css globale



Sign up to the newsletter!

Privacy policy


Privacy policy

This briefing has been prepared by Surfplanner SRLS (P.Iva 08113060969), headquartered in Lodi, via Morti della Barbina, 3, Italy ("Surfplanner") through the Site, in accordance with the General Data Protection Regulation no. 679/2016 (GDPR) on the protection of personal data in order to describe the management of the site at and services made available through the Web Site either through events, activities, events, etc. organized by the same Surfplanner in relation to the processing of personal data of users who consult the Website and / or the Services.



Which Data We Collect?¬†(art. 13, 1¬į comma lett. a, art. 15, lett. b GDPR)

Among the Personal Information collected by Surfplanner, in an autonomous manner, are included: Cookies, Usage data, email and name.

Personal Data may be provided by the User voluntarily or, in the case of Usage Data, collected automatically while browsing the Website.
Unless otherwise specified, all the Data requested by Surfplanner are mandatory. If the User refuses to communicate them, it may not be possible to provide the Service. In the event that some Data are indicated as optional, the User is free to refrain from communicating them, without affecting the availability or operation of the Service.

Users who have doubts about which data are mandatory, are invited to contact the owner.

Any use of Cookies - or other tracking tools - by Surfplanner or third party service providers used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, in addition to any further purposes described in this document and in the Cookie Policy.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and warrants that he has the right to communicate or disseminate them, freeing the Owner from any liability to third parties. On the other hand, the Data Controller is not responsible for false information sent directly by the user (for example, correctness of the e-mail address or credit card details or postal address), as well as information concerning him and provided from a third party, even fraudulently.

How We Treat Your Data? (art. 32 GDPR)

The Data Controller shall take all appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
Data processing is carried out using IT and / or telematic tools, with methods strictly related to the purposes indicated. In addition to the Data Controller, in some cases other persons involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers, may have access to the Data) hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller. You will always have the opportunity to request the owner of the updated list of managers.

Legal basis of the processing

The Data Controller processes Personal Data relating to the User in the event that one of the following conditions occurs:

the User has given his consent for one or more specific purposes; Note: in some jurisdictions the Owner may be authorized to process Personal Data without the User's consent or another of the legal bases specified below, as long as the User does not object ("opt-out") to this treatment. However, this is not applicable if the processing of Personal Data is regulated by European legislation regarding the protection of Personal Data;
the processing is necessary for the purposes of performance of a contract with the User and / or the execution of pre-contractual measures;
the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
the processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Holder;
the processing is necessary for the pursuit of the legitimate interest of the owner or third parties.

In any case, it is always possible to ask the Owner to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, on a contract or necessary to conclude a contract.

Place of treatment

The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located.
The User's Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the processing of the Data, reference can be made to the section concerning the processing of Personal Data.

The User has the right to obtain information on the legal basis for the transfer of data outside the European Union (or to an international organization of public international law or consisting of two or more countries, such as the UN), as well as information regarding the security measures taken by the Data Controller to protect such Data.
Should one of the described transfers occur, the User can refer to what is described in this document or request information from the Owner by contacting him at the email address

For more information on each aspect, contact the owner.

Period and Duration of Data Retention¬†(art. 13, 2¬į comma, lett. a GDPR)

The Data are processed and stored for the period of time required by the purposes for which they were collected, namely:

Personal Data collected for the purposes of execution of a contract between the Data Controller and the User will be retained until completion of the contract.
Personal Data collected for purposes related to a legitimate interest of the Controller will be retained until this interest is met. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the paragraphs of this document or by making a request to the Data Controller.

When the processing of data is based on the consent of the User, the Data Controller may retain the Personal Data for a longer period until such consent is explicitly revoked.

In addition to this, the Owner may be obliged to keep Personal Data for a longer period in order to comply with a legal obligation or by order of the authority.

After the retention period, Personal Data will be deleted. Therefore, at the end of this period, the right of access, cancellation, rectification and the right to data portability can no longer be exercised by the User.

Purposes of the processing of collected data

The User's Personal Data is collected to allow the Owner to provide its Services, as well as for the following purposes: Content comment, Product reviews, RSS feed management, Interaction with social networks and / or external platforms, Contact User, Analytics, Displaying content from external platforms, Address management, Sending email messages.

For further information on the details of the purposes of the processing and the Personal Data relevant for each purpose, the User can refer to the relevant paragraphs of this document.

Protection of minors

The Services / Products offered by the Data Controller are reserved to subjects legally able, on the basis of the national reference legislation, to conclude contractual obligations. In order to prevent unlawful access to its services, the Data Controller may implement prevention measures to protect its legitimate interest, such as the control of the tax code and / or other checks, when necessary for specific Services / Products, the correctness of the identification data of identity documents issued by the competent authorities.



Changes to this Statement

Surfplanner will not proceed to operations different than those specified above, but it does not exclude, however, that this policy may be subject to changes made to comply with new regulations.




P.I. 08113060969