+39 0372 421811

Privacy Policy

Privacy Policy pursuant to Art. 13 of EU Regulation 2016/679

In compliance with the above-mentioned information obligations of the European Data Protection Regulation 2016/679, whose aim is to protect the fundamental rights and freedoms of natural persons and in particular, their right to the protection of personal data, you should read some information that may help you to understand the reasons for which your personal data will be processed.

1- Data Controller

Wonder S.p.A., with registered office in via Boschetto, 10, 26100 Cremona, Tax Code and VAT no.00106500192, hereinafter referred to as "Data Controller", guarantees compliance with the regulations on the protection of personal data by providing the following information on the processing of data pursuant to Art. 13, EU Regulation 2016/679 (General Data Protection Regulation – GDPR) and subsequent amendments.

2- Data processed, purposes and legal bases of the processing

Your personal data, even of a particular type (concerning your state of health), will be processed by the Data Controller in order to ensure safe access to the structure by third parties, and will be subject to treatment based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights, so as to avoid the generation of health damage related to the spread of the sars-COV 19 virus.

The legal basis of the processing is the protection of vital interests of you or other natural persons (Art. 6, letter d of EU Regulation 679/2016 – GDPR).

3- Nature of data provision

The provision of the data specified above is optional but any refusal to provide them in whole or in part will make it impossible to access our structure for the performance of the requested activity.

4- Places and methods of data processing and retention times

Data collected by the site are processed at the Data Controller's headquarters and at AWS US-East-1 data centers in Virginia USA, US-West-1 data center in California USA, or USWest-2 data center in Oregon USA that are used by the visitor registration service provider Envoy Inc. (privacy policy https://envoy.com/privacypolicy/ – data security https://envoy.com/security-details/).

The processing will be carried out exclusively in digital form.

The data are kept for the time strictly necessary to manage the purposes for which the data are processed ("conservation limitation principle", Art. 5, EU Regulation 2016/679) and in any case no longer than 1 year after collection.

In any case, the Data Controller practices rules that prevent the retention of data for an indefinite period of time and therefore limits the retention time in compliance with the principle of minimising data processing.

The data may be further retained only in compliance with specific legal obligations.

5- Subjects authorised to process data, data processors and communication of data

Your data will be processed exclusively by the Data Controller through specially trained personnel.

Personal data of a particular type collected, within the limits pertinent to the processing purposes indicated and as necessary and/or instrumental to the execution of the same purposes, may be processed by third party medical personnel for the correct fulfilment of the purposes set out in point 2.

The data collected may be provided in case of legitimate request, only in the cases provided for by law, by the Judicial Authority.

Your personal data will in no case and for no reason whatsoever be disclosed.

6- Transfer of Data to Non-EU Countries

Data collected will be transferred outside the EU to AWS US-East-1 data centers in Virginia USA, US-West-1 data centers in California USA, or USWest-2 data centers in Oregon USA that are used by the visitor registration service provider Envoy Inc. (privacy policy https://envoy.com/privacypolicy/ – data security https://envoy.com/security-details/) which adheres to the agreement regulating the transfer of data between the European Union and the USA (so-called Privacy Shield https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5306161).

7- Rights of the Data Subject

In relation to the Personal Data communicated, the Data Subject has the right to exercise the following rights:

The Data Subject may exercise his or her rights, as well as request further information regarding his or her Personal Data, by sending an email to This email address is being protected from spambots. You need JavaScript enabled to view it. specifying in the subject line the content of his or her request and attaching the relevant request form which may be downloaded from the links available in the list above.

Requests relating to the exercise of the user's rights will be processed without undue delay and, in any case, within one month of the request; only in cases of particular complexity and according to the number of requests may this period be extended by a further 2 (two) months.

We remind you that it is the right of the Data Subject (Art. 77 EU Regulation 679/2016 – GDPR) to lodge a complaint with the Data Protection Authority, located in Rome, Piazza Venezia 11, 00187, mail This email address is being protected from spambots. You need JavaScript enabled to view it..

***

Last updated: July 23, 2023

Wonder S.p.a.

Wonder S.p.a. is a certified company

UNI EN ISO 9001:2015
IATF 16949:2016
UNI EN ISO 14001:2015
UNI EN ISO 45001:2023


      

Contacts

Wonder S.p.a.
Head Office and Plant
Via Boschetto, 10
26100 Cremona
Italy

Tel. +39 0372 421811

Save
Cookies user preferences
We use cookies to ensure you to get the best experience on our website. If you decline the use of cookies, this website may not function as expected.
Accept all
Decline all
Technical Cookies
Technical cookies (for functionality).
Accept
Decline
Analytics
Tools used to analyze the data to measure the effectiveness of a website and to understand how it works.
Google Analytics
Accept
Decline