This page describes how the https://hlpy.co/ website ("Site") of hlpy is managed with regard to the processing of personal data of users who navigate on it. The information is provided only for the Site of hlpy S.p.A.. ("hlpy", "We" or "Company") and not also for other websites that may be consulted by the user.
Who is the Data Controller?
The Company, with registered office at Via Abbadesse 20, 20124 (MI), Milan, as data controller has appointed a Data Protection Officer ("DPO"). Data subjects may contact the DPO by writing to email@example.com.
How and what personal data do we collect and how do we use them?
This Site acquires personal data ("Data") as part of its normal operation, the transmission of which is an integral part of Internet communication protocols, together with information voluntarily provided by the user in the context of browsing (e.g. sending information requests).
Data collected when browsing the Site
The Site, also thanks to the use of so-called technical cookies, may allow the user to be identified as a result of his/her browsing by collecting certain personal information such as the IP addresses or domain names of the computers used by the users who connect to the Site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, a numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.) and other parameters relating to the user's operating system and computer environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, based on our legitimate interest within the meaning of Article 6(1)(f) of the General Data Protection Regulation - Regulation (EU) 2016/679 ("GDPR").
The Data could be used to ascertain liability in the event of computer crimes against the Site or at the request of the authorities.
Data provided voluntarily by the user
In the event of requests for information from interested parties made using the e-mail address indicated on the hlpy Site, we collect User Data (contact data, data relating to communications made and data contained in related requests or interaction with hlpy resulting from such requests) in order to fulfil the User's request.
In the event that the user is a rescuer, we may process the Data in order to allow him/her to apply to join the hlpy network. In this case, we will collect data relating to the rescuer's activity using the form on the Site.
For what purposes do we process Data?
We use the Data collected for the administration of requests sent to hlpy via the Site, to ensure the proper functioning of the Site and to analyse how to improve the user experience .
The purposes are listed in more detail in the table below.
Browsing data: the IP address or domain name of the computers used by users connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, as well as certain information such as the time of the request, the method used to submit the request to the server, the size of the file obtained in response, a numerical code indicating the status of the response given by the web server and other parameters relating to the user's operating system and computer environment.
Purpose of processing:
Enabling users to navigate the Site.
Legal basis for processing:
The processing is necessary to enable the Site to be navigated, in execution of a user request.
Contact and user information on the Site: Data such as your first and last name, e-mail address, telephone number if issued, and any communication or iteration that you establish with us, using the e-mail address indicated on the Site.
To communicate with the user and answer questions and requests for information that may be addressed to hlpy.
The Data processed for the handling of requests are collected in order to fulfil the requests made by users.
Information provided by social networks. Hlpy maintains a profile on LinkedIn, which is also accessible through the plug-in on the Site. When users interact with hlpy's LinkedIn page as a member of the social network and in accordance with the contractual terms set out therein, and in accordance with the data sharing rules set by the user registered on LinkedIn, we may process information resulting from the user's interaction with our page).
We use this information to communicate or interact with you on the social network, to better understand the characteristics of our visitors. The data we receive depends on the privacy settings you have activated with your social network. Before linking or linking to our website or service, we suggest that you periodically review and, if necessary, change your privacy settings on third party websites and social networks and services.
The processing is necessary to pursue our legitimate interest, in particular to improve our service.
Information on fraudulent or criminal activities carried out on the Site.
We will use information about fraudulent or criminal activity related to the use of the Site for the purposes of detecting and and prevention of fraud or abuse.
The processing is necessary for our legitimate interest, i.e. for the detection and prevention of fraud.
Data collected as part of the application to join the hlpy network: contact details of the legal representative/contact point, information on the type of services offered, availability of vehicles and drivers, schedules observed, possible certifications.
Receive and manage applications from rescuers wishing to join the hlpy network.
The processing is necessary for the handling of applications for membership of rescuers, for the execution of pre-contractual measures taken at the request of the data subject.
With whom do we share user information?
Users' Data may be processed by the suppliers hlpy uses, who act as data processors for the maintenance of the Site.
Data will also be disclosed to the competent authorities and/or law enforcement agencies if required for the above purposes, by law or for the protection of our legitimate interests in accordance with applicable laws.
In addition, in the event of corporate transactions involving the sale, transfer or other form of operation involving hlpy , the Data may be made available, to the extent necessary for the activities preliminary and subsequent to such transactions, to third parties involved in the management of the relevant transactions for the necessary evaluations and integration processes and to the relevant successors in title, where applicable.
The Data is stored and processed in Italy and/or in countries belonging to the European Economic Area; in particular, the servers are located in Ireland. Should the Data be shared with third parties located outside the European Economic Area for the purposes of providing the relevant services related to the Site, we will ensure that the transfer is carried out in accordance with the applicable legal provisions by entering into agreements providing an adequate level of protection and/or adopting the standard contractual clauses required by the European Commission.
What are the user's rights?
Data subjects have the right to obtain confirmation of the existence or non-existence of such Data and to know their content and origin, verify their accuracy or request their integration, updating, rectification (Articles 15 and 16 of the GDPR), namely:
Right of access. The right to obtain access to personal information about you along with certain related information;
Right to data portability. The right to receive personal information, provided by the user and processed on the basis of consent or for the performance of a contract, in a common format and to have it transferred to another data controller if necessary;
Right of rectification. The right to obtain rectification of personal data without undue delay in the event of inaccurate or incomplete personal data;
Pursuant to Articles 17, 18 and 21 of the Regulation, you have the right to request the deletion, restriction of processing, transformation into anonymous form or blocking of data processed in breach of the law, as well as to oppose in any case, for legitimate reasons, their processing, namely
Right to erasure. The right to obtain the deletion of one's personal data without undue delay in certain circumstances, such as if the personal data are no longer necessary in relation to the purposes for which they were collected or processed;
Right to restriction of processing. The right to obtain, in specific circumstances identified by applicable law, a limitation of the processing of one's own data for a specified period of time, for example when contesting the accuracy of personal data, for the time to verify the accuracy and correctness of such data.
Right to object. The right to object to the processing of one's personal data, including on the basis of legitimate interest, and to object to the processing of personal data for direct marketing purposes, insofar as this is related to such direct marketing.
The user also has the right to revoke at any time any consent given to the processing of data. The rights may be exercised by contacting the Data Controller and/or the Data Protection Officer at the following addresses:
- e-mail: firstname.lastname@example.org
- by fax to +39 02 87369735
- by post, at Via Abbadesse 20, 20124 Milan (MI)
Complaint to the Garante per la protezione dei dati personali. The data subject has the right to lodge a complaint with the Garante per la Protezione dei Dati Personali, who can be contacted at https://www.garanteprivacy.it/ if he/she considers that his/her rights have been infringed or if he/she is not satisfied with the response provided by hlpy following the exercise of his/her rights.
How long do we keep the Data?
We process the User Data for the time strictly necessary for the pursuit of the above-mentioned purposes and, thereafter, retain the Data for the following periods of time:
Data collected indirectly during browsing: Data will be processed only for the time necessary for the user to be able to browse the Site.
Requests for information: Data will only be processed for as long as is necessary for the proper handling of the request and then deleted except for reasons of protecting hlpy's rights;
Collection and management of rescuer applications: Data will only be processed for as long as is necessary for the proper management of the application; and subsequently processed for the purpose of concluding the service contract, if any.
hlpy reserves the right to store anonymised or aggregated customer information for statistical and scientific use to improve the services provided on the basis of a legitimate interest.
How do we protect User Data?
Information security is very important to us, and we have put in place safeguards to preserve the integrity and security of the information we collect and share with our Site suppliers.
However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a security breach, we will take reasonable steps to investigate the situation and, where appropriate, notify those whose information may have been compromised and take other measures, in accordance with applicable laws and regulations.