The Legal Area
Usability rules about LutinX’ websites
Our Legal office is at your service. Here you can find legal documents regarding the usability of our website and our products.
LutinX.com Privacy Statement
March 03, 2023
1. DATA CONTROLLER
The Data Controller is LutinX Inc. (hereinafter “Data Controller” or “LutinX”) with registered office in 16192 Coastal Highway, 19958 Lewes, Delaware, United States of America – ID Number DE 5379087. For European citizens the Data Controller is 8id Ltd with registered office in 27 Old Gloucester Street, London, United Kingdom.
The Data Protection Officer (DPO) can be reached at the following email address: dpo©lutinx.net
Pursuant to the Regulation (EU) 2016/679 (hereinafter “Regulation”), this page describes how the personal data of users consulting LutinX websites are processed.
TYPES OF DATA COLLECTED
As part of the activities carried out by the user on the indicated websites, LutinX may process, depending on
Of the purposes, the following categories of personal data:
- Biographical data (first name, last name, social security number, gender, date of birth, place of birth, nationality);
- Copy of your ID;
- Address data;
- Contact information (telephone number and e-mail address);
- Browsing data (cookies, usage data);
2. METHODS OF PROCESSING AND ACCESS TO DATA
LutinX processes personal data in accordance with the principles of the Regulations by virtue of its legitimate interests related to the type of activity carried out and the need to execute existing contracts or pre-contractual measures requested by the data subjects.
The processing is carried out using automated and/or manual computer and telematic tools designed to guarantee the appropriate security measures to prevent access, disclosure, loss, incorrect, illegal or unauthorized use of the data.
The data are processed for the time necessary to carry out the service requested by the User, or required by the purposes described in this document, and the User can always request the interruption of the Processing or the deletion of the data. The data are accessible only by appointees, adequately trained and informed about their duties and the activities allowed to them on the collected data, who work on behalf of LutinX and who are recipients of instructions and tasks given by the Owner.
3. PLACE OF DATA PROCESSING FOR EU CITIZENS
Personal data is processed at the Controller’s premises, as well as in the servers that host the website. Personal data – for European citizens – is stored in servers located in the EU and will not be transferred outside the EU under any circumstances. The Data Controller ensures that when using cloud providers established outside the European Economic Area, the processing of personal data by these recipients is carried out in accordance with the principles of the GDPR. Transfers are made by means of appropriate safeguards, such as adequacy decisions, standard contractual clauses approved by the European Commission, or other safeguards required by the GDPR.
4. PLACE OF DATA PROCESSING FOR CALIFORNIA RESIDENTS (U.S.)
In this section, we provide information for California residents, as required under California privacy laws, including the California Consumer Privacy Act (“CCPA”), which requires that we provide California residents certain specific information about how handle their personal information, whether collected online or offline. Under the CCPA, “personal information” is any information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular California resident or household. It does not include publicly available data as defined by the CCPA. This section does not address or apply to our handling of publicly available information made lawfully available by state or federal governments or other personal information that is subject to an exemption under Section 1798.145(c) – (f) of the CCPA.
Except for the Right to Opt-out and the Right of Non-Discrimination, this section does not apply to California residents with whom we transact or communicate solely in the context of providing or receiving a product or service to or from a company that employs such residents or engages such residents as contractors. This section also does not apply to personal information we collect about job applicants, independent contractors, or current or former full-time, part-time and temporary employees and staff, officers, directors or owners of LutinX or any affiliated entities.
5. PURPOSE OF PROCESSING THE COLLECTED DATA
We will process your personal data for the following purposes:
- Conclusion of contract or execution of pre-contractual measures: the legal basis for this purpose is Article 6(1) b of the GDPR – Contract;
- Management and response to requests for technical and commercial assistance, including online: the legal basis for this purpose is Article 6(1) b of the GDPR – Contract;
- Fulfilment of national or EU legal, regulatory obligations: the legal basis for this purpose is Art. 6(1) c of the GDPR – Legal Obligation;
- Sending emails with informational content about services similar to those already purchased: the legal basis for this purpose is Article 6(1) f of the GDPR – Legitimate interest of the Data Controller;
- Statistical, business and market analysis, carried out in an absolutely anonymous and aggregated form: the legal basis for this purpose is Article 6(1) f of the GDPR – Legitimate interest of the Data Controller;
- To improve the website by analyzing how visitors or Users navigate and/or use the website: the legal basis for this purpose is Article 6(1) f of the GDPR – Legitimate interest of the Data Controller;
- Judicial protection of LutinX rights: the legal basis for this purpose is Article 6(1) f of the GDPR – Legitimate interest of the Data Controller.
6. PROVISION OF DATA
The provision of the data referred to in points a), c) and g) is compulsory in order to allow the conclusion of the contract or for the provision of the requested services and performances. The provision of the data in the further points is optional: you may at any time ask the Data Controller to stop the processing activities without any consequences in the scope of the services provided to you.
7. SCOPE OF COMMUNICATION AND POSSIBLE DISSEMINATION
The data of clients and customers may be disclosed to public administrations or public service providers when submitting applications for participation in procedures for the selection of a contractor, for the purpose of awarding contracts or concessions for the provision of goods or services, in accordance with the provisions of the regulations on public procurement, for technical qualification purposes.
Please note that data related to the contract and service activity may be disclosed to third parties appointed as external data processors (the full list is available from the Controller), business consultants for administrative and accounting purposes, and legal advisors for possible litigation management.
The data may also be communicated to police bodies or judicial authorities for purposes of ascertaining or repressing crimes committed by users of telematic services, where necessary. We also inform you that the data may also be processed by third parties (such as companies controlled by and/or connected to LutinX) formally appointed by LutinX as external data processors or sub-processors.
The data, with the exclusion of those falling into particular categories of personal data, may be communicated to those (private individuals or public administration), including those outside the European Union, in their legitimate interest and availing themselves of a right expressly attributed to them by the specific regulations in force on the subject, requesting an ascertainment of the identity of the owner of the service provided by LutinX for investigative purposes or otherwise for the protection of its own legitimate interest.
The data are not disseminated, except for data from enterprises and companies for business reference purposes.
8. EXERCISE OF RIGHTS BY USERS
The User may exercise all rights under Articles 15-21 of the GDPR at any time and without unjustified restriction by contacting the Controller at email@example.com . Requests are filed free of charge and processed by the Holder within 30 days.
In particular, the User may:
- Obtain confirmation that treatment is in progress (Art.15);
- Obtain rectification of inaccurate or incomplete data (Art. 16);
- Obtain deletion of data without undue delay (Art. 17);
- Restrict processing to only part of personal data (Art. 18);
- Receive copies of personal data held by the owner in a commonly used, machine-readable format; obtain unimpeded transfer to another Owner (Art. 20);
- Object at any time to the processing of personal data. (Art. 21);
With regard to the purposes of processing that are based on consent, revoke it at any time.