This page is also available in the following locales: DE, IT

INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA

Pursuant to art. 13 of EU Regulation no. 2016/679 (GDPR), and in general in observance of the principle of transparency provided for by the Regulation itself, of Below we provide information regarding the processing of personal data within the application developed and maintained by Shair.Tech.

The application allows donors accredited to a charitable organization to report your surplus as a donation. Donations are returned accessible to the organization and its volunteers and staff, who are in able to indicate that a donation has been withdrawn. It also generates all the documentation required from donees and donors by the law of 19 August 2016, no. 166 and the recent changes introduced by article 1, paragraph 208 of law 27 December 2017, n. 205 (transport documents for each donation, monthly report and quarterly report).

The application provides some additional functions reserved for donors who provide a collective catering service (e.g. canteens corporate and school) and their users: consultation of the menu of the day with information on ingredients, allergens and nutritional properties; possibility to evaluate today's menu; analysis of the nutritional value of user meals; statistics on quantities donated for each dish offered e user satisfaction.

In order to allow the use of the application, the collection and processing of the following information, which will be processed in full compliance with current privacy legislation:

  • Receiving entities:

    • Name (company name)
    • Registered office address
    • Operational headquarters address
    • VAT number/tax code
    • Logo
    • Telephone number
    • Cellphone number
    • Name of contact person
    • Email of the contact person
    • Name of the legal representative
    • Place and date of birth of the legal representative
    • Tax code and residence address of the legal representative
    • Email for the supervisor user (he will have his login credentials)

  • For each volunteer/vehicle that carries out the collection (each volunteer/vehicle will haveyour login credentials):

    • First name
    • Email address
    • Donors from which it will withdraw

  • Donors:

    • For each point of sale (each point of sale will have its own credentials access)
    • Name (even if the same as the company name)
    • Address (even if same as company name)
    • Email address
    • Name of contact person
    • Contact person's telephone number
    • Mobile number of the contact person
    • Email of the contact person
    • Website address

1. DATA CONTROLLER

The Data Controller of personal data is Shair.Tech, based in Genoa, Largo San Giuseppe 3/32, tel. +39.349.620.4514 – info@shair.tech.

2. CONTACT DETAILS OF THE PERSONAL DATA PROTECTION OFFICER

The Data Protection Officer - DPO designated by the Data Controller pursuant to art. 37 of the GDPR can be contacted through the following channels: tel. +39.349.620.4514 privacy@shair.tech.

3. PURPOSE OF THE PROCESSING

The processing of your personal data takes place in the context of the use of BTF and will have the following purposes:

  • user registration
  • use of donation reporting services
  • certification of donations made
  • certification of withdrawn donations
  • improvement of catering services (service users only catering registered as donors)
  • scientific and statistical research.

4. MANDATORY PROVISION OF DATA

The provision and collection of data within the application are necessary to ensure correct functioning.

The user of the application, through the explicit consent that comes required the first time you use the application regarding permissions necessary for the collection and use of the data listed below, declares to be aware and accept the use of data for the above purposes indicated.

All purposes of processing are attributable to use of the application and/or carrying out a project in collaboration with charitable organizations and/or companies with the aim of reducing food waste, reduction of food surpluses, improvement of service catering.

Although there is no obligation to provide data, failure to do so conferment will make it impossible to proceed with access to the application.

5. TYPE OF DATA PROCESSED

5.1 Charitable volunteers and donor staff

The user's email inbox is used solely as tool for the unique identification of the user within the system e for sending automated communications (summary of donations available in the last 24 hours); in applications where the supply of service takes advantage of the user's real-time location, comes made use of the user's current location.

6. METHOD AND DURATION OF TREATMENT

The treatment will be carried out:

  • through the use of manual and automated systems;
  • by persons authorized to carry out these tasks, in accordance with the law;
  • with the use of appropriate measures to guarantee the confidentiality of the data and avoid access to them by unauthorized third parties;
  • in contexts that do not compromise personal dignity and decorum of the interested party, ensuring the necessary precautions to guarantee its confidentiality in use.

The data will be retained until the request is received cancellation of the same by the user. The data could be preserved even following account closure, for example in backups or in the Disaster Recovery system or, in aggregate and anonymous form, if used for scientific research or statistical purposes. THE data will in any case be kept for a period not exceeding that period necessary to pursue the specific purposes indicated therein, with gradual deletion of data attributable to specific purposes gradually no longer persecuted.

7. DATA COMMUNICATION

The data collected and processed may be communicated anonymously and aggregated, in an illustrative and non-exhaustive manner, exclusively for the aforementioned specified purposes, to:

  • Public administrations
  • Financing bodies
  • Project coordinators and partners
  • Business organizations and partnerships to which the Foundation belongs;
  • Event organizers;
  • Certification bodies;
  • Financing bodies;
  • Project coordinators and partners;
  • Reporters, auditors, project auditors.

For restaurant service users only: data relating to food preferences (evaluations of the dishes served at the canteen) are made available to the restaurant service manager in aggregate form and pseudonymized.

Personal data are not subject to disclosure, except in anonymous form aggregated for scientific dissemination purposes.

8. PLACE OF DATA PROCESSING

The personal data processing activity mainly takes place on territory of the European Union, or with the aid of IT tools involving treatment in countries for which the Commission has recruited decision on the adequacy of personal data protection.

9. RIGHTS OF THE INTERESTED PARTY

The interested party has the right to ask the Data Controller at any time for exercise the rights referred to in the articles. 15 et seq. of the GDPR and, in particular:

  • access to personal data (receive related information free of chargec to the personal data held by the Data Controller, as well as obtain a copy thereof accessible);
  • rectification of incorrect, imprecise or obsolete data upon notification;
  • revocation of consent (consent may be revoked at any time);
  • deletion of data - right to be forgotten - (for example, in case of revocation of consent, if there is no other legal basis for the treatment);
  • limitation of processing (in certain cases – for example while they come the necessary checks have been carried out following an event opposition to the processing - the data will not be consultable by the Owner, but they will be stored in such a way that they can be possibly restored);
  • opposition to processing for legitimate reasons (possibility to oppose the processing of their data, for example that carried out for the purposes of direct marketing);
  • data portability (communication of data to third parties upon request of the user);
  • complaint to the supervisory authority (Privacy Guarantor)

To exercise the aforementioned rights you can contact Shair.Tech, info@shair.tech. The right to lodge a complaint with the Guarantor for the protection of personal data.