This text on Confidentiality Policy describes how Clara collects, uses and transmits personal data as defined in particular in Regulation (EU) 2016/679 of the European Parliament and Council of 27 April 2017 (“GDPR”) and of Law no. 78-17 of 6 January 1978, as amended (hereinafter referred to collectively as the “Data Protection Regulation”), hereafter referred to as “Personal Data”. Any mention of the term “Clara” refers to the Clara entity acting as the controller of personal data or processing of the user’s personal data, the recipient or any other capacity under the GDPR, as explained in greater detail, later on in the “Identifying the data or processor controller” section.
•Collection and receipt of personal data
•Use of information
•Sharing and dissemination of information
•Identification of the data controller or processor
•Competent authority for data protection
1. APPLICABILITY OF THIS CONFIDENTIALITY POLICY
If you do not agree with the conditions, please do not use the website or any other aspect of Clara’s activities.
It applies to the personal data transmitted to Clara by the Customer at the time of entering into and executing a contract with Clara that governs the provision, access and use of the Services (the “Customer Contract”), including the processing of all messages, files or other content sent via a user account (hereinafter collectively referred to as “Customer Content” and “Account”). It also applies to personal data collected on any other occasion, such as marketing campaigns.
2. REGISTRATION AND RECEPTION OF PERSONAL DATA
Clara may collect and receive personal data in the Customer’s content, as well as other information and data (“Other Information” along with “Information”) in various ways:
•Other information. Clara collects, generates or receives other information:
Account information. To create or update an account, you provide Clara with an email address, phone number, password, domain name, or other account details.
•or Usage information:
•Data register. For websites and technology services provided on the Internet, Clara’s servers automatically collect information when accessing websites or services and are recorded in the “Data Register”. These data records may include the Internet protocol (IP) address, the address of the web page you viewed before using the website or services, the type of browser and settings, the date and time of use services, browser information, configuration and extension forms, language preferences and cookie data.
•Device information. Clara collects information about devices that access services, including the type of device, the operating system used, device settings, application IDs, unique device IDs, and fault data.
•Third-party services in general, third-party services consist of software integrated into services. A third-party service provider can share certain information with Clara. For example, if a cloud-based archive application is activated to facilitate importing files to the account, Clara may receive the username and email address of authorized users as well as additional information that the application has decided to make it available to Clara to facilitate integration. Authorized users must verify the settings and privacy notices in these third-party services to determine which data may be disclosed to Clara. When a third-party service is activated, Clara is authorized to connect to it and to access other information made available to it in accordance with its agreement with the third-party service provider. However, Clara does not receive or store the passwords of any of these third-party services when Clara connects to the services.
•Third-party data Clara may receive data on organizations, website visitors, marketing campaigns and other issues related to Clara’s activities other people involved by Clara to improve their information. This data can be combined with other information collected by Clara and may include aggregated data, such as IP addresses corresponding to postal codes or countries. This can also consist of more specific data, such as the success of a marketing campaign or online e-mail.
•Additional information provided to Clara. Clara receives more information when you submit requests to websites or when you participate in a discussion group, contest, activity or event, interact with Clara’s social network accounts, or otherwise communicate with Clara. Clara receives information collected during a marketing campaign of any kind, especially campaigns aimed at customers or potential customers, as well as prospects.
3. USE OF INFORMATION
Clara will use personal data in accordance with the Customer’s instructions, including the procedures applicable to the Customer contract, as required by applicable law. In particular, Clara uses the information to facilitate the execution of its contract with the Customer, to maintain and improve the website and activities and for marketing purposes in relation to marketing campaigns. More specifically, Clara uses the information:
•To provide, update, maintain and protect your services, websites and other activities.
•To meet a legal or regulatory requirement.
•To communicate with you by answering requests, comments and questions.
•To develop and provide research, learning and productivity tools as well as additional features.
•To send e-mails and other communications. Clara can send administrative emails, messages and other types of communications. Clara may also contact you to inform you of your offers and important security notices and / or attempted fraud. These communications are considered part of the services and perhaps you may not be able to disable them.
•In addition, Clara sometimes sends e-mails about new product features, promotional communications or other news about Clara. These are marketing messages that you may decide to receive or not receive.
•For account management and other administrative issues like billing, account management, or other reasons, Clara uses the account information to administer accounts.
•To conduct surveys and help prevent security problems and potential abuse.
4. DATA CONSERVATION
In its data processor quality, pursuant to the GDPR, Clara stores the contents of the Customer in accordance with the Client’s instructions, including all applicable conditions of the Customer contract and the Customer’s use of the services features. Clara, therefore, cannot be held responsible for non-compliance by customers with the retention periods of their personal data.
5. SHARING AND DISSEMINATION OF INFORMATION
This section describes how Clara can share and disclose personal data. Customers establish their policies and practices in relation to sharing and disclosure of their personal data. Clara does not control the way in which its Customers or other third parties choose to share or disclose personal data.
•Customer Instructions. Clara will not share or disclose the content of Customer’s data except in accordance with Customer’s instructions, including any applicable conditions in the Customer contract.
•Customer access. Customers can access other information, modify it or restrict access to it.
•Third-party suppliers and partners. Clara may hire third-party or private companies as service providers or business partners to process other information and support Clara’s activities. For example, these third parties can provide virtual IT and storage services.
•Third-party services. The Customer can activate third party services. When activated, Clara can share other information with third-party services. Please check the privacy settings and information for these third-party services or contact the provider if you have any questions.
•Aggregated or anonymous data. Clara may transmit, disclose or use aggregate information when it cannot be used to identify the individuals to whom it refers or anonymous information for any reason.
•Protect Clara’s rights, prevent fraud and ensure security. Protect and defend the rights, property or safety of Clara or third parties, including the execution of contracts or investigations and the prevention of fraud or security issues.
•Consent. Clara may not share the other information with third parties unless you consent to this sharing clearly and explicitly in accordance with applicable regulations.
Clara takes the security of your personal data very seriously. Clara undertakes to protect the information provided by the user in order to prevent loss, misuse, unauthorized access and unauthorized disclosure. These measures take into account the sensitivity of information gathered by Clara, processes and deposits and the current state of technology. However, given the nature of communication and information processing technologies, Clara cannot guarantee that the information is absolutely protected from intrusion by third parties during Internet transit or storage in its systems or while in its custody.
7. CHANGES TO THIS CONFIDENTIAL POLICY
8. DATA TRANSFERS
Clara may transfer personal data to countries other than the country in which you reside. If Clara transfers personal data outside the European Union, in a country that is not recognized with an equivalent level of personal data protection, Clara undertakes to sign the applicable European Union contractual clauses in accordance with regulatory requirements applicable.
9. IDENTIFICATION OF THE HOLDER OR THE PROCESSOR
In the member countries of the European Union, the GPDR distinguishes between “data controller” and “data processor”.
Responsible for processing: natural or legal person, public authority, agency or other body that alone or in collaboration with other bodies determines the purposes and methods of treatment.
Processor: natural or legal person, public authority, agency or other entity that processes personal data on behalf of the controller.
As a general rule, the supplier is responsible for processing Customer data. Generally, Clara is the processor of the customer data content and is responsible for processing other information. Clara S.r.l. is an Italian company registered in the “Chamber of Commerce, Industries, Handicrafts and Agriculture of Caserta” (CCIAA) with the number CE – 256457, with registered office in the Consorzio Impreco – Lotto 29, Zona Industriale di Aversa Nord, 81032 Carinaro (CE), and is responsible for processing the other information and the person responsible for processing the contents of the customer’s data.
10. OUR RIGHTS
Individuals living in an EU country have the right to request access to their personal data and to update, delete or correct their personal data. In general, you can do this by contacting Clara for access and further assistance.
To the extent that Clara’s processing of your personal information is subject to GDPR, Clara relies on its legitimate interests described above to process your data. Clara may also process other information that includes your personal data for direct marketing purposes and you have the right to object to Clara’s use of your personal information for that purpose at any time.
11. AUTHORITY OF PROTECTION OF PERSONAL DATA
Under applicable law, you also have the right to restrict Clara’s use of other information that includes your personal information and file a complaint with your local data protection authority or with your national data protection commission, to the following address:
AL GARANTE PER LA PROTEZIONE DEI DATI PERSONALI
PIAZZA DI MONTECITORIO, 121
00186 – ROME
12. CONTACT CLARA
Do not hesitate to contact the national data protection commission if you have any questions about this confidentiality policy or about the personal data practices of Clara or if you wish to exercise your rights.
In general, if you wish to communicate with the data controller of Clara, you can do so at the following address
firstname.lastname@example.org or at the address indicated below:
Al responsabile della protezione dei dati (DPO) di Clara S.r.l.
Consorzio Impreco lotto 29 – Zona Industriale di Aversa Nord
81032 Carinaro/CE – ITALY