PRIVACY POLICY

(Last update: Jan 26, 2022 - v. 1.1)

Introduction

Pursuant to Article 13 of the Reg. UE 2016/679 ("GDPR"), this privacy policy explains how Ledworks S.r.l. (“Ledworks” or “We” or “Us”) collects, stores, uses, transfers and discloses Personal Data from our users (“Users” or “You”) in connection with the “Twinkly” mobile application and related services (“App”).

For the purpose of this privacy policy, “Personal Data” means any information relating to an identified or identifiable individual.

1. Data Controller

The Data Controller of the processing of personal data is Ledworks S.r.l., with head office in 20144 Milano, Via Tortona 37, VAT IT09521280967.

If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact us via e-mail using the following details: privacy@ledworks.io 

2. Personal data and information we collect

1. Personal Data You provide to Us

• Full name;
• Email address.

2. Information collected automatically through the App

When You access or use the App, We may automatically collect the following information:

• Device Information: We collect information about the mobile device You use to access the App, including the hardware model, information about the operating system and its version,  IP address.
• Information Collected by tracking technologies: We use various technologies to collect information about your use of the App, such as frequency of use, which areas and features of our App you visit and your use patterns generally, etc.

This information is not collected to be associated with identified users and is used only to obtain anonymous statistical information on the use of the App and to check its correct functioning.

The App uses for its operation IT systems and software procedures, also of third parties. The purpose is to improve the stability of the App and, for this reason, during its use the following third parties can automatically acquire information in aggregate form:

• Crashlytics Firebase: https://firebase.google.com/support/privacy.

3. Purpose and legal basis of personal data processing

We have set out below a description of all the ways We plan to use your Personal Data, and which of the legal bases We rely on to do so:

I) Registration and access to reserved area of the App: We may process Personal Data in order to register You to the reserved area of the App and to enable You to log in. We may also process  Personal Data to send You important information regarding the status of your account (f.e. if some of the services You are registered to are about to expire or if Your account is about to be closed according to the terms and conditions of the service You accepted).

Legas basis: Contractual obligation (art. 6.1.b GDPR)

II) Marketing: We may contact You with newsletters, marketing or promotional materials and other information that may be of interest to You relating to our products/services. This includes sending users communications about our products/services, features, promotions, studies, surveys, news, updates, and events. We may do so through various methods, including email, text messages, push notifications, in app communications.

Legal basis: Consent (art. 6.1.a GDPR)

III) Analytics: We may process Personal Data to better understand how users access and use our App, both on an aggregated and individualized basis, in order to improve the quality and value of our App, provide You with a better experience and for other research and analytical purposes.

Legal basis: Legitimate interest (art. 6.1.f GDPR)

IV) Fraud prevention: We may process Personal Data to find and prevent fraud and respond to trust and safety issues that may arise.

Legal basis: Legitimate interest (art. 6.1.f GDPR)

4. Nature of the provision of Personal Data and consequences of a refusal to provide

The provision of Personal Data for the purpose set out in par. 3.I) is necessary and a refusal by the Users implies the impossibility for the Company to perform its contractual obligations and provide the Users with the functionalities, services and the information requested as specified above.

The provision of Personal Data for the purpose referred to in par. 3.II) is optional and any refusal by the Users will not have any consequences on the performance of the services or the features and provision of information requested through the App. 

The provision of Personal Data for the purposes referred to in par. 3.III and 3.IV is automatic and implicit in Internet transmission protocols.

5. Social plug-ins  

It is possible to access the App through social network plug-ins (eg. Facebook, Apple, Google, etc.). If You access our App through a similar plug-in, the internet browser connects directly to the social network servers and the plug-in is displayed on the screen thanks to the connection with the browser. The plug-in communicates to the social network server the pages viewed by the Users. Further information on the collection and use of data by social networks in general, as well as on the rights and methods available to protect the privacy of the data subject in this context, are present in the social network’s page concerning data protection.

6. Recipients

Where necessary, we transmit your Personal Data to:

• Ledworks’ employees and consultants who are responsible for data processing;
• Third party companies or other entities, in their role as external data processors, which provide outsourced services to Ledworks (f.e.hosting, cloud, CRM, etc.).

The updated list of designated data processors may be provided upon request of Users.

We may also disclose your Personal Data to comply with any court order, law or legal process, including to respond to any government or regulatory request.

7. International data transfers

We may transfer your personal data to recipients who may be located outside the European Economic Area (EEA). When We transfer your personal data from the EEA to third countries, i.e. countries outside the EEA, We only do so on the basis of appropriate safeguards or if otherwise authorized by applicable law.

8. Data Security

We protect your personal data through technical and organizational security measures to minimize risks associated with data loss, misuse, unauthorized access and unauthorized disclosure and alteration. To this end We use firewalls and data encryption, for example, as well as physical access restrictions for our data centers and authorization controls for data access.

9. Data Retention

We take measures to delete your Personal Data or keep it in a form that does not permit identifying You when this information is no longer necessary for the purposes for which we process it, unless we are required by law to keep this information for a longer period.

With reference to the purpose set out in par. 3.II), You can object at any time without stating reasons by sending a message to privacy@ledworks.io or by using the unsubscribe link in the email newsletter.

10. Your rights

At any time, You can exercise the rights referred to in Article 15 et seq. GDPR for access, rectification, transformation, blocking, cancellation, limitation of processing, in the manner established by Article 12 GDPR.

These rights may be exercised by sending a written notification to Ledworks S.r.l., via Tortona 37 - 20144 Milan, Italy, or by sending an e-mail to the address privacy@ledworks.io.

In the event of failure to promptly reply or an inadequate response from the Ledworks, or if You believe there is a violation of the data protection regulation, You can appeal to the Italian Data Protection Authority at the following coordinates: www.gpdp.it e-mail: garante@gpdp.it, Telephone switchboard: (+39) 06.69677.1.

11. Changes to Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy. In this case You will be promptly informed when You use the App again.