Wyblo implements a Privacy Organizational Model in compliance with the current legislation to ensure an adequate level of protection to its users’ data.
Our company has set up a Privacy Organizational Model (hereinafter also “MOP”) compliant with the EU 2016/679 Regulation (better known as “GDPR”) and the national legislation in force, in order to better protect the data we process.
The Wyblo MOP is always updated according to the PDCA method (Deming cycle), in order to constantly improve international security standards and ensure the best protection for our users’ data.
Your privacy is important to us and we will show you how we implement it.
Principles for protecting your data
The Wyblo MOP is built on the principles of proportionality, minimization, transparency, fairness and lawfulness in the processing of your data.
Right from the design phase, we follow a strategic process aimed at identifying technical, organizational and security measures that are appropriate for the protection of your data.
Privacy by design and privacy by default are cornerstones of our brainstorming: we identify every potential risk and set up a prevention and mitigation system aimed to reduce all potential data breaches.
The data life cycle
Collecting, managing, storing, anonymizing and deleting data are key steps in all our daily activities.
We only process data that is lawful and in full transparency for the user.
We guarantee confidentiality, integrity and availability by following international guidelines on the correct implementation of information management systems.
We fully define any potential data transfer within and outside the EU territory, following all relevant regulatory developments.
We process and store your data only for the time necessary to provide our services and in accordance with the expressed purposes.
The Wyblo team
We provide regular audits of our MOP and continuous training of our team to ensure the highest levels of protection at all times.
We carefully select our suppliers and external providers, including through a supplier qualification system and well-defined contractual agreements.
We only know and authorize partners who are reliable and who comply with our instructions in accordance with the Wyblo MOP.
Data Subject Rights and Data Protection Officer
Our MOP has well-defined procedures to enable you to exercise your statutory data protection rights.
We support all Data Subjects in dealing with their enquiries and will promptly administer and follow up on the exercise of their rights.
We also employ a Data Protection Officer to ensure that we provide you with the best experience in managing your privacy.
Who processes the data that you provide to Wyblo?
With regard to the data that you provide to Wyblo by directly using the services offered through our platform, Wyblo is the data controller, i.e. the entity accountable for protecting your data.
In order to provide its services, Wyblo has an in-house team that is informed, trained, and authorized to process User data.
In addition, Wyblo also makes use of external suppliers, who, prior to process user data, are regularly qualified and then, after a positive assessment has been carried out, formally appointed as external data processors.
Finally, Wyblo periodically conducts audits on all parties involved in the processing of users’ data, in order to ensure adequate data protection standards at all times, in accordance with the Wyblo MOP and current legislation.
How is the data that the User provides to Wyblo handled?
The data that you provide to Wyblo are processed in accordance with their lifecycle.
- Wyblo collects the user’s data via its own platform;
- Wyblo handles the user data only through authorized parties or appointed as external data processors;
- Wyblo stores the user data in servers located solely within the territory of the European Union;
- At the end of the storage period, Wyblo deletes the User data or anonymizes them appropriately for subsequent reporting, statistical and scientific research purposes.
Where is the data that you provide to Wyblo stored and how is the retention period?
The data that you provide to Wyblo through the use of its platform is stored on servers located solely within the territory of the European Union (through the use of the cloud provider AWS – Ireland).
The data that you provide to Wyblo will be stored until the end of the relationship with the user, and thereafter for a maximum of 24 months from the end of the relationship (except for any additional obligations relating to mandatory regulations and/or for Wyblo’s right to legal defence).
What rights do you have in relation to the data that you provide to Wyblo?
In accordance with the Wyblo MOP and applicable law, you are granted the following rights:
- access, rectification, integration and deletion of the data provided by the user;
- restriction of processing and portability of the data provided by the user;
- revocation of consent (possibly given by the User) and opposition to the processing;
- complaint to the competent Authorities.
How can the User request the exercise of his/her rights?
The User may request the exercise of his/her data protection rights by:
- sending an e-mail to email@example.com and/or firstname.lastname@example.org;
- sending a letter with acknowledgement of receipt to the head office at Via Salvo D’Acquisto n. 6 – 12011 – Borgo San Dalmazzo (CN).
Only for complaints to the competent authorities, the User may exercise this right by sending formal documentation with:
- an e-mail to email@example.com;
- a letter with acknowledgement of receipt to the “Garante per la protezione dei dati personali” with headquarters in Piazza Venezia n. 11 – 00187 – Rome.