Trigit is a platform provided by Trigit s.r.l. (VAT number 02424870513), a company registered at Via Vacchereccia 9/B, San Giovanni Valdarno, Arezzo (hereinafter “Trigit” or the “Data Controller”) as a service to both Freelancers and Clients (hereinafter the “Users” or “you”, “your”, etc.).
This personal data protection policy (“Policy”) explains howTrigit, as data controller, processes your personal data provided by you and/or collected by Trigit in providing its services to you.
Trigit commits to comply with the EU data Protection Laws (General Data Protection Regulation 679/2016 EU “GDPR”) regarding the purposes and methods of processing the Personal Data (as defined below) to be carried out in performance of the Services offered on the following domain Trigit.it (the “Site”).
1. Data processed
Trigit may process the following personal data concerning Users:
- Personal data (name, surname, phone number and email address, VAT number, financial information and any further information provided);
We will only disclose your personal data to companies, organizations or third parties under the following circumstances:
- Share with clients your own company's identification information when you send them a business proposal and legal documents related to your company when a project starts;
- When necessary for external processing needs, and only in this case, we transmit this data to our trusted service providers, who process it on our behalf, according to our instructions or according to a contractual agreement, in accordance with this Charter and in compliance with any other appropriate security and confidentiality measures. We may share your personal information with them only for the purposes set out below. So,
- we call upon MangoPay SA, 10 Boulevard Royal, L-2449 Luxembourg, to open a payment account allowing you to receive or execute payments for projects for out by our intermediary. MangoPay also checks that the financial flows that transit through the platform do not come from money laundering or are not used to finance terrorism. You can consult MangoPay SA's data protection policy by clicking here or by visiting the following address: www.mangopay.com. If you have any questions regarding the protection of your personal data by Mangopay, you can contact them at email@example.com
- Google LLC (Google analytics) for statistical purposes;
- Sendingblue SAS(for sending our communications (promotional and transactional emails)
- The storage of some of the data processed by Trigit such as photos, attachments exchanged via the site's email (OVH, Google drive, Amazon Web Services);
- Where necessary to meet legal, regulatory or judicial obligations. We retain or disclose your information if we believe it is reasonably necessary to satisfy any legal or regulatory obligation, legal process or administrative request, to protect the security of an individual, to deal with any problem of a fraudulent, secure or technical nature, or to protect the rights or property of our users.
To complete the registration process and access the Services, Users may be asked to upload a valid ID as a requirement to verify their identity.
After registering with the Site, you have the possibility, on your own initiative, to provide further personal data (e.g. photo, city, postal code) that is not mandatory for the purposes of providing the services.
2. Purpose, legal bases, and nature of providing personal data
Trigit processes personal data for the following purposes:
- Allowing freelancers to view the necessary projects informations to make an application;
- Allowing Clients to receive appliances from freelancers and send them any specifications of the services offered;
- Allowing Users (Clients and Freelancers) registered on the Site to communicate with other registered Users;
- Providing Users with sector information and commercial promotions of products and services distributed by the Controller or third-party companies (also through automated processes such as profiling);
- Fulfilling any legal, accounting and tax obligations.
For the purposes referred to in letters a), b) and c), Trigit applies, as the legal basis for the processing, the need to process personal data for the purposes of performing the Services offered, in particular to allow complete management of the process of requesting and offering the Freelancers’ services, pursuant to art. 6, letter b) of the GDPR.
For the purpose referred to in letter d), Trigit applies, as the legal basis for the processing, the consent expressed by the Data Subject for one or more specific purposes, pursuant to Article 6, letter a) of the GDPR.
For the purpose referred to in letter e), Trigit applies, as the legal basis for the processing, the need to comply with legal obligations, pursuant to Article 6, letter c) of the GDPR.
3. Methods of processing
Your data will be processed in compliance with the principles of correctness, lawfulness, and transparency. Trigit has appropriate security, technical and organisational measures in place that ensure a level of security appropriate to the risk of unauthorised access to, and accidental or unlawful destruction, loss, alteration and unauthorised disclosure of, personal data transmitted, stored or otherwise processed.
Personal data is processed manually or electronically using automated tools that ensure the security and confidentiality of the data.
4. Data retention period
Personal data will be retained only for the time necessary to pursue the purposes for which they are collected, in compliance with the principle of minimization set out in article 5.1 c) of the GDPR. Since this is a continuous periodic service, personal data will be processed by the Controller until the services are either terminated by the user or by Trigit.
Personal data processed for ensuring the compliance of the Trigit’s legal, judicial and administrative obligations as well as to manage Trigit’s participation in administrative and judicial proceedings are retained for no more than 10 years from the end of provision of Trigit’s services to the data subject.
Moreover, personal data processed for the purpose referred to in point d) above will be retained for a period not exceeding that necessary to achieve the purposes for which they were collected and, in any case, not exceeding, respectively, 24 months from the time of collection in the case of direct marketing and 12 months in the case of indirect marketing.
5. Data transfer
Trigit is a web-based service and avails itself of cloud services. As a result, some of the companies to which the data could be transferred may have servers located outside of the Economic European Area (the “EEA”). Trigit will provide the necessary safeguards for carrying out such transfers in accordance with applicable data protection regulations.
You are also informed that Trigit may disclose some or part of the personal data to:
- Legal and regulatory authorities for the above-mentioned processing purposes,
- Potential purchasers of any of Trigit’s shares, assets or businesses, for them to review the subject-matter of their potential purchase and subject to confidentiality duties,
- Professional advisors (e.g. accountants, auditors, lawyers, etc.) and third parties supplying products or services (e.g. insurers, payment system providers, HR services providers, ITC systems providers, etc.), only to the extent they enable Trigit to perform the processing purposes.
In particular, all payments carried out through Trigit are carried out by a third-party payment system provider, Mangopay S.A.. As a result, Trigit does not collect or process and banking or payment data of its users.
6. Mandatory or optional nature of providing data
The provision of data for the purposes referred to in letters a), b) c) and e) is optional, but any refusal will make it impossible for Trigit to provide its services.
The provision of your personal data is optional for the purposes referred to in point d) of the paragraph above. In this case, you can freely decide whether or not to provide your consent for such purposes and this will not affect the services provided by Trigit.
7. Your rights
You have the right to obtain confirmation of the existence or non-existence of personal data concerning you.
You have the right to be informed of:
- The origin of the personal data;
- The purpose and methods of data processing;
- The logic applied to the data processed electronically;
- The identity of the data controller and the data processors; and
- The identity of the individuals or categories of individuals to whom your personal data may be sent to or who may acquire your data as individuals authorised to process your data.
Furthermore, you have the right to:
- Have your data updated, corrected and supplemented;
- Request the limitation of processing in case: i) you have contested the accuracy of personal data processed; ii) you opposed to the processing of personal data; iii) you require the personal data for the establishment, exercise or defense of legal claims;
- Have the processing of your personal data restricted and any unlawfully processed data erased, made anonymous or blocked;
- Require a declaration attesting that the people/companies Trigit communicates or disseminates your data to have been notified and given full details of any of the operations under points f) and g) above having been carried out, unless this proves impossible or implies an effort that is clearly disproportionate to the right to be protected;
- Obtain, in a structured format commonly used and readable by electronic devices, the personal data provided to Trigit, and to have the data transmitted, directly or through Trigit, to another data controller (known as data portability).
You also have the right to object in whole or in part to:
- The processing, on legitimate grounds, of your personal data, including data relevant for the purpose they were collected; and
- The processing of your personal data for the purpose of sending advertising material and direct sales messages, and to carry out profiling and surveys, including on client satisfaction.
If you believe your rights have been violated by Trigit or a third party, you have the right to file a complaint with the Italian Data Protection Authority and/or other competent supervisory authorities.
To exercise your rights, please email firstname.lastname@example.org