Walliance SIM SpA, with its registered office in Trento (TN – 38122), Viale della Costituzione n. 16, as Data Controller (hereinafter, "Data Controller" or "Walliance") acknowledges the relevance of personal data protection and considers such protection among the main objectives of its activities.
We therefore invite you, before communicating any personal data to the Data Controller, to carefully read this document (henceforth, the "Privacy Policy"), as it contains important information on personal data processing and the security measures taken to ensure their protection, in full compliance with applicable regulations.
Please note that this Privacy Policy applies to the following website www.walliance.eu (hereinafter, the "Website") and its subdomains, including but not limited to www.walliance.it, www.walliance.fr, www.walliance.es, https://prospettica.walliance.eu/, https://careers.walliance.eu, https://reportcrowdfunding.walliance.eu/, owned by Walliance (hereinafter, the "Websites"), managed by the Owner and for the Walliance app (the "App"), managed by the same Owner.
This Privacy Policy does not apply for websites that may be consulted through external links, and is intended to be applied, according to Art. 13 of the European Regulation 2016/679 on Data Protection ("GDPR"), to all those who interact with the Websites. It complies, where applicable, with Legislative Decree 196/2003 (henceforth, the "Privacy Code"), as per Law no. 160 of December 27, 2019, Decree-Law no. 53 of June 14, 2019, Ministerial Decree no. 53 of March 15, 2019, and GDPR Compliance Decree (Legislative Decree no. 101 of August 10, 2018), in the relevant parts.
***
The Data Controller informs you that your data will be processed according to principles of appropriateness, legality, transparency, and protection of your privacy and rights. Your data will therefore be processed by the GDPR measures, and the protection obligations provided for therein.
1. OWNER, DATA CONTROLLERS AND DATA PROTECTION OFFICER ("DPO")
Following consultation and use of the Websites, data relating to identified or identifiable individuals may be processed.
The identification details of the Data Controller and operator of the Site are as follows: Walliance SIM SpA, with registered office in Viale della Costituzione n.16, 38122 Trento (Italy), tax code and VAT number 02432640221, REA TN-224237.
Together with Walliance SIM SpA, the subsidiaries listed below may process data on behalf of the Data Controller in order to ensure support to Walliance SIM SpA in the management of its activities in France and Spain, respectively.
Walliance France SASU | 12 Quai du Commerce | 69009 LYON, France
VAT: FR03850446915 | RCS: Lyon B 850 446 915 | share capital € 50,000.00Walliance Spain SL | Calle Jose Ortega y Gasset 22-24 | 28006 MADRID, Spain VAT: ESB72842677 | NIF: B72842677 | share capital € 10,000.00.
The list of data processors can be requested by e-mail to the following address: privacy@walliance.eu.
The Owner has appointed the Data Protection Officer (hereinafter: "DPO") in the person of Ms. Lisa Vicenzi who can be contacted at the following address: dpo@walliance.eu.
2. PERSONAL DATA SUBJECT TO PROCESSING
2.1 Navigation data
During their normal operation, the computer systems and software procedures used to operate this Site acquire some personal data. Such data transmission is implicit in the use of Internet communication protocols. This entails information that is not collected for association with identified persons. Nevertheless, because of its very nature, such information could lead to user identification through processing and association with data held by third parties. This data category includes IP addresses or domain names of devices used to connect to the Site; URI (Uniform Resource Identifier) annotated addresses of the requested resources; time of the request; the method used to submit the request to the server; the size of the file obtained in response; the numerical code indicating the server response status (success, error, etc.), and other parameters of the User's operating system and IT environment.
These data are used to obtain anonymous statistical information on the use of the Websites and the App, to check proper functioning and to allow - given the architecture of the systems used - the proper delivery of the various functions requested by the User. For security reasons, these data are deleted immediately after processing.
Under no circumstances does the Owner cross-reference this information with any other data it may hold in order to track the activities of specific users.
2.2 Data voluntarily provided by the User
To access offer features through the Site and reserved for registered users, registration is required through at least the following personal data: country of residence, first name, last name, email address, nationality and phone number for account verification, citizenship, gender, country of birth, city of birth, and social security number.
Once you have registered within the User's personal area, you will be able to enter other data referring to your profile, such as, e.g., address of residence, copy of an identification document, as well as expiration date and document number, the bank account from which the amounts invested are sent.
These data are provided voluntarily and will be processed in full compliance with data protection regulations. Failure to provide these data will only result in the inability to create an account and access certain features.
The User is responsible for and guarantees the accuracy of the data entered within the profile.
Such data may also be processed in connection with the subsequent possible qualification of users as "Investors" and/or "Issuers," for the purpose of joining an Offer through the Portal accessible to the Sites (under the conditions available in the appropriate area of the Sites) or for the purpose of submission to Walliance and possible subsequent publication on the Site, and its subdomains, of offers to the public for the purpose of raising capital.
You may log in to the Sites, App and Services using credentials provided by a third party, such as Google, Facebook, Apple or similar service ("social log-in"). If this is the case, the User should check the settings of that service and read the third-party provider's policies carefully, as they may authorize the third-party provider to share your personal information and authorize Walliance to collect information such as your contact and other data.
Walliance will retain the identification code associated with the User''s account at the third party''s service from the time it is used to log -in or share content hosted by the Site. The retention will take place for as long as necessary to provide the requested services.
If the User creates a Walliance account or uses site services by logging in through social log-in, Walliance may use the information in the 'source account to complete their profile on the Sites. The User may update or change profile information and contact information at any time through social log-in.
These data are kept for as long as necessary to render the requested services and also for additional periods if retention is required by law or for other legitimate purposes such as the defense of Walliance in court, or if there is a legitimate interest of the owner or third parties.
2.3 Information collected through cookies. Definitions, characteristics, and enforcement
Cookies are small text files that sites visited by the User send and record on his or her computer or mobile device, only to be transmitted back to the same sites on the next visit. Precisely because of cookies, a site remembers the User's actions and preferences (such as, for example, login data, chosen language, font size, other display settings, etc.) so that they do not have to be indicated again when the User returns to visit said site or navigates from one page to another of it. Cookies, therefore, are used to perform computer authentication, session tracking and storage of information regarding the activities of users accessing a site. In addition, they may also contain a unique identification code that allows tracking of the User's navigation within the site itself, for statistical or advertising purposes. In the course of browsing a site, the User may also receive on his/her computer or mobile device cookies from sites or web servers other than the one he/she is visiting (so-called "third-party" cookies). Some operations could not be accomplished without the use of cookies, which, in certain cases, are therefore technically necessary for the very operation of the site.
By using the Site, you consent to the use of cookies in accordance with this Privacy Policy and as indicated on the pages of the Site itself through the Cookiebot application.
Cookies are small files stored on the hard disk of the User's computer. There are two macro categories of cookies: technical cookies and profiling cookies.
Technical cookies are necessary for the proper functioning of a website and to allow the User to navigate; without them, the User may not be able to view pages properly or use certain services.
Profiling cookies have the task of creating profiles of the User in order to send advertising messages in line with the preferences expressed by the same while browsing.
Cookies can also be classified as:
"Session" cookies, which are deleted immediately when the browsing browser is closed;
"Persistent" cookies, which remain within the browser for a specified period of time. They are used, for example, to recognize the device connecting to a site by facilitating authentication operations for the User;
"Own" cookies, generated and managed directly by the operator of the website on which the user is browsing;
"Third-party" cookies, generated and managed by parties other than the operator of the website on which the user is browsing.
You can always disable cookies. To do so in the case of browsing the Walliance Sites, please refer to the link in the footer of the site page, Cookies Policy; in other cases, please refer to the instructions of each browser used to browse the Site.
Types of cookies used by the Website
The Site, including its subdomains, uses the following types of cookies, and offers the option to deselect them, except for third-party cookies for which the User should refer directly to the relevant ways of selecting and deselecting the respective cookies, indicated by means of links:
Technical (necessary) cookies - navigation or session - strictly necessary for the operation of the Site or to enable the User to take advantage of the content and services requested by them.
Statistical cookies, which allow the operator of the Site to understand how it is used by users. No information about the User's identity or any personal data is collected with these cookies. The information is processed in aggregate and anonymous form.
Functionality or preference cookies, are used to enable specific features of the Site and a selected set of criteria in order to improve the service provided. Preference cookies allow a website to remember information that affects the way the site behaves or pleases you, such as your preferred language or the region you are in.
Marketing cookies, which are used to track visitors on websites. The intent is to display ads that are relevant and engaging to the individual user and thus those of greatest value to third-party publishers and advertisers.
Finally, Unclassified Cookies are the cookies that are being classified, along with individual cookie providers.
WARNING: Disabling technical and/or functionality cookies may result in the Site being unavailable or certain services or features of the Site being unavailable or not functioning properly, and the User may have to change or manually enter certain information or preferences each time they visit the Site.
Third-party cookies, i.e. cookies from sites or web servers other than that of the Owner, used for purposes specific to such third parties, including profiling cookies. It should be noted that these third parties, listed below with the relevant hyperlinks to their privacy policies, act as autonomous data controllers of the data collected through the cookies they send; therefore, the User must refer to their personal data processing policies, notices and any consent collection forms (selection and deselection of the respective cookies).
Listed below are links to the respective policies on the use of cookies:
Google Connect https://www.google.it/intl/it/policies/technologies/types/
Facebook Connect https://www.facebook.com/policies/cookies/
Facebook Pixel https://www.facebook.com/policies/cookies/
Cerved https://policies.cerved.com/
Recruitee https://recruitee.com/en/privacy
ShuftiPro https://shuftipro.com/privacy-policy/
Typeform https://admin.typeform.com/to/dwk6gt
Spreaker https://www.spreaker.com/cookies
Mailchimp https://mailchimp.com/legal/privacy/
LeadChampion https://leadchampion.com/privacy/
Microsoft Clarity & Microsoft Advertising https://privacy.microsoft.com/en-us/privacystatement
In detail, the cookies sent directly by Walliance through the Site are shown at the following link: https://www.walliance.it/cookies
3. PURPOSE OF PROCESSING AND MANDATORY OR OPTIONAL NATURE OF DATA PROVISION
Data provided to us by the User through the Sites will be processed by the Owner for the following purposes:
(a) purposes inherent in the provision of requested services (e.g., contact request, newsletter subscription, registration, submission of offers by Investors and Issuers, resolution of issues related to the use of the Site, complaints, etc.).
The provision of your data for the purposes referred to in (a) is optional, but failure to provide it may make it impossible for the requested functionality to work. The legal basis for processing your data for these purposes is Article 6(1)(a) GDPR.
b) purposes of statistical research/analysis on aggregated or anonymous data, without therefore the possibility of identifying the User, aimed at measuring the operation of the Site, measuring traffic and evaluating usability and interest.
The processing of your data for these purposes is optional; therefore, failure to provide your consent for these purposes will not affect the use of the services.
The legal basis for processing your data for these purposes is Article 6(1)(a) GDPR.
(c) purposes related to the fulfillment of obligations under applicable regulations.
The provision of your data for the purpose listed above under (c) is mandatory. The legal basis for the processing of your data for these purposes is Article 6(1)(c) GDPR. Failure to provide them would not allow the Data Controller to meet its obligations under the applicable legislation.
d) Marketing purposes
The data provided may be processed, with your explicit and specific consent, for the purpose of sending promotional and Marketing communications, including the sending of newsletters and market research, through automated (sms, mms, email, push notifications, fax) and non-automated (paper mail, telephone with operator) means. The legal basis for the processing of your data for these purposes is Article 6(1)(a) GDPR. Commercial profiling and Direct Marketing processing are optional and depend on your free choice; therefore, failure to provide your consents for these purposes will not affect the use of the services.
4. DATA PROCESSING METHODS, SECURITY AND LOCATION
Your personal data are processed by the Data Controller - or by third parties carefully selected for their reliability and competence, appointed for this purpose as data processors - limited to its achievement of the purposes specified above, mainly by automated means but also in paper form, for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illegal or incorrect use and unauthorized access, in full compliance with applicable regulations.
5. COMMUNICATION AND DISSEMINATION
Your personal data may be brought to the attention of employees or collaborators of the Data Controller, belonging to the categories of administrative, commercial, legal, accounting or computer system administrators, depending on the processing, who, operating under the direct authority of the Data Controller, are appointed as data processors or persons in charge of the processing, pursuant to Articles 28 and 29 of the GDPR, and receive appropriate operating instructions in this regard.
Your personal data may be communicated to parties outside the Owner, whose activities are necessary and functional for the provision of the Sites' functionality.
Your personal data may be communicated to third parties such as persons, companies or professional firms that provide assistance and consulting services to the Data Controller, rightly appointed as data processors; persons, entities or authorities to whom the communication of your personal data is mandatory by virtue of provisions of law or orders of the competent authorities; persons delegated and/or appointed by the Data Controller to carry out activities strictly related to the pursuit of the purposes indicated above (including technical maintenance work on the systems), rightly appointed as data processors; to business partners, suppliers of services functional to the development of the software, the provision of services related to the Site.
Where necessary, the Owner reserves the right to collect your specific consent.
Your personal data will not be disseminated by the Data Controller, unless you have given your express specific consent. Your data may be transferred abroad, to countries within the European Union or to countries outside the European Union that have received an adequacy decision from the Commission, or even to countries that have not received such an adequacy decision, in accordance with and within the limits of Articles 44 - 49 of the GDPR.
6. DATA RETENTION
Personal data are stored and processed through computer systems owned and operated by the Data Controller itself or by third-party technical service providers. Data are processed only by specifically authorized personnel, including personnel assigned to perform extraordinary maintenance operations.
The data will be kept for as long as is strictly necessary for the contractual or legal purposes for which the same data were provided to the Data Controller and, in any case, no longer than ten years after the termination of any relationship with the Data Controller.
7. YOUR RIGHTS
At any time, you may exercise, pursuant to Articles 15 to 22 of the GDPR, the right to: request confirmation of the existence or non-existence of your personal data; obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the period of storage; obtain the rectification and deletion of data; obtain the restriction of processing; obtain the portability of data, i.e. receive them from the data controller, in a structured, commonly used, machine-eligible format, and transmit them to another data controller without hindrance; object to the processing at any time and also in the case of processing for Direct Marketing purposes; object to automated decision-making relating to natural persons, including profiling; request from the data controller access to and rectification or erasure of personal data or restriction of processing concerning him or her or to object to its processing, as well as the right to data portability to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before revocation; to lodge a complaint with the supervisory authority (Autorità Garante per la protezione dei dati personali in Italia - www.garanteprivacy.it).
Inquiries can be addressed by sending an email to: privacy@walliance.eu.
8. CHANGES
This Privacy Policy may be amended to reflect changes in law, technology, changes in data collection and use, or to allow us to add new features or services. In the event of changes, Walliance will notify you: (i) by popup alerts posted on the main page of the Site and/or (ii) by taking any other action that the Owner deems appropriate. Any changes made will be effective upon their posting, and browsing the Site after such time will count as acceptance of such changes.
The User declares that he/she has read the information herein and gives his/her consent to the processing of all his/her data in the manner indicated above.