Last update: 06 December 2020
The data controller for this website (italianobello.it and pages.italianobello.it) and for the digital products sold by Italiano Bello (courses.italianobello.it and others) is Irene Regini (me!). I live in Via Giovanni Battista Niccolini 53, 56017 San Giuliano Terme (Pisa), Italy (VAT number: BE 0741.770.183, Italian tax code: RGNRNI93R53F205Q).
For the matter of personal data protection, I comply with the UE 679/2016 General Data Protection Regulation (GDPR), according to art. 3 of that same regulation.
For any doubt or clarification concerning this document (and for any other issue you should have), you can contact me by writing an email at the address firstname.lastname@example.org.
When you visit my website, subscribe to my mailing list or purchase one of my digital products (courses, audiobooks, membership subscriptions, coaching, other services), I need to collect and process some of your personal data. This document explains how and when these data are collected and processed, and what are your rights concerning these data.
When you visit my website or pages (italianobello.it and pages.italianobello.it), I collect some basic analytic data, like your IP address, your browser and operating system, some basic configuration and date and time of your visit. These data are collected automatically, by the web server and by mean of web beacons and tracking cookies.
Why do I collect these data?
When you visit my website or pages, I collect your data in order to know how my services are used, to improve them and to detect fraud and abuse, under the lawful basis of my legitimate interest to do so. These data are not used for marketing reasons or for individual user profiling.
You can opt out from the collection of these data…
While you interact with my website or pages, some of your data might also be transferred to the partners we chose for the services they provide us:
My email list is my favourite means of communication, sharing information and marketing. To manage my email list I use a software called Mautic. Let’s see in detail which information we collect, where we keep them, with whom I share them and how I use them.
When you subscribe to my email list (by downloading my free lessons or from the dedicated page), I ask you to tell me your first name and your email address.
When you subscribe to my newsletter, I send you the specific free products you asked for (lessons, PDFs, etc.), and, on a regular basis, I might send you free materials, informative emails, promotions and offers for relevant products and services.
Your data is collected under the lawful basis of your free consent, which you can withdraw at any time by unsubscribing from the email list (you find the link to unsubscribe in the footer of all of my emails).
I keep a monthly backup of the mailing list in the form of an Excel file, which I keep in a safe place and don’t share with anyone.
When you open and view my emails, I also collect some basic analytic data, like your IP address, your browser and operating system, some basic configuration and date and time of your visit. These data are collected automatically, by the web server and by mean of web beacons and tracking cookies.
I collect your data in order to know how my services are used, to improve them and to detect fraud and abuse, under the lawful basis of my legitimate interest to do so. These data are not used for marketing reasons or for individual user profiling.
When you purchase one of my digital products (course, membership subscription, audiobook or service), I ask you to give me your name and surname, your email address and your physical address. If your invoicing address is in Italy, I also ask for your tax code (“codice fiscale”).
Thus, to say it in legal terms, the processing of your data is performed on the lawful basis of the execution of the implicit contract brought in existence by your purchase and of its precontractual measures you might have requested (for example, your request for information about our services or courses before purchasing them).
What do I need these data for? I need them in order to give you access to the digital products you purchased (course, coaching, membership, audiobook), and to send you an invoice or receipt.
When you subscribe to our courses, you need to register to a dedicated web platform. You need to remain registered to that platform (or to any other where I might want to transfer the course) to retain the ability to access the course.
You can ask to be canceled from the course platform, but you will lose the ability to see my courses; should this happen, you are not entitled to any reimbursement, unless you do that within the terms of the 100% Satisfied Guarantee.
Who can access this information?
There are only three persons who can access these data: Irene Regini (me!), my husband Giovanni Mascellani (who helps me with the back office) and my accountant, to whom I send my invoices every three months. No other person has access to this information.
If you want to modify this information, the easiest thing you can do is write an email at email@example.com, and I will do it for you.
Data from your credit card
In order to buy my digital products or services, you must insert the data from your credit card. Here is how I process those data.
For payments and checkouts, I use Stripe, a service provided by Stripe Payments Europe, Ltd.
In order to make a purchase, I ask you to write the data of your credit card on the checkout page (these data are the card number, its expiration date and the security code – the number written on the back).
I don’t have access to these data, and I don’t keep them on my server. These data are immediately sent to Stripe, which deals with the payment and keeps them – encrypted – on its servers. In the control panel of my Stripe account (that I can access to see the payment history and which I use to manage refunds), Stripe shows me only the four last numbers of your credit card number. That’s all the information I have access to concerning your credit card.
Besides the data which are encrypted on your credit card, Stripe knows your name, your surname and your email address, the kind of card you used – normal or prepaid – and its country of issue. Stripe has also access to some information concerning the purchase: day and time, amount, and order number on WooCommerce.
I am the only one who is able to access this information, along with Giovanni Mascellani, and we don’t share them with anybody or with any service other than those I mentioned above.
How can you delete this information? If you want to delete the information which is kept on Stripe, just write me an email at firstname.lastname@example.org, and I will do this for you.
Is it necessary that you give me your personal data?
Yes, you need to share with me your personal data (name and surname) and your contact data (email address), so that I can give you access to the digital product or service you required. Another reason I need these data is to comply with the fiscal and legal obligations required from Italian and European laws.
I won’t use your personal data for purposes different from those declared in this document and those who you decided to choose, freely, in the moment of your subscription or purchase.
On the other hand, it’s not necessary that you share your data for the purposes of marketing and advertising (Facebook pixel, retargeting, etc.).
While selecting the appropriate cases, you declare that you read this document and that you agree with me processing your data for the pertinent purposes. In other terms, by selecting the appropriate cases you give me your consent to the processing of your personal data, within the limits and for the purposes that are declared in this document.
Who can I transmit your data to?
I could transmit your data to Giovanni Mascellani (my husband), who helps me with the back office of my website and courses. I assure under my responsibility that he is aware of the principles of this document, and he cares about the privacy, security and secrecy of your data.
The processing of your data is always partially automated.
How long do I keep your data?
Your personal data will be kept for as long as it is necessary to continue delivering the services you asked for or the digital products you purchased. Once we don’t need to retain a specific piece of data anymore (for example, because the service you requested has ended or because you explicitly requested to recede from the service or course), we delete it.
Please note, though, that we have the legal requirement to retain some data for a longer time. For example, we need to retain payment and invoicing data for as long as the law requires us to.
How do we ensure the security of your data?
We strive to keep your data as secure and safe as possible, adopting technological solutions like state-of-the-art cryptography (to protect your data while they are transferred to us), appropriate authentication processes (to prevent other people to access your data that we keep) and up-to-date software packages (to reduce the probability that our computers are hacked).
In the case an unauthorized access to your data should happen on our computers or servers (for example as the result of a computer attack), we will promptly inform you about the event and the extent to which your data were accessed.
Transferring your data outside of the European Union
We do not directly transfer your data outside of the European Union: in particular, our websites are hosted in the European Union. However, some of our partners (those mentioned above in this document) might be based outside of the European Union or otherwise transfer the data outside of the European Union.
According to the European Union’s General Data Privacy Regulation, you have the following rights:
· Right of access and to data portability. You can request a copy of all of your personal data we have, for any reason (such as to understand how and why we use your data, and to reuse them in different services).
· Right to rectification. You have the right to ask me to rectify your personal data in case they are incorrect and integrate them in case they are not complete (for instance, in case you should change your email address). I encourage you to inform me as soon as possible of every change in your personal data, so that I can offer you our services as efficiently as possible.
· Right to erasure. You have the right to ask me to erase your personal data, as soon as they are not necessary any more for the purposes for which I collected it, or at any moment for data that was collected on the lawful basis of your consent. This right is restricted in some cases, for example when we are required to keep them because of legal obligations, but we are still bound to process them only in connection to such obligations. Also, while your personal data is immediately put beyond use, some copies of them might survive in our backup systems for at most an year after your request.
· Right to object and to restrict processing. You have the right to restrict the processing of your personal data or to object to how we use it. In particular, you have the right to withdraw your consent when this is the lawful basis for collecting your data, and to request that your data are not used for direct marketing purposes.
· Right to appeal to a Data Protection Authority. Every country in the European Union has a Data Protection Authority, which you can address if you believe that your privacy rights are being violated. You can find the list of Data Privacy Authorities at the page https://edpb.europa.eu/about-edpb/board/members_en.
You can contact me at email@example.com for any doubt, issue or clarification, or if you need further information.