Privacy Policy
The purpose of this privacy policy is to provide all the information on the processing of personal data carried out by Demalia OÜ when the User accesses and navigates this site (as better indicated below).
Demalia OÜ having its registered office in Tornimäe tn 5, Tallinn, Harju maakond, 10145, Estonia, with VAT No. EE102554218 (here in after, "Owner"), owner of this website/landing page (hereinafter, the "Site"), as the owner of the processing of personal data of the users who browse the site (hereinafter, "Users") provides below the privacy policy pursuant to Art. 13 of the EU Regulation 2016/679 of April 27, 2016 (hereinafter, "Regulation", or "Applicable Legislation").
The Controller holds in the highest regard the right to privacy and protection of personal data of its Users.
For any information in relation to this privacy policy, Users may contact the Controller at any time using the following methods:
The Owner has not identified a Data Protection Officer (DPO or DPO), as it is not subject to the designation requirement under Article 37 of the Regulations.
The Site allows Users to release their contact information in order to be contacted in order to receive offers, coupons, discounts and/or compare quotes with each other regarding promotions presented on the page from time to time (hereinafter, the "Service"). In connection with the activities that may be carried out through the Site, the Owner processes and collects personal data relating to Users.
This Site and any services offered through the Site are restricted to individuals who are eighteen years of age or older. Therefore, the Controller does not collect personal data relating to individuals under the age of 18. Upon the request of Users, the Controller will promptly delete all personal data unintentionally collected relating to individuals under the age of 18.
In particular, Users' personal data will be lawfully processed by the Controller, in accordance with Article 6 of the Regulations, for the following processing purposes:
a. contractual obligations and provision of the Service, to enable navigation of the Site, enjoyment of the Service, and fulfill specific User requests.
User data processed by the Owner for the purpose of any registration on the Site include:
Unless the User gives the Data Controller a specific and optional consent to the processing of his/her data for the additional purposes provided for in the following paragraphs, the User's personal data will be used by the Data Controller for the sole purpose of ascertaining the identity of the User (including through validation of the e-mail address), thus avoiding possible fraud or abuse, and contacting the User for service reasons only (e.g. sending notifications regarding the services offered on the Site). Notwithstanding the provisions elsewhere in this privacy policy, under no circumstances will the Owner make Users' personal data accessible to other Users and/or third parties.
b. legal obligations, i.e., to fulfill obligations required by law, authority, regulation or European legislation.
The provision of personal data for the above processing purposes is optional but necessary, as failure to provide it will make it impossible for the User to browse the Site, register on the Site and take advantage of the services offered by the Owner on the Site.
Some of the User's personal data (first name, last name, gender, e-mail address), may also be processed by the Data Controller for marketing purposes (sending advertising material, direct sales and commercial communication), i.e. so that the Data Controller can contact the User by mail, e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or messaging systems to propose to the User the purchase of products and/or services offered by the Data Controller itself and/or third party companies, present offers, promotions and commercial opportunities.
In case of non-consent, the possibility to use the Site will not be affected in any way.
In case of consent, the User may at any time revoke the same by making a request to the Owner in the manner indicated in paragraph 8 below.
The User may also easily object to further sending of promotional communications via e-mail also by clicking on the appropriate link for revocation of consent, which is present in each promotional e-mail. Upon making the revocation of consent, the User will see a message confirming that the request has been received by the Controller. If the User wishes to revoke his or her consent to the sending of promotional communications via telephone, while continuing to receive promotional communications via e-mail, or vice versa, please send a request to the Controller in the manner indicated in paragraph 8 below.
The Data Controller informs that, following the exercise of the right to object to the sending of promotional communications by e-mail, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before the receipt by the Data Controller of the request for objection) the User will continue to receive some additional promotional messages. Should the User continue to receive promotional messages after 24 hours have elapsed since the exercise of the right to object, please report the problem to the Controller, using the contacts indicated in paragraph 8 below.
The User's personal data (i.e. personal and contact data and information relating to the services towards which the User has expressed interest) may also be processed by the Data Controller for profiling purposes, i.e. to reconstruct the User's tastes and consumption habits, identifying the User's consumer profile, in order to be able to send the User commercial offers consistent with the identified profile.
If consent is not given, the possibility of registering with the Site will not be affected in any way.
In case of consent, the User may at any time revoke the same by making a request to the Data Controller in the manner indicated in paragraph 8 below.
The User's personal data (i.e., first name, last name, e-mail) will be disclosed by the Owner to the following categories of third-party companies: (i) Household Products; (ii) Telecommunications; (iii) Energy Providers; (iv) Entertainment; (v) Investment; (vi) Financing; (vii) Real Estate Services; (viii) E-commerce; (ix) Health & Beauty; (x) Fashion; (xi) Technology; (xii) Insurance Provider Companies; (xiii) Food & Beverage; (xiv) Automotive; (xv) Claims; (hereinafter, collectively, the "Data Controller's Partners")
The Owner's Partners, as autonomous data controllers, will process the User's personal data for their own marketing purposes (direct sales, sending of advertising material and commercial communication), and may contact the User by mail, e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or messaging systems to propose to the User the purchase of products and/or services offered by the same categories of third party companies and/or other companies and present the User with offers, promotions and commercial opportunities. Once the transfer has taken place, it will be the responsibility of the Holder's Partner to provide Users in accordance with Article 14 paragraph 3 of the Regulations with all the information provided for in the same Article 14 of the Regulations.
In case of non-consent, the possibility to register on the Site will not be affected in any way.
In case of consent, the User may at any time revoke the same by making a request to the Controller in the manner indicated in paragraph 8 below.
The Data Controller informs that the User's personal data will be processed by the Data Controller's Partners as autonomous data controllers, on the basis of the specific information that will be issued by the Data Controller's Partners to the Users. Any requests not to receive further commercial communications from the Controller's Partners, to whom the data have already been disclosed by the Controller, should therefore be addressed directly to them.
Service provision (as described by par. 3, lett. a) above): the legal basis consists of art. 6, par. 1, lett. b) of the Regulations, i.e. the processing is necessary for the performance of a contract to which the User is a party or the performance of pre-contractual measures taken at the User's request.
Legal obligations (as described by Section 3(c) above): the legal basis consists of Article 6(1)(c) of the Regulations, as the processing is necessary to fulfill a legal obligation to which the Data Controller is subject.
Additional processing purposes: for processing related to marketing activities, profiling, communication of data to the Data Controller's Partners (as described by Paragraph 4 above), the legal basis consists of Art. 6(1)(a) of the Regulations, i.e. the provision by the data subject of consent to the processing of his/her personal data for one or more specific purposes. For this reason, the Data Controller asks the User for the provision of a specific free and optional consent, in order to pursue this processing purpose.
The Data Controller will process Users' personal data by means of manual and computerized tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data.
The personal data of the Users of the Site will be kept for the time strictly necessary to fulfill the primary purposes illustrated in paragraph 3 above, or in any case as necessary for the protection in civil law of the interests of both the Users and the Data Controller.
In the cases referred to in paragraphs 4.1, 4.2, 4.3 above, the personal data of the Users will be kept for the time strictly necessary to carry out the purposes illustrated in the same and, in any case, until the User revokes his/her consent.
The User's personal data may be transferred outside the European Union and, in this case, the Controller will ensure that the transfer takes place in accordance with the Applicable Legislation and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate safeguards) of the Regulations.
The personal data of the Users may come to the attention of the employees and/or collaborators of the Controller in charge of managing the Site and the Users' requests. These individuals, who have been instructed to do so by the Data Controller pursuant to Article 29 of the Regulations, will process Users' data exclusively for the purposes indicated in this notice and in compliance with the provisions of the Applicable Regulations.
Third parties who may process personal data on behalf of the Data Controller as Data Processors may also become aware of Users' personal data, such as, by way of example, IT and logistics service providers functional to the operation of the Site, outsourcing or cloud computing service providers, professionals and consultants.
Listed below are the Data Processors that the Data Controller uses to send promotional communications:
Users have the right to obtain a list of additional Data Processors appointed by the Controller by making a request to the Controller in the manner set forth in paragraph 8 below.
In addition to the sectors listed, you can expect Demalia OÜ to find and run 3rd party offers from Advertisers that we believe will be of interest to our members. The following Networks allow us to send their third party offers. You can view their Advertisers/Client List here:
Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Controller in the following ways:
Pursuant to the Applicable Legislation, the Data Controller informs that Users have the right to obtain information on (i) the origin of personal data; (ii) the purposes and methods of processing; (iii) the logic applied in case of processing carried out with the aid of electronic instruments; (iv) the identification details of the data controller and data processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as data processors or persons in charge of processing.
In addition, Users have the right to obtain:
d. should they believe that processing concerning them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they normally reside, in the Member State in which they work, or in the Member State in which the alleged violation occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, based at Piazza di Monte Citorio n. 121, 00186 - Rome (http://www.garanteprivacy.it/).
The Owner is not responsible for updating all links viewable in this Policy, so whenever a link is not working and/or updated, Users acknowledge and agree that they should always refer to the document and/or section of the websites referred to by that link.
Demalia OÜ is not responsible for updating all links displayed in this Cookies Policy, so whenever a link is not working and/or updated, Users acknowledge and agree that they should always refer to the document and/or section of the websites referred to by that link.
