INFORMATION AND ACQUISITION OF CONSENT FOR THE PURPOSE OF DATA PROCESSING FOR THE REGISTRATION OF THE DOMAIN NAME AND FOR THE VISIBILITY ON THE INTERNET
Version 1.2 - 23/08/2022
Information pursuant to the Code regarding the protection of personal data (Legislative Decree 30 June 2003, No. 196, Article 13)
For the performance of the activities to which this information refers:
a) the data controller is the CNR, through the Institute of Informatics and Telematics of the CNR, .it Registry (http://www.nic.it);
b) the data processor is the Registrar who manages the contractual relationship with the Registrant from time to time; its identification details are contained in the contract between the aforementioned Registrar and the Registrant, and therefore known by the interested party.
A list of data processors is available on the Registry website at the url http://www.nic.it.
The Registrar remains the data controller in relation to the contractual relationship directly with the Registrant, not included in this information; c) the mandatory information is that which is essential for the performance of the requested service.
The personal data of the Registrant are collected by the Registrar who from time to time manages the contractual relationship with the Registrant through this form, for the purpose of registering and managing the domain name in the Data Base of Assigned Names at the Institute of Informatics and Telematics of the CNR, .it Registry.
In addition to the personal data collected through the completion of the form, if the transaction is carried out electronically, the IP address from which the Internet connection originates from the compilation of the online form at the Registrant and the log of the related transaction, for the purpose of contributing to the identification of the registrant in relation to the general information declared and the declarations made by the registrant.
Personal data, the aforementioned IP address and the transaction log constitute the mandatory information.
The mandatory information collected will be processed for administrative and accounting management purposes, protection of rights and other purposes and activities related to the registration, management, dispute, transfer and cancellation of the domain name, as well as to comply with legal, regulatory or regulatory obligations. community, and communicated to third parties for ancillary or necessary activities for the accomplishment of the aforementioned purposes.
The data will not be used and communicated to third parties for marketing or direct marketing activities.
Except for the IP address, the data will also be disclosed to third parties who declare that they wish to act to protect their rights against the Registrant in relation to the registration or use of the domain name.
In compliance with the technical standards of the Internet Engineering Task Force - IETF (http://www.ietf.org) aimed at ensuring the reachability of the domain name on Internet network, in order to maintain the balance of the relative system, as well as in consideration of the policy of the .it Registry aimed at avoiding situations of anonymity and allowing the traceability of the assignees, in case of registration they will in any case be visible on the Internet, through Whois query, together with the domain name the following data: name and surname of the registrant or company name, domain status, 2 Registrars and technical data (contactID, registration date, expire date, last update date and nameservers).
For the purposes of this information, consent to processing for registration purposes refers to all the aforementioned activities as a whole.
The conferment for registration purposes is optional, but in case of lack of consent it will not be possible to register, assign and manage the domain name.
The following data will also be visible via the Internet, subject to separate consent, through a Whois query, together with the domain name: Registrant's residential address or registered office, telephone number, fax number, e-mail address.
For the purposes of this information, the consent for the purposes of accessibility and dissemination via the Internet refers only to the latter activities and types of data.
The provision for the purposes of accessibility and dissemination via the Internet is optional; the lack of consent will not preclude the registration but only the public visibility via Whois query of the aforementioned data, within the limits defined above.
Further information on how to query the Registry database is available on the Registry website: http://www.nic.it.
The interested party enjoys the rights referred to in art.
7 of the Code for the protection of personal data including the right of access, rectification and cancellation of data concerning him.
The exercise of the aforementioned rights may be exercised through a request addressed to the Registrar who from time to time manages the contractual relationship with the Registrant and subordinately to the Institute of Informatics and Telematics of the CNR, Via Giuseppe Moruzzi, 1, I-56124 Pisa, Italy.
INFORMATION ON DATA PROCESSING - GDPR COMPLIANCE
Version 2.4 - 23/08/2022
Shellrent Srl complies with the European Regulation on the processing of personal data 679/16 (GDPR) and has implemented all the measures and policies necessary to comply with the legislation on data processing. Privacy protection is essential for us.
Subject of the document
personal data are handled when you use our services.
This information specifies how Shellrent S.r.l. processes personal data pursuant to art. 13 of the EU Regulation
2016/679: according to the rules of the same, the processing of data will follow the principles of lawfulness, correctness and transparency,
purpose limitation and storage, data minimization, accuracy, integrity and confidentiality of the same.
The processing of personal data means any operation or set of operations, carried out with or without the aid
of automated processes and applied to personal data or sets of them. Common operations can be collection,
registration, organization, structuring, storage, modification, extraction, consultation,
communication, limitation, cancellation or destruction.
Data processors and contracting parties
Shellrent S.r.l. with registered office in via dell 'building 19, Vicenza, postcode 36100, will be responsible for the processing of personal data
provided or collected in connection with our Services.
As a user of our Services, the collection, use and possible sharing of personal data are subject
privacy) and related updates.
1) What data we collect
1.1 Data provided by the user
It is necessary to provide some data for the creation of an account and the subsequent purchase of Services
Registration To create an account on our manager panel, it is necessary to provide some data including name, email address and / or mobile number and a password and other personal information. To manage the purchase of the Services it is also necessary to provide some information for payment (eg credit card) and billing.
Execution of the contract We collect personal data only when they are provided as part of our Services, for example when a form is filled out (eg with data relating to the holder of a PEC or a domain). These additional data that are requested have the sole purpose of being able to correctly activate the Service purchased and provide them to any third party suppliers, such as authorized PEC managers or the competent registries for the domains. In the absence of this information, it is not possible for us to correctly activate the requested Services
1.2 Use of Services We record visits to and use of our Services when one of our products, including websites, is viewed or used, as well as when content is viewed or clicked. We use logins, cookies, device information and IP (Internet Protocol) addresses to identify and record the operations that are performed. IT systems acquire, during their operation, some personal data whose transmission is dictated by the standards of communication protocols. This information is not collected to be associated with natural persons, but which could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the services, the resources requested, the time of the request, the method used to connect to the server, the size of any file obtained in response, the outcome of the request forwarded to the server (successful, error, etc.) and other parameters relating to the operating system and the IT environment used by the user. These data are used in order to obtain anonymous statistical information on the use of our services and to check and ensure that they work in the best way. The data can be used, for example, as documentation in the event of a dispute, for fraud detection and to perform analyzes on behalf of customers. The data could also be used to ascertain responsibility in the event of computer crimes against Shellrent, customers or third parties. By law, the data are kept for the purpose of ascertaining and repressing crimes for six years from their generation.
1.4 Contact form When we are contacted through the contact form on our site, some information will be requested to allow us to better respond to your requests
2) How we use user data
We use the data to provide, support, and develop our Services. How we use personal data will depend on the Services that are used, how those Services are used, and the choices you make in your privacy settings. We use the data we hold about you to provide our Services. The methods of using personal data for each purpose are described in detail in the following attachments:
Purchase and use of services: Attachment 1 Communications and Marketing: [Attachment 2](https: //manager.shellrent. com / contract / download / 19)
2.1 Aggregate Information We use data to generate aggregate information. We use data to produce aggregate information that does not identify the customer in any way. For example, we may use some data to generate statistics on our customers or their residence to make sure that our Services adapt in the best way to our customers.
2.2 Mandatory communications Shellrent uses the personal data provided by its users to send communications or reminders on the status of the Services. It is not possible for the user to refuse to receive these communications that are sent; For example, communications containing legal notices, communications with reminders for the renewal of services close to expiration and communications relating to the safety and general status of the Services.
3) How we share information
3.1 Our Services Private data is not shared to third parties, unless it is expressly necessary: Shellrent undertakes not to disclose the data that the customer provides, guaranteeing the highest standards. However, the sharing of the same can take place to allow us to provide the purchased Service, or if it is required by law.
3.2 Service Providers We may employ third party vendors to support us with our Services. We use third parties to help us provide our Services (e.g. maintenance, analysis, review, payments, fraud detection, marketing and development). These third parties may have access to information to the extent reasonably necessary to perform these activities on our behalf and are obligated not to disclose or use it for other purposes. Some third-party suppliers are also used for the activation of specific services, such as the registration of domain names, the registration of a certified e-mail box (PEC), and SSL certificates. Also in this case the data will be provided to them with the sole purpose of providing the Service, and will not be used for other reasons.
3.3 Legal Disclosures We may share personal data when required by law or in order to protect the rights or safety of you, us or a third party. There may be a need for us to disclose personal information where required by law, a subpoena or in the context of legal proceedings, or if we believe, in good faith, that such disclosure is necessary in order to (1 ) investigate, prevent or take legal action in relation to illegal, actual or suspicious activities, or assist the judicial authority; (2) execute contracts entered into between us and customers, (3) investigate and defend yourself in relation to any third party claim or allegation, (4) protect the security or integrity of our Service (for example by shares with other companies facing similar threats); or (5) exercise or protect the rights and safety of the company, our customers, employees or others. We try to notify customers of legal requests for disclosure of their personal data when we deem it appropriate, unless prohibited by law or a court ruling or when the request is an emergency. We may dispute such requests when we believe, in our discretion, that these requests are excessive, vague and lacking the necessary authority.
4) The choices and obligations of the customer
4.1. Data retention We retain personal data until the customer's account is deleted after their request. This includes the data provided and the data generated or inferred from the use of our Services. Even if our Services are used once in a while, after a few years, we will keep the information and keep the profile active until the customer decides to close their account. In some cases we try to keep some information in a depersonalized or aggregated way. All data in our possession will be deleted or anonymized, from the moment in which they are no longer necessary, according to the terms imposed by Italian law to protect one's interests (Art. 2946 cc et seq. And Art. 2947 (1) ( 3) cc)
4.2 Access rights and control of your personal data It is possible to have access to personal data or to delete them. You have options to decide how the data is used. Options are available through the user profile settings for using, deleting or correcting data. For example, it is possible to deny consent to communications for commercial purposes. Settings are offered to control and manage the personal data we hold about you. With regard to the data in our possession, it is possible to: Delete data: it is possible to request the elimination or cancellation of all or almost all personal data. Some data must remain in our possession to comply with legal obligations. Change or correct data: You can change some personal data through your user profile settings. You may ask us for changes, updates and corrections of data in certain areas, especially if they are not accurate. Do not approve or limit the use of data: you can request to stop using all or part of your personal data (e.g. if by law we do not have the right to continue using them) or to limit the use we make of them (e.g. if the personal data are incorrect or if their possession is not legal). Right to access and / or take possession of your data: you can request a copy of your personal data and a copy of the personal data you have provided to us in digital format. You can contact Shellrent using the contact information below, and we will consider each request in accordance with applicable laws.
4.3 Account closure We keep some data even after the customer's account has been closed. If you choose to close your Shellrent account, your personal data will no longer be visible in our Services as soon as possible. However, we retain personal data even after account closure if reasonably necessary to comply with our legal obligations (including law enforcement requests), meet regulatory requirements, resolve disputes, maintain security, prevent fraud and abuse, enforce our license agreement or comply with a request to "not receive" further messages from us. We will retain depersonalized information where possible once the account has been terminated.
5) Other important information
5.1. Security We monitor and try to prevent security breaches. Each user is encouraged to use the security features available in our Services. Security is the main point of our goals. We constantly strive to ensure the protection of the data of our customers and anyone who uses our Services by periodically monitoring and updating our infrastructure. However, we cannot guarantee the security of all information communicated to us. There is no guarantee that such data is inaccessible or that it cannot be disclosed, altered or destroyed as a result of the violation of one of our protections, whether physical, technical or managerial. The security of the Services is identified as a shared responsibility between Shellrent and the customer. The shared responsibility model helps to identify the areas in which Shellrent operates and makes it easier for the customer to use its Services. The customer, in fact, assumes full responsibility and the management of his own applications as regards the "Hosting" Services, while, he assumes the responsibility and management of the operating system (including updates and security patches) and own applications used and installed in the case of Cloud or Dedicated Services. It is essential that the customer evaluates the Service he decides to use as responsibilities vary according to the Service chosen. For more information on the safe use of our Services, you can consult our website at the “Datacenter and technical structure” page.
5.2. Cross-border data transfers For particular Services such as domains we may need to transfer data outside your country. We process data both inside and outside Europe and rely on legal mechanisms to legally transfer data between countries. The countries to which we send data may have different laws, sometimes not as restrictive, than those in force in your country.
5.3 Legal basis for data processing We have legal basis for collecting, using and sharing customer data. At any time it is possible to withdraw the consent provided through the settings of your profile. We will only collect and process personal data if we have a legal basis to do so. The legal bases include consent (where consent has been given), contract (where data processing is necessary for the performance of a contract, for example, to provide the requested Services) and "legitimate interests". When the processing of personal data is subject to consent, the customer has the right not to consent or withdraw their consent at any time; when the processing of personal data is subject to legitimate interests, the customer has the right to object. If the customer has questions about the legal basis under which we collect and use personal data, they can open a support ticket or, if this is not possible, contact our Data Protection Officer.
Swiss Federal Data Protection and Transparency Officer (IFPDT) Residents of the European community may have the right to contact our Data Protection Officer via: Ticket via our PEC control panel: [[email protected] ](mailto: [email protected]) Post to Shellrent Srl, Via dell'Edilizia 19, 36100 Vicenza