This page describes how the website https://mybiros.com/ ("Site") and the platform ("Platform") of myBiros S.r.l. ("myBiros", "We", "Company") are managed , with reference to the processing of personal data of users consulting the web page and using the Company's services ("SaaS Services") provided through the Platform. The information is provided only for the Site and the myBiros Platform and not also for other websites and platforms that may be consulted by the user.
‍
As a result of consulting the Site and using the Platform, data relating to identified or identifiable individuals may be processed. We may also receive personal information from the user through the contact details on our Website, for the purposes and in the manner set out in more detail below.

Data will be processed in full compliance with the data protection legislation set out in Regulation (EU) 2016/679 ("GDPR") and Directive 2002/58/EC ("ePrivacy Directive").

HOW DO WE COLLECT AND USE PERSONAL DATA?

‍ThisSite and our Platform acquire Personal Data ("Personal Data" or "Data") as part of their normal operation, the transmission of which is an integral part of Internet communication protocols and the operation of the Platform itself. This Data, depending on how you interact with the Site and the Platform, may include: profile information, contact information, browsing preferences and interests, and user location information.

Data collected when you browse the Site and use the Platform

The Site and the Platform may automatically allow you to be identified as a result of your browsing by collecting certain personal information such as the IP addresses or domain names of the computers used by users connecting to the Site or using the Platform, the URI(Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, a numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters related to the user's operating system and computer environment.

This Data is used for the sole purpose of obtaining statistical information on the use of the Site and the Platform and to check its correct functioning.

The Data could be used to ascertain responsibility in case of computer crimes to the detriment of the Site or at the request of the authorities.

- Data voluntarily provided by the user

We may acquire users' Personal Data through the voluntary submission of requests by data subjects.

PURPOSE

myBiros may offer its services as part of a B2B relationship, to companies interested in the Platform, as well as it may establish a contractual relationship with users - individuals - as part of a B2C exchange.

When operating on behalf of companies, myBiros acts as a Personal Data Controller in accordance with Article 28 GDPR, while in relations with individual users interested in the service, the Company acts as the Data Controller.

We use the Personal Data collected for multiple purposes such as, but not limited to: to administer requests sent to myBiros through the Site, to properly manage our Platform, and to analyze the information collected in order to improve our Site and Platform.

The purposes are listed in more detail in the table below.

Categories of Personal Data

Purpose of processing

Legal basis for processing

Comments and opinions. When you contact us via e-mail and telephone, we collect your comments, requests, and opinions.
By clicking on the "Contact Us" button on our Website, you will be able to fill out the request form, entering your name, contact information (telephone and e-mail), and any additional information you wish to provide us with for the purpose of your request for assistance

To answer questions, support you in registering to try the Platform Demo, using the Site and services.

The processing is necessary for the pursuit of our legitimate interest, i.e., to communicate with users regarding the services and to handle customer inquiries and suggestions regarding the Site and Platform in an appropriate and timely manner. In case you are interested in our services and ask us about our business, we may process your Data for pre-contractual purposes.

Use of the Platform Demo. We may process your Personal Data to enable your registration and ensure your use of the Platform Demo.

To ensure the use of the Platform Demo.

Processing is necessary for service delivery and contractual and pre-contractual relationship management.

User Profile Information. We may process your Personal Data to enable registration and ensure the use of services related to the Platform.

To provide personalized service based on the user's requests and directions, in order to fulfill our contractual and pre-contractual obligations.

Processing is necessary for service delivery and contractual and pre-contractual relationship management.

Promotional Information. We may use the Personal Data you provide to send you commercial and promotional communications about the activities performed and services rendered by myBiros.

To promote the services and activities carried out by myBiros and inform you about the Company's news.

Processing of the user's Personal Data for such purposes will take place only with the explicit consent of the data subject, except for communications about services similar to those already received.

Improving the operation of the Platform.

‍Aspart of its services, myBiros may have an interest in using the Personal Data provided by you for additional purposes that relate to the improvement and development of the Platform.

Where the Company operates as a controller, such activity must be regulated in the Personal Data Processing Agreement signed pursuant to Art. 28 GDPR with the owner contracting the service.

In the event of authorization by the contractor, myBiros would operate as a controller of the new processing, pursuant to Art. 28, para. 10, GDPR.

To use the Personal Data you provide for additional purposes that relate to the improvement and development of the Platform.

This activity is carried out as part of the legitimate interest of the Company, which employs this information in the ongoing development, design, selection and implementation of its Platform, services and products presented to the user.

Where myBiros intends to use the data to learn more about the characteristics and orientations of its users in their choice of services offered, the processing would be carried out on the basis of the user's prior consent.

Information provided by third parties. We may receive information about you from third parties and other users, for example, we may obtain information from our business partners, service providers, or other organizations of which you are a member. We may obtain information from third parties to improve or supplement existing user information. We may also collect information that is publicly available.

We may combine this information with information we collect directly from you.We use this information to contact you and to improve our service

Processing is necessary for the pursuit of our legitimate interest, in particular to tailor our service to the user and to improve our service in general.

Information about fraudulent or criminal activity related to the user's account.

We will use information about fraudulent or criminal activity related to the use of our service for the purpose of detecting and preventing fraud or abuse.

Processing is necessary for our legitimate interest, namely for fraud detection and prevention.

All of the above personal information.

We will use all personal information collected to operate, maintain and provide you with the functionality of our Site, to communicate with you, and to monitor and improve our services and operations.

Processing is necessary for the pursuit of our legitimate interests in protecting our organization.

Information provided by social networks. When you interact with us through various social networks, we may receive information from those platforms including your profile information, user ID associated with your social media account, the list of your network of acquaintances, and any other information related to the social network.

We use this information to communicate or interact with you on the social network, to better understand the characteristics of our visitors, and to personalize content and advertising. The Data we receive depends on the settings you have activated on privacy with the social network. Before linking or linking to our Website or service, we suggest that you periodically review and, if necessary, change the privacy settings on third-party websites and social networks and services.

Processing is necessary in pursuit of our legitimate interest, particularly to tailor our service to your needs and to improve our service.

PRIVACY POLICY
Extended Disclosure

1. What is the privacy policy about?

‍Thisprivacy policy ("PrivacyPolicy") describes how this website ("Site") and the platform ("Platform") of myBiros S.r.l. ("myBiros", "We", "Company") manage the processing of Personal Data ("Data") of users who consult our webpage, who use our Platform and the automatic document processing services offered by the Platform(SaaS Services).

This information is provided only for the Company's Site and Platform and not also for other websites and/or platforms that may be consulted by the user through external links.

As a result of the consultation of this Site and Platform, Data relating to identified or identifiable persons may be processed. The Data will be processed in full compliance with the Personal Data protection legislation set forth in Regulation (EU) 2016/679 ("Regulation" or "GDPR") and Directive 2002/58/EC ("ePrivacy Directive").

2. Who is the Data Controller?

myBiros S.r.l., headquartered at Via Antonio Schivardi 60, 00144 Rome (RM), may offer its services as part of a B2B relationship, to companies interested in the SaaS Services offered by the Platform, as well as it may establish a contractual relationship with customers - individuals - as part of a B2C exchange.

When operating on behalf of companies, myBiros acts as a data controller in accordance with Article 28 GDPR, while in relations with individual users interested in the service, the Company acts as a data controller ("Owner").

3. Quali Dati Personali raccogliamo?

Raccogliamo e trattiamo i Dati Personali in diversi modi:

- Dati Personali forniti dall’utente: raccogliamo le informazioni personali che riguardano l’utente quando vengono fornite attivamente, ad esempio quando l’utente ci contatta per fornire assistenza immediata, quando decide di registrarsi sul nostro Sito e sulla Piattaforma creando un profilo personale per provare la nostra Demo.

- Dati Personali raccolti mediante l’utilizzo del Sito e/o della Piattaforma: raccogliamo automaticamente alcune informazioni personali durante la navigazione e l’utilizzo del Sito e/o della Piattaforma da parte dell’utente.

3. 1 Che tipo di Dati Personali trattiamo?

Informazioni anagrafiche e di contatto dell’utente interessato ai servizi della Società: informazioni personali richieste ai fini della compilazione del form presente sul Sito, come nome e cognome, indirizzo e-mail, informazioni relative al motivo per cui l’utente ci sta contattando e Dati Personali che l’utente desidera fornirci volontariamente scrivendoci una e-mail per sapere di più dei nostri servizi.

Informazioni su preferenze e interessi: preferenze impostate per le notifiche e la visualizzazione del nostro Sito

‍Dati di localizzazione: possiamo approssimare la posizione dell’utente sulla base del suo IP Address.

‍Profili Social: quando l’utente si registra sul nostro Sito tramite social media, quando interagisce con il Sito mediante i social, possiamo ricevere informazioni dalla piattaforma social sul suo account personale e ogni altra informazione che permetta al social media di condividere con terze parti. Per maggiori informazioni sul trattamento dei Dati tramite questo social network, si rinvia alla apposita informativa privacy sul sito web di riferimento.

‍Dati processati dalle API: myBiros processa i dati inviati tramite richieste ai Servizi SaaS attraverso le API offerte dalla Piattaforma.

3.2 Informazioni raccolte automaticamente

‍Quando l’utente utilizza il nostro Sito o la nostra Piattaforma, interagisce con noi attraverso un computer o un qualsiasi un dispositivo mobile, possiamo raccogliere automaticamente informazioni sulle modalità di accesso e di utilizzo del Sito e della Piattaforma, nonché informazioni sul dispositivo utilizzato per accedere al Sito. Utilizziamo queste informazioni per migliorare e personalizzare l’esperienza dell’utente, per monitorare e migliorare il nostro Sito web e per altri scopi interni. L’utente può accettare e rifiutare queste tecnologie modificando le impostazioni delle preferenze sulla privacy nelle impostazioni del profilo del proprio browser di navigazione.

Le informazioni che raccogliamo automaticamente possono essere combinate con altre informazioni personali che raccogliamo direttamente dagli utenti.

‍Le informazioni che possiamo raccogliere automaticamente sono:

- informazioni relative all’utilizzo del Sito e della Piattaforma (ad esempio da quale Sito web proviene l’utente, quante volte ha cliccato su un oggetto);
- Dati Personali relativi alle interazioni con le nostre comunicazioni di marketing (ad esempio, se un utente clicca o meno su un’immagine o su un collegamento ipertestuale);
- informazioni sui dispositivi utilizzati per accedere e interagire con il Sito e la Piattaforma (ad esempio, questo ci permette di sapere se si utilizza un computer, un tablet o uno smartphone, la risoluzione dello schermo, il sistema operativo, la connessione Wi-Fi, il browser Internet e l'indirizzo IP, informazioni sui file di log del server).
- Dati comportamentali: informazioni derivate dalla combinazione dell’ID dispositivo e degli eventi di sistema che possono essere utilizzati per identificare tendenze comportamentali e modelli comportamentali e inviare comunicazioni di marketing relative a servizi offerti dalla Società. Abitudini di consumo;
- informazioni analitiche: possiamo raccogliere Dati analitici, o utilizzare strumenti di analisi di terze parti, per aiutarci a misurare il traffico e le tendenze di utilizzo del Sito e per comprendere meglio le caratteristiche demografiche e i comportamenti dei nostri utenti.

4. Perché trattiamo i Dati Personali dell’utente?

‍I Dati Personali degli utenti sono trattati per:

a) Permettere all’utente di registrarsi e creare il proprio account personale per utilizzare la Demo della Piattaforma

Ai fini dell’attivazione del profilo, potremo richiedere l’indicazione dell’indirizzo e-mail.
Al fine di garantire la sicurezza dei Dati degli utenti, chiediamo di inserire una password forte di riferimento per l’accesso al profilo.

‍Base giuridica del trattamento: rapporto contrattuale e trattative precontrattuali.

b) Consentire l’utilizzo dei servizi offerti da myBiros

‍Quando opera per conto di aziende, myBiros agisce come responsabile del trattamento dei Dati Personali ai sensi dell’art. 28 GDPR, mentre nei rapporti con i singoli utenti interessati al servizio, la Società opera in qualità di Titolare dei Dati caricati sulla Piattaforma.

‍Base giuridica del trattamento: rapporto contrattuale e trattative precontrattuali.

Quando opera per conto di aziende, myBiros agisce come responsabile del trattamento dei Dati Personali ai sensi dell’art. 28 GDPR, mentre nei rapporti con i singoli utenti interessati al servizio, la Società opera in qualità di Titolare dei Dati caricati sulla Piattaforma.

c) Rispondere alle domande ed evadere le richieste degli utenti

Per rispondere alle richieste e alle domande relative ai nostri servizi che l’utente invia utilizzando i Dati di contatto indicati dalla Società.

‍Base giuridica del trattamento: gestire, in modo adeguato e tempestivo, le richieste degli utenti e garantire il servizio da Noi offerto.

d) Garantire il funzionamento tecnico del Sito e/o della Piattaforma

‍Raccogliamo e utilizziamo i Dati Personali dell’utente per amministrare tecnicamente il Sito e/o la Piattaforma e garantire che funzionino correttamente. Possiamo utilizzare le informazioni personali fornite dall’utente per rispondere alle segnalazioni o ai reclami relativi al corretto funzionamento del Sito.

‍Base giuridica del trattamento: i nostri legittimi interessi a garantire il corretto funzionamento del Sito e/o della Piattaforma dal punto di vista tecnico/informatico.

e) Comunicazioni di marketing

‍Per inviare o far inviare all’utente dai nostri fornitori di servizi informatici le nostre comunicazioni di marketing diretto via e-mail.

‍Base giuridica del trattamento: il previo consenso esplicito dell’utente.

Ricordiamo che l’utente sempre la possibilità di rifiutare di ricevere comunicazioni di marketing, semplicemente cancellandosi dalle newsletter o comunicandocelo via e-mail.

f) Informare l’utente in merito alle modifiche dei termini e delle condizioni di utilizzo del Sito e della nostra Piattaforma e fornire la presente Informativa sulla privacy

‍Per inviare informazioni sulle modifiche dei termini e delle condizioni di utilizzo del Sito e della Piattaforma e fornire la presente Informativa sulla privacy.

‍Base giuridica del trattamento: il nostro legittimo interesse a informare l’utente con largo anticipo dell'entrata in vigore di tali modifiche.

g) Rispetto degli obblighi di legge

‍Per ottemperare ai nostri obblighi legali, a ordini delle autorità governative che possono includere anche provvedimenti provenienti da autorità governative al di fuori del vostro Paese di residenza, quando riteniamo ragionevolmente di essere obbligati a tali comunicazioni e quando la divulgazione dei Dati Personali dell’utente è strettamente necessaria per ottemperare ai suddetti obblighi legali od ordini governativi.

‍Base giuridica del trattamento: rispetto dei nostri obblighi legali.

h) Analisi dei Dati per migliorare il Sito e la Piattaforma

‍Nell’ambito dei propri servizi, myBiros potrebbe avere interesse ad utilizzare i Dati Personali forniti dall’utente per scopi ulteriori che riguardano il miglioramento e lo sviluppo della Piattaforma. Laddove la Società operi come responsabile, tale attività dovrà essere regolamentata nell’accordo sul trattamento dei dati personali sottoscritto ai sensi dell’art. 28 GDPR con il titolare appaltante il servizio.In caso di autorizzazione da parte dell’appaltante, myBiros opererebbe come Titolare del nuovo trattamento, ai sensi dell’art. 28, para. 10, GDPR.

‍Base giuridica del trattamento: interesse legittimo della Società a migliorare e sviluppare la Piattaforma.

i) Prevenire frodi e abusiUtilizzeremo le informazioni su attività fraudolente o criminali relative all’utilizzo dei nostri servizi ai fini del rilevamento e della prevenzione di frodi o abusi.

‍Base giuridica del trattamento: i nostri legittimi interessi a proteggere la nostra organizzazione da attività fraudolente.

j) Protezione legale dei nostri interessi

‍Per far valere ai sensi di legge i nostri termini e condizioni contrattuali, proteggere le nostre operazioni commerciali, proteggere i nostri diritti, la nostra privacy, la nostra sicurezza o proprietà, e/o quella delle nostre affiliate, e consentirci di perseguire i rimedi giuridici disponibili o limitare gli eventuali danni a nostro carico.

‍Base giuridica del trattamento: i nostri legittimi interessi a proteggere ai sensi di legge la nostra organizzazione.

5. To whom is your Personal Data disclosed?

‍ThePersonal Data you provide may be disclosed to our business partners and vendors for the maintenance of this Website and/0 the Platform (see Table 1).

These companies:
- may also be based outside Europe;
- will never directly use the Personal Data disclosed by the Company;
- will not sell the Personal Data disclosed by the Company to third parties.

By subscribing to the Services of the Site and/or the Platform, you acknowledge that you allow myBiros, through the analysis of the Data done by the service provider, to get hold of the following information:
- number of times the email is opened related to the Company's services;
- number of clicks on links contained in the sent email;
- non-opening of email related to the Company's services;
- dis-subscription;
- possible use of the email content via social media;
- complaints;
- number and value of individual user purchases

6.What are the rights of the user in relation to the processing of Personal Data, how can they be exercised?

The subjects to whom the Personal Data refer have the right at any time to obtain confirmation of the existence or non-existence of the same Data and to know its content and origin, verify its accuracy or request its integration, updating, rectification (Articles 15 and 16 of the Regulation), namely:
- Right of access. The right to obtain access to personal information about you along with certain related information;
- Right to Data Portability. The right to receive personal information in a common format and to have it transferred to another data controller;
- Right to Rectification. The right to obtain the rectification of Personal Data without undue delay if the Personal Data is inaccurate or incomplete;

Pursuant to Articles 17,18 and 21 of the Regulation, one has the right to request the deletion, restriction of processing, transformation into anonymous form or blocking of Data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing, namely:
- Right to erasure. The right to obtain the deletion of one's Personal Data without undue delay in certain circumstances, such as if the Personal Data is no longer necessary in relation to the purposes for which it was collected or processed;
- Right to restrict processing. The right to obtain, in specific circumstances identified by applicable law, a limitation of the processing of your Data for a specified period of time, such as when you dispute the accuracy of Personal Data, for the time to verify the accuracy and correctness of such Data.
- Right to object. The right to object, on grounds relating to your particular situation, to the processing of Personal Data, and to object to the processing of Personal Data for direct marketing purposes, insofar as this is related to such direct marketing.

Rights may be exercised by contacting the Company at the following addresses:
- e-mail: privacy@mybiros.com
- by mail, at Via Antonio Schivardi 60, 00144 Rome

7. How long do we retain Personal Data?

‍PersonalData related to the user's profile is protected and stored until the data subject's request for deletion, while Data contained in uploaded documents stored by the API is categorized as protected, and is retained for a limited period of time.In cases where the relationship is B2B, the period of Data retention is defined in the processing agreement signed between the owner and the responsible party pursuant to Article 28 GDPR.In cases of B2C relationship, the retention of Data related to documents is 12 months.It is without prejudice to the retention of Personal Data, for a longer period, within the limitation period of rights, in relation to needs related to the exercise of the right of defense in case of disputes.

8. What transfers may we make?

‍We maydisclose some of your Personal Data and Information to our business partners and suppliers. For some processing mentioned above, we may use business partners and suppliers located outside the territory of the European Union. In these circumstances, we assure you as of now that the transfer of Data outside the EU will take place in accordance with the applicable legal provisions by entering, if necessary, into agreements that ensure an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.

9. How do we protect your Personal Information?

Information security is very important to us, and we have safeguards in place to preserve the integrity and security of the information we collect and share with our Site and Platform providers.However, no security system is impenetrable and we cannot guarantee the security of our systems 100%. In the event that any information under our control is compromised as a result of a security breach, we will take reasonable steps to investigate the situation and, where appropriate, notify the individuals whose information may have been compromised and take other measures, in accordance with applicable laws and regulations.

10. Cancellation of Marketing Services

To stop receiving marketing and promotional information from the Company, the user may send an e-mail to Us at the addresses indicated in this document.

11. Applicable Law

This Privacy Policy is governed by and will be interpreted in accordance with provisions and any other applicable mandatory legislation in the European Union.

12. Complaint to theData Protection Authority

‍The Data Subject has the possibility to complain to the Data Protection Authority, which can be contacted at the Website https://www.garanteprivacy.it/.

Table. 1 - Providers

‍Providersof myBiros are defined as:

Supplier

Purpose

Location

Background

Hubspot

Customer service support

Sitoweb

Google

Analytics

USA

Sitoweb

Microsoft

Analytics

USA

Sitoweb

Amazon

Cloud Infrastructure

SaaS Services

Privacy Policy

PRIVACY POLICY Extended Disclosure

PRIVACY POLICY
Extended Disclosure