Privacy Policy

PRIVACY NOTICE

eWibe S.r.l., with registered office in Milan, via Gonzaga n.2, VAT No. 11884500965 (the “Company” or “EWB”), is the data controller of the personal data provided by users through the website www.ewibe.com (the “Website”).

This Privacy Notice is provided to Users in accordance with and for the purposes of national and European legislation on personal data protection (Regulation EU 2016/679), as well as any other applicable personal data protection regulations in Italy, including provisions by the Data Protection Authority.

1. DEFINITIONS

Personal Data (or Data)

Personal data means any information that directly or indirectly, in conjunction with any other information, identifies or makes an individual identifiable.

Usage Data

Information collected automatically through the Website, including but not limited to IP addresses or domain names of the computers used by Users who connect to the Website, URIs (Uniform Resource Identifiers), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response from the server (successful, error, etc.), the country of origin, browser and operating system characteristics of the visitor, the various items viewed, and offers made or items bought or sold, the time of visit (e.g., time spent on each page), and the navigation path within the Website, focusing on the sequence of pages visited, system operating parameters, and the User's computing environment.

User

The individual using the Website, unless otherwise specified, coincides with the Data Subject.

Data Subject

The individual to whom the collected Personal Data refers.

Data Processor (or Processor)

The natural or legal person, public authority, agency, or other body that processes personal data on behalf of the Data Controller, as described in this privacy policy.

Data Controller (or Controller)

eWibe S.r.l., with registered office in Milan, via Gonzaga n.2, VAT No. 11884500965.

Website

The Website www.ewibe.com, through which Personal Data is collected and processed from Users.

Service

The service provided by the Website as defined in the relevant terms and conditions of the Website.

2. DATA CONTROLLER AND DATA PROCESSORS

The Data Controller is eWibe S.r.l., with registered office in Milan, via Gonzaga n.2, VAT No. 11884500965. The Data Controller may appoint Data Processors to achieve the purposes described below and a Data Protection Officer (DPO) to oversee the protection of personal data. You may contact the Data Controller at any time with any questions or requests regarding your personal data and privacy by writing to privacy@ewibe.com.

3. TYPES OF DATA COLLECTED

By way of example and not limited to, Personal Data collected by the Website, either independently or through third parties, includes: email, first and last name, date of birth, gender, delivery address, postal code, city of delivery, mobile phone number, cookies, and Usage Data. If Users register via social media authentication methods, EWB will access certain Personal Data (e.g., first and last name, email, etc.) from the User's social media account based on the applicable terms of the specific social media platform.

Personal Data may be provided directly by the User or, in the case of Usage Data, automatically collected during Website use.

Unless otherwise specified, all Data requested by the Website is mandatory. If the User refuses to provide such Data, it may be impossible for EWB to provide the Service. Where the Website indicates certain Data as optional, Users are free to abstain from providing such Data without affecting the availability or operation of the Service. Users who are unsure about which Data is mandatory are invited to contact the Data Controller.

The User declares and guarantees that the Personal Data belongs to and relates to the User and assumes full responsibility for this declaration, holding the Data Controller harmless from any liability towards third parties.

4. METHODS AND LOCATION OF DATA PROCESSING

Processing Methods

The Data Controller adopts specific security measures to ensure that the processing of Data complies with data protection regulations and prevents unauthorized access, disclosure, modification, or destruction of Personal Data.

Personal Data collected on the Website is stored within the European Union, is not publicly disclosed, and will not be sold or otherwise transferred to third parties, except as provided by law. However, Data may be shared with companies specifically appointed to carry out certain tasks on behalf of the Data Controller, who will operate as independent controllers and/or processors. Additionally, Data may be shared with law enforcement, judicial authorities, security bodies, or other public authorities as required by law. Examples include sharing personal data with:

• collaborators, employees, and suppliers of the Company, within the scope of their duties and/or any contractual obligations;
• legal, administrative, and tax consultants who assist the Company in its activities;
• banking institutions for the management of payments resulting from the execution of the contract with the Data Subject;
• subcontractors engaged in activities related to the execution of the contract with the Company, as external processors;
• public authorities and/or judicial and regulatory bodies when requested, as autonomous controllers;
• IT service providers or cloud systems providers.

A complete list of Data Processors can be requested by the Data Subject at any time by sending a written request to the address provided below.

Location and Transfer

Data is processed at the Data Controller's premises. We ensure that it is processed in accordance with this Privacy Policy and that adequate protection is guaranteed. Data may be transferred outside the European Union to be stored on servers used by EWB or third-party processors. The transfer is carried out by EWB through the stipulation of standard contractual clauses in line with European Commission models with server and/or service providers.

Retention Period

Data is processed and stored for as long as required for the purposes for which it was collected, always considering the principle of data minimization and for no longer than necessary for the purposes for which it was collected or further processed. In general, data will be retained until the first of:

• the fifth anniversary following the last use of the Website or the last active interaction with EWB;
• the fifth anniversary following the account closure.

The following categories of data may be retained for longer periods:

• financial and accounting data (e.g., invoices, payments, refunds, etc.) are retained for the period required by applicable tax and accounting laws;
• all user-generated content (e.g., purchased items, behavior patterns) is anonymized but remains available for our analyses in aggregated form.

Upon expiration of the retention period, Personal Data will be deleted. Therefore, after this period, the right to access, delete, rectify, and the right to data portability can no longer be exercised.

5. PURPOSES OF DATA PROCESSING

User Data is collected to enable the Data Controller to provide and optimize its Services, and also for:

• identifying the User for access to the Website and dedicated services, as well as allowing for the proper development of User support activities;
• completing orders and managing payments;
• preparing and delivering orders;
• managing order invoicing and completing related administrative and tax processes;
• assisting with services provided via the Website and handling support requests;
• enforcing and defending its rights, including in credit recovery proceedings;
• (the purposes listed from 1 to 6, “Contractual Purposes”);
• complying with obligations under applicable law, including making communications to competent authorities for legal or regulatory reasons and adhering to their requests (“Legal Obligations”); and, where express consent is given by the Data Subject, improving the Data Subject's experience and catering to their needs, conducting market analysis and sending communications, developing marketing activities, as well as analyzing and understanding customers to improve services (including user interface experience) and optimizing the selection of offered services (“Legitimate Interest Purposes”).

For further information on Personal Data relevant to each purpose, Users can request information from the Data Controller at privacy@ewibe.com.

6. NATURE OF CONSENT

The processing of personal data is mandatory:

• for the execution of the contract in relation to Contractual Purposes,
• to comply with legal obligations related to Legal Obligation Purposes.

The Data Subject is free to provide their data and consent to processing. However, refusal to provide personal data and consent for Contractual Purposes and Legal Obligation Purposes would prevent the Company from concluding the contract, and if already concluded, from continuing its execution. Refusal for Legitimate Interest Purposes can be denied.

Users may always request the Data Controller to clarify the legal basis for each processing and specify if the processing is based on law, contract, or necessary to conclude a contract.

7. USER RIGHTS

Users may exercise certain rights with reference to their Data processed by the Data Controller. In particular, Users have the right to:

• Withdraw consent at any time: Users may withdraw consent to the processing of their Personal Data at any time.
• Object to processing of their Data: Users may object to the processing of their Data when it is carried out on a legal basis other than consent. Further details are provided in the section below.
• Access their Data: Users have the right to obtain information on the Data processed by the Data Controller and to receive a copy of the Data processed.
• Verify and request rectification: Users may verify the accuracy of their Data and request its update or correction.
• Restrict the processing of their Data: When certain conditions are met, Users may request the restriction of the processing of their Data. In this case, the Data Controller will process the Data only for storage purposes.
• Obtain the deletion or removal of their Personal Data: When certain conditions are met, Users may request the deletion of their Data by the Data Controller.
• Receive their Data or have it transferred to another controller: Users have the right to receive their Data in a structured, commonly used, and machine-readable format and, where technically feasible, to have it transferred to another controller without any obstacles. This right is applicable when the Data is processed by automated means and the processing is based on the User's consent, on a contract of which the User is a party, or on pre-contractual measures.
• Lodge a complaint: Users may lodge a complaint with the competent data protection authority or take legal action.

Should the Data Subject wish to exercise the rights set forth in this paragraph 7, they may contact the Data Controller at privacy@ewibe.com.

Details on the right to object

When Personal Data is processed in the public interest, in the exercise of official authority vested in the Data Controller, or for the purposes of legitimate interests pursued by the Data Controller, Users have the right to object to such processing on grounds relating to their particular situation. Users may block newsletters from the Data Controller at any time, without providing any reason, by following the instructions in the newsletter.

How to exercise your rights

To exercise User rights, Users can send a request to the contact details of the Data Controller provided in this document. Requests are processed by the Data Controller as soon as possible.

COOKIE POLICY

This Website uses Cookies. Cookies are small text files that the Website sends to the user's terminal, where they are stored to be sent back to the Website during the next visit by the same user.

The computer systems and software procedures used to operate the Website automatically acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified individuals, but due to its very nature, it could allow for user identification. This category of data includes IP addresses or domain names of the computers used by users connecting to the Website, URI addresses (Uniform Resource Identifiers) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's response (successful, error), and other parameters relating to the user's operating system and computing environment. These data, collected in aggregate form through so-called "analytics" cookies, are used solely to obtain anonymous statistical information on the use of the Website and to ensure its proper operation. The data may also be used where necessary to ascertain liability for computer crimes committed against the Website.

The use of session cookies (which are not stored persistently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable secure and efficient navigation of the Website. In addition to so-called "technical" cookies, which may be used by the Data Controller without the user's consent (while still requiring the provision of this information), the Website also uses cookies for profiling and direct marketing purposes, to show you advertisements on the Website or send you newsletters about personalized products and/or services that better match your interests and needs. The Website also includes third-party cookies that serve the same purposes described above, and the Data Controller does not control them in any way. Processing via cookies for profiling and marketing purposes can be accepted or declined. Most browsers accept cookies automatically; therefore, you will need to adjust your browser settings to modify these preferences.

FURTHER INFORMATION ON DATA PROCESSING

Legal Defense

The User's Personal Data may be used by the Data Controller in court or in the preparatory stages of any legal proceedings arising from improper use of the Website or the services offered to the User. The User acknowledges that the Data Controller may be required to disclose Data at the request of public authorities.

Additional information not contained in this policy

Further information regarding the processing of Personal Data may be requested at any time from the Data Controller using the contact details provided [•].

Changes to the privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page. It is therefore recommended to check this page regularly, referring to the date of the last update at the bottom. If changes to this privacy policy are not accepted, Users must cease using the Website and may request that the Data Controller remove their Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that point.

COOKIES BANNER

Our website uses cookies, including third-party cookies, to improve browsing experience and provide a better service. By accepting cookies, you agree to their use in accordance with our cookie policy. You can change your preferences by clicking on Manage Preferences. You can view our Cookie Policy at any time by clicking on the following link.