Privacy Policy - MarinoBus

Privacy Policy

Last modified: 07.02.2020

INTRODUCTION

Soc. Marino S.r.l. with registered office in Altamura (BA) at S.P. 41 Km 1,500, VAT number 03613570724 (hereinafter "we", "us" or "our") manages the website www.marinobus.it (hereinafter "website") and is the Data Controller in relation to personal data collected and/or voluntarily provided by users of the website.

Please read this privacy policy carefully, as accessing and using our website implies that the user has read, understood and accepted all the terms of this privacy policy.

If you do not agree with any part of this privacy policy or the terms we apply, please do not access or continue to use our website or submit your personal information.

We respect your privacy and are committed to protecting your personal information.

We collect, process and store personal data as necessary to provide the user with our services through navigation on the website.

Our privacy policy applies to the information we collect:

• Through this website;
• In e-mail, testi e altre comunicazioni tra l’utente ed il sito web;
• Through the MarinoBus App available on authorized stores or downloadable through this website; or
• when users interact with our advertisements on the website and/or third party services, if such applications or advertisements include links to this privacy policy.

It does not apply, however, to personal data and information collected from:
• this website when offline, or any other website operated by us or third parties (including our affiliates and partners); or
• any third party (including our affiliates or partners), through any application or content (including advertising) that may link to or be accessible from or on our website. By clicking on such links or enabling such links you may allow third parties to collect or share data about you. We do not control these third party websites and are not responsible for their privacy policies.

DATA COLLECTED THROUGH THE WEBSITE

By the definition of "personal data" we mean any information relating to a person that enables us to identify them immediately or, indirectly, through a process of aggregation of the same data. Data that has been rendered anonymous or pseudonymized is not included in this definition.

In the course of the user’s navigation on the website, we may collect, use, store and transfer various personal data about you, which we have grouped together as follows, depending also on the type of interaction engaged in:

• Users who visit the website without registering or logging in: "Unregistered Users”.

From this category of users we collect:

• Technical data: which also includes the Internet Protocol (IP) address, which we pseudonymize (a technique that replaces or removes information in the data set that identifies an individual), browser type and version, time zone and location setting, operating system and platform and other technologies on the devices the user uses to access our website.
• Data sent directly by the user which includes all data collected in the sections where the user directly enters data necessary to request a specific function of the website.
• Usage data that includes aggregate information about your use of our website, your choice of products and services.
• Users who choose to create an account: "Registered Users".

Of this category of users, however, we collect:
• Identification data: first name, last name, date of birth, address of residence.
• Contact data: mobile phone number, e-mail address.
• Financial data: in case of purchase we ask for details of the selected payment method.
• Transaction data in case of purchase: which may include payment details, to and from the user (refunds), and other details regarding products and services purchased or received.
• Technical data: which includes the (pseudonymized) IP address, access data, browser type and version, time zone and location setting, operating system, platform and other technology on the devices the user uses to access our website.
• Data sent directly by the user which includes all data collected in the sections where the user voluntarily enters data necessary to request a specific function of the site.
• Usage data that includes aggregate information about how you use our website, product choices and services.

Regarding information that we use for marketing purposes by us and/or authorized third parties, which we also obtain from information about the use of our website, it is important to be aware that we may collect, use and share the information provided to produce, or share, additional information, including aggregated information, that does not identify the user in any way. Such aggregate data may originate from the user but is not considered personal data as it does not identify anyone, either directly or indirectly. For example, we may aggregate site usage data to calculate the percentage of users accessing a specific section, or to generate statistics on site visits, to calculate users' impressions of advertisements posted or clicked on, or even to publish demographic data on visitors.

We do not collect special categories of the user's personal data (such as details of race or ethnicity, religious or philosophical beliefs, political opinions, union membership, health status information and genetic or biometric data).

HOW PERSONAL DATA IS COLLECTED

We use a variety of methods to collect user data, such as through:
• Direct Interactions:
Information provided by the user when filling out forms on our website, in particular when registering, when requesting information, when participating in a sponsored promotion, when reporting a problem with our website or services or when requesting further services beyond the main one.
• Automated interaction technologies:
such as cookies and/or other similar technologies.

WHAT INFORMATION IS COLLECTED THROUGH AUTOMATED TECHNOLOGIES?

When browsing and interacting with our website, we use automated data collection technologies that assimilate certain information about your equipment, browsing activities, including additional information such as your IP address, browser type, operating system, pages visited, location, mobile operator, device information, search terms and other cookie information.

The technologies we use for this automated collection include::
• Cookies (or browser cookies).
Cookies are small text files that are stored in your browser or downloaded to your device when you visit any website. Cookies are then returned to the original website on each subsequent visit, or to another website that recognizes such cookies, and allows any website to recognize your device and thereby improve your browsing experience.
We currently use the following types of cookies on our website:
• Cookies that are strictly necessary:
These cookies are essential to the operation of our website. These include, for example, cookies that allow you to access our website and check whether you are allowed access to a particular service or content.
• Statistical cookies:
These cookies allow us to recognize and count the number of users interacting with the site and to see how they utilize or explore it. They therefore help us to improve our website, for example by ensuring that all users can easily find what they are looking for.
• Preferred cookies:
these cookies are not essential, but they help us to personalise and improve your online experience on our website. This type of cookie allows us to recognise the user when they return to our website and to remember, for example, which language to use.
• Marketing cookies:
these cookies record the user's visit to our website, the pages they visited and the links they followed to enable us to make the advertisements on our website more relevant to their specific interests.

It is not necessary to accept all types of cookies and the user can withdraw their consent to the use of cookies at any time by adjusting their privacy settings from the first time they access the site.

USE OF COOKIES BY THIRD PARTIES

Certain content or applications, including advertisements, on our website may be offered by third parties, including advertisers, ad networks and content providers.

These third parties may use cookies alone or in combination with other tracking technologies to collect information about the user when using our website. Unless expressly stated otherwise, our website does not provide any personal information to these third parties, but they may collect information, including personal information such as IP (Internet Provider) address, browser type and version, time zone setting and location, operating system, platform or other technology and other information about the devices used to access our website.

We do not monitor the tracking technologies of these third parties or the way in which they may be used. If you have questions about an ad or other targeted content, please contact the responsible provider directly.

LIABILITY FOR THIRD PARTY COOKIES

With regard to the liability for third party cookies, we would like to point out the well-known Provision of the Italian Data Protection Authority for the Protection of Personal Data on Cookies of 8 May 2014: “There are many reasons why it is not possible for the website owner to provide the information and obtain consent for the installation of cookies on its website even for those installed by "third parties". First of all, the website owner should always have the tools and the economic and legal capacity to take on the obligations of the third parties and should therefore also be able to verify from time to time the correspondence between what is declared by the third parties and the purposes actually pursued by them with the use of cookies. This is made very difficult by the fact that the website owner does not know directly all the third parties that install cookies through its website and, therefore, not even the logic behind their processing. In addition, it is not uncommon for the website owner and third parties to come between the website owner and the third parties as intermediaries, which makes it very difficult for the website owner to control the activities of all parties involved. Third party cookies may, over time, be modified by third party suppliers and it would be impractical to ask website owners to keep track of these subsequent changes as well”.

Therefore, as also prescribed by the Italian Guarantor for the Protection of Personal Data, our site does not possess the ability to control in any way third party cookies if the user makes use of third party services (including Google Maps, YouTube, Instagram, Facebook) for which only third parties are responsible.

To this end, the user may block the operation of cookies at any time by also using plugins for the browser and changing the settings as indicated in the various manuals contained in the browser.

Finally, please note that it is not mandatory for us to obtain consent to the operation of technical cookies only, or third party or analytical cookies similar to technical cookies. Their deactivation and/or denial of their operation will result in the impossibility of correct navigation on our website and/or the inability to use the services, pages, functions or content available.

HOW WE USE PERSONAL DATA

We will use personal data in accordance with principles of correctness, lawfulness and transparency and exclusively in the following circumstances:
• In order to best provide our services, for customer management, to improve functionality and security.
• Where necessary to pursue our legitimate interests (or those of third parties) without overriding the interests and fundamental rights of the user.
• Where it is necessary to comply with a legal or regulatory obligation.
• When the user has declared, validly and in the manner prescribed by law, that they wish to give their consent to the processing.
Please note that we may process personal data with more than one legal basis. This is done according to the specific purpose for which the use of the same data is intended.

THE PURPOSES FOR WHICH WE USE THE PERSONAL DATA

In general, we use the information we collect from the user, or that the user provides to us, for the following purposes:
• FProviding services:
to present our website and its content to you, including any interactive features, and to provide you with information, products or services in the best possible way; we also collect and use personal information to verify your identity.
• User Management:
to manage the accounts of registered users, to provide support, to send communications about their accounts (or through the contact details provided during registration), including notices of changes to the products or services we offer, and to communicate changes or modifications to the terms and conditions of purchase.
• Customization of Content:
to carry out research and analysis on the use and content of interest on our website, including products or services, more or less in demand, in order to develop and display specific content and advertising based on the interests we consider relevant on our site.
• Functionality and Security:
to diagnose or resolve technological problems or to detect, prevent and respond to actual or potential fraud, illegal activity or intellectual property infringement;
• Compliance:
to enforce the terms and conditions we apply and to enforce our legal obligations or for any other purpose that the user's consent allows us to pursue.

TO WHOM WE DISCLOSE PERSONAL DATA

We do not disclose the user's personal data. We may disclose it only in the limited circumstances described below.
We may disclose personal information:
• to members of our corporate group (i.e., persons authorized by the company):
to the extent necessary for the purposes of service delivery, customer management, content customisation, advertising, analysis, testing, functionality and security and compliance.
• To our authorized suppliers who perform certain services on our behalf.
These services may include order fulfillment, credit card payment processing, risk and fraud detection and mitigation, customer service, sales and marketing analysis, content customization, generic analysis, security, support of our website functionality and other features offered by our website. These suppliers may have access to personal information necessary to perform their functions but are not permitted to share or use such information for other purposes.
• Legal Successors
To a purchaser or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution, sale or transfer of part or all of our assets, whether in a divestiture or in the event of bankruptcy, liquidation or similar proceedings, personal information held by us about users of our website will be among the transferred assets. In the event of such sale or transfer, we will use our best endeavours to ensure that the entity to which we transfer personal information will use it in a manner consistent with this Privacy Policy and provide the user with any information about it.
• Public Entities
We access, store and share your personal data with regulators and/or law enforcement agencies where we believe such communication is necessary: (a) to comply with any law, regulation, legal requirement or request of any governmental authority; (b) to use applicable terms and conditions of use; (c) to detect, prevent or otherwise address illegal or suspicious activities, security or technical matters; (d) to protect against harm to the rights, property or safety of our company, our users, employees or others; or (e) to maintain and protect the security and integrity of our website or infrastructure. Only in the above cases may we waive any of the terms set forth in this policy and where the law permits.
We may disclose aggregate information about our users and information that does not identify any individual, without limitation.
We may also share aggregate information with third parties to conduct general business analysis.
This information does not contain any personal information and may be used to develop content and services that we hope all users will find of interest.

HOW WE HANDLE FINANCIAL INFORMATION

Financial information (including related personal information) that you have provided to us will be shared with our partners in order to initiate and complete any orders placed on your account or through the purchase method for non-registered users.
All credit card transactions and the like are processed using industry-standard encryption by third party processors that use only the financial information and personal information collected for this purpose.
All financial and related personal information will not be shared by us with third parties except with your permission or when necessary to perform all transactions requested by you with the understanding that such transactions may be subject to the rules, terms, conditions and policies of a third party.

TRANSFER OF PERSONAL DATA TO OTHER COUNTRIES

Whenever, in the course of information sharing, we transfer personal data to countries outside the EU and to other territories with different data protection disciplines, we will ensure that the information is transferred in accordance with this privacy policy and as permitted by applicable data protection laws.
By using our website the user consents to the transfer of the information we collect, including personal data, to any country in which we, members of our corporate group (i.e. entities that control or are controlled by or under our control) or our service providers, are located.

HOW LONG DO WE RETAIN PERSONAL DATA?

We will store personal data only for the time necessary to fulfill the purposes for which it was collected, also in order to meet any legal requirements.
To determine the appropriate retention period for personal data, we consider the amount, nature and particularity of the personal data, the potential risk of harm from unauthorized use or disclosure, the purposes for which we process personal data and whether we can achieve these purposes by other means.
Where we no longer need to process personal data collected from users for the purposes set out in this privacy policy, we will remove your personal data from our systems.
Where permitted and applicable, we will also delete personal data at the express request of the user.

For questions about our data retention practices or how to exercise the right to deletion or other rights provided for, the user can send an e-mail to privacy@marinobus.it or send us a registered letter with return receipt to the registered office of the Data Controller: Soc. Marino S.r.l. - 70022 Altamura (BA) - S.P. 41 Km 1,500.

The period for which we retain the personal information necessary for compliance and law enforcement purposes varies and depends on the nature of our legal obligations (in detail, the tickets are retained for 10 years from purchase pursuant to art. 2220 c.c., together with the accounts of registered users on the website www.marinobus.it).

USER'S RIGHTS

The user who has provided the data, by virtue of the principle of transparency and in compliance with EU Regulation 679/2016 and Legislative Decree 196/2003 and subsequent amendments and additions, has the right to:
• Obtain the revocation of consent given;
obtain, from the Data Controller, confirmation of the existence or not of personal data concerning them;
obtain the communication of data in a clear and intelligible form;
obtain the indication;
• of the origin of the personal data;
• of the purposes and methods of processing;
• of the logic applied in case of processing carried out with the aid of electronic means;br>
• of the identity of the Data Controller, the person(s) responsible for the processing and/or persons in charge;
of the subject(s) to whom the datamay be communicated and/or who may become aware of the data in their capacity as designated representative(s) in the territory of the State, data processor(s) or person(s) in charge of the processing.
Obtain the updating, rectification, and/or integration,, if there is interest, of the data provided;
Obtain the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
Obtain certification that the operations of updating, rectification and erasure of data, as already defined in the previous points, have been notified, also as regards their contents, to those to whom the data were communicated, unless this requirement proves impossible or involves a manifestly disproportionate to the protected right.
Obtain the limitation of the processing of the data provided;
Make a complaint to the Guarantor for the protection of personal data.
The exercise of the rights may involve the burden of an expense contribution to be paid by the user related to the difficulties, for the Controller, to follow up the requests in relation to the resources available.
These rights may be limited by a rule or regulation, Community or national, where the exercise of these rights may result in actual and concrete harm.

DATA CONTROLLER AND DPO

To exercise the rights described above or to request information on the processing of their personal data, the user may contact: Data Controller, Soc. Marino S.r.l. with registered office in Altamura (BA) at S.P. 41 Km 1,500, VAT no. 03613570724 by registered letter with return receipt or email: privacy@marinobus.it or to our DPO (Data Protection Officer), Avv. Giuseppe Miglionico by email: dpo@pec.marinobus.it

ADDITIONS, UPDATES AND AMENDMENTS TO THE INFORMATION NOTICE

Finally, we reserve the right to modify, supplement or periodically update this Information Notice in compliance with applicable legislation or the measures adopted by the Guarantor for the Protection of Personal Data in its capacity as Control Authority.
The above amendments or additions will be brought to the attention of the parties concerned. We therefore invite users to review the Privacy Policy on a regular basis, to check the updated Policy and decide whether or not to continue to use the services offered.
The above information applies to data collected through the website www.marinobus.it owned by Soc. Marino S.r.l. in its capacity as Data Controller.

Privacy Policy Call Center

Last modified: 04.02.2020

INFORMATION ON THE PROTECTION OF PERSONAL DATA

Marino S.r.l., pursuant to art. 13 EU Regulation no. 679/2016, informs you that the personal data provided to the call centre service will be processed in the following ways and for the following purposes.

DATA CONTROLLER AND DPO
In this section we indicate you what our references are

Data Controller: Soc. Marino S.r.l., with registered office in Altamura (BA) at S.P. 41 km 1,500, which can be contacted at the following e-mail address: privacy@marinobus.it
The Soc. Marino srl has appointed a D.P.O. - Data Protection Officer, contactable at: dpo@pec.marinobus.it

TYPES OF PERSONAL DATA
In this section we indicate which types of data we ask you for

Data acquired directly from the person concerned: name and surname, email, telephone.
The aforesaid data will be treated with computer and paper supports in order to guarantee suitable security and confidentiality measures.

PURPOSE OF THE PROCESSING
In this section we indicate the purpose of the processing carried out on your data

Ticket purchase request, booking change, refund
Nature of the contribution: compulsory
Legal basis: contractual
The provision of the data necessary to pursue the purposes specified above is mandatory and a refusal to do so could make it impossible for Soc. Marino S.r.l. to provide the service or assistance requested.

RECIPIENTS OF DATA
In this section we indicate the purpose of the processing carried out on your data

For the pursuit of the above purposes, personal data will be processed by the following subjects:
Soc. Marino S.r.l. and subjects not directly related to Soc. Marino S.r.l.:
Judicial Authorities
Public safety authority
Travel Agencies
Autolinee Marino Michele S.r.l.
Sitrap S.r.l.
Maco S.r.l.
Data will be processed only by persons expressly authorized by Soc. Marino S.r.l. or by companies acting as Data Processors, on behalf of Soc. Marino S.r.l., and who have signed a specific contract governing the processing entrusted to them and the obligations regarding data protection, and will never be disclosed.
The updated list of data recipients is available by contacting the Data Controller at the email address: privacy@marinobus.it, or by contacting the Data Protection Officer at the email address: gmiglionico@emmelegal.com

DATA RETENTION
In this section we indicate how long we will keep the data for

With regard to the duration of storage, and therefore with regard to the duration of processing, the data provided may be stored for a maximum period of 10 (ten) years following the provision of the service.

RIGHTS OF DATA SUBJECTS
In this section we indicate which rights we guarantee you

EU Regulation 2016/679 (Articles 15 to 23) gives the persons concerned the right to exercise specific rights. In particular, in relation to the processing of your personal data, you have the right to ask Soc. Marino S.r.l. for access, rectification, cancellation, limitation, opposition and portability; you may also lodge a complaint against the Supervisory Authority, which in Italy is the Guarantor for the Protection of Personal Data. At any time, you may ask to exercise your rights to Soc. Marino S.r.l., which can be contacted by email privacy@marinobus.it or by contacting the Data Protection Officer at the following email address: dpo@pec.marinobus.it