GRAZE App Store

PRIVACY NOTICE "GRAZE"

DATA CONTROLLER

The data controller is Damiano Petrungaro (hereinafter, "Controller"), who can be contacted at the following email address: vgv vev vtv vgv vrv vav vzv vev v@v vgv vmv vav viv vlv v.v vcv vov vmv

The Controller will process the personal data of users who will use the "Graze" application (hereinafter, individually "Data Subject" or, jointly, "Data Subjects").

CATEGORIES OF PERSONAL DATA PROCESSED

The personal data (hereinafter, "Data") being processed are the following:

The Controller does not request to process additional Data and, therefore, refrains from processing any additional personal information provided by the Data Subject, if possible also deleting/destroying anything that is not actually necessary with respect to the purposes described below.

SOURCE OF PERSONAL DATA

The Data will be collected directly from the Data Subject at the time of registration or, additionally, during the use of the "Graze" application.

PURPOSES OF PROCESSING AND RETENTION PERIOD OF PERSONAL DATA

The Data will be processed by the Controller for the following purposes:

1. Purposes based on the Data Subject's consent

  1. Registration and use of the "Graze" application;
  2. Publication of reviews, which may contain photographic material.

The Data processed for the purposes mentioned above in letters a) and b) will be retained until consent is withdrawn and, in any case, within 24 months from its collection unless the Data Subject renews it.

2. Purposes for the protection of legitimate interest

  1. Bug management;

The Data processed for purpose c) will be retained for 6 months from the resolution of the bug.

Note: If it becomes necessary to ascertain, exercise, or defend the Controller's rights in court, the retention period may extend until the end of the litigation.

After the above retention periods have elapsed, the Data will be destroyed, deleted, or anonymized by the Controller.

LEGAL BASIS FOR PROCESSING

The processing of Data is based on the following legal grounds:

  1. Data Subject's consent (Art. 6, par. 1 let. a), of GDPR);
  2. Controller's legitimate interest (Art. 6, par. 1 let. f), of GDPR).

NATURE OF PERSONAL DATA PROVISION

The provision of Data by the Data Subject for the purposes mentioned above in letters a) and b) is optional; however, failure to provide such Data will not allow the Data Subject to register and, therefore, use the "Graze" application.

The provision of Data by the Data Subject for the purpose mentioned above in letter c) is necessary for the resolution of bugs that have occurred and to ensure the efficient operation of the "Graze" application.

METHODS OF PROCESSING PERSONAL DATA

The Data will be processed electronically, carrying out any appropriate operation in compliance with applicable regulatory provisions.

CATEGORIES OF RECIPIENTS OF PERSONAL DATA

The Data acquired by the Controller, within the scope of the purposes mentioned above, may be communicated and/or disclosed to subjects who collaborate in any capacity with the Controller for the achievement of the above purposes.

The complete and updated list of independent data controllers, data processors, and recipients of Data (pursuant to Art. 4, n. 9, of GDPR) will be made available upon request using the contact details provided in the "DATA CONTROLLER" paragraph above.

TRANSFER OF PERSONAL DATA OUTSIDE THE EEA

The Controller may transfer the Data to third parties as independent data controllers or data processors to allow the performance of the activities listed in this Notice. In case such transfer occurs to countries that do not provide the same level of protection provided by applicable law or, in any case, an adequate level of Data protection, the Controller ensures that each of these recipient subjects assumes specific contractual obligations in accordance with applicable data protection regulations (including the signing of Standard Contractual Clauses approved by the European Commission), unless the Controller can refer to any other legal basis for the transfer of such information.

In any case, the Data Subject may always request more information regarding the transfer of their Data by writing to the email address provided in the "DATA CONTROLLER" paragraph above.

Personal Data will not be disseminated, therefore will not be made available to indeterminate subjects.

RIGHTS OF THE DATA SUBJECT

The Data Subject, in relation to the Data provided, has the right to exercise at any time and based on the provisions of the GDPR the rights established by the latter and listed below:

RIGHT OF OBJECTION (ART. 21 OF GDPR)

The Data Subject also has the right to object (Art. 21 of GDPR) at any time, on grounds relating to their particular situation, to the processing of Data concerning them where it is based on legitimate interests (Art. 6, par. 1 let. f), of GDPR), as indicated in the previous paragraph.

RIGHT TO LODGE A COMPLAINT (ART. 77 OF GDPR)

If the Data Subject believes that their rights have been compromised or violated, or that the processing of their Data is contrary to current regulations, they have the right to lodge a complaint with the Data Protection Authority according to the procedures indicated at the following link:

https://www.garanteprivacy.it/diritti/come-agire-per-tutelare-i-tuoi-dati-personali/reclamo

CHANGES AND UPDATES

The Controller may make changes and/or additions to this privacy notice, including as a consequence of any subsequent regulatory changes and/or additions. In such cases, the new version of this privacy notice will be communicated as soon as possible in a manner designed to reach the Data Subject as quickly as possible.