Are you a member? /

Privacy policy


Privacy Policy investinitalyrealestate.com

 

We hereby provide you with some information that you need to bring to your knowledge, not only to comply with legal obligations, but also because transparency and fairness towards interested parties is a fundamental part of this Public Administration considering that this site collects some Personal Data of its Users.

 

Data Controller

The Data Controller is ICE – Agency for the promotion abroad and the internationalization of Italian companies, with headquarters in via Liszt, 21 – 00144 Rome, phone 06 59921 (also “ICE-Agenzia”).

The Data Protection Officer can be contacted at the following email address: privacy@ice.it.

Personal data will be kept for a period of time not exceeding the achievement of the purposes or on the basis of the deadlines established by law. They may be kept for longer periods on condition that they are processed exclusively for archiving purposes in the public interest, for scientific and historical research or for statistical purposes without prejudice to the protection of the rights and freedoms of the interested party.

Data Controller’s email address: privacy@ice.it

 

Types of Data collected

Among the Personal Data collected by this website, independently or through third parties, there are:  e-mail; first name; surname; telephone number; profession; province; nation; POSTAL CODE; date of birth; city; business name; VAT number; various types of Data; password; Tax ID code; business sector; Data communicated while using the service; Data communicated in order to use the Service; Data relating to the browsing experience of the website.

Complete details on each type of data collected are provided in the dedicated sections of this Privacy Policy or through specific information texts displayed before the data is collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this website.

Unless otherwise specified, all Data requested by this website are mandatory. If the User refuses to provide them, it may be impossible for this website to provide the Service. In the event that this site indicates some Data as optional, Users are free to refrain from providing such Data, without this having any consequence on the availability of the Service or on its operation.

Users who have doubts about which Data are mandatory are encouraged to contact the Data Controller.

Any use of Cookies – or other tracking tools – by this website or by the owners of third-party services used by this website, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to further purposes described in this document and in the Cookie Policy, if available.

The User takes responsibility for the Personal Data of third parties obtained, published or shared through this website and guarantees that he/she has the right to communicate or disseminate them, freeing the Data Controller from any liability towards third parties.

 

Processing Methods and Place for Collected Data

 

Processing Methods.

The Data Collector shall adopt the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The processing is carried out using IT and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organization of this website (administrative, commercial, marketing or legal personnel, system administrators) or external subjects (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Processors can always be requested to the Data Controller.

Legal basis of the treatment.

Your data will be processed using IT and non-IT tools, and the processing is based on the following legal bases:

  1.  Processing is necessary for the purpose of stipulating and executing the contract, or for the purpose of executing pre-contractual measures adopted at the request of the interested party (art. 6 point 1 letter “b”);
  2. The treatment is necessary to fulfil legal obligations to which the data controller is subject, for example fulfilment of legal obligations (accounting, tax), regulation and contract, execution of provisions of the judicial or administrative authority. (art. 6 par. 1 letter “c”).

Within the limits of the purposes and methods described in this statement, the following categories of data may be processed as personal identifiers (e.g. name, surname, date of birth, tax code), job position (e.g. role, job), telephone contacts, e-mail addresses, geographical location (e.g. residence, domicile, place of birth), education and culture (e.g. educational qualifications, professional certifications).

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

Security and Place of Processing.

The ICE Agency aims to protect the personal data of its customers, binding their treatment to the principles of correctness, lawfulness and transparency provided for by the Regulation. Only adequate, relevant and limited personal data is processed in relation to what is necessary in relation to the purposes for which it is collected and processed.

The data are processed by suitably trained Agency personnel who operate as personnel authorized to process the data, according to principles of correctness, lawfulness, transparency, pertinence and non-excess with respect to the purposes of collection and subsequent processing.

The processing takes place in such a way as to guarantee adequate security of personal data, through the use of automated tools, including confidentiality and protection, through technical-organizational measures aimed at preventing data loss, illicit or incorrect use and unauthorized access.

Your personal data may also be managed through online software or cloud services, located within the European Union, in compliance with the rights and guarantees provided by the General Data Protection Regulation (EU) 2016/679 (RGPD).

If your personal data must be managed with cloud services located outside the European Economic Area, the ICE Agency ensures that the processing of your data will be based solely on the institutional purposes of the Agency. In the latter case, your personal data must necessarily also be transferred outside the EU and the related scope of guarantee and application of the aforementioned European Regulation.

The data will not be used for different and additional purposes to those described in this disclosure, unless via prior notification and, where necessary, request of specific consent.

In the case of data transfers to US-based suppliers or data centres, the US suppliers are subject to the regulatory powers of the US Federal Trade Commission. In some situations, the US supplier may be required to disclose the personal data transferred, in response to requests received from public authorities to meet national security or local law enforcement requirements (resulting in possible access to data, of which the importer according to local legislation may have to not give notice to the exporter and the interested party, who will therefore not be able to exercise the related rights normally recognized by the GDPR). In the light of the US legislation referred to by the Court of Justice of the European Community in the Schrems II sentence of 16 July 2020, in the abstract, the risk cannot be excluded with absolute certainty that in certain occasional situations linked to national security purposes (e.g. anti-terrorism purposes) the American public authority operates an access to the data. However, based on the following circumstances:

  1. the provision of the exporter in favour of the interested parties whose data the importer (USA) processes and the consequent data processing, have a limited object (provision of video-conferencing services, etc.) and a limited purpose (management of technical processes- organizational structures functional to the aforementioned services); the provision does not involve the publication of personal opinions, comments or similar information, nor the provision of services or products that can be used in activities against national security;
  2. the types of personal data transferred are limited (e.g. personal data, contact details, etc.); the categories of interested parties to whom the data refer (learners, teachers, etc.) who are not reasonably relevant with regard to national security purposes are limited and the risk that in concrete terms there is actually an interest of the American public authority to access data (of which the importer on the basis of his own national legislation could not give notice to the exporter) appears to be objectively negligible.

Therefore, without prejudice to the only hypothesis – as mentioned of an exceptional nature and unlikely frequency – of access by the US public authority in the aforementioned specific and limited cases – it is believed that the CCS applied in the relationship between the parties reasonably guarantees protection of rights of the interested parties substantially identical to that provided for by the GDPR. Consequently, at the moment it is not considered necessary to agree with the importer further supplementary measures (possibility envisaged by the aforementioned CJEU ruling). The adoption of additional contractual measures against US importers may be introduced at any time by the exporter following any indications provided by the EDPB – European Data Protection Board following the sentence of the Community Court of Justice European Union – of 16 July 2020 which declared the so-called “Privacy Shield” bilateral convention invalid   in EU relations.

Data Sharing.

In carrying out the activities described in the various sections of this website and in carrying out your Public Administration activities, your data may be disclosed to subjects who carry out control activities, public bodies or administrations, including tax authorities, as well as subjects legitimated by law to receive such information, Italian and foreign judicial authorities and other public authorities, for the purposes connected to the fulfilment of legal obligations, or for the fulfilment of the obligations deriving from the contractual relationship, including the need for defence in court.

For the diffusion of the Newsletter, only the personal data useful for its electronic delivery will be processed.

The complete and updated list of subjects who process the data, present on the site or supplied by you, as Data Processors is available upon request at the Email address: privacy@ice.it.

Storage Period.

Your personal data will be kept for a period of 10 years, and in any case a period congruous with respect to the processing purposes indicated above and in compliance with all legal obligations.

Therefore:

  • Personal Data collected for purposes related to the execution of a contract between the Data Controller and the User will be retained until the execution of this contract is completed;
  • Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When the treatment is based on the User’s consent, the Data Controller can keep the Personal Data for longer until said consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, except as required by legal obligations, the Personal Data will be deleted. Therefore, upon expiry of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

 

Purpose of the Processing of the Collected Data

The User’s Data is collected to allow the Data Controller to provide the Service, fulfil legal obligations, respond to requests or executive actions, protect its rights and interests (or those of Users or third parties), identify any malicious activity or fraudulent, as well as for the following purposes: Tag management, Viewing content from external platforms, Contacting the User, Content and functionality performance testing (A/B testing), Registration and authentication provided directly from this site, User database management, Support request management and contact, Transfer of Data outside the EU, Hosting and back-end infrastructure and Statistics.

To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User can refer to the “Details on the Processing of Personal Data” section.

 

Details on the Processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Contacting the User

Mailing List or Newsletter

By registering with the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this site may be sent. The User’s email address could also be added to this list as a result of registering on this site or after making a purchase.

Personal Data processed: name; surname; Tax ID code; VAT number; nation; common; e-mail; telephone number.

User Database Management

This type of service allows the Data Controller to build user profiles starting from an email address, name or any other information that the User provides to this site, as well as to track User activities through statistical functions. These Personal Data could also be placed in relation to publicly available information about the User (such as profiles on social networks) and used to outline private profiles that the Data Controller can view and use to improve this site and the services offered on it.

Some of these services may also allow the scheduled sending of messages to the User, such as emails based on specific actions performed on this site.

Salesforce Sales Cloud (Salesforce.com, Inc.)

Salesforce Sales Cloud is a User Database Management service provided by Salesforce.com, inc.

Personal Data processed: various types of Data as specified in the privacy policy of the service:
https://www.salesforce.com/it/company/privacy/

Place of treatment: United States of America

Tag Management

This type of service is functional for the centralized management of tags or scripts used on this site.

The use of these services involves the flow of User Data through them and, where appropriate, their retention.

Matomo Tag Manager

Matomo Tag Manager is a tag management service provided by Matomo.

Personal Data processed: Usage Data.

Place of treatment: EUROPEAN UNION (France, Germany, Ireland) – https://matomo.org/privacy-policy/

Management of Support and Contact Requests

This type of service allows this site to manage support and contact requests received by email or other tools, such as the contact form.

The Personal Data processed depends on the information provided by the User in the messages and on the tool used for communication (for example the email address).

Salesforce Sales Cloud (Salesforce.com, Inc.)

Salesforce Sales Cloud is a User Database Management service provided by Salesforce.com, inc.

Personal Data processed: various types of Data as specified in the privacy policy of the service:
https://www.salesforce.com/it/company/privacy/

Place of treatment: United States of America

Hosting and Back-end Infrastructure

This type of service has the function of hosting Data and files that allow this site to function, allow its distribution and provide a ready-to-use infrastructure to deliver specific functions of this site.

Some of the services listed below, if any, may operate on geographically distributed servers, making it difficult to determine the actual location where Personal Data is stored.

Amazon Web Services (AWS) (Amazon Web Services, Inc.)

Amazon Web Services (AWS) is a hosting and back-end service provided by Amazon Web Services, Inc.

Personal Data processed: various types of Data as specified in the privacy policy of the service.

Place of treatment: Italy
https://d1.awsstatic.com/legal/privacypolicy/AWS_Privacy_Notice_Italian_Translation.pdf

Registration and authentication provided directly by this site

Browsing the website www.investinitalyrealestate.com is free: with no obligation to register.

For some advanced features, registration/authentication is required. By registering or authenticating, the User allows this site to identify him and give him access to dedicated services. Personal Data is collected and stored exclusively for the purpose of registration or identification as explained in the privacy policy present at the time of registration. The Data collected are only those necessary to provide the service requested by the User.

On the website there may be particular “buttons” that depict social network icons. These icons allow users who are browsing the site to “link” directly to social media platforms. The interested party is invited to refer to the information on the processing of personal data published by the managers of the Social Media platforms used by ICE Agency

Direct Registration

The User registers by completing the registration form and providing his Personal Data directly to this site.

Personal Data processed: name; surname; Tax ID code; VAT number; nation; common; e-mail; telephone number.

Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of User behaviour.

Matomo is a data traffic analysis and monitoring service provided by Matomo.

Personal Data processed: Usage Data.

Place of treatment: EUROPEAN UNION (France, Germany, Ireland)

Provider

Matomo:

Email: privacy@matomo.org

Privacy Policy https://matomo.org/privacy-policy/

Finality: Statistics

Content and Functionality Performance Testing (A/B testing)

The services contained in this section allow the Data Controller to track and analyse the response from the User, in terms of traffic or behaviour, in relation to changes to the structure, text or any other component of this site.

Matomo A/B testing is an A/B testing service provided by Matomo.

Matomo may use Personal Data to contextualize and personalize the advertisements of its advertising network.

Personal Data processed: Usage Data; Tracking Tool.

Place of treatment: EUROPEAN UNION (France, Germany, Ireland)

Matomo: privacy@matomo.org

Privacy Policy https://matomo.org/privacy-policy/

Viewing Content From External Platforms

This type of service allows you to view content, hosted on external platforms, directly from the pages of this site and interact with them.

This type of service could still collect data on web traffic relating to the pages where the service is installed, even when users do not use it.

Google Maps Widget (Google LLC)

Google Maps is a map viewing service managed by Google LLC that allows this site to integrate such content within its pages.

Personal Data processed: Usage Data; Tracking Tool.

Place of treatment: United States of America – Privacy Policy.

Vimeo Video (Vimeo, LLC)

Vimeo is a video content viewing service managed by Vimeo LLC that allows this site to integrate such content within its pages.

Personal Data processed: Usage Data; Tracking Tool.

Place of treatment: United States of America – Privacy Policy – and in particular point 14.2 of the International Data Transfers and Certain User Rights

YouTube IFrame Player

YouTube IFrame Player is a video content viewing service managed by Google LLC or by Google Ireland Limited, depending on how the Data Collector manages data processing, which allows this site to integrate such content within its pages.

Through this Service, this site may collect Data directly or indirectly on or from the User’s devices, including through the use of Tracking Tools. Users can limit this access to their Data through the security settings page provided by Google. Users, at any time, can contact the Owner to request further information on privacy settings through the contact details provided in this document.

The Data collected through the Service could also be used to help third parties show personalized advertisements based on interests. Users can decide not to receive such personalized advertising through their device settings or by visiting the opt-out page of the Network Advertising Initiative.

Personal Data processed: Data communicated while using the service; Data communicated in order to use the Service.

Place of treatment: United States of America – Privacy PolicyOpt out; Ireland – Privacy Policy.

Smartware SRL for Flipsnack (LLC)

This type of service allows you to view content, hosted on external platforms, directly from the pages of this website and interact with them.

This type of service could still collect data on web traffic relating to the pages where the service is installed, even when users do not use it.

Provider

Smartketer – Flipsnack LLC

Place of treatment: United States of America – notes on security: https://www.flipsnack.com/it/security

Privacy Policy

https://www.flipsnack.com/legal-information/privacy-policy.html

 

Users Rights

Users can exercise certain rights with reference to the Data processed by the Data Collector.

In particular, the User has the right to:

  • withdraw consent at any time. The User can revoke the previously expressed consent to the processing of his Personal Data.
  • object to the processing of your data. The User can oppose the processing of his Data when it takes place on a legal basis other than consent. Further details on the right to object are set out in the section below.
  • access your data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
  • check and ask for rectification. The User can verify the correctness of his Data and request its updating or correction.
  • obtain the limitation of the treatment. When certain conditions are met, the User can request the limitation of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than their conservation.
  • obtain the cancellation or removal of their Personal Data. When certain conditions are met, the User can request the cancellation of their Data by the Data Controller.
  • receive their data or have them transferred to another holder. The User has the right to receive their Data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its transfer without obstacles to another holder. This provision is applicable when the Data are processed with automated tools and the processing is based on the User’s consent, on a contract of which the User is a party or on contractual measures connected to it.
  • propose a complaint. The User can lodge a complaint with the competent personal data protection supervisory authority or take legal action.

Details on the Right to Object

When Personal Data is processed in the public interest, in the exercise of public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons connected with their particular situation.

Users are reminded that, should their Data be processed for direct marketing purposes, they may object to the processing without providing any reason. To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.

How to exercise your rights

To exercise the User’s rights, Users can send a request to the contact details of the Owner via the email privacy@ice.it. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within a month.

 

Cookie Policy

This site uses Tracking Tools. To find out more, the User can consult the Cookie Policy.

 

Learn More About Treatment

Defence in court

The User’s Personal Data may be used by the Data Controller in court or in the preparatory stages for its eventual establishment for the defence against abuse in the use of this site or related Services by the User.

The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of the public authorities.

Specific information

At the request of the User, in addition to the information contained in this privacy policy, this site could provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System and maintenance logs

For needs related to operation and maintenance, this site and any third party services used by it may collect system logs, i.e. files that record the interactions and which may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details privacy@ice.it.

Response to “Do Not Track” requests

This site does not support “Do Not Track” requests.

To find out if any third-party services used support them, the User is invited to consult the respective privacy policies.

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this site as well as, if technically and legally feasible, by sending a notification to Users via one of the contact you have. Therefore, please consult this page frequently, referring to the date of the last modification indicated at the bottom.

If the changes concern treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.

This privacy statement has been prepared on the basis of multiple legislative systems, including articles 13 and 14 of Regulation (EU) 2016/679.

Unless otherwise specified, this privacy statement applies exclusively to this site.