1. Who is the data controller?
The data controller, as outlined under Art. 4. co. 7, GDPR, i.e., “the natural or legal person, public authority, service or other body which alone or jointly with others determines the purposes and means of the processing (…),” is Umanagers with registered office in Via XXV Luglio, 117 – Squinzano (LE).
It will be possible to contact Umanagers at firstname.lastname@example.org or 3286986839.
2. What data will be processed and how?
Pursuant to Art. 4, co. 1, GDPR, is personal data “any information concerning an identified or identifiable natural person.”
In order for the owner to be able to proceed with processing, it will be necessary to provide some personal data, otherwise it will not be possible to benefit from the services offered.
Umanagers collects users’ personal data both directly and automatically while browsing.
The data processed will be:
– First name, last name, phone number, email address, user ID, contact information, geolocation, and other data provided by the user or account holder
– Contact information from synchronization and integration of services with other apps (e.g., calendar or address book).
– Information or images shared during videocalls, seminars or courses accessed through the platform
Your data will be processed by automated processes and computerized means in support of which adequate technical and organizational measures have been taken to prevent loss and/or destruction of data, illicit or incorrect use or unauthorized access.
The data will be stored in a cloud database that Umanagers can connect to only after authentication; all calls will be encrypted and authorized only by communication of a token and thus OTP codes that are generated on a per-session basis.
Video call recordings, images, or videos are stored in a database that can only be accessed through platform functions and authenticated sessions.
3. What is the legal basis for processing?
The use of personal data referred to in point 2 will be carried out because of the consent given by the user at the time of registration and creation of their account and until the revocation of the same.
The processing of data for the purposes of profiling and direct marketing (by which is meant the owner’s willingness to carry out marketing and/or promotional activities towards the Interested Party) will be carried out on the legal basis of Umanagers’ legitimate interest in pursuing its corporate purpose and will be retained until the same is satisfied.
4. How long will the processed data be kept?
In compliance with the principle of retention period limitation, data will be retained by Umanagers until the purposes for which they are collected are fulfilled or for a different period if regulations so provide.
It should be noted that once a user requests the deletion of their account or revokes their consent, their data will be deleted accordingly.
5. What is the purpose of the processing?
The data collected will be processed for the following purposes:
– create a network of contacts
– purchase of services
– Monitor users’ productivity levels
– Evaluate user performance
– optimize business processes
– Enable integrated training to improve productivity
– marketing activities
6. To whom will your data be disclosed?
The owner may make use of an additional figure called a “Data Processor.”
The person responsible is the one who, according to Art. 4 co. 8, GDPR, processes the data on behalf of the owner.
Umanagers may appoint data processors and also, disclose the collected data to other parties involved in the implementation of the platform or delivery of services such as lawyers, system administrators, IT or marketing and communication companies.
In addition, the platform anticipates being able to log in through one’s app account such as Facebook, Instagram and/or Tik Tok, for which permissions will be required in order to perform actions and collect information.
7. What are your rights?
At any time you can request access to or deletion of your data.
As a data subject, you can exercise the rights set forth in Articles 15-22 GDPR:
– Right of access (Art.15): the data subject has the right to request confirmation from the data controller as to whether or not personal data relating to him or her are being processed and, if so, to have access to it
– Right to rectification (Art. 16): data subjects have the right to request that their personal data be amended if they are inaccurate
– Right to erasure (or right to be forgotten – Art. 17): the data subject has the right to obtain the erasure of his or her personal data when the cases listed in the article occur including cases of withdrawal of consent or data processed unlawfully
– Right to limitation of processing (Art. 18): the data subject has the right to request the limitation of processing in the cases covered by the article, such as if the accuracy of personal data is contested or the data is necessary for the data subject to establish, exercise or defend a right in court
– Right to portability (Art. 20): data subjects have the right to receive their data from the data controller for the purpose of transmitting it to another controller
– Right to object (Art. 21): the data subject has the right to object at any time to the processing of personal data initiated by the data controller for the performance of a task carried out in the public interest or in connection with the exercise of official authority or in pursuit of a legitimate interest
– Automated decision-making (Art. 22): the data subject has the right not to be subject to a decision that is the result of automated processing (including profiling), such that it produces legal effects concerning him or her
In the event that the data subject believes that the processing violates the Data Protection Regulation, he or she may file a complaint with the Data Protection Authority under Art. 77 GDPR.
8. What is the location of the processing?
Your data will not be transferred outside the territory of the European Union.
Last updated: July 22, 2022