Buddybuy

Data Controller
Pursuant to EU Regulation 2016/679, also referred as General Data Protection Regulation (hereinafter, "GDPR"), the data controller is CLAUDIO MONESI, with registered office in WEST BAY RD. (CASA NATALIA), ROATAN,14101, HONDURAS (hereinafter, also the "CLAUDIO MONESI" or "BUDDY BUY").

Type of data processed
The personal data collected during the use of the site (e.g. name, surname, age, address, e-mail) can be provided directly by the user or collected automatically while browsing the site.
Automatically collected data is technical data (e.g. IP address, browser type, operating system information) and data collected using cookies or similar technologies: for more information, please visit the Cookie Policy by clicking HERE.

Purpose of the processing
The personal data provided by the users are collected and used for the following purposes:

provision and management of the services offered by BUDDY BUY, including the comparison of products (hereinafter, the "Services");
sending by email of market research and marketing communications, containing advertising relating to products and services offered by BUDDY BUY or third parties.

Nature of data provision
The provision of personal data is optional. However, if you do not provide, even partially, the data expressly indicated as necessary for the provision of Services (purpose 1) the Controller will not be able to provide them.

Legal basis for the processing
The data may be processed (i) in execution of a contract, for the purpose of providing the Services (purpose 1) or (ii) on the basis of the consent provided by the user or the legitimate interest of the Controller (purpose 2).

Communication of data to third parties
Some data may be communicated, for all the purposes above indicated, to third parties in charge of carrying out activities directly related to the provision and distribution of Services.

Transfer of data to non-EU Countries
Personal data will be processed within the territory of the European Union.
If for technical and/or operational reasons it is necessary to use entities located outside the European Union, or it is necessary to transfer some of the data collected to technical systems and services managed in the cloud and located outside the European Union, the processing will be regulated in accordance with the provisions of Chapter V of the GDPR and authorized under specific decisions of the European Union. All necessary precautions will therefore be taken in order to guarantee the most complete protection of personal data, basing this transfer on: a) decisions of adequacy of the third country recipients expressed by the European Commission; b) adequate guarantees expressed by the third party recipient pursuant to art. 46 of the GDPR; c) the adoption of binding corporate rules.

Data security
With particular regard to the security measures provided by the GDPR (Art. 32), we take appropriate technical and organizational measures to ensure data security, in particular to protect your personal data and prevent it from being disclosed to third parties, accidentally changed or premeditated, lost or destroyed. These measures are regularly reviewed and updated to the latest state of the art.

Retention Period
The personal data provided by the users are kept for the time strictly necessary to provide the Services, pursue the legitimate interest of the Controller and as well as for the time necessary to comply with legal obligations.

Rights
Articles 15-20 of the GDPR give the user the opportunity to exercise specific rights, including those to obtain confirmation of the existence or otherwise of their personal data and their provision in intelligible form, to have knowledge of the origin of data, as well as the logic and purposes on which the processing is based; to obtain the erasure, limitation, as well as the updating, rectification or, if there is interest, integration of data; to oppose to the processing, for legitimate reasons, or oppose, at any time, the processing aimed at marketing and commercial information. To exercise these rights, the user may send a specific request to the following email address BUDDYBUY2021@GMAIL.COM.
In case of exercise of the rights, the data may still be processed where there are legitimate reasons to proceed with the processing that prevail over the interests, rights and freedoms of the parties concerned.

Right to lodge a complaint with the Supervisory Authority
If you believe that the Controller has violated the privacy laws, you can submit a complaint to the Italian Supervisory Authority (https://www.garanteprivacy.it).