World4All – Home
Join

Privacy Policy

Information on the processing of personal data related to the website https://world4All.fun

1: Background

This briefing will attempt to explain who and how processes the data of the data subject (also called the User), such as are his data, and what are his rights and how it can exercise them. For special clarifications, where the User does not understand or does not consider what is included in the policy sufficient, please write to the following address: info@world4all.fun

However, for Courses with scheduled start dates, the following time conditions apply.

2: Some important notions about personal data

What is meant by personal data?
Personal data are all the information referring to a identifiable natural person. The e-mail address is personal data. The text of a message, if it reveals information about a person, is personal data, as is the floor plan of one's home in case it is sent to the Holder for a quote. 

What does it mean to process data?
The legal definition of treatment includes any transaction or set of transactions concerning the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, erasure and destruction of data. Practically, then, everything that can be done with user data is processing. Already, therefore, collecting or reading data for example, that is, consulting them, is processing. 

Why are they important to the person concerned?
The data says. who Is the person concerned and what he does. They are his, therefore, precisely because they are “his,” they are important, and it is also clear that as “his own.” the data subject has the right to decide whether to let third parties process them-including this website-and to know how this is done.

3: Who processes the data

Data controller is the person who makes the decisions on how to process the data, so - among other things - what precautions to take to protect it, where to house it (whether in servers or the cloud, etc.), what data to ask from the user, what to process and for what purpose, what and to whom to give it away, how to handle user relationships and rights, who to choose as a collaborator, manager or simple appointee to process the data, what instructions to give to collaborators, etc. Therefore, since the data controller is very important, let the user know that it is:

World4All Ltd.
Registered Office: Via Monte Scorticato, 4 | 25015 Desenzano d/G (BS)
E-mail: info@world4all.fun

Pec: World4All@unapec.it

CF/PIVA: 04357040981

Website: https://world4All.fun

Then, with regard to any ancillary functions, WORLD4ALL may make use of internal individuals authorized to process (also known as appointees) or external parties mostly as managers of the processing, as autonomous or joint controllers, as appropriate. 

3/a: TO WHOM DATA ARE RELEASED (or WHO IS ALLOWED ACCESS TO THEM). 

The data are disclosed to individuals within the Owner (the employees) who cooperate in the executive and administrative management of the service.                            

They may be further disclosed in compliance with reporting requirements in the event of a request from a public authority (e.g., request from the court, tax assessment, etc.).

In addition, the data is disclosed to the hosting service, newsletter service provider, third party operators of cookies installed through the website (see the relevant policy), social networks in case of installation of widgets or “like/share etc.” function inserted in the website.

It is important to know that WORLD4ALL can only manage and dominate the data stored and processed within its own system: data transferred or communicated to third parties will, in the manner and to the extent, be independently processed by the third parties to whom they are communicated according to their own privacy policies. In any case, where WORLD4ALL ceases to process a user's personal data, it will also give notice of the cessation to the parties to whom such data has been disclosed, but cannot guarantee the cessation of processing by them.

4: Where he treats them

WORLD4ALL processes Users' personal data at its premises/ in cloud located in EU area

5: What data is processed

Based on the significant quality of the data, one can identify: 

- Contact information: e-mail;

- Identifying Data: first name, last name.

- Content data: the content of the communication sent by the User through the appropriate form.

- Navigation;

- The curriculum and the data contained in it;

6: For what purposes they are processed, and indications of the legal basis and retention period.

WORLD4ALL processes user data for the following purposes:

  • Response to user-submitted requests (information, exercise of rights, etc.): consists of the response to contacts made by the customer/user (via email or other form of contact).
    Legal Basis: performance of the service requested by the user in the communication (such as exercising a right);
    Duration: ten years (obligation to keep business correspondence).
    Data processed: contact, identification, and others depending on the content of the request (for example, the information in the text of the request may refer to people, and as such is personal data).
  • Create contact database: WORLD4ALL creates a database of contacts received via forms on the site. The database is used as a backup copy of the addresses from which communications were received;
    Legal Basis: legitimate interest of the owner in the retention of contact data (deemed overriding over contrary interests as it ensures the availability of the data to WORLD4ALL and conversely - as it is data of little danger and significance - does not harm the user);
    Duration: until request for deletion (see clause on exercise of rights) by sending email to info@world4all.fun
    Data processed: email, identification, content
  • Purchase of training courses
    Legal basis: execution of the contract;
    Data processed: identification, contact, fiscal, payment information;
    Duration: 10 years for tax purposes;
    Compulsoriness of contribution: The provision of data is mandatory; failure to provide them will result in the inability to purchase the course.

7: How the data are conferred

Data are provided directly by the User by filling out the appropriate form on the site.

8: Which data are mandatory and which are optional (and the consequences of refusing to give the data)

The contact and identification data of the User is mandatory. Failure to provide it will result in the inability to perform the requested service (newsletter delivery, contact response).
In addition, optional but essentially physiological data are those that are formed in the drafting of the communication (for example, what is written in the communicated text). As for the latter, it is not possible to discriminate between mandatory and optional, since they are formed as a natural consequence of the drafting of the communication.

9: How the service will “disturb” the user

WORLD4ALL will “disrupt” the User in the following ways:

  • You may receive e-mails, telephone calls, messages or other communications from WORLD4ALL: these will be operational communications or otherwise in response to the communication sent by the User. These communications are essential for the regular management of the relationship with the User.

10: What are the rights of users

Users are beneficiaries of a number of rights.

Information rights about:

  • Categories of data are processed (see point #2 and #5);
  • Data origin, i.e., knowing where the service got its data from (see item #7);
  • Purposes of data processing, i.e., for what purposes the data are processed (see item #6);
  • Contact details of the data controller and any data processors (see item no. 3);
  • Subjects to whom data are disclosed (see item no. 3/a);
  • Storage time and data processing (see item #6);
  • Right to file a complaint before the Privacy Guarantor by accessing the following link: https://www.garanteprivacy.it/i-miei-diritti
  • Existence or non-existence of profiling process;
  • Legal basis for processing (see point #6);

Then there are rights not of mere information but operational. They are of various kinds. In summary:

  • The data subject has the right to have a copy of the data he or she has provided. If the data have been processed by automated methods and on the basis of your consent or a contract, you may request - if technically possible - that the data be transmitted to the same data subject or even to a possible new data controller (portability), provided that this operation does not harm the rights (and data) of other persons. Therefore, this right in the present case cannot be exercised in relation to communications that contain data of third parties, trade secrets or otherwise protected content. In such a case, he can also ask for the deletion of the data (unless the law requires the Holder to retain it, as in the case of commercial communications).
  • If the personal data are inaccurate or incomplete, the data subject may ask for them to be corrected or completed by providing indications to that effect. If the Data Controller needs to verify the accuracy of the data contested by the data subject, the data subject may in the meantime obtain the limitation of the contested data (limitation means that the data is only stored and no other processing is done with it except with the specific consent of the data subject or if it is needed to exercise or defend a right in court).
  • If personal data are no longer necessary for the purposes for which they were collected or otherwise processed, the data subject may request their deletion. If, however, the data is needed by the data subject to exercise a right of his or her own in a court of law, he or she may request its limitation (i.e., retention only).
  • If the processing is unlawful because the data is processed in the absence of consent, legitimate interest on the part of the Data Controller, contract for the performance of which the processing itself is necessary, legal obligation to process by the Data Controller, the data subject may request deletion or restriction.

11: How can he exercise them

Procedure for exercising rights: User rights can be exercised by sending an email to. info@world4all.fun

The Holder must respond within thirty days (which may be extended by another two months, but the Holder in this case must give reasoned notice of the delay to the user).
The Holder may refuse, if it has reason, to act on the user's request (refusal to be communicated to the user within one month) only in the case of manifestly unfounded or repetitive requests. It must give a reasoned response in that case. In any case, the user may appeal to the “Privacy Guarantor” (see link below) or to the Judge.

The Owner must respond using the same channel (email, telephone, etc.) used by the user for the request, unless the user requests a response by a different route. In the case of a request coming from an e-mail address other than the one indicated in the account, the requester must prove that he/she is the data subject. 

The Controller, where it has doubts about the identity of the person making the request or exercising any of the rights that are listed below, may request additional information to confirm the identity of the requester. In the case of a request coming from an e-mail address other than the one indicated in the account, the requester will have to prove that he/she is the data subject. 

Requests and responses are free of charge unless they are repetitive. In the latter case, the Holder may charge for the out-of-pocket costs it incurs in responding (so personnel costs, material costs, etc.).

In any case, the person concerned may appeal to the Supervisory Authority (https://www.garanteprivacy.it/i-miei-diritti) or to the competent Jurisdictional Authority for the exercise of their rights.

12: What are the duties and burdens of users

The User is obliged to report truthful data.

It is the User's responsibility to notify the Controller of any changes that have occurred to the personal data previously disclosed. Finally, it is the User's responsibility, where functionality permits, not to enter excessive data. For example, if the form requires you to enter non-mandatory data (usually marked with an asterisk), it is recommended that you enter it only if you deem it necessary. Similarly, if you write a message through the service, it is recommended that you avoid explicit references to identifiable persons unless necessary.

13: Data breach hypothesis

In the event that one or more of the following events should occur with respect to Users' data: unauthorized access, misappropriation, loss, destruction, disclosure, modification (so-called Data breach) WORLD4ALL, without prejudice to the urgent technical measures to be put in place to block (as far as possible) the event and to reduce its damaging effects undertakes to: 

- restore the service efficiently as soon as possible by recovering the available data from the last useful backup made;

- to inform Users, either directly if circumstances permit or generically (by means of a notice on the home page of the website or by means of a communication sent to all Users, including those for whom there may have been no data events) of the type of event, the time in which it occurred, the measures taken (without going into detail in order not to facilitate any new attacks) to reduce the damage and to avoid new similar events, as well as the measures and expedients that the User should - on his part - put in place to reduce the likelihood of new events and limit the consequences of those that have already occurred.