La Marzocco S.r.l. (hereinafter, “Data Controller”), pursuant to art. 13 of Regulation (EU) 2016/679, below provides information relating to the processing of personal data (hereinafter, “Data”), carried out in the context of registration and use – by the user (hereinafter, “User”) – of the Marketing Center Platform (hereinafter, “Platform”), accessible through the address: https://international.lamarzocco.com/en/mktcenter/register-member/
Data Controller and Data Protection Officer (DPO)
The Data Controller is La Marzocco S.r.l., with registered office in Viale Giacomo Matteotti 25, Florence, tax number and VAT number 04040140487. The Data Controller can be contacted at the following e-mail address: email@example.com.
The Controller has appointed a Data Protection Officer (“DPO”), who can be contacted at the following email address: firstname.lastname@example.org.
Categories of personal data we process
Data that is gathered and processed by La Marzocco S.r.l. due to registration and use by the User of the Marketing Center Platform belong to the category “personal data”. Among these, in particular: name, surname, country of origin, e-mail address, username and password.
Purposes of the processing
The processing of your Data takes place to verify your request for authorization to access the platform and, if authorized, proceed with the registration on the platform as well as the subsequent use of the same (for example, to consult the documents that the Data Controller will publish within it, which may be useful to learn about the company).
The above-mentioned processing activity is lawful as it is necessary to respond to your request for registration on the Platform, pursuant to art. 6, paragraph 1, letter b) of the GDPR.
Nature of the provision of data
The provision of Data is mandatory for registration and to use the services on the Platform. Your refusal to provide the Data, therefore, would disallow your registration and use of the Platform itself.
Data Retention Period
The User’s Data – gathered and processed when registering and using the Platform – are kept by the Data Controller for the entire duration of registration on the Platform itself. The Data is then deleted from the moment the User unsubscribes from the Platform or, in the case of employees, until the duration of the employment relationship. The data of users who, following verification, are not enabled for access are kept for one year.
The Data may be disclosed to subjects operating as independent data controllers (such as, by way of example, the Supervisory and Control Authority and any public entity entitled to request them). The Data could also be viewed and processed by subjects external to La Marzocco S.r.l. who, on its behalf, carry out services as data processors, for example, maintenance services of the Platform or the website.
Authorised data processors
Data can be processed by the Company’s personnel and by operators in charge of fulfilling the above-mentioned purposes, who have been expressly authorized to process Data by the Controller, have received proper operating instructions and are bound to professional secrecy.
Transfer of Data abroad
Some personal data is shared with Recipients that could be based outside the European Economic Area. La Marzocco assures that the processing of the Data by the Recipients in question is carried out in compliance with the GDPR. Transfers can actually be based on an adequacy decision, on the Standard Contractual Clauses approved by the European Commissions or on other appropriate legal grounds. For further information please contact the Controller, by sending an email to the address email@example.com.
Rights of the data subject
At any time, you can request the following by contacting the Data Controller at firstname.lastname@example.org:
• Access to Data concerning you (Article 15 of the GDPR);
• Data rectification and integration (Article 16 of the GDPR);
• Data erasure (Article 17 of the GDPR);
• Restriction of processing (Article 18 of the GDPR);
• Receipt of the Data itself in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit the Data to another Data Controller without hindrance (“right to data portability”, art. 20 GDPR).
You also have the right to lodge a complaint with the competent supervisory authority, pursuant to art. 77 of GDPR, if you believe that the processing of your Data is in conflict with the regulations in force.