Privacy Policy for Users
UPDATED: October 1st, 2021 REV: V.202101

Dear Visitor (hereinafter, “You” or the ‘”User”),

this Website Privacy Policy is designed to inform on how information about you is collected and used when you visit www.mainad.com. Please note that this policy does not apply to your data as an Internet user who interacts with our technology through our clients’ website or business partners. This is clearly described in the MainAd Services Privacy Policy.

GENERAL INFORMATION

Within our website you may:

  • learn about the services we offer and the technology we use,
  • contact us using dedicated forms,
  • read about MainAd’s career opportunities,
  • Read the latest news and press releases about our operations.

During your visit to our website, we may collect certain information about you that is classified as personal data. The Controller of the personal data collected on this website is:

mainADV Srl (“MainAd”) with registered offices in Via Raiale 285 P.O.Box 12, 65128 Pescara, Italy

To facilitate the handling of personal data issues at MainAd, we have appointed a Data Protection Officer. We encourage you to contact the Data Protection Officer with any questions or concerns at the following address: [email protected]

WHAT DATA WE COLLECT

In connection with your use of the website, we may collect the following types of personal data:

  • personally identifiable information that you voluntarily provide when filling out dedicated forms, such as your e-mail address and other contact information; providing this data is required for us to contact you and respond to your query.
  • non-personally identifiable information (also known as “pseudonymous data”) that does not explicitly reveal your identity, such as information about the end device you are using, special device identification numbers, browser type, non-specific geographic location (e.g. country or region), system logs, including the date and length of your visit to the website.

Non-personally identifiable information is extracted automatically as you navigate the website using cookie files or other tracking methods such as social media pixels. When you visit our website, we may send one or more cookies — small text files containing a string of alphanumeric characters that uniquely identify your browser — to your device.

Some of information collected that way is necessary for assuring proper functionality of the website (‘functional cookies’) while some are optional (‘preference‘, ‘statistic’ and ‘marketing’ cookies). When you reach our website, you can choose whether to allow it by choosing your preferences.

You can also disable cookies at any time by modifying your browser’s settings. Please note, however, that such change may cause issues with using certain features of our website. Find more about our cookie policy here.

As a company based in the EU, we treat the pseudonymous data collected with cookies as personal data under the EU General Data Protection Regulation (“GDPR”), and as a result, we comply with all of the GDPR’s legal and technical requirements for processing such data.

HOW DO WE USE YOUR DATA

We can only use the personally identifiable information you give in the contact form to respond to your inquiry.

We use non-personally identifiable information for a variety of purposes, including:

  • managing the website
  • tailoring the website’s functionalities and content to your specific preferences
  • performing statistical analyses of our website’s usage as well as evaluating your website behaviour
  • self-promotion i.e. to send you customized MainAd ads, specifically relating to current job openings at MainAd.

This type of automated data collection includes information about every website visitor.

  • We may also use your personal information to protect our rights and, if necessary, to pursue claims.

LEGAL BASIS FOR PROCESSING OF YOUR PERSONAL DATA

We must have a legal basis for processing your personal data to do so lawfully.

In general, we only collect personal data when: (i) we need it to fulfil our contractual obligations to you, (ii) the processing of the data is in our legitimate interests and those interests are not overridden by your rights, or (iii) we have received your data processing authorization.

The personally identifiable information provided in the contact forms is processed according to your authorization before sending it to us.

The non-personally identifiable information we collect automatically is processed in accordance with GDPR Article 6, i.e. to execute a contract of electronically delivered services you enter into when using our services (including managing the website and adjusting it to your individual preferences).

Your data may also be processed in accordance with Article GDPR – for the purposes of pursuing our legitimate interests (such as conducting technical analysis, developing functionalities of the website as well as providing you information about job opportunities and ongoing recruitment processes at MainAd and for self-promotion purposes), so long as they do not conflict with your interests or basic rights and freedoms.

Processing purposes

Your personal data (“User”) will be processed by us (“Data Controller”) lawfully by the Data Controller pursuant to Article 6 of the Regulation for the following processing purposes:

Contractual obligations and provision of the service, personal data are processed by the Data Controller for the purpose of following up the User’s request relating to the receipt of the Data Controller’s insight report, as well as for evaluating customer satisfaction and fulfil the User’s specific requests. User data collected by the Data Controller for this purpose include: first name, last name, company name and e-mail address. Unless the User gives the Data Controller a specific and optional consent to the processing of their data for the further purposes set out in the following sections, the User’s personal data will be used by the Data Controller for the sole purpose of ascertaining the identity of the User, thus avoiding possible scams or abuses, and contacting the User only for service reasons (e.g. sending of notifications regarding the services offered by the Data Controller). Notwithstanding the provisions contained elsewhere in this privacy policy, under no circumstances will the Data Controller make the personal data of the Users accessible to other Users and/or third parties.

Administrative and accounting purposes, or to perform organizational, administrative, financial and accounting activities, such as internal organizational activities and activities functional to the fulfilment of contractual and pre-contractual obligations.

Legal obligations, or to fulfil obligations provided by the law, an authority, a regulation or European legislation.

The provision of personal data for the processing purposes indicated above is optional but necessary; failure to provide the data will make it impossible to download the report and use the services we offer

The personal data necessary for the purposes of the processing described in this section are indicated with an asterisk in the registration form.

Other processing purposes: marketing and newsletter

With your free and optional consent, some of your personal data (name and e-mail address) may also be processed by us for marketing purposes (such as, for example, sending advertising material, direct sales and commercial communication or sending newsletters containing news on the subject sector relating to the activities and services we offer), or to contact you by e-mail, to propose the purchase of products and / or services offered by us and / or from third parties, to present offers, promotions and business opportunities from us and / or third parties.

In case of lack of consent, the possibility to download the report will not be prejudiced in any way.

In the event of consent, you may at any time revoke it by making a request in the manner indicated in the section 1 above.

You can also easily object to further sending of promotional communications via e-mail by clicking on the appropriate link for the withdrawal of consent, which is present in each promotional email. Once the consent has been revoked, we will send you an e-mail confirming the revocation of the consent.

We inform you that, following the exercise of the right to object to the sending of promotional communications via email, it is possible that you continue to receive further promotional messages for technical and operational reasons (e.g. formation of contact lists already completed shortly before receiving the opposition request). If you continue to receive promotional messages after 24 hours from the exercise of the right of opposition, please report the problem to us, using the contacts indicated in the section 1 above.

We will process your personal data using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.

Your personal data will be kept for the time strictly necessary to carry out the main purposes described in the section 5 or, in any case, as necessary for the protection in civil law of the interests of both Users and the Data Controller.

In the cases referred in the section 6, your personal data will be kept for the time strictly necessary to carry out the purposes explained therein and, in any case, as long as the law allows it to be kept for this purpose, including the judicial protection against legal request.

Transmission and dissemination of data

Our employees and / or collaborators in charge of maintaining the Site may become aware of your personal data. These subjects, formally appointed by the Data Controller as “Data Processors”, will process the User’s data exclusively for the purposes indicated in this information and in compliance with the provisions of the Applicable Regulations.

Your personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as “External Managers”, such as, by way of example, IT and logistics service providers, outsourced or cloud computing service providers, professionals and consultants.

We use HubSpot CRM for online marketing activities and customer relationship management. HubSpot Inc. is a software company from USA, with a branch in Ireland. By clicking [download], the User agrees that his personal data will be processed by HubSpot. Lear more about HubSpot’s privacy practices here.

Contact details:

HubSpot, Ground Floor, Two Dockland Central, Guild St, North Dock, Dublin, D01, Ireland, Telephone: +353 1 5187500 – e-mail: [email protected].

We use Google Analytics (including features of Universal Analytics) in accordance with Google Privacy Policy. Lear more about Google’s privacy practices at https://www.google.com/intl/en/policies/privacy.

You have the right to obtain a list of any Data Processors appointed by the Data Controller, by making a request to the Data Controller in the manner indicated in the section 1 above.

We may use third party data collection tools such as social media pixels (which redirect to our social media profiles), advertising campaign tools (which allow us to run advertising campaigns), external contact forms, surveys and so on.

We will choose these tools carefully and use them only for the reasons specified in this Policy and as requested by their developers, with particular attention to protecting your privacy. However, as they are outside of our environment, we suggest that you read their respective privacy policies before using them (see: Facebook Privacy Policy, LinkedIn Privacy Policy, Twitter Privacy Policy, Google Privacy Policy)

Rights of the Data subjects

Users may exercise their rights granted by the Applicable Law by contacting the Data Controller as follows:

By sending a registered letter with return receipt to the registered offices of the Data Controller (Privacy department – MainAd Srl, Via Raiale 285 P.O.Box 12, 65128 Pescara, Italy)

Pursuant to Applicable Regulations, the Data Controller informs that Users have the right to obtain indication (i) of the origin of personal data; (ii) the purposes and methods of the processing; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) of the identification details of the data controller and processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may come to aware of them as processors or agents.

Furthermore, Users have the right to obtain:

  1. Access, updating, rectification, or, when interested, integration of data;
  2. The cancellation, transformation into anonymous form or the restriction of data processed in breach of the law, including data that does not need to be stored in relation to the purposes for which the data was collected or subsequently processed;
  3. Certification to the effect that notification has been supplied of operations as per letters a) and b), as regards their content, to those to whom the data was communicated or disseminated, except for the case where notification proves impossible or requires the use of means clearly disproportionate to the right being protected.

Moreover, the Users have:

  1. The right to revoke consent at any time, if the processing is based on their consent;
  2. The right to data portability (the right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device), the right to limit processing of personal data and right of deletion (“the right to be forgotten”);
  3. The right to oppose to:
  4. In whole or part, for legitimate reasons, the processing of personal data relating to you for legitimate reasons even pertinent to the purpose of collection;
  5. In whole or part, the handling of personal data for the purpose of sending advertising or sales materials or for the carrying out of market research or for commercial communication purposes;
  • If personal data is processed for direct marketing purposes, at any time, to the processing of data for this purpose, including profiling in so far as it is related to such direct marketing.
  1. If it is deemed that the processing concerning their personal data violates the Regulation, the right to lodge a complaint with a Supervisory authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred). The Italian Supervisory Authority is the Data Protection Authority, with registered offices in Piazza Venezia No. 11, 00187 – Rome (http://www.garanteprivacy.it/).

The Data Controller is not responsible for updating all links viewed in this Privacy Policy, therefore, whenever a link does not work and/or is not updated, the Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.

DATA SECURITY MEASURES

We take technical and organizational measures to ensure an adequate level of security to address the identified risks, taking into account in particular the scope, context and purposes of the processing of personal data. The concepts of confidentiality, honesty and availability are strictly followed.

We store your data in high-level multi-tenant data centers managed by market leaders who have the necessary data security certifications (see: Google Cloud Privacy Policy; GoDaddy Privacy Policy). Data is replicated across multiple systems to protect against accidental loss or destruction, and backups are performed regularly.

Access to MainAd’s data processing systems is limited to employees who have been approved by the company’s management. To prevent unauthorized access and encrypt data transmission channels, we use security mechanisms such as file system permissions, application permissions and passwords, as well as various two-factor authentication techniques.

PRIVACY FOR MINORS

All the services we offer are reserved for people over the age of 18. Therefore, we do not collect personal data relating to individuals under the age of 18. Upon your request, we will promptly delete all personal data collected involuntarily and relating to individuals under the age of 18.

===============

The Data Controller is not responsible for updating all links viewed in this Privacy Policy, therefore, whenever a link does not work and/or is not updated, the Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.