The company AC75 startup accelerator s.p.a (P. IVA 02907050427) with registered office in Ancona (AN) alla Via Manifredo Fanti 9 cap 60121 as data controller (hereinafter the “Data Controller“) of the website https://ac75sa.com/ (Hereinafter the “Site“) informs the visitors of the Site (hereinafter the “Data Subject”) pursuant to art. 13 of the European regulation n. 2016/679, the General Data Protection Regulation (GDPR).
The Data Controller is aware of the importance of the processing of personal data of data subjects and, for this reason, takes care to indicate which data are processed and how these are processed. By proceeding with the navigation of the Site or indicating the willingness to use the services provided by the same, the interested party declares to have read and accepted this information (hereinafter “Information”), thus granting consent for the processing of personal data by the Data Controller.
For any information, doubt or request relating to this Policy, the Data Controller makes available to interested parties the following email address:
- help@ac75sa.com
What are your rights in relation to the processing of your personal data?
The Data Subject has the following rights:
- the right to be informed that there is an existing data processing concerning him or her and, if so, access to the personal data processed;
- right to rectification of personal data;
- the right to erasure (right to be forgotten) of personal data concerning him or her;
- the right to restrict the processing of personal data concerning him or her;
- the right to data portability in order to receive, or to have transmitted to another Data Controller, the personal data concerning him in a structured, commonly used and machine-readable format;
- right to object to the processing of personal data;
- the right to withdraw the consent previously issued;
- the right to lodge a complaint with the authorities responsible for a personal data breach.
How to exercise your rights?
The interested party may exercise their rights by writing to the email address indicated above.
The Data Controller does not intend to incur any cost to the Data Subjects to exercise one of their rights, but to do this the Data Controller may request specific information to follow up the communications of the Data Subject in relation to the rights.
These communications are usually received within 30 days of receipt of the communication itself, but if this deadline cannot be respected (e.g., due to excessive load of requests or complexity of the response) it will be the responsibility of the Data Controller to inform the Data Subject and keep it updated on the developments of the communication sent.
What personal data are processed?
The Data Controller processes the personal data that are provided by both the Data Subject and third parties to be able to follow up the contact requests of the Data Subject received through the Site (hereinafter the “Services”).
a) Data provided directly by the data subject
Data subject | Purpose | Types of data | Conservation |
website visitors | Website usageNewsletterRespect the legal, regulatory and protection obligations of the Data Controller | Personal dataTechnical Data | The storage of technical data concerning the use of the website until the provision of individual Services is terminated.The data collected for sending newsletters will be stored up to 24 months.Personal data will be stored for the period determined by law, regulation and/or by the reference authority. |
Data subject | Purpose | Types of data | Conservation |
Business Angel | Management of the contractual relationship, based on art. 6, co. 1, lett. b) of the GDPR; | Personal dataData relating to previous professional career.Data on your jobFinancial dataPayment data | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Fulfilling tax obligations, based on art. 6, co. 1, lett. c) of the GDPR | for contractual purposes personal data will be kept for the period necessary to fulfil contractual obligations; | ||
Update on investment opportunities, based on art. 6, co. 1, lett. f) of the GDPR, or the legitimate interest of the Data Controller to process data in relation to its activity, if the personal data are not collected directly by the Data Subject. | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Data subject | Purpose | Types of data | Conservation |
Immersive Talen Program | Management of the contractual relationship, based on art. 6, co. 1, lett. b) of the GDPR; | Personal dataData relating to previous professional career.Data relating to University careerPayment data | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Fulfilling tax obligations, based on art. 6, co. 1, lett. c) of the GDPR | for contractual purposes personal data will be kept for the period necessary to fulfil contractual obligations; |
Data subject | Purpose | Types of data | Conservation |
Next Age | Management of the contractual relationship, based on art. 6, co. 1, lett. b) of the GDPR; | Personal dataData relating to previous professional career.Data on your jobFinancial dataPayment data | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Fulfilling tax obligations, based on art. 6, co. 1, lett. c) of the GDPR | for contractual purposes personal data will be kept for the period necessary to fulfil contractual obligations; | ||
Update on investment opportunities, based on art. 6, co. 1, lett. f) of the GDPR, or the legitimate interest of the Data Controller to process data in relation to its activity, if the personal data are not collected directly by the Data Subject. | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Data subject | Purpose | Types of data | Conservation |
Open innovation | Management of the contractual relationship, based on art. 6, co. 1, lett. b) of the GDPR; | Personal dataData relating to previous professional career.Data on your jobPayment data | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Fulfilling tax obligations, based on art. 6, co. 1, lett. c) of the GDPR | for contractual purposes personal data will be kept for the period necessary to fulfil contractual obligations; |
Data subject | Purpose | Types of data | Conservation |
Spinoff universitari | Management of the contractual relationship, based on art. 6, co. 1, lett. b) of the GDPR; | Personal dataData relating to previous professional careerData on your job positionData relating to university careerPayment data | for the purposes of updating on investment opportunities the data will be kept for a period of 12 (twelve) months. |
Fulfilling tax obligations, based on art. 6, co. 1, lett. c) of the GDPR | for contractual purposes personal data will be kept for the period necessary to fulfil contractual obligations; |
b) Data collected by third parties
Third party source of personal data | Types of data |
Analytics providers | behavioural data technical Data |
Aggregate data
The Data Controller may collect, use and share aggregated data, such as statistical or demographic data, for any purpose.
Aggregated data may derive from the personal data of the Data Subject, but once aggregated they do not constitute personal data under the GDPR as they are not able to identify the Data Subject directly or indirectly. However, if the Data Controller combines or connects the aggregated data with the personal data of the Data Subject to allow the identification of the Data Subject, directly or indirectly, the Data Controller will process the resulting data in accordance with the provisions of the Policy.
Particular data
The Data Controller does not process any particular category of data of the Data Subject (Particular data means data relating to ethnic or racial origin, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, genetic, biometric and health data) as it does not deal with any data relating to criminal convictions and offences relating to the data subject.
Why is personal data processed?
The Data Controller processes personal data for the following purposes indicated in the table below.
The GDPR requires that, for each purpose of processing personal data, the Data Controller has a legal basis to carry out the processing.
The Data Controller may process the personal data of the Data Subjects through their consent as a legal basis for the processing. Consent can be revoked at any time, but the processing carried out until the withdrawal of consent cannot be affected.
Below is a summary table of the finals and their description:
What happens if the data subject does not provide the necessary personal data?
If the data are necessary to provide the Services and to provide support to the Data Subjects, the Data Controller will not be able to provide and support the Data Subject in their requests. In this case, the Data Controller may alternatively request the integration of personal data or delete the personal data of the Data Subject by preventing the provision of the Services.
For purposes other than the provision of the Services and the Provision of Support to Data Subjects, the provision of data is optional and failure to provide personal data will not affect the aforementioned purposes of Processing.
To whom is personal data communicated and disclosed?
a) Communication
The personal data of the Data Subjects may be communicated to third parties with respect to the Data Controller, as best indicated in the following table:
Recipients | Purpose of the communication |
Data controllers, authorised data processors | to fulfil contractual obligations |
Providers | The providers of the Data Controller support it in the provision of the Services with, without limitation, development of the Site, hosting, maintenance, backup, virtual infrastructure. |
Commercial partner | to fulfil contractual obligations |
External consultants | In case of legal obligations or obligations relating to a relationship established with the Data Subject, the Data Controller may communicate personal data to external consultants, such as, for example, the accountant and the lawyer. |
Judicial authorities and proceedings | The Data Controller may communicate the personal data of the data subjects to state and/or administrative and/or judicial authorities if this is mandatory according to the law, regulations or measures of the authorities or to defend its own right and/or interests. |
Accounting/tax study | Fulfilment of legal obligations of tax retention |
Credit/ payment/ banking/ postal/ insurance institutions | Management of payments and insurance policies |
External professionals | to fulfil contractual obligations other than tax |
Public institute as university | to fulfil contractual obligations |
b) Dissemination
Your personal data will not be disclosed.
Where do we store personal data?
The Data Controller stores personal data in paper archives within the Data Controller’s headquarters, as well as computer files located both within the European Union and outside the European Union if this is instrumental to the pursuit of the purposes indicated above. In the latter case, the Data Controller ensures that companies not having offices within the European Union are treating personal data with the utmost confidentiality in compliance with the adequacy decisions of the European Commission, of any Privacy Shield or, where necessary, by concluding agreements ensuring an adequate level of protection.
How is personal data processed?
The Data Controller processes the personal data of the Data Subjects by adopting appropriate security measures to prevent unauthorized access, disclosure, modification and destruction.
The processing of data is carried out through computer procedures, telematic means and, on a residual basis, on paper by internal subjects specially authorized by the external managers in case appointed, and this also on the basis of existing contractual agreements.
What is the policy on the processing of children’s data?
The Data Controller is aware of the sensitivity of the data processing of minors. In particular, the Services do not want to be provided to children under 14 years of age and the Data Controller does not voluntarily process data of children under 14 years of age: in this sense, Data Subjects are requested not to request the provision of the Services in case the age is less than 14 years.
The Owner encourages those who exercise parental responsibility on children under 14 years of age to check that they do not require the provision of the Services and, in any case, to educate children under 14 years of age not to release their personal data through the Site.
If the Data Controller becomes aware that some personal data refer to children under 14 years, the Data Controller will take steps to delete the personal data.
What if there are links to other websites?
The Data Controller informs the Data Subjects that this Policy applies only to the Site and, if there are links to other websites, the Data Subject must verify the information of these sites before releasing their personal data.
The Data Controller takes no responsibility for the personal data provided by the Data Subjects on other websites.
Changes to the Policy
The Data Controller reserves the right to modify this Policy at any time. In case of changes, the Data Controller will upload on this page the new information and, in this sense, if he urges the Data Subject to check the changes of the Information: The Data Subject can see the history of the information by checking the date on purpose.
By continuing to use the Site after the changes, the Data Subject accepts these changes and consents to the data processing as amended.