EGLA – European Gambling Lawyers & Advisors
in accordance with article 13 of GDPR – Regulation EU no. 679/2016
EGLA s.r.l., with registered office in Rome (Italy), at Viale Regina Margherita no. 93 – 00198, (hereinafter, the “Company” or “We” or “Us”) acting as Data Controller, processes the personal data of the subjects (the “Users”) who use, visit, view the site www.egla.eu (the “Site”) in accordance with the provisions of Regulation EU no. 2016/679 (“GDPR”) on the processing of personal data, as well as with the provisions provided by the Italian Legislative Decree n.196 30 June 2003, according to the purposes of this Policy.
For any information concerning the processing data, please contact the Company’s DPO – Data Protection Officer at the email address: firstname.lastname@example.org.
The Personal Data Processing
We may use the personal data relating to an identified and/or identifiable, directly or indirectly, User collected through the Site. The personal data process will be:
- a) lawful, correct and transparent towards the relevant User;
- b) specific, explicit and legitimate;
- c) appropriate, relevant and limited to what is necessary with respect to the purposes for which personal data are processed;
- d) limited, even temporally, for a period not exceeding the achievement of the purposes for which they are processed. Personal data may be stored for additional periods, if it is necessary for the implementation of dispositions provided for by applicable laws;
- e) appropriate with respect to the security of personal data in order to combat unauthorized or illegal processing resulting from accidental loss, destruction or accidental damage, through appropriate technical and organizational measures.
In compliance with the provisions of article 6 of GDPR, We process your personal data when:
- a) User’s consent has been given to the processing data;
- b) the processing data is necessary for the complete and correct execution of the request made by the User;
- c) it is necessary for compliance with obligations deriving from the law or regulations to which EGLA is subject, including the anti-money laundering regulations;
- d) it is necessary for pursuing the legitimate interest of the Data Controller or third parties, even if the request derives from the competent Authority.
Type of data processed
We collect and process the personal data of Users as natural persons, as defined by the article 4 of GDPR: “any information concerning an identified or identifiable (” interested “) natural person; the natural person who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity is considered identifiable, …; “.
Specifically, when necessary for the request made on the Site, we collect and process the Users’ personal data, including name, surname and possibly date of birth. All this information is provided directly by the User.
Personal Data Storage
In line with art. 4, para. 1, no. 2 of GDPR, the processing data means ” any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;“.
Therefore, We may process, collect and store your personal data on paper and electronic supports, for the period established by the applicable law, including anti-money laundering legislation.
In any case, We will ensure that the processing data will take place in accordance with the principles of correctness, lawfulness and transparency, in order to constantly protect the Users’ personal data and rights, as well as the natural persons involved, in line with the mandate and/or work.
In addition, personal data will be processed appropriately, relevantly and limited to the above purposes.
Personal Data Transfer
Personal data, limited to the purposes of advice and assistance requested through the Site, may be shared with third parties, including external collaborators, associates, colleagues and, more generally, to companies of public or private law that need it for the correct fulfilment of the above purposes.
In some cases, We are obliged to communicate personal data to public entities, according to the applicable legislation. This information will be shared with, when necessary, for example, the judicial authority, police authorities, etc.
In addition, it is possible We transfer personal data outside the national territory, to both intra-European and non-European countries.
In case the European Commission considers the non-European State to be inadequate in terms of the protection and security of personal data, EGLA will take the most suitable and appropriate measures in relation to the specific case, for such protection. Consequently, any transfer will take place in accordance with the appropriate and opportune guarantees, as contractual clauses type for the data protection, under the applicable legislation and in particular with articles 45 and 46 of GDPR.
The GDPR provides for the right to obtain, at any time, confirmation of the existence or not of personal data concerning the Users; the right to know its content and source; the right to verify its correctness and to obtain its integration, update or correction. Therefore, the Users have the right to obtain the cancellation, pseudonymization or blocking of data processing in case of violation of the law, as well as the right to refuse, in any case, for legitimate interests, the processing data.
In addition, in line with the provisions of the GDPR, the Users have the right to:
- Request the restriction of processing data in the case that:
- if the accuracy of the data is disputed, for the period necessary for the same verification;
- the processing data is illegal and erasure is requested;
- the processing data is necessary to ascertain, exercise or defend a right in court;
- the processing data has been opposed pursuant to article 21 par. 1 of GDPR;
- Oppose the processing data ;
- Request updating, rectifying, integrating, modifying, deleting, or pseudonymizing your personal data;
- Obtain data portability in a standardised format;
- Request the right to be forgotten;
- File a complaint to supervisory authority, namely Garante per la Protezione dei Dati Personali, as long as all the conditions exist.
Please note that all requests to exercise the aforementioned rights must be sent to Us via email at: email@example.com, inserting “GDPR” as reference.
Last updated: 08/10/2020