DATA PROTECTION POLICY
in force since 21 May 2018
This Data Protection Policy is issued by IDM Südtirol - Alto Adige, with registered office in Piazza della Parrocchia n.
11 – 39100, Bolzano (hereinafter also referred to as “IDM”) pursuant to Articles 4 et seq. of the General Data Protection Regulation (EU) 2016/679 (“Regulation”). Under this Data Protection Policy, IDM is the Data Controller.
IDM is committed to protecting the privacy of every Data Subject. The purpose of this Data Protection Policy is to
inform you about the types of data and information that IDM collects about the users, how such information is used,
and how IDM discloses it to third parties.
This Data Protection Policy does not apply to information that is directly provided to, or collected by, third parties,
that is controlled by those third parties and whose use may be governed by other Data Protection Policys and/or terms
1. IMPORTANT DEFINITIONS
“Appropriate Jurisdiction” means a jurisdiction that has been formally designated by the European Commission as
having an adequate level of protection for Personal Data.
“Data Controller” means the party who decides how and why Personal Data should be processed.
“Personal Data Protection Supervisory Authority” means an independent public authority formally entrusted with
supervising and ensuring compliance with the applicable data protection regulations in force.
“EEA” means the European Economic Area.
“Materials” means jointly each and every piece of Content, Subscribed Content (where applicable and as further
defined below), messaging, blogging, chatting, social networking, information, advertising and/or Internet links, etc.,
accessible or delivered through the Website.
“Personal Data” means information relating to a natural person or information from which a natural person is directly
or indirectly identified or identifiable, in particular through reference to an identifying element such as a name, an
identification number, geographic locations, online identifiers or through reference to one or more physical, psychological, genetic, mental, economic, cultural or social elements that identify a specific natural person.
“Processing” means any operation carried out on Personal Data including without the aid of electronic means, such
as collection, recording, organisation, storage, processing, modification, retrieval, consultation, use, communication,
dissemination, or the making available in another way, interconnection, reduction, deletion and destruction of Personal Data.
“Sensitive Data” means any Personal Data relating to race or ethnicity, political opinions, religious or philosophical
beliefs, membership of a party or trade union, physical or mental health, sexual habits, judicial information relating to pending or adjudicated criminal proceedings, national identification number or any other information that could be
regarded as sensitive under the Regulations and any other applicable laws and regulations regarding the protection of
“Website(s)” means each and every website operated or maintained by or on behalf of IDM.
“Application(s)” means a software application that can be integrated, downloaded and/or executed under IDM or
third-party ownership and made available on the Website(s).
“Content” means any audio or video element and any idea offered by IDM or any third party, including but not limited
to data, films, videos, photographs, software, games, graphics and design, portraits and images, artwork, music, sound,
information and other Materials, tangible and intangible, including derivative works, on and in any and all existing or
future media and formats.
2. PERSONAL DATA COLLECTION
Personal Data Collection: IDM may collect Personal Data about you from the following sources:
3. CATEGORIES OF PERSONAL DATA THAT IDM MAY PROCESS
IDM may process the following categories of Personal Data about you to the extent that such Processing is strictly
necessary for the purposes of the Processing set out in this Data Protection Policy:
4. LEGAL BASIS FOR PROCESSING SENSITIVE DATA PURSUANT TO ART. 6, Regulation (EU) 2016/679
When processing your Personal Data for the purposes set out in this Data Protection Policy, IDM may use one or
more of the following legal bases, depending on the circumstances:
5. SENSITIVE DATA
IDM does not intend to collect or otherwise process your Sensitive Data in the normal course of business. If, for
any reason, it becomes necessary to process your Sensitive Data, IDM refers to one or more of the following legal
6. HOW IDM USES THE INFORMATION COLLECTED
IDM may process your Personal Data for the following purposes:
7. HOW IDM SHARES AND DISCLOSES INFORMATION
It may be the case that IDM shares information under this Data Protection Policy and the following section describes how IDM shares that information. IDM will disclose your Personal Data only if and to the extent that it is
necessary: (i) to provide the services you have requested; (ii) to adapt to applicable law; (iii) to establish, exercise
or defend rights of IDM; (iv) to the extent necessary in connection with the sale or reorganisation of a substantial
part of IDM’s business.
8. MATERIALS OF THIRD PARTIES
Third parties offering Applications or Materials may collect Personal Data or Non-Personal Data when you access their
Applications and Materials made available through their services. IDM is not responsible for the data collection and
Data Protection Policys that apply to such third parties or for their services, and they may collect data about you and
may share it with IDM and/or others. These third parties and their services may also track you over time and in space,
submit their own advertisements (including interest-based advertisements) and may or may not have published their
own Data Protection Policys.
In addition, when you use the Website(s) you may be directed to other services that are provided and controlled by
third parties and that IDM does not control. For example, if you browse the Internet and click on a link on a website,
the link may take you to a different website. When you access a new website or application IDM advises you to review
the Data Protection Policys of all third parties involved and to pay attention to them. IDM is not responsible for the
availability, completeness and accuracy of such third-party Data Protection Policys.
9. YOUR CHOICE CONCERNING THE COLLECTION OF DATA AND THE MODIFICATION OF THE PREFERENCES COMMUNICATED: YOUR RIGHTS AND CHOICES
Accuracy of data
IDM is committed to making every reasonable effort to ensure that:
10. SECURITY OF THE INFORMATION THAT IDM COLLECTS
IDM takes the security of your Personal Data seriously. IDM implements physical, administrative and organisational
protective measures to preserve the confidentiality and security of your Personal Data. Unfortunately, the transmission of information over the Internet is not completely secure. Although IDM does his best to protect your Personal
Data, IDM cannot guarantee the security of your Personal Data transmitted through use of the Website(s) and Applications. Any transmission of Personal Data is at your own risk. IDM is not responsible for circumventing any and all
privacy settings or security measures for the Website(s) and Applications.
11. WALLS/MESSAGE BOARDS AND OTHER PUBLIC SPACES
IDM may offer walls/message boards or other public functions on the Website(s), and any of your posts in such public
spaces are considered public information that is available to other users.
IDM does not control and is not responsible for the actions of other users with respect to any information you post in
such spaces. In addition, the information you disclose into public spaces may be collected and used by other users to
send you unsolicited messages and for additional purposes. Each post on the message boards and in the public spaces
on the Website(s) is also governed by the terms and conditions of the applicable third-party websites.
Parts of your user profile may also be available to other users and you should take care not to use Personal Data in
your user name or in other information that may be publicly available to other users.
12. TRANSNATIONAL TRANSFER OF INFORMATION
IDM may transfer and retain Personal Data that you provide to IDM in connection with your use of the Website(s)
to/on servers located in countries outside your jurisdiction. IDM may also transfer Personal Data collected by you in
other countries outside your jurisdiction to third parties mentioned in this Data Protection Policy, to the extent that
such transfer is necessary in order to comply with our obligations under this Data Protection Policy.
13. DATA PROTECTION POLICY VERSIONS AND AMENDMENTS
IDM reserves the right to amend this Data Protection Policy at any time and for any reason, and will publish any
changes to this Data Protection Policy within a reasonable time after they enter into force. This Data Protection Policy
will remain in full force and effect as long as you remain a user of the Website(s) and/or Application(s), even if your
use of, or participation in, any particular service, feature, function or promotional activity ends, expires, terminates, is
suspended or disabled for any reason.
Please send any further questions you may have with respect to this Data Protection Policy to firstname.lastname@example.org.
Web push notifications from PushPanda.io
We use web push notifications from PushPanda.io. Web push notifications are notifications that can be displayed on your terminal device without opening the website or the relevant app.
No distinctive user data, such as IP addresses or similar, that could allow the user in question to be identified, are saved. If somebody registers for the notification distributor (opt-in process), only an identification code and the geographical IP information (country and state) of the user are sent to PushPanda.io and stored in its database. This code is issued by the respective browser provider (Google, Mozilla, etc.) and enables the notifications to be sent to the relevant browser later. Notifications are sent by the browser provider itself.
If the opt-in for push notifications is withdrawn (opt-out), all data saved with PushPanda.io is deleted and the identification code will be invalid.
You can find information about opting out of push notifications at https://www.pushpanda.io/de/links/abmeldung/.
PushPanda.io is a service of Project K GmbH, with headquarters in Innsbruck, Austria.
As of: 19/12/2019