Privacy Policy

This Application collects some Personal Data of its Users.

 

Data Controller

 

WORLD YACHT SERVICE SRL – Via Gramsci 20G, Gravina di Catania, 95030 (CT)

info@worldyachts.eu

 

Types of Data collected

 

Among the Personal Data collected by this Application, autonomously or through third parties, there are: email, first name, last name, Cookie, Usage Data, telephone number, profession, province, country, postcode, date of birth, city, address, company name, website, various types of Data, gender, VAT number, Tax Code, business sector, User ID, geographic location, image, About Me, Data disclosed while using the service, username, Room Permission and unique device identifiers for advertising (Google Advertiser ID or IDFA identifier, for example).

Other Personal Data collected may be indicated in other sections of this privacy policy or by means of informative texts displayed at the same time as the Data collection.

Full details on each type of Data collected are provided in the relevant sections of this privacy policy or through specific information texts displayed prior to the collection of such Data.

Personal Data may be entered voluntarily by the User or collected automatically during the use of this Application.

Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to provide them, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its operation.

Users in doubt as to which Data are mandatory are encouraged to contact the Data Controller.

The possible use of Cookies – or of other tracking tools – by this Application or by the owners of third party services used by this Application, unless otherwise specified, has the purpose of identifying the User and recording his/her preferences for purposes strictly related to the provision of the service requested by the User.

Failure by the User to provide certain Personal Data may prevent this Application from providing its services.

The User assumes responsibility for the Personal Data of third parties published or shared through this Application and guarantees that he/she has the right to communicate or disseminate them, releasing the Owner from any liability towards third parties.

 

Method and place of processing of collected Data

Methods of processing

The Data Controller processes Users’ Personal Data by adopting appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

Processing is carried out by means of computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, categories of people involved in the organisation of the site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.

 

Legal basis of the processing

The Data Controller processes Personal Data relating to the User where one of the following conditions exists

 

the User has given consent for one or more specific purposes; Note: in some jurisdictions the Controller may be authorised to process Personal Data without the need for the User’s consent or another of the legal bases specified below, until the User objects (‘opt-out’).

object (‘opt-out’) to such processing. However, this does not apply if the processing of Personal Data is governed by European legislation on the protection of Personal Data;

the processing is necessary for the performance of a contract with the User and/or the performance of pre-contractual measures;

 processing is necessary for the performance of a legal obligation to which the Controller is subject;

 processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority vested in the Controller;

processing is necessary for the pursuit of the legitimate interest of the Controller or of third parties.

However, it is always possible to request the Controller to clarify the concrete legal basis of each processing operation and in particular to specify whether the processing is based on the law, required by a contract

or necessary to conclude a contract.

 

 

Place

 

The Data are processed at the Data Controller’s premises and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller.

The User’s Personal Data may be transferred to a country other than the country in which the User is located. To obtain further information on the location of the processing, the User may refer to the section on Personal Data processing details.

The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organisation under public international law or consisting of two or more countries, such as the UN, as well as about the security measures taken by the Controller to protect the Data.

 

Should one of the transfers just described take place, the User may refer to the respective sections of this document or request information from the Controller by contacting him at the contact details given at the beginning.

 

 

Storage period

 

 Data are processed and stored for the time required by the purposes for which they were collected.

Therefore:

 

Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed.

Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.

When the processing is based on the User’s consent, the Data Controller may keep the Personal Data longer until such consent is revoked. Moreover, the Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

 

At the end of the retention period the Personal Data will be deleted. Therefore, at the expiration of this period, the right of access, cancellation, rectification and the right to Data portability can no longer be exercised.

 

Purposes of the Data collected 

User Data are collected to enable the Data Controller to provide its Services, as well as for the following purposes: Accessing accounts on third party services, Contacting the User, Contact management and sending messages, Payment management, Managing support and contact requests, Hosting and backend infrastructure, Commenting on content, Social features, Tag management, Statistics, Interaction with social networks and external platforms, Heat mapping and session recording, Interaction with live chat platforms, Interaction with support and feedback platforms, Location-based interactions, Permissions to access Personal Data on the User’s device, Protection against SPAM, Advertising, Registration and authentication, Remarketing and behavioral targeting, Content and functionality performance testing (A/B testing), Transfer of Data outside the EU and Display of content from external platforms. 

To obtain further detailed information on the purposes of the processing and the Personal Data concretely relevant for each purpose, the User may refer to the relevant sections of this document.

 

Facebook permissions required by this Application

This Application may require certain Facebook permissions that allow it to perform actions with the User’s Facebook account and collect information, including Personal Data, from it. This service allows this Application to connect with the User’s account on the social network Facebook, provided by Facebook Inc.

For more information on the following permissions, please refer to the Facebook permissions documentation and Facebook’s privacy policy.

 

Basic information

The basic information of the User registered on Facebook normally includes the following Data: id, name, picture, gender and language and in some cases the Facebook ‘Friends’. If the User has made further Data publicly available, this will be available.

Details on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

 

Access to accounts on third party services

This type of services allow this Application to take Data from your accounts on third party services and perform actions with them.

These services are not activated automatically, but require the express authorisation of the User.

 

Facebook account access (this Application)

This service allows this Application to connect with the User’s account on the social network Facebook, provided by Facebook, Inc.

Required permissions: Access to private data. 

 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Access to the Twitter account (Twitter, Inc.)

This service allows this Application to connect with the User’s account on the social network Twitter, provided by Twitter, Inc.

Personal Data collected: various types of Data as specified in the privacy policy of the service. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Content commenting

The comment services allow Users to formulate and publish their own comments regarding the content of this Application.

Depending on the settings decided by the Owner, Users may also leave the comment in an anonymous form. If the Personal Data provided by the User includes email, this may be used to send notifications of comments regarding the same content. Users are responsible for the content of their comments.

In the event that a comment service provided by third parties is installed, it is possible that, even if Users do not use the comment service, the comment service may collect traffic data relating to the pages where the comment service is installed.

 

Facebook Comments (Facebook, Inc.)

Facebook Comments is a service operated by Facebook, Inc. that allows the User to leave comments and share them within the Facebook platform.

Personal Data Collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent.

 

Contacting the User

Mailing list or newsletter (this Application)

By registering to the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to whom email messages may be sent containing information, including information of a commercial and promotional nature, relating to this Application. The User’s email address may also be added to this list as a result of registering with this Application or after making a purchase.

Personal Data collected: Postcode, city, last name, Cookie, date of birth, Usage Data, email, address, country, name, telephone number, profession, province, company name and website. 

 

Contact by phone (this Application)

Users who have provided their telephone number may be contacted for commercial or promotional purposes related to this Application, as well as to fulfill support requests.

Personal data collected: telephone number. 

 

Contact form (this Application)

The User, by filling in the contact form with his/her Data, consents to the use of such Data to answer requests for information, quotations, or any other nature indicated in the header of the form.

Personal Data collected: Postcode, city, Tax Code, surname, date of birth, email, User ID, address, country, name, telephone number, VAT number, profession, province, company name, gender, business sector, website and various types of Data. 

 

Social features

Inviting and suggesting friends (this Application)

This Application may use the Personal Data provided to allow Users to invite their friends – e.g. through the address book, if access has been authorised – and to suggest friends or connections within it.

Personal Data collected: various types of Data. 

 

Public profile (this Application)

Users may have a public profile that can be viewed by other Users. In addition to the Personal Data provided, this profile may contain the User’s interactions with this Application.

Personal Data collected: city, surname, date of birth, email, picture, address, country, name, phone number, geographic location, profession, province and company name. 

 

Managing contacts and sending messages

This type of service allows the management of a database of email contacts, telephone contacts or contacts of any other type used to communicate with the User.

These services may also collect data on the date and time the User views messages, as well as the User’s interaction with them, such as information on clicks on links in messages.

 

Mailgun (Mailgun, Inc.)

Mailgun is an address management and email messaging service provided by Mailgun, Inc.

Personal Data collected: Last Name, Cookie, Date of Birth, Usage Data, Email, Address, Country, First Name, Phone Number, Profession, Gender and various types of Data. 

Place of processing: United States – Privacy Policy. 

 

Payment Management

Payment processing services allow this Application to process payments by credit card, bank transfer or other means. The data used for payment are acquired directly by the operator of the payment service requested without being processed in any way by this Application.

Some of these services may also allow for the scheduled sending of messages to the User, such as emails containing invoices or payment notifications.

 

Braintree (Paypal)

Braintree is a payment service provided by Braintree, a division of PayPal, Inc.

Personal Data collected: various types of Data as specified by the privacy policy of the service. 

Place of processing: See Paypal’s privacy policy – Privacy Policy.

 

PayPal (Paypal)

PayPal is a payment service provided by PayPal Inc., which allows the User to make online payments.

Personal Data collected: various types of Data as specified by the privacy policy of the service. 

Place of processing: See Paypal’s privacy policy – Privacy Policy. 

 

Hosting and backend infrastructure

The purpose of these types of services is to host Data and files that allow this Application to function, allow it to be distributed and provide a ready-to-use infrastructure to deliver specific functionalities of this Application.

Some of these services operate through servers located geographically in different places, making it difficult to determine the exact location where Personal Data is stored.

 

Google Cloud Storage (Google Inc.)

Google Cloud Storage is a hosting service provided by Google Inc.

Personal Data collected: various types of Data as specified by the privacy policy of the service. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Interaction with live chat platforms

This type of service makes it possible to interact with live chat platforms, managed by third parties, directly from the pages of this Application. This allows the User to contact the support service of this Application or this Application to contact the User while he is browsing its pages.

If a service for interacting with live chat platforms is installed, it is possible that, even if Users do not use the service, it may collect Usage Data relating to the pages on which it is installed. Furthermore, live chat conversations may be recorded.

 

Facebook Messenger Customer Chat (Facebook, Inc.)

Facebook Messenger Customer Chat is an interaction service with the Facebook Messenger live chat platform, provided by Facebook, Inc.

Personal data collected: Cookies, Data disclosed during use of the service, Usage data and About me. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Interaction with support and feedback platforms

This type of service enables interactions with support and feedback platforms, managed by third parties, directly from the pages of this Application.

If a service for interacting with support and feedback platforms is installed, it is possible that, even if Users do not use the service, it may collect Usage Data relating to the pages where it is installed.

 

Zendesk Widget (Zendesk, Inc.)

The Zendesk Widget is a service for interaction with the Zendesk support and feedback platform, provided by Zendesk Inc.

Personal Data collected: Last Name, Cookie, Usage Data, Email, First Name, Phone Number and Username. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Interaction with social networks and external platforms

This type of service allows for interactions with social networks, or other external platforms, directly from the pages of this Application.

The interactions and information acquired by this Application are in any case subject to the User’s privacy settings relating to each social network.

If a social network interaction service is installed, it is possible that, even if Users do not use the service, it may collect traffic data relating to the pages where it is installed.

 

Like button and social widgets of Facebook (Facebook, Inc.)

The Facebook ‘Like’ button and social widgets are services for interaction with the social network Facebook, provided by Facebook, Inc.

Personal data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Twitter Tweet button and social widgets (Twitter, Inc.)

The Tweet button and Twitter social widgets are services for interaction with the social network Twitter, provided by Twitter, Inc.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Pinterest ‘Pin it’ button and social widgets (Pinterest)

The Pinterest ‘Pin it’ button and social widgets are services for interacting with the Pinterest platform, provided by Pinterest Inc.

Personal data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. 

 

+1 button and Google+ social widgets (Google Inc.)

The +1 button and Google+ social widgets are services for interaction with the Google+ social network, provided by Google Inc.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Linkedin social button and widgets (LinkedIn Corporation)

LinkedIn’s social button and widgets are services for interaction with the Linkedin social network, provided by LinkedIn Corporation.

Personal Data Collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy.

 

PayPal button and widget (Paypal)

The PayPal button and widget are services for interaction with the PayPal platform, provided by PayPal Inc.

Personal Data collected: Cookies and Usage Data. 

Place of processing: See Paypal – Privacy Policy. 

 

Tumblr social button and widgets (Tumblr Inc.)

Tumblr’s social button and widgets are services for interacting with the Tumblr social network, provided by Tumblr Inc.

Personal data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. 

 

YouTube social button and widgets (Google Inc.)

The YouTube social button and widgets are services for interaction with the social network YouTube, provided by Google Inc.

Personal data collected: Usage data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Location-based interactions

Non-Continuous Geolocation (this Application)

This Application may collect, use and share Data related to the User’s geographical location in order to provide location-based services.

Most browsers and devices provide by default tools to deny geographical tracking. If the User has expressly authorised this possibility, this Application may receive information on his/her actual geographical location.

The geographical location of the User is tracked on a non-continuous basis, at the specific request of the User or when the User does not indicate his or her location in the appropriate field and allows the Application to automatically detect the location.

Personal Data collected: geographical location. 

 

Permissions to access Personal Data on the User’s device

This Application requires certain permissions from the User, who thereby authorises access to the Data on their device, under the terms set out below.

 

Permissions for access to Personal Data on the User’s device (this Application)

This Application requires the granting of certain permissions by the User, who thereby authorises access to the Data on his/her device, as summarised herein and under the terms set out in this document.

 

Personal Data collected: Room Permission. 

 

Protection against SPAM

This type of services analyses the traffic of this Application, potentially containing Users’ Personal Data, in order to filter it from parts of traffic, messages and content recognised as SPAM.

 

Google reCAPTCHA (Google Inc.)

Google reCAPTCHA is a SPAM protection service provided by Google Inc.

Use of reCAPTCHA is subject to Google’s privacy policy and terms of use.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Party to the Privacy Shield. 

 

Advertising

This type of services allow the use of User Data for commercial communication purposes in different forms of advertising, such as banners, also related to the User’s interests.

This does not mean that all Personal Data is used for this purpose. Data and conditions of use are set out below.

Some of the services mentioned below may use Cookies to identify the User or use the behavioral retargeting technique, i.e. displaying advertisements tailored to the User’s interests and behaviour, also detected outside this Application. For more information about this, we suggest you check the privacy policies of the respective services.

In addition to the opt-out possibilities offered by the services below, You may opt-out of receiving cookies from a third-party service by visiting the Network Advertising Initiative’s opt-out page.

 

eADV (eADV s.r.l.)

eADV is an advertising service provided by eADV s.r.l..

Personal data collected: Cookies and Usage Data. 

Place of processing: Italy – Privacy Policy. 

 

Facebook Audience Network (Facebook, Inc.)

Facebook Audience Network is an advertising service provided by Facebook, Inc. For an understanding of Facebook’s use of data, please see Facebook’s data policy.

To enable Facebook Audience Network to function, this Application may use certain mobile device identifiers (including Android Advertising ID or Advertising Identifier for OS) or cookie-like technologies. One of the ways in which Audience Network offers advertisements to the User is by using the User’s advertising preferences. The User can control the sharing of his or her advertising preferences within the Facebook Ad settings.

The User can opt-out of certain Audience Network targeting functions via his/her device settings. For example, the User can change the advertising settings available for mobile devices, or follow the instructions applicable to Audience Network that may be included in this privacy policy.

Personal Data collected: Cookies, Usage Data and unique device identifiers for advertising (Google Advertiser ID or IDFA identifier, for example). 

Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield adherent. 

 

Registration and Authentication

By registering or authenticating, the User allows the Application to identify him/her and give him/her access to dedicated services.

Depending on what is indicated below, registration and authentication services may be provided with the help of third parties. If this happens, this Application may access some Data stored by the third-party service used for registration or identification.

 

Facebook Authentication (Facebook, Inc.)

Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and connected to the social network Facebook.

Personal Data collected: various types of Data as specified by the privacy policy of the service. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Log In with PayPal (Paypal)

Log In with PayPal is a registration and authentication service provided by PayPal Inc. and connected to the PayPal network.

Personal Data collected: various types of Data as specified by the privacy policy of the service. 

Place of processing: See the PayPal privacy policy – Privacy Policy. 

 

Remarketing and behavioral targeting

This type of service allows this Application and its partners to communicate, optimize and serve advertisements based on the User’s past use of this Application.

This activity is carried out by tracking Usage Data and the use of Cookies, information that is transferred to the partners to which the remarketing and behavioral targeting activity is linked.

In addition to the opt-out possibilities offered by the services below, the User may opt-out from receiving cookies related to a third-party service by visiting the Network Advertising Initiative opt-out page.

 

AdWords Remarketing (Google Inc.)

AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. that links the activity of this Application with the Adwords advertising network and the Doubleclick cookie.

Personal Data collected: Cookies and Usage Data. 

Place of Processing: United States – Privacy Policy – Opt Out.

 

Facebook Custom Audience (Facebook, Inc.)

Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that links the activity of this Application with the Facebook advertising network.

Personal data collected: Cookies and email. 

Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield Adherent. 

 

Facebook Remarketing (Facebook, Inc.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that links the activity of this Application with the Facebook advertising network.

Personal Data collected: Cookies and Usage Data. 

Place of Processing: United States – Privacy Policy – Opt Out. Privacy Shield Adherent. 

 

LinkedIn Website Retargeting (LinkedIn Corporation)

LinkedIn Website Retargeting is a remarketing and behavioral targeting service provided by LinkedIn Corporation that connects this Application’s activity with the LinkedIn advertising network.

Personal Data Collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy- Opt Out. 

 

Remarketing with Google Analytics for display advertising (Google Inc.)

Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity performed by Google Analytics and its Cookies with the Adwords advertising network and the Doubleclick Cookie.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy- Opt Out. Privacy Shield adherent. 

 

Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and serve to keep track of the User’s behaviour.

 

Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (‘Google’). Google uses the Personal Data collected in order to track and examine the use of this Application, compile reports and share them with other services developed by Google.

Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.

Personal Data collected: Cookies and Usage Data. 

Place of Processing: United States – Privacy Policy – Opt Out. Privacy Shield adherent.

 

Google Analytics with anonymized IP (Google Inc.)

Google Analytics is a web analytics service provided by Google Inc. (‘Google’). Google uses the Personal Data collected in order to track and examine the use of this Application, compile reports and share them with other services developed by Google.

Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.

This Google Analytics integration anonymises your IP address. The anonymisation works by shortening the IP address of Users within the borders of the member states of the European Union or in other countries which are parties to the Agreement on the European Economic Area. Only in exceptional cases will the IP address be sent to Google’s servers and abbreviated within the United States.

Personal data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield adherent. 

 

ShinyStat (Triboo Data Analytics S.R.L.)

ShinyStat (ShinyStat Business, ShinyStat Pro or ShinyStat ISP) is a statistics service provided by Triboo Data Analytics S.R.L.. 

This statistics service makes the User’s IP address anonymous.

Personal Data collected: Cookies and Usage Data. 

Place of processing: Italy – Privacy Policy – Opt Out. 

 

ShinyStat Free (Triboo Data Analytics S.R.L.)

ShinyStat Free is a statistics service provided by Triboo Data Analytics S.R.L.

This statistics service makes the User’s IP address anonymous.

Personal Data collected: Cookies and Usage Data. 

Place of processing: Italy – Privacy Policy – Opt Out. 

 

Performance testing of content and functionality (A/B testing)

The services contained in this section allow the Data Controller to track and analyse the User’s response, in terms of traffic or behaviour, to changes in the structure, text or any other component of this Application.

 

Google Website Optimizer (Google Inc.)

Google Website Optimizer is an A/B testing service provided by Google Inc. (‘Google’).

Google may use Personal Data to contextualise and personalise ads in its advertising network.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

 

Transfer of Data outside the EU

The Data Controller may transfer Personal Data collected within the EU to third countries (i.e., all non-EU countries) only in accordance with a specific legal basis. Therefore, such Data transfers are performed in accordance with one of the legal bases described below.

The User may request information from the Controller regarding the applicable legal basis concretely applicable to each individual service.

 

Transfer to third countries on the basis of standard contractual clauses (this Application)

When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place on the basis of standard Personal Data protection clauses adopted by the European Commission.

In such cases the recipients of the Data have agreed to treat the Personal Data in accordance with the levels of protection provided by the legislation. Users may request further information by contacting the Controller at the contact details indicated in this document.

 

Personal Data collected: various types of Data. 

 

Transfer to third countries based on consent (this Application)

When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place only when the User has expressly consented to such transfer after having been informed of the risks due to the absence of an adequacy decision and of the appropriate safeguards adopted.

In such cases, the Controller informs Users and collects their consent through this Application.

Personal Data collected: various types of Data. 

 

Transfer of Data to countries that guarantee European standards (this Application)

When this is the legal basis, the transfer of Personal Data from the EU to third countries takes place on the basis of an adequacy decision adopted by the European Commission. The European Commission adopts adequacy decisions with respect to individual third countries that it deems to ensure a level of protection of Personal Data comparable to the level provided by European legislation on the protection of Personal Data. The User can view the updated list of adequacy decisions on the European Commission’s website.

Personal Data collected: various types of Data. 

 

Transfer of Data from the EU and/or Switzerland to the United States on the basis of the Privacy Shield (this Application)

When this is the legal basis, the transfer of Personal Data from the EU or Switzerland to the United States takes place on the basis of the EU-US or Switzerland-US Privacy Shield agreement.

In particular, Personal Data is transferred to entities that have self-certified under the Privacy Shield and therefore guarantee an adequate level of protection for the transferred Data. The services affected by the transfer of Data are listed in the respective sections of this document. Among them, those adhering to the Privacy Shield can be identified by consulting the relevant privacy policy or by checking the status of their registration on the official Privacy Shield list.

 

Your rights under the Privacy Shield are described in continually updated form on the U.S. Department of Commerce website.

 

The transfer of Personal Data from the EU or Switzerland to the United States to entities that are not (or no longer) Privacy Shield members is only permissible under another valid legal basis. Users may request information from the Controller about such legal bases.

Personal Data collected: various types of Data. 

 

Display of content from external platforms

This type of service makes it possible to display content hosted on external platforms directly from the pages of this Application and to interact with them.

If a service of this type is installed, it is possible that, even if Users do not use the service, it collects traffic data relating to the pages where it is installed.

 

Google Fonts (Google Inc.)

Google Fonts is a font display service managed by Google Inc. that allows this Application to integrate such contents in its pages.

Personal Data collected: Usage Data and various types of Data as specified by the privacy policy of the service. 

Place of processing: United States – Privacy Policy. Privacy Shield adherent. 

Vimeo Video (Vimeo, LLC)

Vimeo is a video content display service operated by Vimeo, LLC that allows this Application to integrate such content within its pages.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. 

 

Google Maps Widget (Google Inc.)

Google Maps is a map display service operated by Google Inc. that allows this Application to integrate such content into its pages.

Personal data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield Adherent. 

 

TripAdvisor Widget (TripAdvisor LLC)

TripAdvisor Widget is a content display service operated by TripAdvisor LLC that allows this Application to embed content from this external platform within its pages.

Personal Data Collected: Cookies and Usage Data. 

Place of Processing: United States – Privacy Policy. 

 

Weather Widget (Open Weather)

Weather Widget is a content display service operated by Open Weather.

Personal Data collected: Usage Data. 

Place of processing: Italy – Privacy Policy. 

 

Instagram Widget (Instagram, Inc.)

Instagram is an image display service operated by Instagram, Inc. that allows this Application to integrate such content within its pages.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. 

 

SoundCloud Widget (SoundCloud Limited)

SoundCloud is an audio content delivery service operated by SoundCloud Limited that allows this Application to integrate such content within its pages.

Personal Data collected: Usage Data. 

Place of processing: Germany – Privacy Policy. 

 

YouTube Video Widget (Google Inc.)

YouTube is a video content display service operated by Google Inc. that allows this Application to integrate such content into its pages.

Personal Data collected: Cookies and Usage Data. 

Place of processing: United States – Privacy Policy. Privacy Shield Adherent. 

 

YouTube video widget without cookies (Google Inc.)

YouTube is a video content display service operated by Google Inc. that allows this Application to integrate such content within its pages.

This widget is set up so that YouTube does not save information and cookies about Users on this Application unless they play the video.

Personal Data Collected: Usage Data. 

Place of Processing: United States – Privacy Policy. Privacy Shield Adherent.

 

Analysis of User Data and forecasts (‘profiling’)

The Owner may process the Usage Data collected through this Application to create or update user profiles. This type of processing allows the Owner to evaluate the User’s choices, preferences and behaviour for the purposes specified in the respective sections of this document.

User profiles may also be created using automated tools, such as algorithms, which may also be offered by third parties. For further information on profiling activities, the User may refer to the respective sections of this document.

The User has the right to object to such profiling activity at any time. To find out more about the User’s rights and how to exercise them, the User may refer to the section of this document on Users’ rights.

 

Personal Data collected through sources other than the User

The Owner of this Application may have legitimately collected Personal Data relating to the User without the User’s involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section on the legal bases for processing.

If the Controller has collected Personal Data in such a way, the User can find specific information about the sources in the respective sections of this document or by contacting the Controller.

 

Online sale of goods and services

The Personal Data collected is used for the provision of services to the User or for the sale of products, including payment and possible delivery. The Personal Data collected to finalise payment may be that relating to the credit card, bank account used for the transfer or other payment instruments provided. The Payment Data collected by this Application depends on the payment system used.

 

User Rights

Users may exercise certain rights with reference to the Data processed by the Data Controller.

In particular, the User has the right to

revoke consent at any time. The User may revoke the consent to the processing of its Personal Data previously expressed. 

object to the processing of their Data. The User may object to the processing of its Data when it is done on a legal basis other than consent. Further details on the right to object are set out in the section below.

access to their Data. The User has the right to obtain information on the Data processed by the Controller, on certain aspects of the processing and to receive a copy of the Data processed.

verify and request rectification. The User may verify the correctness of its Data and request that it be updated or corrected. 


obtain the restriction of the processing. When certain conditions are met, the User may request the restriction of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its preservation.

obtain the deletion or removal of their Personal Data. When certain conditions are met, the User may request the deletion of its Data by the Data Controller.


receive their Data or have them transferred to another Data Controller. The User has the right to receive its Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without hindrance to another data controller. This provision is applicable when the Data are processed by automated means and the processing is based on the User’s consent, on a contract to which the User is party or on contractual measures related thereto.

Proposing a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.

Details of the right to object

When Personal Data are processed in the public interest, in the exercise of public authority vested in the Controller or in pursuit of a legitimate interest of the Controller, Users have the right to object to the processing for reasons related to their particular situation.

Users are reminded that if their Data are processed for direct marketing purposes, they may object to the processing without giving any reason. To find out whether the Controller processes Data for direct marketing purposes, Users may refer to the respective sections of this document.

How to exercise rights

To exercise their rights, Users may address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.

 

 

Further information on Personal Data

 

Online sale of goods and services

The Personal Data collected is used for the provision of services to the User or for the sale of products, including payment and possible delivery.

The Personal Data collected to finalise payment may be that relating to the credit card, bank account used for the transfer or other payment instruments provided. The Payment Data collected by this Application depends on the payment system used.

 

 

 

Further information on processing

Legal defence

The User’s Personal Data may be used for the Owner’s defence in legal proceedings or in the stages preparatory to its possible establishment, against abuses in the use of the same or related services by the User.

The User declares that he/she is aware that the Data Controller may be required to disclose the Data at the request of public authorities.

 

Specific disclosures

At the User’s request, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific services, or the collection and processing of Personal Data.

 

System logs and maintenance

For operation and maintenance purposes, this Application and any third party services used by it may collect System Logs, i.e. files that record interactions and that may also contain Personal Data, such as the User’s IP address.

 

Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact information.

 

Exercise of rights by Users

The subjects to whom the Personal Data refer have the right at any time to obtain confirmation of the existence or non-existence of such data with the Data Controller, to know its content and origin, to request a copy of all processed data, to verify its accuracy or request its integration, to request the deletion of the account and processed data, to update, rectify, transform into an anonymous form or block Personal Data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, its processing. Requests should be addressed to the Data Controller.

For any request regarding the processing of your data on www.worldyachts.eu write to info@worldyachts.eu.

This Application does not support ‘Do Not Track’ requests. To find out whether any third party services used support them, please consult their privacy policies.

 

Changes to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page. Therefore, please consult this page often, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this privacy policy, you must cease using this Application and may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to the Personal Data collected up to that point.

 

About this privacy policy

The Data Controller is responsible for this privacy policy, drafted on the basis of forms prepared by Iubenda and stored on its servers.

 

 

Definitions and legal references

 

Personal Data (or Data)

Personal Data is any information relating to a natural person, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.

 

Usage Data

 ), the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the length of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s IT environment.

 

User

The individual who uses this Application, who must coincide with the Data Subject or be authorised by him/her and whose Personal Data are processed.

 

Data Subject

The natural or legal person to whom the Personal Data refer.

 

Data Controller (or Processor)

The natural person, legal entity, public administration and any other body, association or organisation appointed by the Controller to process Personal Data, in accordance with the provisions of this privacy policy.

 

Data Controller (or Owner)

The natural person, legal entity, public administration and any other body, association or body which is responsible, also jointly with another owner, for deciding on the purposes, methods of processing of Personal Data and the tools used, including the security profile, in relation to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

 

This Application

The hardware or software tool through which Users’ Personal Data are collected.

 

Cookie

A small piece of data stored within the User’s device.

 

Legal references

This Privacy Policy is drafted on the basis of multiple legislative orders, including Articles 13 and 14 of Regulation (EU) 2016/679.

This privacy policy relates exclusively to this Application.

 

Contact

If you have any questions regarding this Privacy Policy, please contact us at info@worldyachts.eu

 

Date last revised: 11 November 2022