Privacy Policy – Daicargroup.com 

Daicar Group prioritizes privacy and personal data protection. 

Please read this Privacy Policy before providing any personal data, as it contains important information on how your personal data will be processed and the protections we offer to anyone visiting our website. Your personal data will be processed in accordance with the provisions of Regulation EU 2016/679 (General Data Protection Regulation, “GDPR”), Legislative Decree 196/2003, as amended (“Privacy Code”), and the confidentiality obligations set out therein. Specific security measures are followed to prevent data loss, illegal or incorrect use, and unauthorized access. 

This Privacy Policy: 

• Applies to the page of https://www.daicargroup.com/ and any platform or communication channel we use to collect your data (hereinafter referred to as the “Site”); 

• Is an integral part of the Site and the services we offer; 

• Is provided in compliance with Articles 13 and 14 of the GDPR for those interacting with the Site’s web services by simply browsing or using specific services provided via the Site (such as completing online forms for quotes, information requests, or other services) (the “Services”). 

Your data always under control. 

Remember that you can always have control over your personal data by contacting us at privacy@daicargroup.com. 

1. Definitions of “Processing” and “Data Subject”
   Here are some definitions that may be useful: 

• Processing of personal data means any operation or set of operations performed with or without the aid of automated processes applied to personal data (e.g., collection, recording, organization, structuring, storage, adaptation or alteration, extraction, consultation, use, communication by transmission, or any other form of making available, comparison or interconnection, restriction, deletion, or destruction). 

• Data Subject refers to any individual to whom the personal data being processed refers. 

• Data Controller means the entity that determines the purposes and means of processing personal data. 

• Data Processor refers to the physical or legal person, public authority, service, or other body that processes personal data on behalf of the Data Controller. 

1. Who is the Data Controller?
   Daicar Group, a brand of Daicar Ltd with tax code and VAT number 97785640588, is the Data Controller of your personal data (“Data Controller”). For any communications related to this Privacy Policy or questions regarding the processing of your personal data, please contact us at privacy@daicargroup.com. 

1. What personal data is processed?
   The personal data we process includes the following (the “Personal Data”): 

• Cookies: Information on cookies is available here. 

• Navigation and Interaction Data: The computer systems and software procedures responsible for operating the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These include IP addresses and/or domain names of computers used by users connecting to the Site, URI addresses of requested resources, request time, method used to submit the request to the server, file size obtained in response, server response code (successful, error, etc.), and other parameters related to the user’s operating system and IT environment. These data may be used to ascertain responsibility in the event of possible cybercrimes against the Site or third parties. In addition to the cookies above, we may use third-party services that use “beacons,” small images used to monitor user activity on websites or to track emails. 

• Data you provide: Personal data voluntarily provided through the Site or other communication channels, such as identifiers (e.g., name, identification number, online identifier), or any data that can identify or make you identifiable, as well as contact data such as phone number and email address, which you choose to enter on the Site or that will be transmitted by third parties (e.g., social media, third-party sites). We encourage you not to enter information that may fall under the special categories of personal data defined in Article 9 of the GDPR ([…] personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data intended to uniquely identify a natural person, data concerning health, or a person’s sex life or sexual orientation). You are responsible for the content you communicate and indemnify the Data Controller from any liability related to such content. 

1. What are the purposes of the processing?
   Your Personal Data may be processed, with your consent where necessary, for the following purposes, where applicable: 

• 4.1 To allow browsing on the Site and manage its security; 

• 4.2 To contact you following your request for information or activation of Services (e.g., demo requests); 

• 4.3 To comply with any obligations required by current laws, regulations, or EU regulations, or to respond to requests from authorities; 

• 4.4 To send you communications via email for services or products similar to those you have requested, pursuant to Article 130, paragraph 4 of the Privacy Code, subject to your right to object at any time to such communications; 

• 4.5 To send you promotional and marketing communications, including newsletters and market research, using automated tools (pre-recorded phone calls, emails, push notifications, SMS, MMS, or other messaging and VOIP services) and non-automated tools (postal mail, phone with an operator), provided that you have consented to it; please note that we collect a single consent for the marketing purposes described here (according to the General Provision of the Data Protection Authority “Guidelines on promotional activities and combating spam” of July 4, 2013) but if you wish to object to the processing of your data for marketing purposes using all or some of the means described here, you can do so at any time by sending an email to privacy@daicargroup.com, without affecting the lawfulness of processing based on the consent provided before the withdrawal; 

• 4.6 To communicate your Personal Data to other Daicar Group companies for sending them promotional and marketing communications, including newsletters and market research, through automated tools (pre-recorded phone calls, emails, push notifications, SMS, MMS, or other messaging and VOIP services) and non-automated tools (postal mail, phone with an operator); 

• 4.7 For statistical purposes, in a completely anonymous and aggregated form, without the possibility of identifying you. 

1. What is the legal basis and nature of the processing?
   Your Personal Data may be processed: 

• 5.1 For the purposes in points 4.1 and 4.2, under Article 6, paragraph 1, letter b) of the GDPR (“[…] processing is necessary for the performance of a contract to which the data subject is a party or for the implementation of pre-contractual measures taken at the data subject’s request”), as the processing is necessary to provide you with our Services. Providing Personal Data for these purposes is optional, but failure to provide it would make it impossible to use the requested Services; 

• 5.2 For the purpose in point 4.3, under Article 6, paragraph 1, letter c) of the GDPR (“[…] processing is necessary for compliance with a legal obligation to which the controller is subject”). Once the Personal Data is provided, the processing is necessary to comply with legal obligations to which the Data Controller is subject; 

• 5.3 For the purpose in point 4.4, under Article 130, paragraph 4 of the Privacy Code, which allows the Data Controller not to request your consent, if it uses the email address provided by you when you purchase a service, as long as the communication relates to services similar to those you have requested and provided you have not indicated that you do not wish to receive such communications; 

• 5.4 For marketing purposes, profiling, and communication to Daicar Group companies, as described in points 4.5 and 4.6, after the release of your consent under Article 6, paragraph 1, letter a) of the GDPR (“[…] the data subject has consented to the processing of their personal data for one or more specific purposes”) and Article 22, paragraph 2, letter c) of the GDPR. The provision of your Personal Data for marketing or profiling purposes and the related consents are not mandatory, and you can withdraw them at any time by emailing the Data Controller at the contacts indicated above, without prejudicing the provision of the Services. 

6. Who are the Recipients of the Personal Data?

6.1 We may share some of your Personal Data with entities that typically act as independent data controllers or data processors under Articles 29 and 28 of the GDPR, such as: (i) individuals, companies, or professional firms providing assistance and consulting to the Data Controller in accounting, administrative, legal, tax, and financial matters; (ii) entities appointed to perform technical maintenance activities; (iii) service providers used by the Data Controller to achieve the purposes described in point 4 (e.g., app developers, server hosting providers, mailing list services, electronic communication systems, chatbots, data validation); always in compliance with the principle of minimization, limiting the processing to the data strictly necessary to achieve the specific purpose. 

6.2 We may also share your Personal Data with other companies of the Daicar Group, limited to achieving the purposes mentioned in point 4.6, subject to your explicit consent (as further specified in point 5) or for the pursuit of internal administrative purposes. 

6.3 Finally, your Personal Data will be communicated by the Data Controller to entities, bodies, or authorities to whom such communication is mandatory under legal provisions or orders from the authorities. 

A complete list of data processors is made available to data subjects upon request sent to the email address privacy@daicargroup.com. 

7. How long will my personal data be retained?

7.1 Personal data processed for the purposes of points 4.1 and 4.2 will be retained for the time strictly necessary to achieve those purposes. In any case, since the processing is carried out for the provision of services, the Data Controller will retain personal data for the period of time provided and permitted by Italian law to protect its interests (Article 2946 of the Civil Code and following). 

7.2 Personal data processed for the purposes of point 4.3 will be retained for the period prescribed by the specific legal obligation or applicable legal provision. 

7.3 Personal data for the purposes in section 4.4 will be processed until you object to the processing or revoke your consent. 

7.4 Personal data will be processed for the purposes of points 4.5 and 4.6 for a period not exceeding 2 years from collection. 

8. What are your rights?
   Under Chapter III of the GDPR, you have the right at any time to confirm whether or not your Personal Data exists and to know its content, origin, verify its accuracy, or request its integration or updating, or rectification; you have the right to request deletion, anonymization, or blocking of data processed in violation of the law, as well as to object to its processing for legitimate reasons.

You also have the right to request access to your data, to object to its processing, to request its restriction in cases provided for by Article 18 of the GDPR, where technically possible, and to receive the data concerning you in a structured, commonly used, and machine-readable format in cases provided for by Article 20 of the GDPR. 

In any case, you always have the right to lodge a complaint with the Data Protection Authority, as per Article 77 of the GDPR, if you believe that the processing of your data is contrary to the current regulations. 

9. Are my Personal Data transferred abroad?
   We tend to choose providers, apps, and solutions that allow us to keep data within the European Union. However, some services are provided by providers based in third countries and operating from these countries. In such cases, we ensure that guarantees are in place to comply with the principles of the GDPR through the signing of Standard Contractual Clauses approved by the European Commission.

10. How is the privacy policy updated?
    We encourage you to check this section periodically to become aware of any changes or updates to this Privacy Policy, which may be required due to changes in data processing or applicable laws, so you are always informed about how we manage your data. In any case, we will promptly notify you of any changes.

11. How can I contact the Data Controller?
    You can contact the Data Controller to exercise your rights or for any other request by sending an email to: privacy@daicargroup.com

Last updated: 26.08.2023 

MattIA is a product of Daicar Group, a registered trademark of Daicar Ltd, Via Del Porto Fluviale, 1/C, 00154 ROMA – VAT: 97785640588.