Privacy policy

Data Controller: EsseElle S.R.L. Società Unipersonale, via Veneto 3, 35020, Due Carrare, PD, Italia
VAT number: IT03585680287
Dedicated contact: privacy@esseellesrl.it

1) Privacy policy
With reference to the processing of personal data of users who consult the website www.esseellesrl.it pursuant to art. 13 and 14 of the GDPR - EU Regulation 2016/679, we inform you that:

- The data provided voluntarily or collected automatically, including e-mail addresses, will be processed for the sole purpose of providing the information and services requested. For the provision of these services, this site also makes use of third parties, for the purposes and in the manner described in this document;

- The data will not be used for other purposes except with the express consent of the interested party, unless requested by the public authorities, or for defense by the Data Controller in court;

- The data is processed by adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction;

- In addition to the Data Controller, other subjects involved in the organization of www.esseellesrl.it may have access to the data - administrative, commercial, marketing, third party technical services, postal services, IT agencies - also appointed, if necessary, as data processors by the Data Controller. The updated list of data processors can always be requested from the Data Controller.


2) Legal basis of the processing
The Data Controller processes personal data relating to users if at least one of the following conditions exists:

1. the user has given consent for one or more purposes indicated in this document;
2. the processing is necessary to satisfy a user's request (e.g. sending a content);
3. the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
4. the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.

In any case, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on a law, provided for by a contract or necessary to satisfy a request from the interested party.


3) Place
The data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For more information, please contact the Data Controller.
Furthermore, personal data may be transferred to a different country than the one in which the user is located.

For detailed information on the places, please refer to the specific purposes indicated in this document.

The interested party has the right to obtain information regarding the legal basis for the transfer of data outside the European Union or to an international organization governed by public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the data.


4) Data retention period (paragraph 2 letter a)
The data is processed for the time necessary to perform the service requested by the user, or required by the purposes described in this document.
When the processing is based on the user's consent, the Data Controller can keep personal data for longer until such consent is revoked.
If the interested party has purchased a product or service from www.esseellesrl.it, the personal data will be processed for the period required to fulfill tax obligations.

At the end of the retention period, the user's personal data will be deleted. Therefore, upon reaching this deadline, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.


5) Protection of minors
www.esseellesrl.it recognizes the importance of protecting the privacy of minors and invites parents and guardians to play an active role in monitoring their children's online activities and interests. Minors under the age of 18 are not permitted to use www.esseellesrl.it. In the event that www.esseellesrl.it learns that it has collected personal data from subjects under the age indicated, it will take all reasonable measures to delete them.

If a parent has reason to believe that www.esseellesrl.it has collected personal data from a minor under the age indicated, he or she can send a request to privacy@esseellesrl.it for such information to be removed.


6) Purpose of data processing (paragraph 1 letter c)
User data is collected to allow the Owner to provide its services, as well as for the following purposes: Site hosting, Business email hosting, Content management, Statistics, Interaction with social networks, Content Storage and Backup Management, Use of content from external platforms, User database management and message sending, Protection from SPAM and Malware, Sale of products and services

In particular, for the provision of its services and for the achievement of the aforementioned purposes, www.esseellesrl.it also makes use of third parties. The following is the updated list of all the parties involved, correlated with the personal data collected, the level of protection, and references to the respective privacy policies, external to www.esseellesrl.it.

• 6.1) Site hosting: www.esseellesrl.it is physically 'hosted' at DigitalOcean ('www.digitalocean.com'), in a data processing center in Frankfurt am Main, Germany.
  • Entity involved: DigitalOcean, LLC
  • Personal data collected: Browsing data
  • Place of processing: USA and Germany
  • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
  • Privacy Policy
  Browsing data. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment of the user.
  For further information please refer to the privacy privacy.
  
  For its operation, www.esseellesrl.it uses Cloudways. Cloudways is a Saas server manager for PHP servers offered by Cloudways Ltd., 52 Springvale, Pope Pius XII Street, Mosta, MST2653, Malta. It allows www.esseellesrl.it to manage: server provisioning, server settings, server security and server optimization. The updated privacy policy of the provider is available here.
  
  Furthermore, all data exchanged between the user's device and www.esseellesrl.it are encrypted before transmission, thanks to the Transport Layer Security technology (TLS 1.2). In particular, in order to guarantee the highest security standards in the field of data transmission, www.esseellesrl.it uses a certificate issued by the "Let's Encrypt" certification authority (Let's Encrypt, 548 Market St, PMB 57274, San Francisco, CA 94104 -5401, USA). When establishing the secure connection (HTTPS) to the server, the user's browser (called the TLS client) may send an OCSP request to Let's Encrypt. This request is used to check whether the certificate used to establish the secure connection has been revoked. OCSP requests transmit the IP address, a browser "User Agent" string, and the user's operating system. Let's Encrypt does not, under any circumstances, use the personal data included in OCSP requests to create profiles or identify individuals, but solely as part of the necessary checks to ensure the security of the data transmission. For more information, please refer to Let's Encrypt Certification Authority's updated privacy policy.
• 6.2) Hosting of business email: Google Workspace is a business email hosting service provided by Google Ireland Limited, based in Ireland.
  Google Workspace allows www.esseellesrl.it to store and send corporate email messages. Google can access all the personal information that the users of www.esseellesrl.it share via e-mail messages, as well as those provided in the forms contained in the pages of www.esseellesrl.it. In fact, these forms can send an automatic notification of the user's request to the company email.
  • Entity involved: Google Ireland Limited
  • Personal data collected: Cookies and Browsing data
  • Place of processing: Ireland and USA
  • Level of protection: this subject complies with the GDPR regulation
  • Privacy policy
• 6.3) Content management:: the following third party services allow the Data Controller to create, manage and distribute the contents of www.esseellesrl.it.
  • WordPress
    • Entity involved: Automattic Inc.
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
    If the user purchases a service, i.e. registers, logs in or enters a comment on a content, WordPress automatically collects the following additional personal data: Date, Time, Name, IP Address, Email Address, the website (optional).
    
    Furthermore, WordPress can send the user so-called "transactional" e-mail messages, connected to the registration and account maintenance procedure, if the user has voluntarily registered on www.esseellesrl.it, providing his personal data, or has completed one of the aforementioned actions.
    
    The following policy applies if a user posts a comment on a www.esseellesrl.it article
    When a user leaves a comment on a piece of content, WordPress stores the personal information entered into the comment form that typically follows the content, as well as the IP address and user-agent, which are used to detect and combat spam.
    
    Upon submission of the comment, WordPress may send an anonymized string created from the email address provided by the user (also known as a "hash") to the external service Gravatar (Automattic Inc., 132 Hawthorne Street, San Francisco, CA, 94107, USA. Privacy Policy: https://automattic.com/privacy/), for the purpose of determining whether the user is using the same service. In the event of a match, the user's profile image is pulled from Gravatar and displayed publicly in the context of the comment.
    
    www.esseellesrl.it stores the comments and associated personal data until one of the following conditions occurs:
    - The content related to the comment is completely deleted;
    - The comment must be removed for legal reasons, at the request of public authorities.
    
    All users can view, edit, or delete their personal information at any time (except for the username, which cannot be changed). This information is also visible to the Owner and technical staff, who can also edit it.
    
    Comments are saved on the basis of the user's consent according to Art. 6 (1)(a) GDPR. The rights stated in point 9) "Rights of the data subject (para. 2 letter b)" of this document apply.
  • Elementor
    • Entity involved: Elementor LTD.
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Elementor is a service for creating content, graphic layouts and forms (such as contact forms), and is provided by Elementor LTD.
  • Elementor Form Widget
    • Entity involved: Elementor LTD.
    • Personal data collected: IP address, Cookies, Browsing data, Other types of data provided by the user in the forms of www.esseellesrl.it
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  Elementor Form Widget allows www.esseellesrl.it to create and manage forms of any type within its pages.
  
  When the user voluntarily submits a form contained in the www.esseellesrl.it pages, Elementor Form Widget can send the personal information provided via email, as a notification, to the Data Controller, who may possibly store them within the management system, reception and sending e-mail (called "Mail Client") in use. When necessary to the Data Controller for the other purposes indicated in this document, Elementor Form Widget may also transmit said information to third parties, once again, indicated in this document.
  
  The information sent by the user through the www.esseellesrl.it forms, managed by Elementor Form Widget, can be transferred to ActiveCampaign for:
  - following up on the user's request;
  - carrying out the requested service;
  - sending material training;
  - sending estimates or other communications, including commercial ones, relating to the request.
  • Google Tag Manager
    • Entity involved: Google Ireland Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Google Tag Manager is a tag management service provided by Google Ireland Limited.
  • Cookiebot
    • Entity involved: Cybot A/S (“Cybot”)
    • Personal data collected: IP address (anonymized), Cookies and Browsing data
    • Place of processing: Denmark
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Cookiebot allows the Data Controller to build and keep the cookie policy updated, and to collect proof of consent valid for the GDPR.
  • WPML
    • Entity involved: OnTheGoSystems Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Hong Kong
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    WPML allows the Data Controller to provide the contents of the site in various languages. To facilitate user navigation, WPML saves cookies ("wp-wpml_current_language", "wp-visitor_lang_js") to remember the language of the last page of www.esseellesrl.it visited by the user, and proposes the site in the same language in the subsequent visits.
  • ShortPixel
    • Entity involved: ID SCOUT SRL
    • Personal data collected: Cookies, Browsing data, Other types of data as indicated in the privacy policy of the service
    • Place of processing: Romania
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    ShortPixel is an image and PDF optimization service offered by ID SCOUT SRL. This third-party service allows you to compress the images and PDFs hosted on www.esseellesrl.it.
• 6.4) Statistics:: the following third-party services allow the Data Controller to monitor traffic and clicks on the site, and are used to keep track of user behavior. In general, they indicate to the Owner how to improve the performance of the site, to distinguish the strong aspects from those that can be improved.
  • Google Analytics 4
    • Entity involved: Google Ireland Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    • Opt Out Tool
    Google Analytics 4 ("GA4") is a website analysis service provided by Google Ireland Limited. The service uses the collected personal data for the purpose of tracking and examining the use of this website, compiling reports and sharing them with other services developed by Google in accordance with the privacy policy of the service itself, including the use of data to customise ads according to its advertisement circuits.
    
    This service anonymizes IP addresses before storing information in its databases. Additionally, the maximum retention period before user and event data is automatically deleted from the service's databases is 14 months. For more information, please refer to the official document. The Owner can only access data in an aggregated and anonymous form.
    
    The Enhanced Measurement option is enabled, and allows this service to collect information on: Page scrolls, Outbound clicks, Site search, Video engagement, File downloads, Form interactions.
  • SEOZoom
    • Entity involved: Seo Cube s.r.l.
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Italy
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
  • Rebrandly
    • Entity involved: RadiateCapital Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
  • Microsoft Clarity
    • Entity involved: Microsoft Corporation
    • Personal data collected: Cookies, Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Microsoft Clarity is a website analysis service offered by Microsoft Corporation aimed at improving the user's browsing experience. The service allows www.esseellesrl.it to obtain a series of statistical information about the use of the site (e.g. links to the most/least popular pages, time spent on a page, scrolls and mouse movements) that allow to make the site more usable and accessible for users. In particular, some browsing sessions may be recorded and made available later for viewing. The aim is to detect which are the areas of the site of greatest interest and which are the critical points to improve.
    
    For further information please refer to the privacy policy of the service itself.
• 6.5) Interaction with social networks: thanks to these services, the user is able to interact with social networks without leaving the pages of www.esseellesrl.it.
  To achieve this purpose, these third-party services collect some personal data of users, as indicated below. For more information, please follow the references to their respective privacy policies, external to www.esseellesrl.it.
  • LinkedIn widgets and "Share" button
    • Entity involved: LinkedIn Corporation
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    When the user creates a new account or logs in with his existing account at https://linkedin.com, LinkedIn installs a cookie on the user's computer. In this way, LinkedIn can remember the user's access even on his subsequent visits to https://linkedin.com. The LinkedIn widgets and "Share" button used on the www.esseellesrl.it pages are hosted by LinkedIn. Therefore, when opening an www.esseellesrl.it page where they are present, the user's browser, while loading the aforementioned elements, sends the cookie data to LinkedIn. This data is used by LinkedIn to associate the user who is interacting with the relevant account. This information is not shared by LinkedIn, i.e., it is not accessible in any way for www.esseellesrl.it. For further information you can read the Privacy policy of LinkedIn.
• 6.6) Content Storage and Backup Management: the following third party services allow the Owner to manage backup copies of the entire website, including the data provided by the user.
  • Dropbox file hosting
    • Entity involved: Dropbox Inc.
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Dropbox provides the space necessary to host all the downloadable content of www.esseellesrl.it.
    In addition, this service provides the Owner with the space to keep backup copies of the site.
  • Google Drive
    • Entity involved: Google Ireland Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • One Drive
    • Entity involved: Microsoft
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • Duplicator Pro
    • Entity involved: Snap Creek LLC
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
• 6.7) Use of content from external platforms: the following third-party services allow www.esseellesrl.it to incorporate external content (for example videos, fonts, etc.) within the website.
  • Vimeo Video
    • Entity involved: Vimeo LLC
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
  • Google Fonts
    • Entity involved: Google Ireland Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • Google Maps
    • Entity involved: Google LLC
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • Font Awesome
    • Entity involved: Fonticons, Inc.
    • Personal data collected: Cookies and Browsing data
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • Google Drive data and documents
    • Entity involved: Google Ireland Limited
    • Personal data collected: Cookies and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Through this service, www.esseellesrl.it may include data and documents from Google Drive on its pages.
• 6.8) User database management and message sending: the following third-party services allow www.esseellesrl.it to
  - build user profiles starting from an e-mail address, a name, or any other information provided to www.esseellesrl.it;
  - cross-reference this personal data with publicly available user information, for example through social channels;
  - send messages of a commercial or promotional nature, with recording of data relating to the opening and interaction of the user with them;
  - send scheduled e-mail messages based on specific actions performed by the user, with reference to the previous point;
  - the user's email address could be automatically added to the database, following registration on the website, a purchase or request for free content.
  
  
  • ActiveCampaign
    • Entity involved: ActiveCampaign Inc.
    • Personal data collected: Email address, Name, Phone, Cookie and Browsing data, Any other data provided by the user within the www.esseellesrl.it forms
    • Place of processing: USA
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
• 6.9) Protection from SPAM and Malware: the following third-party services allow www.esseellesrl.it to analyze traffic, files and databases placed on the server, potentially containing users' personal data, in order to filter them from parts of traffic, messages, files and contents recognized as SPAM or potentially harmful.
  • Google reCAPTCHA
    • Entity involved: Google Ireland Limited
    • Personal data collected: IP address, Cookies, and Browsing data
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
  • Bot Protection MalCare Security
    • Entity involved: Inactiv.com Media Solutions Private Limited
    • Personal data collected: IP address, Cookies and Browsing data
    • Place of processing: India
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy
    Bot Protection MalCare Security is a service for protecting the site from Bots and Hackers, which is denied access automatically, also thanks to the comparison of the user's IP address with lists of IP addresses potentially recognized as a security risk.
    
    To ensure maximum protection, Bot Protection MalCare Security can use the Google reCAPTCHA service, also included in this document.
  www.esseellesrl.it is able to recognize and counter cyber-attacks, as well as periodically scan files and databases to identify potentially harmful software. These systems make it possible to prevent data loss, illicit or incorrect use and unauthorized access.
• 6.10) Sale of products and services: when the user requests it, through a purchase order for one or more products or services of www.esseellesrl.it, the personal data necessary to perform the service or provision requested are collected.
  Personal data collected: shipping address (for non-digital products or services), name, surname, telephone contact, email address, billing address, tax code and/or VAT number, necessary for the fulfillment of tax obligations and the issuance of the invoice.
  Payment processing is entrusted to specialized partners, external to www.esseellesrl.it: no sensitive information on the user's credit card is saved by this site.
  
  To manage purchase orders and issue of invoices, www.esseellesrl.it makes use of the following third parties:
  • Fatture in Cloud
    • Entity involved: MadBit Entertainment Srl c/o TeamSystem S.p.A.
    • Personal data collected: Name, Surname, Phone, Email address, Billing data, Purchase orders
    • Place of processing: Italy
    • Level of protection: this subject complies with the GDPR regulation starting from 25 May 2018
    • Privacy policy
  • Google Workspace
    • Entity involved: Google Ireland Limited
    • Personal data collected: Name, Surname, Phone, Email address, Billing data, Purchase orders
    • Place of processing: Ireland and USA
    • Level of protection: this subject complies with the GDPR regulation
    • Privacy policy

7) System log for maintenance purposes
For maintenance purposes, www.esseellesrl.it and any third party services used may collect system event logs in the form of files, which may also contain personal data, such as IP addresses.


8) Mandatory or optional nature of providing data (par.3 letter e)
Unless otherwise specified, the provision of data and its processing are mandatory for the purposes of managing and using the service provided by www.esseellesrl.it; it follows that any refusal by the interested party makes it impossible to carry out the service itself.
In cases where www.esseellesrl.it indicates some data as optional, users are free to refrain from communicating such data, without this having any consequence on the usability of the service.

The visitor assumes responsibility for the personal data of third parties published or shared through this website and guarantees to have the right to communicate or disseminate them, freeing the owner from any liability to third parties.


9) Rights of the interested party (paragraph 2 letter b)
The identification details of the Data Controller of the user's data are shown at the beginning of this information document.

The user may, at any time and without any formalities, exercise the rights regarding their personal data by sending an email to the e-mail address privacy@esseellesrl.it.

In particular, the user has the right to:

1. access to personal data;
2. verify and obtain the correction or cancellation of the same or the limitation of the processing that concerns them;
3. oppose the processing;
4. to the portability of data to another Data Controller, where technically possible;
5. withdraw consent at any time, obtain the cancellation (i.e. the right to be forgotten) or the removal of their data (except, for example, when the processing is necessary to fulfill a legal obligation to which the Data Controller is subject or to the execution of a task of public interest or connected to the exercise of public authority vested in the Data Controller);
6. receive their data;
7. make a complaint to the competent supervisory authority or take legal action.

Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.

Cookies policy

Copyright

Texts, images and any other multimedia content present on the site is owned by the Owner or licensed to the same.
All the distinctive signs used on the site belong to the Owner or to their respective owners or licensees, who have granted the Owner the right of use, limited to the publication of the same on the site.
No part of the site (including texts, images and any other multimedia content) may be reproduced or retransmitted without the specific written authorization of the Owner, except for personal non-transferable use. Use for any unauthorized purpose is expressly prohibited by law.



Changes to this document

The Owner reserves the right to make changes to this document at any time, by advertising them in this space.
Therefore the user/visitor is advised to periodically consult this page.

Last modification date: 12th May 2023