top of page

COMPLYING WITH ARTICLE 13 OF THE GENERAL REGULATION ON THE PROTECTION OF PERSONAL DATA No. 2016/679 ("GDPR")

The user is informed that the mobile application (also, in short, "mobile app" or "app") is managed by Veronica Stivala with domicile in Arona (SC de Tenerife), in Calle California n. 2, 38650 (X9244087L), in the person of the legal representative  Veronica Stivala (X9244087L), hereinafter, in short, the "Owner".

This privacy policy ("Privacy Policy") aims to inform the user about the ways in which the data controller collects, processes, and uses the user's personal information, as well as the user's rights. Selecting the "ACCEPT" button and, in any case, downloading, installing, and/or using the app by the User constitutes express acceptance of this Policy. In the event that the User does not accept the Policy, they must refrain from selecting the "ACCEPT" button and from installing, accessing, or using any part of the application.

In particular, downloading and using the application will be considered as an express manifestation of the user's commitment to comply with the above provisions.

The user's personal information will be collected, stored, used, and, in general, processed, in accordance with the principles established in the GDPR and, in particular, with art. 5 of the GDPR as well as the principles of lawfulness, fairness, and transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity and confidentiality, and accountability.

In accordance with art. 13 of the General Data Protection Regulation n. 2016/679, the following information is provided regarding the purposes and methods through which your personal data will be processed.

The Data Controller of the collected data as well as the sole Data Protection Officer is Veronica Stivala with address at Arona (S.C. de Tenerife) at Calle California n. 2, 38650 (X9244087L), in the person of the legal representative Mr. Veronica Stivala (X9244087L), email info@todotenerife.app.

HOW AND WHAT INFORMATION WE COLLECT

During the use of the application, the user's personal data may be collected in various ways, including:

1. Collection and submission of the data collection form in the application to register in the reserved area to access some materials and dedicated functions (accessible from the "Login" area) ("Login Data"). In this way, the Data Controller collects generic identification data (name, surname, email, and profession);

2. Correspondence exchange via email with the Data Controller ("Communication Data"). In this way, the Company collects generic identification data (e.g., name, surname, email, phone number, as well as any other information that the user may include in their communications);

3. Mere access to the application: information related to the user's computer may be collected, including, when available, the IP address, the operating system used, the type of browser, for system administration purposes, as well as to improve the application and the services provided to users. ("Navigation Data")

HOW WE USE THE INFORMATION - PURPOSE OF PROCESSING

In accordance with the Privacy Code, the user is informed that the personal data collected through access to the app will be stored in a file available legally to the Controller. Navigation Data will be used to manage the user's navigation in the application and to collect information about the use of the application.

Login Data will be used for: (i) registration and management of the reserved area; (ii) providing dedicated materials; (iii) with prior consent, sending commercial information, newsletters, special offers, and promotional material by subjects specifically indicated in the consent form.

Communication Data will be used for: (i) responding to and managing received communications; (ii) documentation of correspondence.

It should be noted that by selecting the "submit" button present in each data collection form or in the form that corresponds at any given time, the user declares that the information and personal data are correct and updated and that they have read this Privacy Policy.

The Data Controller may involve third parties for the processing of data collected through the Site. The Data Controller will request the commitment of such third parties to comply with this Privacy Policy. The Data Controller may also transmit the collected data to third parties, such as institutional bodies or national and local authorities when there is a legal obligation to communicate or when necessary based on the Terms and Conditions or in execution of other agreements in force with the user or to protect the rights, assets, and safety of the owner or third parties. Likewise, the Data Controller may transmit your personal data to the recipients or categories of subjects indicated in the consent collection forms.

Third parties involved in processing directly by the Data Controller for the achievement of their own purposes will process personal data as data processors in accordance with art. 28 of the GDPR for the purposes indicated in this Privacy Policy. It should be noted that some of the aforementioned subjects may also act as independent data controllers, subject to the disclosure of appropriate information in accordance with art. 14 GDPR, unless otherwise provided by law.

LEGAL BASES FOR THE PROCESSING OF PERSONAL DATA

The legal basis for processing the user's personal data depends on the purpose of the specific processing. Regarding Navigation Data, processing for the purposes indicated in the preceding paragraph is legitimized by the need to ensure the browsing service as well as by the legitimate interest of the Data Controller in processing data relating to the application to understand how users interact with the platform and allow for improvement. As for any other personal data processed (Login Data and Communication Data), the legal basis for processing is found in the need to provide a service requested by the user or to meet a request from the user or to carry out pre-contractual measures taken at the request of the user (Article 6, paragraph 1, letter b GDPR) as well as in the legitimate interest of the Data Controller to meet requests from its own users.

COMMERCIAL COMMUNICATIONS

The Data Controller informs that they may obtain the user's consent for the use of personal data collected through the application forms for sending commercial communications. In case of explicit consent - obtained by selecting the corresponding checkbox in the data collection forms of the application - the user may be contacted to receive information regarding the products or services of the Controller. It is always possible, at any time, to withdraw consent for the sending of such information by contacting us at the email address info@todotenerife.app

COOKIES

Our application uses cookies to collect information related to the users' use of the application. It should be noted that consent to the use of these technologies and related data processing is optional: it should be noted that in this case, navigation problems may arise and access to all or part of the Site or limitations regarding its full functionality may occur.

OPTIONAL TREATMENT

The processing of your Navigation Data is optional. However, please note that not providing such data may not allow the proper functioning of the application and the provision of requested services. The provision of Login Data is optional. Failure to provide them will result in the inability to register in the reserved area. Disclosure of Communication Data is also optional; failure to provide it will make it impossible to respond to the received requests.

Sending commercial information can only be carried out if expressly allowed by selecting the checkbox present at the time of data collection. Consent is optional, and failure to give it will not allow you to receive commercial information from the Data Controller.

It should be noted that, in any case, consent for data processing may be revoked at any time, as specified better below.

SECURITY AND PERIOD OF STORAGE OF PERSONAL DATA

All information collected through the application and cookies is stored on servers located in the EU. Processing for the identified purposes will be carried out using computer and manual methods, using electronic tools or paper media, based on functional logical criteria for the purposes for which the data were collected, in accordance with the confidentiality and security standards provided by the GDPR and by the corresponding national implementing

 rules. In any case, in accordance with art. 32 GDPR, the Data Controller has adopted all appropriate security measures to prevent risks that may arise from data processing, such as destruction, loss, and unlawful use, as well as unauthorized access to the same.

In any case, we advise you that the transmission of information operated through the use of electronic transmission networks may not be completely secure. Therefore, despite the Data Controller's commitment to protecting the information you provide to us, the security of data during its transfer to our Site cannot be guaranteed, so any information sent by the user is transmitted at their own risk. Once the information is received, appropriate security procedures and functions will be used to prevent unauthorized access.

The personal data collected will be kept for the time strictly necessary to carry out the operations for which they were collected. In particular, Navigation Data will be deleted after processing and therefore will be kept in computer archives for a maximum of 90 days, except in cases where cybercrimes against the app are detected. In this case, indeed, Navigation Data could be used to determine related responsibilities.

Personal data contained, on the other hand, in the data collection forms or in the information request emails sent by the user themselves, will be kept only for the time necessary to provide the services referred to in the reserved areas, to process the requests received, or, even after the provision of services, for compliance with applicable legal or regulatory obligations and, in any case, for the time necessary to ensure the exercise of the rights of the owner.

The personal data and information collected may be transferred and stored, with express consent, when necessary, in countries outside the European Union. All of the above will be done in accordance with the GDPR. In addition, the Data Controller will do everything reasonably possible to ensure that the user's personal data are treated securely and in accordance with the Privacy Policy.

THIRD-PARTY SITES

The application may contain links ("links") to third-party sites. Our Privacy Policy and our Cookie Policy will not apply in the event of a connection to a third-party site operated through a link in the application. This Privacy Policy does not reflect the policies of third-party sites. The Data Controller is not responsible for the privacy and data processing carried out by other sites, which will be governed by the conditions and policies found on these sites, and you are invited to carefully read them.

ACCESS, CORRECTION, CANCELLATION, AND OBJECTION TO THE USE OF PERSONAL DATA

We undertake to maintain the confidentiality of your personal data and to guarantee the exercise of your rights. We inform you that the Data Controller guarantees the exercise of your rights that you can exercise free of charge and at any time by sending an email to the address of the Data Protection Officer (the Data Controller) at the email address info@todotenerife.app or by sending a certified letter to the address of the Data Controller, identified above, simply indicating the reason for your request and the right you intend to exercise.

In particular, regardless of the purpose or legal basis under which we process your data, you may exercise the following rights:

- to know if the data controller has and/or processes your personal data and, for this purpose, to request access to such data also obtaining a copy (Article 15 of the GDPR);

- ask us to correct or supplement the data we have in our possession (Article 16 of the GDPR). In any case, you must be aware that by actively providing us with your personal data by any means, you guarantee the truthfulness and accuracy of the same. Therefore, any loss or damage caused to the application or to the Controller or to a third party by incorrect, inaccurate, or incomplete information reported in the registration forms will be the sole responsibility of the user;

- ask us to delete your personal data in our possession if one of the reasons provided for in art. 17 GDPR;

- ask us to stop or limit the processing only to some personal data if one of the reasons provided for in art. 18 GDPR;

- request data portability in accordance with art. 20 GDPR. This means that if we are authorized to process your personal data on the basis of your consent or the execution of services requested by you, you can receive the personal data you have provided us in a structured, commonly used, and machine-readable format, to be able to transmit them directly to another company, provided that it is technically possible;

- oppose in whole or in part to the processing of data for sending advertising material and market research (Article 21 of the GDPR). This means that you can withdraw your consent to the processing of your data at any time. Furthermore, you can object to the processing even when it is based on our legitimate interest.

DELETION OF PERSONAL DATA

If you wish to remove your personal data from our files, please follow these simple steps:

  • Send an email to info@todotenerife.app with "Request removal of personal data" in the subject line.

  • Please provide your name and any additional information that may help us to correctly identify your data in our system.

  • Once we receive your request, we will remove your personal information from our files as quickly as possible, in compliance with applicable privacy regulations.


Please note that the deletion of your data may result in the inability to access certain services or functions of the application.

Last revised: March 28, 2024

bottom of page