Privacy Policy
In compliance with Article 13 of EU Regulation 2016/679 regarding the protection of personal data, this policy (“Privacy Policy”) describes how personal data is processed through the web site: www.faroalternativeinvestments.com
DEFINITIONS
Personal Data: any information relating to an identified or identifiable natural person.
GDPR: EU Regulation 2016/679 on data protection.
Privacy Legislation: the GDPR and any other applicable legislation and regulation for the protection of personal data, including Legislative Decree 196/2003, as amended.
Site: the website accessible at the URL www.faroalternativeinvestments.com
Data Controller: FARO GP S.à r.l., with registered offices in 33 Avenue J.F. Kennedy 1855 Luxembourg and VAT number LU35565612
User: the natural person who accesses the Site to consult it and/or to request one or more of the services offered through it.
DATA CONTROLLER
This Privacy Policy indicates how the Data Controller processes Personal Data that it acquires with reference to the User of the services it offers through the Site. In the processing of Personal Data, the Data Controller shall comply with the obligations required by Privacy Legislation.
PURPOSE OF DATA PROCESSING AND LEGAL BASES
The Data Controller may use the Personal Data that the User shares through the Site for the following purposes:
- for the management of the User’s subscription to newsletters, if any (legal basis: consent pursuant to Article 6(1)(a) of the GDPR);
- for any further marketing and profiling activities (legal basis: consent pursuant to Article 6(1)(a) GDPR);
- to provide the services made available to Users by the Data Controller through the Site (legal basis: performance of a contract pursuant to Article 6(1)(b) GDPR);
- for the fulfillment of formalities and obligations arising from applicable law or regulations (legal basis: compliance with a legal obligation pursuant to Art. 6 (1)(c) GDPR);
- to ensure the proper functioning of the Site (legal basis: legitimate interest pursuant to Article 6(1)(f) GDPR).
Where required by law, the Data Controller will ask you to express your consent to the processing of Personal Data for a specific purpose. In fact, the activities referred to in points a) and b) may only be carried out following the specific and express consent of the User, which can be revoked at any time.
TYPES OF DATA PROCESSED
Through the Site, the following Personal Data may be collected and subsequently processed by the Data Controller:
- Navigation data: information processed by computer systems and software procedures that are used for the normal functioning of the Site and which, by their very nature, could allow Users to be identified through certain processing treatments;
- Data provided voluntarily by Users through the forms on the Site: the data voluntarily communicated by Users will be processed exclusively for the purpose for which it is communicated. Such data may include: contact details, including company name and VAT number; name and surname and tax code; address; e-mail address; phone number;
- Data collected through the so-called cookies: cookies, which are strings of text containing the User’s data stored and then retransmitted to the Site in the event of a subsequent visit by the same User, are used to improve the use of the Site. Information related to cookies can be found in the cookie policy, which can be found here ([INSERT COLLEGAMENTO A COOKIE POLICY]).
OPTIONAL NATURE OF THE PROVISION OF DATA
Apart from what is specified for navigation data, the User is free to provide the personal data contained in the request forms on the Site to request the sending of the newsletter, information material or other communications. Failure to provide Personal Data may make it impossible for the Data Controller to provide certain services.
PROCESSING METHODS
The processing of Personal Data takes place through automated tools for the time strictly necessary to achieve the purposes for which they were collected and is carried out by the Data Controller in such a way as to guarantee the security and confidentiality of the data in accordance with the provisions of the Privacy Legislation.
Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access, in particular all technical, IT, organizational, logistical and procedural security measures provided for by the Privacy Legislation are in place.
RECIPIENTS
The Processing will be carried out by the Data Controller and/or external consultants or suppliers of the Data Controller, who have entered into a specific agreement with the Data Controller regarding the protection of personal data and therefore act as data processors pursuant to Article 28 of the GDPR. Personal Data will not be transferred outside the European Economic Area in the absence of the requirements of the Privacy Legislation. Data will not be published or disseminated.
DATA RETENTION PERIOD
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. It should be noted that:
- The data collected for marketing purposes will not be kept for more than 24 months;
- In any case, the data collected for profiling purposes will not be kept for more than 12 months.
It is understood that the User may at any time request the deletion of his/her Personal Data in accordance with the provisions of this Privacy Policy.
RIGHTS OF THE DATA SUBJECTS
- Right to withdraw consent: You have the right to withdraw your consent to the processing of your Personal Data at any time and to unsubscribe from the service at any time by sending an email to: info@farogp.com
- Right of access: You have the right to obtain access to your Personal Data at any time. In the event that personal information is processed in an automated manner as part of a service to you or based on your consent, you also have the right to request a copy of the information in a structured, commonly used and machine-readable format (right to “data portability”).
- Right to erasure: You may ask the Data Controller to erase your Personal Data, in particular when you have withdrawn your consent to the processing of the aforementioned Personal Data or when these are no longer necessary for the purpose for which the Data Controller should have known and/or processed them.
- Right to object: You may object to the processing of your Personal Data.
- Right to rectification: You may ask us to rectify the Personal Data we have collected.
- Right to restriction of processing: You may request the restriction of the processing of your Personal Data.
All the above rights may be exercised by sending a written communication to the Data Controller:
– by e-mail, attaching a photocopy of an identity document, to the following address: info@farogp.com;
– by post, attaching a photocopy of an identity document, to the postal address 33 Avenue J.F. Kennedy 1855 Luxembourg.
The User shall also have the right to lodge a complaint with the competent supervisory authority (Autorità Garante per la Protezione dei Dati Personali), pursuant to Article 77 of the GDPR, if the User believes that the processing of his/her Personal Data conflicts with Privacy Legislation.
CHANGES TO THE PRIVACY POLICY
The Data Controller is committed to ensure that Personal Data collection and further processing activities are always appropriate and compliant with Privacy Legislation. Any changes to this Privacy Policy that may result in a change of the features of the processing of your Personal Data will be displayed on the Site.