The following General information on the processing of personal data is intended to inform Users and web surfers in any way on the personal data processing activities that will be or may be carried out through the “Myclub” App. Currently, the use of the App is only allowed within the United Kingdom territory.
Controller of the processing
The Personal Data Controller is Fenix Innovation Ltd with registered office at 152 160 City Road, Kemp House, EC1V 2NX, England, e-mail info@fenixinnovation.co.uk. The data processing will be carried out in mixed mode with the use of both electronic and paper means and as further explained below.
Characteristics of the processing activities
The Personal Data controller will carry out some data processing activities as specified below:
1. Information about us
To use the services provided by the "Myclub" App, it is necessary to create a user profile through which users and service communications are managed.
Purpose: Provision of the services; protection of the interests and the rights of the controller in the judicial field and extra-judicial matters; creation and management of user accounts.
Types of data and data subjects: For this purpose, will be processed the contact data; the personal data; and the user identification (name, surname, telephone, address and e-mail address, gender).
Data retention period: For these purposes, the data will be used for the time necessary to carry out the above activities and in any case will not be kept for more than 1 year from the end of the activity and for ten years following the end of the same or in any interruption of the limitation period to protect the interests and rights of the Data controller in both judicial and extra-judicial matters.
Legal Grounds: The lawfulness of the above data processing is given by art. 6 par 1 b) of the EU Regulation no. 2016/679: “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”.
2. Payment Management
In order to use the requested services, the “Myclub” App manages payments made by the User. This activity is carried out through Stripe, https://stripe.com/it/privacy which manages the data flow in an anonymous format allowing only the identification of the operation by code. Neither the data controller nor the venues are allowed to have access to the payment data.
Purpose: management of the flows of payment data to allow the User to enjoy the requested services.
Types of data and data subjects: For this purpose, the contact data and the user identification (name, surname, and e- mail address); the personal user and the fiscal data (name, surname, date of birth, tax code/VAT number, address); and the bank and payment details will be processed.
Data retention period: For these purposes, the data will be used for the time necessary to carry out the above activities and in any case will not be kept for more than 10 years with regard to accounting and tax management; except for the additional need to protect the interests of the data controller in both judicial and extra-judicial matters.
Legal Grounds: The lawfulness of the above data processing is provided by art. 6 par 1 b) EU Regulation no. 2016/679: “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”; and also by art. 6 par 1 c) EU Regulation no. 2016/679: “processing is necessary for compliance with a legal obligation to which the controller is subject”;.
3. Management activity for service reporting and booking club
Regarding the management of bookings and purchases of services made by users of the "Myclub App”.
Purpose:
- managing data flows for booking and purchasing services;
- User experience optimisation.
Types of data and data subjects: For this purpose, will be processed the contact data; the personal data; and the user identification (name, surname, telephone, address and e-mail address, gender).
Data retention period: For these purposes, the data will be used for the time necessary to carry out the above activities and in any case will not be kept for more than 1 year from the end of the activity and for the ten years following the end of the same; except for the additional need to protect the interests of the controller also in both judicial and extra-judicial matters.
Legal Grounds: The lawfulness of the above processing is provided by art. 6 par 1 a) EU Regulation no. 2016/679:“the data subject has given consent to the data processing of his/her personal data for one or more specific purposes”; art. 6 par 1 b) EU Regulation no. 2016/679: “data processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”; as well as by art. 6 par 1 f) EU Regulation no. 2016/679: “data processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”; and also par 1 c) EU Regulation no. 2016/679: “processing is necessary for compliance with a legal obligation to which the controller is subject to”.
4. Geolocation
The “Myclub” App uses some features regarding geolocation data (GPS, Wi-Fi, GSM network).
Purpose: The collection of the location data helps with improving and adapting the offered service. The customer’s geolocation data is stored in the "Myclub” App. The data can be collected when the "Myclub" App is active, and if the customer has activated the use of geolocation services. At any time, the services can be deactivated by the customers through their device, accessing the appropriate section of the location permissions of the operating system. Another geolocation feature concerns the current territorial limitation, as such the App is limited to the United Kingdom territory and reserved exclusively for subjects located in the United Kingdom territory too.
Types of data and data subjects: For this purpose, the geographical location and geolocation data will be processed.
Data retention period: For these purposes, the data will be used for the time necessary to carry out the above activities and they will not be kept.
Legal Grounds: The lawfulness of the above data processing is provided by art. 6 par 1 a) EU Regulation no. 2016/679: “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”; and also by art. 6 par 1 f) EU Regulation no. 2016/679: “data processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”.
5. Marketing activities, social promotion
It is regarding the promotion activity of the “Myclub” App.
Purpose: promotion of the new customers acquisition activity and/or sale of services to customers and users already using the services of the “Myclub App", based on purchases already made.
Types of data and data subjects: For this purpose, the contact data and user identification (name, surname, and e-mail address) will be processed; in particular, the data relating to the services already used will also be used for purpose of targeted services.
Data retention period: For these purposes, the data will be used for the time necessary to carry out the above activities and in any case will not be kept for more than 2 years, except for the additional need to protect the interests of the controller also in both judicial and extra-judicial matters.
Legal Grounds: The lawfulness of the above processing is given by art. 6 par 1 a) EU Regulation no. 2016/679: “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”; and also by art. 6 par 1 f) EU Regulation no. 2016/679: “processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child” (for the so-called Soft Spam case).
The services provided through the "Myclub” App are reserved for adults, as per the related notice.
Recipients of personal data: In carrying out the data processing activity, the Data Controller may communicate the users/interested parties’ data to third parties such as consultants, suppliers, data processors, authorised parties or processors, Public and judicial authorities at the request of the same or for compliance with the law.
Transfer of personal data abroad: The transfer of personal data outside of the European Union’s territory is not provided.
Rights of the data subject: According to the current legislation (art. 15ff of the EU Regulation no. 2016/679) the data subjects shall have the right to obtain from the data controller access to their personal data, the correction of data, the cancellation of data, the limitation of processing that concerns them, as well as the right to portability.
The request must be submitted to the Data Controller through the following email address: ....................
The interested parties who believe that the treatment of their personal data concerning themselves occurs in breach of EU Regulation no. 2016/679 or the DPA 2018 and subsequent amendments and additions, they have the right to propose a complaint with the Data Protection Authority, as provided for by art. 77 of the aforementioned Regulation, or to appeal to the appropriate courts (Art. 79 of the Regulation).
Additional purposes of processing personal data: Specific information will be provided when the data processing is carried out for purposes other than those mentioned above or in the case of processing based on different legal bases and/or additional to those identified above.
Cookie policy and information on the processing of personal data on the App “MyClub”
Management procedures for the app with reference to the processing of its users’ personal data
This policy is provided in accordance with art. 12, 13, 14 of the EU Regulation no. 2016/679 on the protection of natural persons concerning the processing of their personal data, as well as the free flow of such data (RGPD - GDPR), and the UK current legislation (DPA 2018) to those who interact with the App named “MyClub”.
Indeed, the “MyClub” App can process and collect users’ personal data, in order to provide them any of its online services, to promote an easier and more efficient navigation, to allow the App’s traffic analytics by Fenix Innovation LTD (Data Controller), to improve both the functioning and the related services of the App, to interact with its users.
The present policy is provided exclusively for the “MyClub” App, and no other websites or apps which can be consulted by the user via any link. The presence of this statement in the page footer guarantees that the user is within in the “MyClub” App.
This policy is based on EU Recommendation no. 2/2001, which has been adopted on 17 May 2001 by all the European Data Protection authorities, reunited in a Group set up according to art. 29 of Directive no. 95/46/CE, to identify some minimum requirements for the online collection of personal data, and specifically procedures, timing and nature of the information which data controllers must provide to the users when they connect to webpages, regardless of the purpose of the connection.
The data processing legal basis is in accordance with art. 6 paragraph 1 letter “e” of GDPR.
1. Types of treated data and purposes of its processing;
2. Methods of processing;
3. Data retention period;
4. Nature of data transfer.
Types of treated data and purposes of its treatment
Fenix Innovation LTD in person of its legal representative, Owner of the “MyClub” App, Data Processing owner, informs that, by entering personal information on this App and/or by authentication to web services provided by the Owner, data related to identified or identifiable persons may be processed. The App may also use:
- some cookies to make it easier to navigate through its services and to use efficiently the “MyClub” App pages;
- cookies which help to improve the service provided to users making it more effective and/or enabling certain, functions;
- cookies sent by websites or different web servers (so called “third parties”) on which reside elements (e.g.: images, videos, maps, Sounds, specific links) on the site/page the user is visiting.
COOKIES
Session Cookies
“MyClub” App uses:
- session cookies, which are essential for accessing the on-line services and reserved areas. The use of such cookies (which are not stored permanently on the User’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identities required in order to permit the App to be used safely and efficiently;
- session cookies for Load Balancing, to optimise load performance of the App reducing its pages loading times;
- strictly necessary cookies for the proper functioning of the sites or to save users’ navigation preferences.
Analytical/Performance Cookies
The “MyClub” App uses analytic cookies for third parties who have undertaken to use cookies only for supplying the service, as well as to keep them separately without cross-referencing them with any other information they may have.
How to manage preferences and provide or withdraw consent
There are different ways to manage Tracker related preferences and to provide and withdraw consent, where relevant
Users can manage Tracker related preferences directly through their devices settings as reported on the dedicated browser information pages.
Moreover, it is allowed to modify the cookies settings also after having provided the consent by opting out every single item and type of cookie which is unnecessary for navigation. Ith reference to the latter (also known as technical cookies) the consent is not required as they are non-profiling and not referring to personal data according to the current legislation. It is also possible, via relevant browser or device features, to delete previously stored Trackers.
Other Trackers in the browser's local memory may be cleared by deleting the browsing history.
With regards to third party Trackers, Users can manage preferences and withdraw consent visiting the related opt-out link (if available), using tools provided in the third-party privacy policy or by contacting the third party.
How to find Trackers settings
Users may for instance find information on how to manage Cookies on the most popular following browsers:
- Google Chrome
- Mozilla Firefox
- Apple Safari
- Microsoft Internet Explorer
- Microsoft Edge
- Brave
- Opera
To delete stored cookies on your device
In case the Users have withdrawn consent to third party Cookies, the latter could have previously been stored on Users’ device. For technical reasons it would not be possible to cancel such cookies. However, the Users browser privacy settings allow to cancel them. Indeed, the browser settings include the option “Clear Browsing Data” which can be used to cancel cookies, websites data and plug-in.
Telematic traffic data
The information technology systems and the software procedures used to operate the “MyClub” App, store personal data whose transmission is implicit in internet communication protocols and whose storage is necessary to improve the quality of the service.
This information is not gathered in order to be linked to identified parties, but by its very nature it could, through processing and combination with data held by third parties, enable the identification of users.
This category of data includes the IP addresses, the addresses in the notation URI (Uniform Resource Identifier) of the requested resources, the time of the request, the method used in submitting the request to the server (e.g. successful, error, etc.) and other parameters relating to the user's operating system and IT environment. The data provision is mandatory. Such data are stored for six months, unless otherwise provided by the current legislation. After the first six months, data are anonymised removing the last digit of the Users IP address and they are stored for further 36 months.
These cookies are used to obtain anonymous statistical information regarding the use of the App and to control the correct functioning of its IT system. Data can be also used to ascertain whether any liability exists regarding any committed computer crimes or in case of any damage occurring to both Fenix Innovation LTD or third parties.
Data voluntarily provided by the User
The explicit, non-mandatory and voluntary provision of emails, messages or any other kind of notice, addresses, contact details on this portal result in the subsequent acquisition of the sender address or any other personal data which shall be used to reply to users’ requests and/or to provide the service. lead to its processing for the purposes and in the limits indicated in each specific information note. This will ensure that such data processing will be made in accordance to RGPD–GDPR principles and the UK Data Protection Act 2018, with particular reference to lawfulness, fairness and transparency, and to the data usage for specific, explicit and legitim purposes, in accordance to the principles of data minimisation, accuracy, limitation of conservation, relevance, integrity and confidentiality, accountability (art. 5 RGPD – GDPR). Specific summary information will be listed or displayed on the webpages for the provision of certain services.
Data Processing methods
Personal data are exclusively processed for the purpose of providing those services and/or information requested by the User by automated tools purely for the time needed to achieve the original purpose of collating the aforementioned data Specific safety measures are adopted to prevent data leaks, unauthorised access or improper or illegal uses.
Data retention period
Data will be stored by Fenix Innovation LTD, in accordance to the principles stated by art. 5 EU Regulation no. 679/2016, for a defined period of time no longer than is required to accomplish the purposes for which it was processed and with specific regard to the principles of storage limitation as per art. 5, e), EU Regulation no. 679/2016. In any case, personal data will be stored for a period of time no longer than 1 year.
Nature of data provision
Except as specified for cookies and browsing data, the User is free to provide personal data as reported on the forms provided by the App or as indicated during communications with the App management to request information materials or other communications or to access to other specific services.
Failure to provide such data can lead to the non-receiving of the service required
Read and understood the information provided by art. 13 EU Regulation no. 2016/679 and by DPA UK 2018 and being aware of the right to withdraw the consent at any time according to art. 7 of GDPR and DPA UK 2018, without prejudice to the lawfulness of any data collection that occurred prior to your revocation:
I Agree o I Do Not Agree o
To the data processing of my personal data for the purpose of services promotion and sale, satisfactory survey, invitations to events hosted or co-hosted by the Data controller, sending of advertising materials related to services provided by the Data controller or its commercial partners
I Agree o I Do Not Agree o
To the data processing of my personal data for the purpose of profiling of specific interests related to the communications sent through newsletter and its related contents
I Agree o I Do Not Agree o
To the data processing of my personal data for the purpose of the inclusion on the generic newsletter for communicating activities and news related to services provided by the Data controller
I Agree o I Do Not Agree o
Transfer of personal data to third parties so that the latter are authorised to use them for commercial purposes.
Date_______________ Place____________________
Signature ______________________________________________________
Banner Cookie
“MyClub” App only uses technical cookies (necessary for the operation of the app), which do not require your consent. For further information please refer to the extended privacy and cookie policies.