Privacy policy

WHAT A PRIVACY POLICY IS

This privacy policy (hereinafter “Privacy Policy”) refers to www.myfoglio.com and www.myfoglio.it website,  along with any mobile application called “myfoglio”, and also including the areas dedicated and reserved to registered users (hereinafter “myfoglio”), and sets forth the personal data processing activities carried out by myfoglio Gmbh (hereinafter the “Company”) through myfoglio, which is a property of and is managed by the Company. The Company acknowledges the importance of its users’ privacy and is committed to safeguarding it. The Company processes user’s personal data when the user enters myfoglio and/or uses the services and features provided therein.  The Privacy Policy has been drawn up in compliance with the Personal Data Protection Work Team’s Recommendations – Section 29, in relation to the minimum requirements for on-line data collection in the European Union and represents information to data subjects according to Section 13 of Legislative Decree no. 196 of 30 June 2003, as subsequently amended and supplemented (hereinafter “Privacy Code”). The Privacy Policy illustrates who the data controller is, that controls and manages personal data collected and processed through the Site, what the collected personal information is, for what purpose, and in what ways personal data are processed, the scope of their disclosure to third parties and their possible transfer abroad, the security measures adopted in order to protect these data, and the manners in which the user can verify his/her data processing, as well as exercising the rights granted by the Privacy Code.

 

HOW MYFOGLIO WORKS

myfoglio is a technological platform operating through the Internet network and mobile device applications, through which a free or upon payment service is provided to professionals or to companies, and includes:
– a tool that generates documents such as invoices, credit notes, notes and other administrative and fiscal documents;
– a non fiscal forecasting support system with reference to due taxes;
– a myfoglio internal/external messaging system;
– a sharing and cooperation tool;
– a scheduler of activities (agenda);
– an index book;
– a community tool for researching and sharing information;
– services interfaced via API for the interoperability with third-party’ system (reserved to partners and developers) trough seas interface directly from myfoglio servers spread over the territory of Switzerland.
Further information about how myfoglio works is provided in its Terms of Services (“ToS”).
Information entered by the Candidate in the on-line application form and that included in the Curriculum Vitae spontaneously submitted by the Candidate (“Personal Information”) shall be used by Coverclip for the sole and exclusive purposes described in point 4 below.
At the moment of the User’s registration on myfoglio, a dedicated personal account shall be created (“User Account”), trough which User will benefit of myfoglio services as indicated above and/or anyhow promoted by myfoglio.
Any and all User’s information provided to myfoglio, therein included information relating to taxation and accountability (“Personal Information”), shall be used by the Company for the purposes indicated hereunder.

 

WHAT DATA CAN BE PROCESSED: SENSITIVE DATA AND COMMON DATA

1. Personal Information shall include sensitive personal data and non-sensitive personal data, in pursuance of this point of this Privacy Policy. Non-sensitive personal data are the so-called common data (“Common Data”), included in the categories referred to in Section 4, paragraph 1, letters b) and c) of the Privacy Code, and generally consisting in natural individual’s identifying data such as the name, telephone number, address and work place, email, fiscal code, work experiences, education and related qualifications, etc., with the exclusion of data included in the category referred to in Section 4, paragraph 1, letter d) of the Privacy Code (“Sensitive Data”), i.e. those allowing disclosure of racial and ethnic origin, sex life, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade-unionist character, as well as personal data allowing disclosure of health conditions, and those included in the category referred to in Section 4, paragraph 1, letter e) of the Privacy Code (“Judicial Data”), i.e. those allowing disclosure of measures referred to in Section 3, paragraph 1, letters a) to o) and r) to u) of Presidential Decree no. 313 of 14 November 2002, concerning the criminal record, the offence-related administrative sanctions register, and the related current charges, or the status of being either defendant or subject of investigations pursuant to Sections 60 and 61 of Criminal Procedure Code.

2. User’ Sensitive Data and Judicial Data: in exceptional cases, with reference to particular accountability information, or contractual information, to be managed through myfoglio, User may provide to Company  Sensitive Data and Judicial Data. Should User provide to Company its Sensitive Data and Judicial Data, such a provision may be possible only after having filled in, signed and sent an e-mail at privact@myfoglio.com, the relevant Consent Form available at www.myfoglio.com, with which User warrants the Company to the use of its Sensitive Data and Judicial Data. Failure to provide such a Consent Form, duly signed, the Company shall not use User’ Sensitive Data and Judicial Data, and shall not guarantee the provision of its services. The Company shall not communicate nor disclose User’ Sensitive Data and Judicial Data, unless provided by this Privacy Policy.

3. Common Data, Sensitive Data and Judicial Data pertaining to third Parties: Users are aware that in order to collect and process User’s Common Data, Sensitive Data and Judicial Data (“Third Parties”), even if with reference to accountant purposes they are required to collect their written authorization provided by a relevant consent form, and are also required to communicate to such Third Parties their policy relating to personal data in general, in compliance with Privacy Code. Therefore, Users -by accepting this Privacy Policy and by registering its Account- state and declare to have collect any and all authorizations with reference to the use of Third Parties personal data (Common, Sensitive and Judicial), and shall indemnify and hold Company harmless from any responsibility thereof. Moreover, provided that invoices and accountant  and contractual documents are managed by myfoglio, Users appoint Myfoglio, pursuant to art. 30 of the Privacy Code, to the use of Third Parties’ Common, Sensitive and Judicial Data which Users may provide in myfoglio. The Company shall not use or communicate to any third party nor disclose Third Parties’ Common, Sensitive and Judicial Data provided by Users to myfoglio, and undertakes to manage -trough digital and manual tools such datas with the sole purpose to provide the services in favor and on behalf of the Users, filing such data, within the time limits in compliance with Privacy Code and relevant law in force, in data collectors sited in Switzerland or within the European Union, and using security systems in respect with Privacy Code (and relevant annexes). Only for technical purposes, Third Parties’ Common, Sensitive and Judicial Data, may be communicated to companies who provide technical and hosting services to myfoglio with reference to the management of the digital platform. Such third companies shall be appointed by Users in order to manage such Third Parties Data in compliance with Section 30 of the Privacy Code. To this purpose Users undertake to submit to their clients, individuals, the client privacy information available at www.myfoglio.com.

 

HOW USERS COMMON DATA CAN BE USED

Without prejudice to what provided above with reference to Users’ Sensitive and Judicial Data, and with reference to Third Parties’ Common, Sensitive and Judicial Data pursuant to art. 3.2. and 3.3. above, the management of Users’ Common Data shall be provided either manually that digitally, with the following purposes:

a) fulfillment of any and all applicable Law, regulatory and UE Law;
b) supply of myfoglio services;
c) communication relating to potential commercial activities connected to myfoglio;
d) communication of any relevant information with reference to the Company and to Company networking activities;
e) operational management of myfoglio and relevant Users’ access data, therein including security data and digital platform security.

Failure to approve this Privacy Policy, neither the Company nor the Merchant shall provide myfoglio services.

Should the User visit and consult the website www.myfoglio.com and www.myfoglio.it, the Company shall not collect any User Personal Data, except for the so called navigation data trough cookies. For more information about cookies, User is invited to consult the Cookie Policy.

 

COMMUNICATION TO THIRD PARTIES FOR MARKETING PURPOSES

Upon User’s authorization, the Company shall communicate for marketing purposes Users’ Common Data to third parties operating in one of the following product area: banking, insurance, GDO, luxury goods, clothing, legal services, real estate, web services. Failure to provide such an authorization, the Company shall not communicate such Users’ Common Data, notwithstanding that myfoglio service shall be provided.

 

WHO THE CONTROLLER OF THE USER’S PERSONAL DATA PROCESSING IS

The Controller, referred to in Section 4, point 1, letter f) of the Privacy Code, of the Users’ Common Data and/or Sensitive and Judicial Data processing provided in accordance with this Privacy Policy is myfoglio Gmbh, Via Rovio, 2c – 6826 Riva San Vitale – CHE-438.536.630 – Svizzera, email: privacy@myfoglio.com.

 

WHO THE PROCESSOR OF THE CANDIDATE’S PERSONAL DATA PROCESSING IS

The Processor, referred to in Section 29 of the Privacy Code, of Common Data and/or Sensitive and Judicial Data processing provided in accordance with this Privacy Policy is myfoglio Gmbh, Via Rovio, 2c – 6826 Riva San Vitale – CHE-438.536.630 – Svizzera, email: privacy@myfoglio.com.

 

WHO THE PERSONS IN CHARGE OF THE USERS AND THIRD PARTIES PERSONAL DATA

The Company, regardless of the failure of Users’ expressed consent, in order to provide the services connected to myfoglio, shall communicate this latter one’s Common Data and/or Sensitive and Judicial Data to the Company’s employees, collaborators, advisors that may need to know these data in relation to their tasks. These subjects shall therefore be designated by the Company as persons in charge of personal data processing in compliance with Section 30 of the Privacy Policy.
Provided the above, the User, in order to allow the Company to provide myfoglio services, shall appoint the latter as subject in charge for the treatment of Third Parties’ Common, Sensitive and Judicial Data, in compliance with Section 30 of the Privacy Code, ensuring to have collected any and all authorizations and consents of such datas by such Third Partiesin compliance with the Privacy Code, indemnifying and holding the Company harmless from any responsibilities arising from the failure to have collected such Third Parties’ authorization.

 

TERRITORY SCOPE IN WHICH THE USERS AND THIRD PARTIES’ PERSONAL DATA ARE PROCESSED

Users and Third Parties’ personal data shall be processed by the Company within the European Union. The Company shall also transfer personal data to Countries outside the European Union, therein included Switzerland, even without expressed approval, should this be necessary for the fulfillment of the obligations relating to myfoglio service carrying out, in pursuance of Section 43, point 1, letter b) of the Privacy Code. To this end, Users shall specify on the privacy policy provided to Third Parties that Third Parties Data shall be processed outside the European Union.

 

WHERE THE PERSONAL DATA ARE STORED

The Company processes and stores personal data with the help of information technology of its own or of third parties, and that are managed either by the Company or by third technical services suppliers. Data are only processed by specifically authorized personnel, including the personnel in charge of extraordinary maintenance operations.

 

WHAT SECURITY MEASURES THE COMPANY ADOPTS FOR PERSONAL DATA PROCESSING

The Company is committed in safeguarding personal data security and to comply with the security provisions as set up under the applicable regulations, in such a way as to prevent data loss, unlawful or illegal use of the data and unauthorized access to the data, specifically but not limited to Annex B of the Privacy Code (Technical Specifications concerning minimum security measures). Furthermore, information systems and softwares are set up in such a way as to minimize the use of personal data and identifying data, and they are only used by the Company when it is necessary in connection with the specific processing purposes pursued. The Company makes use of several security advanced technologies and specific procedures in such a way as to protect the users’ personal data.

 

WHAT RIGHTS THE USER SHALL HAVE IN RELATION TO HIS/HER PERSONAL DATA

Pursuant to Section 7 of the Privacy Code, the User shall have the following rights in respect of his/her personal data provided to the Company:
1. The Users shall have the right to obtain confirmation as to whether or not personal data concerning him/her exist, regardless of their being already recorded, and communication of such data in an intelligible form.

2. The Users shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing when the latter is carried out with the help of electronic tools;
d) of the identifying data concerning data controller, data processors and the representative designated as per Section 5, paragraph 2;
e) of the entities and categories of entities to whom personal data may be disclosed and who may get to know said data in his/her capacity as representative designated in the State’s territory, data processor or person in charge of the processing.

3. The Users shall have the right to obtain:
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification that the operations as per letters a) and b) have been notified, as also related to their contents, to those entities to whom the data have been disclosed or publicized, unless this requirement proves impossible or involves a manifestly disproportionate effort comparing to the right that is to be protected.

4. The Users shall have the right to object, in whole or in part:
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials, direct selling or else for the performance of market surveys or marketing communication.
For further information about privacy and about the Privacy Code, please visit official website of the EU.

 

HOW LONG PERSONAL DATA PROCESSING LASTS

Personal data processed by the Company are mainly stored for regulatory requirement purposes. In such cases, data keeping period coincides with the longest keeping period that is necessary in relation to one of said purposes.
Currently, it is to be considered that the 10-year keeping time provided by the applicable regulations represents a keeping period reasonably sufficient also for any other purposes.
Sole exceptions to the principle above are to be considered as occurring in case of litigation or, more generally, in case of necessary protection of the company’s rights and interests.
In relation to the first exception, data shall continue being kept, with any precaution, only for the time necessary to achieve said purpose.
Once said period has elapsed, therefore, data shall be anonymized in order to ensure data subject’s protection and privacy.
In relation to the purpose of protection of the Company’s rights and interests, it is made clear that data belonging to data subjects who may have exercised processing consent revocation are solely kept for defensive purposes and in the view to retrieving information in case of litigation. Once the time congruous for this purpose has elapsed, such data are anomymized. During this period, these data cannot be used for any other purpose.

 

TO WHOM THE USER SHALL ADDRESS FOR THE EXERCISE OF HIS/HER RIGHTS CONCERNING PERSONAL DATA

The User, in order to exercise the rights referred to in Section 12 of this Privacy Policy or for any information concerning his/her personal data provided to the Company, shall make a request by sending an email to privacy@myfoglio.com including in the email his/her name, surname, and the grounds of such request.

 

AMENDMENTS

The Privacy Policy is subject to amendments and updates. The version that is currently into force is the one published on the Site, with indication of its last update. Please check out the Privacy Policy periodically in order to keep informed about possible changes.

 

Updated on March 2016