Version updated in October 2021
Openbar (hereinafter, also the “App”) is made available by FlippYourApp S.r.l.
In order to function, Openbar needs to store the information you provide during registration and during use on remote servers. If you do not wish to allow this information to be stored on remote servers, please do not install Openbar on your devices.
What personal data we collect?
Through Openbar we may collect and process:
- identifiers such as name and surname, username and password;
- contact details such as email address and phone number;
- social network (e.g. Facebook) login data;
- data relating to the business such as business name, address, tax code, VAT number, type of business and opening hours;
- data relating to purchases made through the App and payment data;
- data relating to your geographical position;
- information relating to the devices on which the App is installed and information collected through cookies installed in the App;
- any other information voluntarily provided by you.
You may also use the contacts upload feature and provide us, in accordance with applicable laws, with the phone numbers of the contacts in your phone book, including those of App users and other contacts. The contacts upload is an optional function that allows us to identify which of the contacts in the phone book are also users of the App so that you can interact with them. Information relating to contacts not registered with the App will be processed in such a way as to ensure that these contacts are not identified. In any case, the phone book data will not be stored and will be processed for the time necessary to identify the users registered with the App.
Data relating to your geographical position will be processed with the only purpose of providing the services you requested. You can activate or deactivate, anytime, the geolocalisation function from your device settings.
Provision of your personal data is voluntary but necessary for pursuing the purposes listed below; in the event you do not provide us your personal data, it will be impossible for us to pursue such purposes.
How do we collect your personal data?
The data we process is collected directly from you, when you register, when you browse the App and, in general, whenever you interact with us. Some of your personal data may also be communicated to us by other Openbar users.
For which purposes do we process your personal data?
We may process your personal data:
- to allow you to register with Openbar also through social networks login;
- to allow you to use the services we make available to you through the App;
- concluding and executing contracts with us and/or carrying out related activities such as payment, invoicing, sending vouchers;
- to answer your questions and fulfil your requests;
- to send you – even through automated communication systems such as email, push notifications, etc. – commercial communications of an informative or promotional nature in relation to products or services similar to those you have purchased (soft spam);
- with your consent, to send you – even through automated communication systems such as email, push notifications, etc. – commercial communications of an informative or promotional nature in relation to promotions, offers and news of Openbar (marketing purposes);
- to carry out statistical activities for internal use only and in such a way as not to allow, once completed, the identification of the person concerned (statistical purposes);
- fulfil legal or regulatory obligations to which we are subject;
- Exercise or defend legal claims in judicial procedures.
The processing of your personal data for the purpose under number (1), (2), (3) and (4) does not require your consent as it is necessary to comply with your requests, pursuant to Art. 6 (1), letter b) of GDPR. The processing of your personal data for the purpose under number (6) requires your consent pursuant to Art, 6(1), letter a). The processing of your personal data for the purpose under number (8) does not require your consent as it is necessary to fulfil the legal or regulatory obligations to which we are subject, pursuant to Art. 6 (1), letter c) of GDPR. The processing of your Personal Data for the purposes under numbers (5), (7) and (9) does not require your consent as it is necessary to pursue the legitimate interest of the Controller, pursuant to Art. 6 (1), letter f) of GDPR.
How do we process your personal data?
We have security measures in place to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to the personal data.
How long do we keep your personal data?
Your personal data will be stored for different periods of time depending on the purposes for which they have been collected. More specifically:
- personal data collected for register with the App will be stored until you delete your account;
- personal data collected for the purpose of entering into and performing contracts with us will be stored for ten years from the date of invoicing or for a period equal to the period of prescription of the rights for the establishment, exercise or defence of which the processing of such data is necessary (if longer than ten years);
- personal data collected to answer your questions and process your service and support requests will be stored until your request is processed;
- personal data collected for soft spam and marketing purposes will be stored for 24 months.
With whom your personal data is shared?
Your personal data may be made accessible or communicated to the following persons who will act as persons authorized to the processing, data processors or autonomous data controllers:
- our employees or collaborators;
- public or private entities, natural or legal persons, who carry out processing activities on our behalf or to whom we are required to disclose your personal data, pursuant to legal or contractual obligations (such as bank operators, internet providers, couriers, marketing agencies, etc.).
We inform you that if any of the third parties above are established outside the European Economic Area, we will transfer your personal data ensuring an adequate level of protection of the data, for example on the basis of the standard contractual clauses set out in Art. 46 (2) (c) and (d) of GDPR.
Your rights under the data protection law
Pursuant to Arts. From 15 to 20 of GDPR, you have the right to ask us to:
- be informed on the purposes and methods of the processing of your personal data;
- access to and receive a copy of your personal data;
- rectify incomplete, inaccurate or out-of-date data;
- delete your personal data;
- restrict the processing of your personal data, where applicable under GDPR;
- object to the processing, wholly or partly, where applicable under the GDPR;
- obtain the portability of your personal data, where applicable under the GDPR.
Where consent is required for the processing of Personal Data, you may also revoke the consent already given at any time, without prejudice to the lawfulness of the processing based on the consent given before the revocation.
You may exercise any of the rights above by sending an email to firstname.lastname@example.org.
In addition, you have the right to lodge a complaint with the competent supervisory authority if you believe that your rights under the GDPR have been violated.
Link to other websites