Privacy policy

The informative is expressed only for the website of BUSFORFUN and not also for potential third-party website consulted by the user through link.

FOREWORD

This website is property of BUSFORFUN.COM S.R.L., with headquarter in Via Jacopo Salamonio, 3 - 30175 - Venice - info@busforfun.com.

BUSFORFUN in relation to all personal data which are acquired with access and registration to the aforementioned website is Data Controller, for which, it decides in an autonomous way on the purposes and the modality of the processing, as well as on the safety and security procedures to apply to guarantee confidentiality, integrity and availability of data.

APPOINTMENT OF THE RESPONSIBLE OF DATA PROTECTION (RDP or DPO)

BUSFORFUN has appointed the Responsible of Personal Data Protection (RPD) which can be contacted to the following e-mail address: dpo@busforfun.com.

PURPOSES OF THE PROCESSING

BUSFORFUN will treat the acquired data as autonomous Data Controller for the following purposes:

1. Subscription to the website and service use;
2. o implement the purchase orders of the tickets during events;
3. Organizational management of contracts, for example the relationship with employees and external collaborators;
4. Fulfillment of law obligations connected to contractual relationsi;
5. Management of the requests: of a commercial nature and requests for information;
6. Receive Curricula vitae;
7. Sending newsletters/communications for marketing purposes. Sending commercial communications and advertising/promotional material (e.g. free samples) to promote products through various channels, both electronic and telematic (e-mail, sms) and traditional (paper mail, telephone).

We remind you that, as provided in the art. 130, clause 4, D. Lgs 196/2003, the holder will be able to use the data to send advertising e-mails on its own products and services, akin to what has been purchased, unless this use has been specifically refused (“soft spam”).

LEGAL BASIS OF PROCESSING DATA / LICEITY CONDITION

Legal basis of the processing:

• for the purpose indicated at the point 1) is the consent of the users that has subscribed to the website;
• for the purposes indicated at the points 2) and 3) is the contract of tickets purchase;
• for the purpose indicated at the point 4) is the fulfillment of a law obligation;
• for the purpose indicated at the point 5) is the consent in case of requests for information only in the absence of a purchase, expressed with the same request; the contract, in other cases;
• for the purpose indicated at the point 6) is the consent affixed on the footnote of the C.V.;
• for the purposes indicated at the point 7) is the consent expressed, in the absence of which BUSFORFUN will not: send you newsletters/communications of a commercial/promotional nature. For the same purpose, the legitimate interest of BUSFORFUN also exists if the data subject is already its user/customer (Considering 47 Reg. EU 679/2016).

For completeness it should be remembered that in some cases (not subject to the ordinary management of this site) the Authority may request information and information pursuant to art. 157 of Legislative Decree. n. 196/2003, for the purposes of controlling the processing of personal data. In these cases, the answer is mandatory on penalty of administrative penalty

MODALITY PROCEDURE AND DATA CONSERVATION

The personal data are treated in a prevalent electronic and telematic modality.

The processing procedure is carried out to prevent and guarantee logic, physics, and privacy of its Personal Data.

The data acquired as Data Controller will be stored for the time strictly necessary to obtain the purposes for what they have been acquired. After that period, data will be definitively deleted or, in any case, anonymized irreversibly. 

Specifically:

• data of the registered user: until the cancellation of the data is requested;
• data stored for the conclusion and the implementation of the purchasing orders: for the time necessary for the management of the order and, in any case, for 10 years from the invoicing date.
• data related to the management of the requests from the data subject: for the time necessary to satisfy the request from the data subjec;
• data contained in the C.V.: for 12 months;
• data gathered to send newsletter and/or commercial communications: that is, until the exercise of the right of consent or the right of opposition (to be carried out with the request of unsubscription) and in any case for 2 years from the last interaction of the data subject.

MANDATORY OR OPTIONAL NATURE OF THE PROVISION OF THE DATA

The provision of personal data, which are requested in different collection occasions, can be mandatory or optional. In case of mandatory nature of the provision of the data, the missing contribution will entail the impossibility to implement what requested.

The contribution of the data for the purposes indicated from 1) and 6) are mandatory. For the purposes indicated, instead, at the point 7) the contribution is optional.

AREA OF COMMUNICATION AND DISCLOSURE OF THE DATA

The data can be communicated to:

• All the subjects who access to such data is recognized by regulatory measures.
• Our collaborators, employees, as part of their tasks, authorized to process data provided. To third-party subjects
• To third-party subjects:
  • banks to manage collections;
  • finantial institutions and other companies or public bodies in compliance with regulatory requirements;
  • potential companies/firms involved which benefits from our services for their employees/collaborators;
  • bodies and/or companies which organize events for which BUSFORFUN manages the services
  • supplied through website www.busforfun.com;
  • potential intermediary used in relation to any aspect of the service required;
  • potential programs affiliation operators which use our services.
• To third-party subjects adequately selected and equipped with experience, competence and reliability, which offers adequate warranty of full compliance with applicable processing provisions, including data security profile. Third-party subjects are nominated “data processors” and carry out their activities in accordance with the instructions given by BUSFORFUN.

To date there are companies for the provision of development services, delivery and operational management of the technological platforms used

SOURCE OF COLLECTION OF PERSONAL DATA AND TYPE OF PERSONAL DATA PROCESSED

The data are acquired when accessing this website.

As Data Controller of the data supplied for the subscription to the newsletter and/or for marketing purposes - collected in the context of the management of booking services rendered to private parties - will be processed personal data (name, surname) and contact (e-mail, no. telephone, address...) as well as details of purchases made.

It should also be noted that the computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data - BROWSING DATA - the transmission of which is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of computers used by users who connect to the site, and other parameters related to the operating system and computer environment of the user.

For further information on the personal data processing, please refer to the Cookie Policy.

SECURITY MEASURES

BUSFORFUN has adopted adequate security measures in order to minimize the risk of destruction or loss - even accidental - of data, unauthorized access or processing not permitted or not in accordance with the stated collection purposes.

RIGHTS OF THE INTERESTED artt. 7, 15, 16, 17 18, 20, 21 e 22 of EU Regulation 2016/679

The data subject has, in addition to the right to lodge a complaint with a supervisory authority, the rights listed below, which can be invoked by sending a request to the Data Controller.

Art. 7 – Withdrawal of the consent to processing

At the data subject is recognized also the authority to withdraw the consent to the processing of Your Personal Data.

At the end of this operation your personal data will be removed from the archives as soon as possible.

Art. 15 – Right to access

The data subject has the right to obtain from the Data Controller the confirmation that there is or not currently underway a processing of personal data that is concerning him/her and in that case, to obtain the access to personal data and the information regarding the processing.

Art. 16 – Right to adjustment

The data subject has the right to obtain from the Data Controller the adjustment of inaccurate personal data without unjustified delay. Being aware of the purposes of the processing, the data subject has the right to obtain the data integration of incomplete personal data, even by suppling a supplementary statement.

Art. 17 – Right to cancellation (right to oblivion)

The data subject has the right to obtain from the Data Controller the cancellation of personal data which concerns him / her without unjustified delay and the Data Controller has the obligation to cancel without unjustified delay the personal data.

Art. 18 – Right to limitation of the processing

The data subject has the right to obtain from the Data Controller restriction of processing when one of the following situations occurs:

a)  the data subject contests the correctness of personal data, for the necessary period at the Data Controller to verify the correctness of such personal data;

b)  the processing is unlawful, and the data subject goes against the cancellation of personal data and asks, instead, the limitation of use;

c)  although the Data Controller does not need any more with the aim of the processing, the personal data are necessary for the data subject for the verification, the management or the defense of the right in a judicial branch;

d)  the data subject has opposed the processing pursuant to Article 21, paragraph 1, pending the verification of whether the legitimate reasons of the data controller prevail over those of the data subject.

Art. 20 – Right to data portability

The data subject has the right to receive in a structured format, of common use and machine-readable personal data concerning him or her provided to a controller and has the right to transmit such data to another controller without hindrance by the controller to whom he or she has provided them.

The data subject has the right to receive in a structured format, of common use and machine-readable personal data concerning him or her provided to a controller and has the right to transmit such data to another controller without hindrance by the controller to whom he or she has provided them.

In exercising his or her rights about data portability pursuant to paragraph 1, the data subject shall have the right to obtain the direct transmission of personal data from one controller to another, if technically feasible.

Art. 21 – Right to opposition

The data subject has the right to object at any time, for reasons related to his or her particular situation, to the processing of personal data concerning him or her pursuant to Article 6, paragraph 1, letters e) or f), including profiling on the basis of these provisions.

Art. 22 - Right not to be subject to automated decision-making, including profiling

The data subject shall have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or similarly significantly affects his or her person.