PRIVACY POLICY
Introduction
This document contains information about the processing of personal data provided, pursuant to Article 13 of Italian Legislative Decree no. 196/2003 and subsequent amendments, by Scuter S.r.l. (“Scuter”) through the web portal at the address www.scuter.co (the “Portal”).

The processing of data for the purposes set forth in this document shall be made in compliance and respect of all rights, fundamental freedoms and dignity of the relevant data subjects.

Users who choose to provide Scuter with their data to obtain information about the Portal and the services provided therein are required to thoroughly read and accept this document.

The provisions set forth by this document are strictly related to the activities and services of the Portal, and are therefore not applicable to third-party websites and/or external mobile applications that may be accessible via links contained in the Portal, for which Scuter is not in any way liable.

1. General information and methods of data processing:The Data Controller is Scuter S.r.l., VAT number 13474081000, having its registered offices in Via Cassia, 972, 00189 – Rome (ITALY), email: webmaster@scuter.co

All data collected will be processed by the Data Controller and/or by the appointed Data Processors in the following manner(s). Collected data:

1. shall be transmitted, with the express consent of data subjects, to subsidiaries and associated companies, which are part of the same corporate group of Scuter S.r.l.;
   ii. shall be disclosed to public and/or private entities, for the performance of obligations prescribed by applicable law;
   iii. shall be transferred abroad, within the limits provided by Articles 43 and 44 of Italian Legislative Decree no.196/2003, exclusively for the processing and scopes described into this document; in particular, collected data shall be transferred to The Rocket Science Group, LLC, having its registered offices in 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, Georgia 30308, appointed Data Processor for the purposes of managing communications from the Portal through the “Mailchimp” mailing list system; The Rocket Science Group, LLC has executed a specific agreement with Scuter S.r.l., undertaking, under its sole responsibility, to carry out all processing activities in full respect of Italian Legislative Decree no. 196/2003, so to ensure, even in the absence of a general “Safe Harbor” authorization for the US, the same level of protection of the rights and obligations prescribed therein. (For further information on the processing of personal data by the “Mailchimp” service, please see the detailed documentation available at the address http://mailchimp.com/legal/ ).
2. shall be communicated to individuals, companies and/or professional firms providing their assistance, advice or collaboration to Scuter in accounting, administrative, legal, tax and financial matters;
   v. shall be transmitted to external collaborators and to all parties to whom the disclosure is necessary to properly fulfill the obligations assumed by Scuter to supply its Services to the Users;
   vi. shall be disclosed to third parties specifically appointed by Scuter as “Data Processors” and/or charged with the processing of personal data in the manners and for the purposes set out in this statement;No collected data will ever be disclosed (this being intended as disclosing data to undetermined people, including – but not limited to – making data available for consultation), without a specific, free and informed consent, granted by the relevant data subject for each type of treatment set forth by this document.

The processing of personal data is carried out through the operations and/or the complex of operations described at Article 4, par.1, lett. a) of Italian Legislative Decree no. 196/2003: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, removal and destruction of data.
Data and documents collected shall be organized by Scuter in databases and/or electronic files and/or in paper format.

1. Types of personal data processed:
2. a) Data provided by Users

Visitors are free to browse the Portal, without supplying any kind of personal data to Scuter S.r.l.

To receive information on the services and activities of Scuter S.r.l. and of the Portal, visitors can fill in the dedicated form on the Portal, providing Scuter S.r.l. with the following personal data:
– Name;
– Surname;
– Valid e-mail address;

Failure to provide the above data, or provision of inaccurate, incomplete and/or false information may result in the impossibility, for the User, to obtain the requested services. All personal data and information provided through the Portal are the result of a free choice of its visitors, manifested within the limits and conditions set forth by applicable law.

The data processing operations described herein cover only personal data which are strictly relevant, according to the legal obligations, duties and purposes set out in the following Articles of this policy.
A data subject, therefore, should not provide Scuter S.r.l. with any other data regarding his/her health status, racial and ethnic origin, religious beliefs, political opinions, sex life (so-called “sensitive data”), as well as legal data. Any such data eventually sent by the Users shall therefore be immediately erased by Scuter.

Any voluntary sending of emails to the addresses indicated on the Portal involves the subsequent acquisition of the email address of the sender, which is necessary to answer to requests, and of any other personal data included in the communication. All personal data collected through this channel shall be processed for the time strictly necessary to achieve the purposes for which they were collected.

1. b) NAVIGATION DATA
   The computer systems and software procedures used to operate the Portal acquire, during their normal operation, some data, whose transmission is required to correctly operate the Internet communication protocols. Such information is not collected to be specifically associated with certain data subjects, yet they could, through processing and association with data provided by third parties, be used to identify one or more Users.

This category of data may include IP addresses or domain names of the terminals through which Users are accessing the Portal, the addresses in URI (Uniform Resource Identifier) of requested resources, the request time, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (“successful”, “error”, etc.) and other parameters regarding the operating system and computer environment of the User’s terminal.
This data is processed only to obtain statistical information on the use of the Portal and the Services provided therein, to provide new and/or updated Services, and to verify and ensure the correct operation of the Portal; all data processed to obtain statistical information shall be deleted immediately after processing, except where their use is necessary to provide certain Services of the Portal, and/or in case of crimes committed by damaging the Portal and/or where their use is required by the competent Authorities, to the purposes of law enforcement and prosecution of offenses.

1. c) COOKIES
   The Portal uses cookies. A cookie is a small piece of text sent to the internet browser while viewing a website, and stored on a visitor’s computer. It helps the website to remember information about the relevant visit, like preferred language, screen resolution and other settings. Some cookies can also store access details for registered users, to speed up logging in a dedicated area.

• c1) cookies sent by the Portal:

The Portal stores the following cookies on Your computer:

Name	Type	Description
wfvt_	Technical/Session	Part of the WordPress CMS, it keeps track of the pages browsed by a User.
wordfence_verifiedHuman	Technical/Session	Part of the WordPress CMS, it verifies if the User browsing the Portal is human or bot.
wp-settings-time-4	Technical/Session	Part of the WordPress CMS, it temporarily stores the timezone preferences of the User.

• c2) Third-party cookies

The Portal also uses the following third-party cookies (see provided links for more information and instructions for opt-out and/or removal):

Google Analytics:

http://www.google.com/policies/technologies/cookies/

The Portal uses cookies to avoid adoption of computer techniques that are potentially detrimental to the confidentiality of internet browsing; all the cookies used on the Portal are intended not to allow acquisition of personal identification data.

If You prefer not to store cookies at all on Your computer, You can configure Your internet browser to prevent storage of any type of cookie. Please refer to the instructions provided by the manufacturer of Your browser, for more details. Be advised, though, that refusal to store some of our cookies might compromise Your experience on the Portal and/or prevent the accessibility of certain Services provided therein.

1. Purposes of the data processing:
   The data collected according to the provisions set forth at Article 2, letter a), shall be processed by Scuter S.r.l., with ordinary and/or computerized and electronic means, for the following purposes:
2. To provide all services on the Portal, and, in particular:

• To provide information about the services offered by the Portal, including sending to all registered Users one or more weekly newsletters, as well as updates related to the involvement of the community into the development and deployment of such services;
• To invite selected Users to participate to one or more special promotional initiatives involving products and services provided through the Portal;
• To analyze all available data, in anonymous and aggregated manner, so to evaluate the service level of the Portal;

1. To improve the services offered and/or propose commercial offers apt to the needs of the User;

Data provided by Users as described at Article 2, letter b), shall be aggregated and processed anonymously, for statistical purposes on the usage of the Portal, in order to always provide services and/or commercial offers apt to the needs of the Users.
Data provided by Users as described at Article 2, letter c), shall be processed by Scuter S.r.l. for the sole purpose of providing the Services of the Portal, and shall not be made available to unregistered visitors and/or to third parties, except where such a disclosure is provided by law and/or regulation. Visitors of the Portal shall always be subject, for technical reasons, to the processing of data as per Article 2, letter b), where applicable, in ways not allowing direct or indirect identification.

Collected data shall be processed and handled respecting the principles of correctness, lawfulness and transparency, with methods and ways to ensure maximum security standards and confidentiality.

Scuter will not disclose or transfer data to third parties, unless registered Users have expressly agreed to the processing for complementary, promotional and/or commercial purposes, as described above.

Refusal, from the User, to grant consent to processing as per Article 3, letter a) above shall lead to impossibility, for Scuter, to provide any requested service.

1. Security:
   All information and data collected from Scuter will be stored and maintained in safe facilities by automated tools, whose access is restricted to authorized staff only. The application by which the services are offered to Scuter and the security measures of the servers through which it operates are regularly tested to avoid data breaches and to ensure that all information collected are safe from unauthorized access.
   Scuter complies with all security measures required by applicable law, to ensure and guarantee the confidentiality of personal data provided by Users, and to minimize, in the possible extent, any dangers posed by unauthorized access, removal, loss or damage to such data.
2. Duration of data processing – changes to this Privacy Policy:
   The processing of data as above summarized will have the necessary duration required by the purposes for which data were collected, in accordance with civil, criminal, and tax law. Should the data subject deem exhausted, for any reason, the purpose of the processing of his/her data, he/she will have to contact Scuter S.r.l. at the addresses detailed ad art. 8 of this document. Upon receiving such communication, Scuter shall immediately erase the relevant data, without prejudice to the data retention obligations provided by applicable law.

Scuter reserves the right to modify at any time this Privacy Policy: the new text shall be published online and registered Users shall receive a notice by email. The relevant changes will be effective after 15 days from the date of publication and/or communication, as described above.

1. Appointed Data Processors

To correctly offer its services on the Portal, the Data Controller shall be entitled to appoint one or more Data Processors;  all data collected as described in this document shall also be processed by third parties working as providers of web capacity and services for the Portal, which shall also be appointed Data Processors for all needed operations of ordinary and/or extra-ordinary maintenance of the portal.

All Data Processors details shall be published, from time to time, on the Portal, inside this “Privacy Policy”.

Appointed Data Processors are:

– The Rocket Science Group, LLC, having its registered offices in 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, Georgia 30308, USA.

1. Minors

All services offered by Scuter S.r.l. are expressly developed and dedicated to a mature audience. The Portal shall, therefore, not accept account registrations made by minors. Users are kindly requested to report to Scuter S.r.l., at the addresses detailed in article 8 below, any violation of this Article 7.

1. Exercise of Rights, Information and Contacts:
   Here below follows the current text of Article 7 of the Italian Legislative Decree no. 196/2003, entitled “Right to access personal data and other rights”:

“1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.

1. A data subject shall have the right to be informed
2. a) of the source of the personal data;
3. b) of the purposes and methods of the processing;
4. c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
5. d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
6. e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
7. A data subject shall have the right to obtain
8. a) updating, rectification or, where interested therein, integration of the data;
9. b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
10. c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
11. A data subject shall have the right to object, in whole or in part,
12. a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
13. b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys”.

The rights of Users

Users may exercise certain rights regarding their Data processed by the Owner.

In particular, Users have the right to do the following:

• Withdraw their consent at any time. Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
• Object to processing of their Data. Users have the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
• Access their Data. Users have the right to learn if Data is being processed by the Owner, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
• Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
• Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Owner will not process their Data for any purpose other than storing it.
• Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Owner.
• Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
• Lodge a complaint. Users have the right to bring a claim before their competent data protection authority.

Details about the right to object to processing

Where Personal Data is processed for a public interest, in the exercise of an official authority vested in the Owner or for the purposes of the legitimate interests pursued by the Owner, Users may object to such processing by providing a ground related to their particular situation to justify the objection.

Users must know that, however, should their Personal Data be processed for direct marketing purposes, they can object to that processing at any time without providing any justification. To learn, whether the Owner is processing Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights

Any requests to exercise User rights can be directed to the Owner through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Owner as early as possible and always within one month.

Retention time

Personal Data shall be processed and stored for as long as required by the purpose they have been collected for.

Therefore:

• Personal Data collected for purposes related to the performance of a contract between the Owner and the User shall be retained until such contract has been fully performed.
• Personal Data collected for the purposes of the Owner’s legitimate interests shall be retained as long as needed to fulfill such purposes. Users may find specific information regarding the legitimate interests pursued by the Owner within the relevant sections of this document or by contacting the Owner.

The Owner may be allowed to retain Personal Data for a longer period whenever the User has given consent to such processing, as long as such consent is not withdrawn. Furthermore, the Owner may be obliged to retain Personal Data for a longer period whenever required to do so for the performance of a legal obligation or upon order of an authority.

Once the retention period expires, Personal Data shall be deleted. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.

All submissions and requests made by data subjects in accordance with the applicable privacy legislation should be addressed to:

Scuter S.r.l.

Via Cassia, 972

00189 Rome (Italy)

email: webmaster@scuter.co