Skip to main content Skip to footer

Privacy Policy of the Frasassi Audioguide App

The purpose of this document is to inform Users regarding the Personal Data collected by the Frasassi Audioguide App (hereinafter the “Application”).

The Data Controller, as identified below, may modify or simply update this Policy, in whole or in part, informing Users accordingly. Changes and updates will be binding as soon as they are published on the Application. Users are therefore invited to review the Privacy Policy each time they access the Application.

If the User does not accept the changes made to this Privacy Policy, they must stop using this Application and may request the Data Controller to remove their Personal Data.

Personal Data collected by the Application

The Controller collects the following categories of Personal Data:

Content and information voluntarily provided by the User

Minors may provide personal data only with parental consent
Contact data and content: these are Personal Data voluntarily provided by the User while using the Application, such as personal details, contact information, login credentials for services and/or products provided, interests, personal preferences and other personal content, etc.
Failure by the User to provide Personal Data for which there is a legal or contractual obligation, or which is required for the use of the service or for entering into a contract, will result in the inability of the Controller to fully provide its services.

The User who communicates Personal Data of third parties to the Controller is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.

Data and content automatically collected during use of the Application

Technical data: the IT systems and software procedures used to operate this Application may acquire, during their normal operation, certain Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified Users, but by its very nature could, through processing and association with data held by third parties, allow Users to be identified. This category includes IP addresses, domain names of the devices used by Users who connect to the Application, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.
Usage data: data relating to the use of the Application by the User may also be collected, such as pages visited, actions performed, features and services used.

Personal data collected through cookies or similar technologies

This Application uses cookies, web beacons, unique identifiers and other similar technologies to collect data on pages, links visited and other actions you perform when using our Services, including within advertising content or emails. This data is stored and then retransmitted to the same sites upon the User’s next visit.

The User can view the full Cookie Policy at the following address: https://www.frasassi.com/cookie-app-audioguide.aspx?l=en.

Purposes

The collected Personal Data may be used for the performance of contractual and pre-contractual obligations and for compliance with legal obligations, as well as for the following purposes:

  • sending emails or newsletters and managing mailing lists
  • archiving, hosting and backend infrastructure management
  • User registration and authentication
  • the use of camera permission is exclusively for scanning QR codes to load the correct audioguide
  • the use of audio recording permission is solely for playing audio within the Application
  • the use of get accounts permission is solely for authentication
  • the use of read contacts permission is solely for authentication

Methods of processing

The processing of Personal Data is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated.

In some cases, Personal Data may also be accessible to individuals involved in the organization of the Controller (such as personnel management staff, commercial department staff, system administrators, etc.) or external parties (such as IT companies, service providers, postal couriers, hosting providers, etc.). Where necessary, such parties may be appointed as Data Processors by the Controller and may access Users’ Personal Data whenever necessary, and will be contractually obliged to keep the Personal Data confidential.

The updated list of Data Processors can be requested via email at info@frasassi.com.

Legal basis of processing

The Controller processes Personal Data relating to the User if one of the following conditions applies:

  • the User has given consent for one or more specific purposes
  • processing is necessary for the performance of a contract with the User and/or for pre-contractual measures
  • processing is necessary for compliance with a legal obligation to which the Controller is subject
  • processing is necessary for the purposes of the legitimate interests pursued by the Controller or by a third party

In any case, it is always possible to ask the Controller to clarify the specific legal basis of each processing activity.

Location

The Data are processed at the Controller’s operating offices and in any other places where the parties involved in the processing are located. For further information, please contact the Controller at the following email address info@frasassi.com or at the following postal address Largo Leone XII, n 1 - 60040 Genga (AN).

For such countries, there exists an adequacy decision by the European Commission or, in the absence of such a decision, it is possible to request more information from the Controller regarding the appropriate safeguards adopted, as well as the means to obtain a copy of such Data or the exact place where they have been made available.

Security measures

The processing is carried out using methods and tools suitable to ensure the security and confidentiality of the Data, as the Controller has adopted appropriate technical and organizational measures that guarantee, and allow to demonstrate, that processing is carried out in compliance with the applicable legislation.

Data retention period

The Controller will process Personal Data for the time necessary to fulfill the purposes related to the execution of the contract between the Controller and the User, and in any case no longer than 11 years from the termination of the relationship with the User and in any case until the expiry of the limitation period provided by law.
When processing is necessary for the purposes of the legitimate interests of the Controller, Personal Data will be retained until such interest is satisfied.
Where processing is based on the User’s consent, the Controller may retain Personal Data until such consent is withdrawn.
Personal Data may be retained for a longer period where required to comply with a legal obligation or by order of an authority.
All Personal Data will be deleted at the end of the retention period. Once this period has expired, the rights of access, deletion, rectification and data portability can no longer be exercised.

Automated decision-making processes

All collected Data will not be subject to any automated decision-making process, including profiling, that produces legal effects concerning the person or similarly significantly affects them.

User rights

Users may exercise certain rights regarding the Data processed by the Controller. In particular, the User has the right to:

  • withdraw consent at any time;
  • object to the processing of their Data;
  • access their Data;
  • verify and request rectification;
  • obtain restriction of processing;
  • obtain deletion of their Personal Data;
  • receive their Data or have it transferred to another controller;
  • lodge a complaint with the data protection supervisory authority and/or take legal action.

To exercise their rights, Users may send a request to the contact details of the Controller indicated in this document. Requests are made free of charge and processed by the Controller as quickly as possible, in any case within 30 days.

Data Controller

The Data Controller is Grotte di Frasassi Srl - Largo Leone XII, n 1 - 60040 Genga (AN) - marketing@frasassi.com - PEC: frasassi@pec.it - VAT No. 00222050429.

Last updated: 16/07/2020