1. Purpose of processing: Secret Maps LLC, with registered office in Corso Lodi, 123 – 20139 – Milan, Italy – P.IVA 10238260961, REA MI 2515957, in its capacity as Data Controller, uses the personal data of the parties involved in the processing (hereinafter, the “Interested Party“), and in particular of the users who use and/or offer the services available on the website www.secretmaps.net, (hereinafter, the “Site“), its sub-domains or through the Secret Maps mobile app (hereinafter, the “App“). Personal data is provided directly by the interested party or, in the particular case of accessing the Site or the App with the credentials of Facebook or Google, by this third party company. Personal data may be processed for the following purposes:
a) registration administration to the Secret Maps Site or App;
b) distribution of the search engine service providing information on the territory;
c) sale of access to content such as videos, podcasts, audio material and digital tourist guides (hereinafter, the “Premium Content”), created and proposed by certified tourist guides (hereinafter, the “Providers“);
d) sale of leisure/travel services offered directly by Secret Maps (hereinafter, the “Premium Services“);
e) publication of and access to reviews written by interested parties in relation to the content or services offered on the Site and/or App;
f) service communication with the Providers in relation to the Premium Content;
g) management of administrative procedures and payments;
h) sending, by Secret Maps, promotional communication regarding discounts, offers, events or services similar to those previously purchased by the interested party, only with the explicit consent of the interested party;
i) sending, by Secret Maps, promotional communication regarding discounts, offers, events or services different from those previously purchased by the Interested Party, only with the explicit consent of the Interested Party;
l) profiling activities, i.e. evaluating the interests, preferences and consumption habits of the Interested Party, including by means of an invitation to participate in market research, only with the explicit consent of the Interested Party;
m) communication of the data of the Interested Party to third party companies that are partners of Secret Maps for the purpose of sending commercial and promotional communication by the aforementioned companies, only with the explicit consent of the Interested Party.
The legal basis for processing personal data is the execution of a contract and providing of the requested service (for the purpose referred to in points a), b), c), d), e), f), g) and the consent of the data subject (for the purpose referred to in points h), i), l), m).
2. Method of processing: Secret Maps informs you that: a) for the purposes mentioned above, the data of the interested party will be processed using informatic, telematic, paper and manual tools, in compliance with the confidentiality and security rules established by the law; b) in the case of consent to profiling, an automated process will be used in order to place the interested party in a category of subjects with homogeneous characteristics on the basis of services from which they will benefit, the market analysis in which they may have participated in and their demographic class.
3. Contribution of data and consequence of possible refusal: The provision of personal data is optional. However, failure to provide personal data for the purposes referred to in point 1 letter a), b), d), e), g) may prevent Secret Maps from providing services to the interested party and / or allow them to offer their Premium Content. Failure to provide data for the purpose referred to in point 1 letter c) and f) may hinder you from submitting Premium Content and/or have access to this type of content. Any subsequent opposition or revocation of consent to the processing of personal data for the above purposes will also result in the immediate suspension of use of the relevant services. Any refusal to consent to the processing of personal data for the purposes referred to in point 1 letter h), i), l), m), will not have any consequences, except for not: being informed about discounts, offers, services or events of Secret Maps and any initiatives to measure customer satisfaction of Secret Maps, receiving commercial communication of interest from Secret Maps and receiving promotional communication from partner companies of Secret Maps.
4. Disclosure of data: the data of the interested party will not be disclosed, except, at the discretion of the interested party, for the purposes referred to in paragraph 1 letter. e).
6. Data retention: The personal data of the interested party will be stored on servers located within the European Union. The personal data collected for processing purposes indicated in letter (a) and (b) of point 1 will be kept for the entire duration that the Interested Party is registered on the Site or Secret Maps app, or until the request for cancellation of data is submitted by the user. The personal data collected for processing purposes indicated in paragraph 1 letter (c), (d), (f) and (g) will be kept for as long as necessary in order to provide the services purchased or requested, and subsequently for a period not exceeding the limitation period provided by the law. The personal data collected for the purposes of processing indicated in letter (e) of paragraph 1 will be kept until the interested party withdraws their consent to the publication of reviews or requests the deletion of their data. The personal data collected for the purposes of processing indicated in letter h), i), l), m) of point 1 will be kept until the interested party revokes their consent to receiving commercial communication from Secret Maps, or revokes their consent to the profiling of preferences, or revokes their consent to receiving commercial communication from partners of Secret Maps or requests the cancellation of their data, except for the exceptional case, to keep the data in order to defend the rights of Secret Maps in relation to disputes existing at the time of the request, or on the instruction of public authorities.
7. Rights of the Interested Party: The Interested Party has the right to: a) obtain the cessation of processing in cases where their personal data is processed for direct marketing purposes, including to services identical to those already provided by our company (so-called right of opposition); b) obtain information in relation to the purpose for which their personal data is processed, the period of processing and the persons to whom the data is disclosed (so-called right of access); c) obtain the rectification or integration of inaccurate personal data concerning the Interested Party (so-called right of rectification); d) obtain the cancellation of personal data e) have their personal data kept, without being used, in the following cases where (i) the Interested Party contests to the accuracy of personal data, for the period necessary to allow us to verify the accuracy of such personal data; (ii) the personal data is necessary for the ascertainment, exercise or defence of a right in court; (iii) the Interested Party has objected to the processing of their personal data while awaiting verification as to whether our legitimate reason for processing prevails over theirs (so-called right of limitation); f) receive, in a readable format, the personal data concerning the Interested Party, if it has been processed under contract or on the basis of consent (so-called right of portability). The interested party also has the right to apply to a Guarantor for the protection of personal data, in order to assert their rights in relation to the processing of their personal data.
8. Cancellation: Secret Maps, in compliance with the corresponding right of access to the Interested Party, has set up procedures for which the interested party can request immediate cancellation of their personal data for the following reasons: (i) the data is no longer necessary for the purpose for which it was collected; (ii) the Interested Party has withdrawan their consent to the processing of their data on the basis of their previous consent; (iii) the Interested Party has objected to the processing of their personal data in the event that it is processed for our legitimate interest; or (iv) the processing of the Interested Party’s personal data is not compliant with the law. However, Secret Maps is permitted to retain the Interested Party’s personal data when it is necessary to comply with a legal obligation or to ascertain, exercise or defend a right in court (the so-called right of cancellation).
9. Methods of exercising rights: All the rights indicated in the previous paragraphs may be exercised by the Interested Party by e-mail: email@example.com.
10. Data Controller and Data Processor: in accordance with art.24 of the GDPR, the data controller is Secret Maps LLC, with registered office in Corso Lodi, 123 – 20139 – Milan, Italy – P.IVA 10238260961, REA MI 2515957.
Without prejudice to the fact that Secret Maps does not carry out any processing operations other than that explicitly authorized and/or requested by each user, this information may be subject to change in order to comply with new legal regulations, changes to policies of processing personal data by Secret Maps and/or following changes to the characteristics of the Site, App and / or services of Secret Maps. Every update of this information will be made available on the Site and App in the dedicated section: Secret Maps invites all its users to periodically consult the above section in order to always be informed of the latest version published.