Privacy Notice

This privacy notice (“Notice”) applies to the processing of personal data (“Personal Data”) of the users (“User/s” or “Data Subject/s”) carried out by Proxima S.r.l. (“Data Controller” or “Company”) through its “HTASK” application (“App”) in accordance with Regulation (EU) 2016/679 - General Data Protection Regulation (“GDPR”), as well as the Italian Legislative Decree 196/2003 (as amended) and other applicable local laws, as amended or replaced (jointly, “Applicable Privacy Laws”).

I. Data Controller’s contact details

The Data Controller is Proxima S.r.l., based in Bologna (Italy).

Email: htask.digest@gmail.com

II. Categories of the processed Personal Data, purposes and legal bases for the processing

The Company processes the following categories of Personal Data, for the purposes and on the legal bases indicated below.

PurposeLegal basisCategories of processed data
  1. To enable Users to use the App (e.g. to create or modify an account, to edit videos, to send technical information about the App and how it works).

The legal basis for the processing is performance of a contractual relationship with the User (art. 6(1)(b) of the GDPR).

Identifiers and Internet and Network Activity Information such as IP address, device model, device type, OS version, device language, device name, country set by Users in their device settings, information about content accessed by Users in the App, unique identifier assigned by the Company to devices, and IDFA.

  1. To carry out activities aimed at improving the user experience (e.g. research activities aimed at improving products and services, and to assess customer satisfaction in relation to the App).

The legal basis for the processing is legitimate interest of the Data Controller (art. 6(1)(f) of GDPR).

The legitimate interest of the Data Controller is to improve its products and services.

Identification and contact information (such as name, age, social media handle, email address, when requested) and information collected to improve the App’s functionalities (such as user surveys, information about the content and screens Users access in the App, buttons Users tap within the App, options and settings Users select within the App, and other related information about the usage of the App)

  1. To fulfill Company’s legal obligations and any other obligation eventually arising from the authorities’ instructions.

The legal basis for the processing is compliance with a legal obligation to which the Data Controller is subject (art. 6(1)(c) of the GDPR).

Any information which may be requested by law or under the authorities’ instructions.

  1. To process any request for information or clarification raised by Data Subjects (and enable them to contact the Company’s support staff).

The legal basis for the processing is legitimate interest of the Data Controller (art. 6(1)(f) of GDPR).

The legitimate interest of the Data Controller is to process and to respond to Data Subjects’ requests appropriately

Identification and contact information as disclosed by the Data Subject submitting the request (such as name, email address).

Potential further information inserted within the contents of Data Subjects’ request.

  1. To claim or defend a right of the Company and its employees, and to carry out corporate transactions or operations (e.g. bankruptcy, merger, acquisition, reorganization, sale of assets or assignments, and due diligences).

The legal basis for the processing is legitimate interest of the Data Controller (art. 6(1)(f) of GDPR).

The legitimate interest of the Data Controller is to ensure the protection of the Company’s rights and to carry out corporate transactions or operations.

Any information necessary to ensure the performance of these purposes.

III. Data retention of User’s Personal Data

Personal Data may be processed by both paper and electronic means. Data Subjects’ Personal Data may be stored at the Data Controller’s and at its service providers’ premises. The Data Controller adopts technical and organizational measures to prevent the loss, improper use and alteration of Data Subjects’ Personal Data. In some cases, the Data Controller may also adopt data encryption measures. However, transmissions over the Internet are never 100% secure, and Data Subjects should not provide any Personal Data if they want to avoid any risk.

Personal Data processed for the purposes referred to in Points II.a), II.c), II.d) and II.e) will be kept for a period not exceeding the one necessary for the said purposes and, in each case, for no more than 10 (ten) years from the termination of the agreement (i.e., after the cancellation of the App’s account) except for any legal obligation that sets a longer data retention period. At the end of this period, the processed data will be deleted or anonymized.

User’s Personal Data processed for the purpose referred to in Points II.b) will be kept for no more than 2 (two) years from the termination of the agreement (i.e., after the deletion of the App’s account) except for any legal obligation that sets a longer data retention period. At the end of this period, the processed data will be deleted or anonymized.

IV. User’s choices with regard to their Personal Data

The provision of User’s Personal Data for the purposes referred to in points II.a) and II.c) above is mandatory. Any refusal to provide the requested data could make it impossible to enjoy the App’s services.

The processing of User’s Personal Data for the purposes referred to in Points II.b), II.d), and II.e) above occurs on the basis of the legitimate interest of the Data Controller, pursuant to art. 6(1)(f) of the GDPR. At any time, Data Subjects can exercise the rights referred to in point VII to have such processing ceased.

Users may manage how their mobile device shares certain information with the Data Controller by adjusting the privacy and security settings on the mobile device. Users should refer to instructions provided by their mobile service provider or the manufacturer of their device to learn how to adjust their settings.

V. Recipients of Personal Data

Personal Data may be disclosed to the following categories of recipients:

  • public, judicial or police authorities, within the limits established by applicable laws and regulations;

  • third parties carrying out activities that are related or instrumental to the Data Controller’s business and operational activities, as outsourced data processors duly appointed in writing by the Company in accordance to the Applicable Privacy Laws or acting as autonomous data controllers (such as, by way of example only, suppliers providing IT maintenance and development services, IT or storage service providers, and suppliers of mobile marketing services if and when this Notice includes marketing activities among its purposes in Point II).

The complete and updated list of such entities is available for consultation, upon request, at the Company’s headquarters or by sending an email to htask.digest@gmail.com. Personal Data will not be disclosed for any reason other than those stated above nor disseminated, unless such disclosure is deemed necessary for the fulfillment of legal obligations and/or regulations.

VI. Transfer of Personal Data outside the EEA

The Company may also transfer Personal Data of Data Subjects to countries located outside the European Economic Area (EEA). In such cases, the Company will ensure that such transfers are based on appropriate safeguards listed in the GDPR, including (a) the standard contractual clauses developed by the European Commission; (b) the decisions of adequacy of the European Commission concerning the States in which the addressees are based; (c) binding corporate rules adopted by the Company and approved by the competent authorities or that are parties of agreements with the Company in this regard.

Copies of appropriate warranties are available for consultation upon request at the Company's headquarters or by sending an email to htask.digest@gmail.com.

VII. Data Subject’s Rights

At any time and free of charge, Data Subjects can have or exercise the following rights, as specified in the GDPR:

  1. the right to be informed on the purposes and methods of the processing of their Personal Data;

  2. the right of access;

  3. the right to ask for updating, rectification or integration of their Personal Data;

  4. the right to request the deletion or erasure of their Personal Data, subject to certain exceptions under Applicable Privacy Laws;

  5. the right to restrict the processing of their Personal Data;

  6. the right to object to the processing of their Personal Data, wholly or partly, also where it is carried out through automated individual decision-making, including profiling;

  7. the right to withdraw the consent to the processing of their Personal Data (in such a case, the processing carried out before withdrawal of consent shall remain valid);

  8. the right to data portability (i.e., to receive a portable copy of their Personal Data).

Data Subjects also have the right to lodge a complaint before the competent national data protection or judicial authority.

To exercise their rights, Data Subjects may contact the Data Controller, in writing by sending a letter with proof of receipt to the Data Controller’s mailing address above, by sending an email to htask.digest@gmail.com. The Data Controller may take reasonable steps to verify Data Subjects’ identity prior to responding to their requests.

If a User is a California resident under the age of 18, in certain circumstances, they may request and obtain removal of Personal Data or content shared by them and posted on the App. To make any request pursuant to California privacy law, please send an email to htask.digest@gmail.com. Please be aware that such a request does not ensure complete or comprehensive removal of the content or information posted on the App by the User and that there may be circumstances in which the law does not require or allow removal, even if requested.

VIII. Children’s Personal Data

When the processing of Personal Data requires a User’s consent, Users may give their consent only if aged at least 16 years (see art. 8 of the GDPR).

The App is not intended for children under the age of 16. The Company does not knowingly collect Personal Data from children. If you believe we have received Personal Data from children under the age of 16, please email us at htask.digest@gmail.com. If the Company learns that a User is under the age of 16 and that consents were not given by the User’s parents (or holders of parental responsibility), it will delete any processed data and close such User’s account as soon as possible.

IX. Third party websites and apps

The App may include links to other websites or apps operated by third parties. The practices described in this Notice do not apply to data gathered through these third-party websites and apps. The Company has no control over, and is not responsible for, the actions and privacy policies of third parties and other websites and apps.

X. Changes and updates of this Notice

The Company may modify, integrate and/or update, in whole or in part, this Notice, and it will notify Users of any modification, integration or update in accordance with Applicable Privacy Laws.

Date of last amendment: April 14, 2020

Made with by Adileo Barone