making them available or simply consulting them. They may, on the other hand, be communicated to workers working in the employ of the Data Controller, to external subjects who collaborate with it designated as Data Processors or authorized to process them as they operate under the authority of the Data Controller.
They may also be communicated, to the extent strictly necessary, to subjects who for the purpose of fulfilling your requests must supply goods or perform services or services on behalf of the Data Controller. Finally, they may be communicated to the subjects entitled to access them by virtue of provisions of the law, regulations, EU regulations, such as: credit institutions, forwarding agents, our accountants and lawyers, hardware and software maintenance companies.
Specifically, based on their roles and job duties, workers have been empowered to process your personal data, within the limits of their competence and in accordance with the instructions given to them by the Data Controller.
An up-to-date list of Data Processors can always be obtained from the Data Controller.
This is without prejudice to LISCIANI GIOCHI S.P.A.’s obligation to communicate the data to Public Authorities upon specific request.

TRANSFER TO FOREIGN COUNTRIES
Data are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located, so the Data Controller does not transfer this personal data to third countries or to international organizations.
However, the Data Controller reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR. The equivalent levels of protection adopted for the processing of personal data of its employees will be required for the processing of the information and data that may be communicated to these parties. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the regulatory tools provided by Chapter V of the GDPR will be applied.

DURATION OF TREATMENT

Data collected for the stated purposes will be retained for the duration of the contract and, after termination of the contract, for 10 years. In the case of litigation, the Data will be retained for the duration of the litigation, until the time limit for appeal actions is exhausted.

METHODS AND NATURE OF THE PROCESSING
Your data are collected and recorded lawfully and fairly for the purposes indicated above in compliance with the principles and requirements of Article 5 par. 1 of the GDPR.
The processing of personal data is carried out using manual, computerized and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure their security and confidentiality.
For the data collected and used for needs attributable to the above-mentioned purposes, your consent is not required.
The communication of personal data for the purposes referred to in this statement and their processing are necessary for the conclusion and execution of the contract and, consequently, the failure to communicate or incomplete communication of the same determines the impossibility of following up the relationship in question.

RIGHTS OF INTERESTED PARTIES

In accordance with, within the limits and under the conditions provided for by the legislation on personal data protection regarding the exercise of the rights of the Data Subjects (Articles 15 to 22), with regard to the processing operations covered by this notice, as a data subject, users may exercise certain rights with reference to the data processed by the Data Controller.

In particular, the Interested Party has the right to:

– Revocation of consent at any time

– Opposition to the processing of one’s own data

– Access to your Data

– Verification and rectification

– Limitation of treatment

– Deletion or removal of one’s personal data

– Portability

In addition, the data subject has the right to lodge a complaint with the relevant Data Protection Supervisory Authority or take legal action if he or she believes that the processing operations concerning him or her violate the rules of the GDPR, pursuant to Article 77 of the GDPR.

The data subject may revoke any consent given at any time.

How to exercise rights

If you would like to request further information about the processing of your personal data or for the possible exercise of your rights, you may contact us in writing at [email protected] using the appropriate “Rights Exercise Form“. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

AUTOMATED PROCESS

Under no circumstances, with respect to the processing operations below, does the Controller carry out processing that consists of decisions based on automated processes on individuals’ data.

CHANGES TO THIS PRIVACY POLICY
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users via email and on the Website. The Data Controller will collect the consent of the Data Subject again, if necessary.
Last modified: 09/12/2021

DATA CONTROLLER AND CONTACT INFORMATION

LISCIANI GIOCHI S.P.A. is the Data Controller of personal data processed through the website www.liscianigiochi.com and within the LISCIANIGIOCHI App Ecosystem.
The registered office is in Via Giacomo Ruscitti, Zona Ind.le Sant’Atto, 64100 Teramo (Te), P.IVA 00723030672. For all privacy issues you can contact the following email address:[email protected] the telephone number tel. +39 0861 2311.
The institutional website has the following address: https: //www.liscianigroup.com

DESCRIPTION OF THE PROCESSING AND CATEGORIES OF INTERESTED PARTIES
LISCIANI GIOCHI S.P.A. informs you that it may process your personal data for pre-selection and personnel selection activities, through CV analysis and cognitive interviews.
In particular, the interested parties in the processing activities are individuals who send their Curriculum Vitae either spontaneously, or to apply for open positions. Collection is done through spontaneous sending of the cv, through the website or through recruitment agencies.
The candidate is asked not to include data of special or judicial categories in the CVs, which are not strictly necessary, otherwise the same cannot be processed. CVs sent spontaneously will, if deemed not of interest, be destroyed and not stored; otherwise, on the other hand, the candidate will be promptly asked about the request to store the CV on electronic/paper media and will be provided, in addition, with this notice.

TYPES OF DATA PROCESSED AND ORIGIN OF DATA

Personal data processed: Name, address or other personal identification, Declared profession, Professional quality certificates, Tax code and other personal identification numbers, Photo, Residential address, E-mail address, Education and culture, Work (current, previous occupation, resume, etc.),
The data are partly collected from the data subject and partly collected from third parties.

PURPOSE OF PROCESSING

1. manage the evaluation of his or her CV;
2. schedule and manage selection interviews, including interactive or group interviews;
3. prepare documents for hiring.

LEGAL BASIS.

For Purposes 1, 2, 3: Processing is necessary for the performance of a contract to which the data subject is a party or the execution of pre-contractual measures taken at the request of the data subject.
In the event that the candidate spontaneously includes in the CV the membership of protected categories, the prerequisite for processing, if any, such data of a “particular” nature, is that the data be rendered directly by the data subject. Their processing could be provided to fulfill the obligations and exercise the specific rights of the data controller or the data subject in the field of labor and social security law and social protection.

RECIPIENTS AND CATEGORIES OF RECIPIENTS

The personal data processed by the Data Controller are not disseminated.
They may, however, be communicated to the employees working in the employ of the Data Controller, to external parties who collaborate with it designated as Data Processors or authorized to process as operating under the authority of the Data Controller. All employees, consultants, temporary workers and/or other subjects who carry out their activities on the basis of the instructions received by LISCIANI GIOCHI S.P.A., pursuant to art. art. 29 of the GDPR, are designated as “Authorized Data Processors”. To the same, LISCIANI GIOCHI S.P.A. gives adequate operating instructions, with particular reference to the adoption and observance of security measures, in order to be able to guarantee the confidentiality and security of the data.
The data may be communicated to companies and professionals, Data Processors appointed by LISCIANI GIOCHI S.P.A. or are themselves Data Controllers of the personal data transmitted to them.
The updated list of Data Controllers may always be requested from the Data Controller.
The obligation of LISCIANI GIOCHI S.P.A. to communicate the data to Public Authorities upon specific request remains unaffected.

TRANSFER TO FOREIGN COUNTRIES
The data are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located, so the Data Controller does not transfer this personal data to third countries or to international organizations.
However, it reserves the possibility of using cloud services; in which case, the service providers will be selected from among those who provide adequate guarantees, as provided for in Article 46 GDPR. The equivalent levels of protection adopted for the processing of personal data of its employees will be required for the processing of the information and data that may be disclosed to these parties. In any case, only data necessary for the pursuit of the intended purposes will be communicated and the regulatory tools provided by Chapter V of the GDPR will be applied.

DURATION OF TREATMENT

The processing will have a duration no longer than necessary for the purposes for which the data were collected, and will be kept up to a maximum for the 24 months, starting from the time when the same gave it.

METHODS AND NATURE OF DATA PROCESSING
Your data are collected and recorded lawfully and fairly for the purposes indicated above in compliance with the principles and requirements of Article 5 c 1 of the GDPR.
The processing of personal data is carried out using manual, computer and telematic tools with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure their security and confidentiality.
For data collected and used for needs attributable to the execution of activities inherent to the contractual relationship and compliance with the legal obligations indicated, your consent is not required. Failure to provide the aforementioned personal data will result in the impossibility of following up on the relationship in question. For data collected and used for the legitimate interest of the Data Controller, Your consent is not required (lett. f, art. 6, of the GDPR). The communication of the above personal data is optional but necessary for the performance of the services offered by the Data Controller. Any refusal to communicate such data will result in the inability to provide all or part of the services requested.

SECURITY MEASURES
The transfer, storage and processing of the Data Subject’s data collected through the website, are ensured through the appropriate technical and security measures, specifically:
All the Data Subject’s information is protected with the access keys that the user has chosen himself/herself, passwords are not recorded in plain text.
The site has an HTTPS encrypted connection.
A secure e-commerce platform with built-in security protocols is used.
Complex passwords are used.
Data Subjects’ data are collected, stored and maintained on a secure, firewall-protected server physically located in an access-controlled web farm located in the EU.

RIGHTS OF INTERESTED PARTIES

In accordance with, within the limits and under the conditions provided for by the legislation on personal data protection regarding the exercise of the rights of the Data Subjects (Articles 15 to 22), with regard to the processing operations covered by this notice, as a data subject, users may exercise certain rights with reference to the data processed by the Data Controller.

In particular, the Interested Party has the right to:

– Revocation of consent at any time

– Opposition to the processing of one’s own data

– Access to your Data

– Verification and rectification

– Limitation of treatment

– Deletion or removal of one’s personal data

– Portability

In addition, the data subject has the right to lodge a complaint with the competent Data Protection Supervisory Authority or take legal action if he or she believes that the processing operations concerning him or her violate the rules of the GDPR, pursuant to Article 77 of the GDPR.

The data subject may revoke any consent given at any time.

How to exercise rights

If you would like to request further information about the processing of your personal data or for the possible exercise of your rights, you may contact us in writing at [email protected] using the appropriate “Rights Exercise Form“. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

AUTOMATED PROCESS

Under no circumstances, with respect to the processing operations below, does the Controller carry out processing that consists of decisions based on automated processes on individuals’ data.

CHANGES TO THIS PRIVACY POLICY
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users via email and on the Website. The Data Controller will collect the consent of the Data Subject again, if necessary.
Last modified: 09/12/2021