Loading...
Richiedi Informazioni
0

Privacy Policy

EchoWatch > Privacy Policy

Privacy Policy

Last Updated: June 4, 2025

This Privacy Policy describes how EchoWatch S.r.l. (hereinafter “EchoWatch” or the “Controller”), located at Piazza Miragliano 2, 80121 Naples, VAT No. XXXXXXXXXXXXX, registered in the Naples Companies Register No. 17551/1T dated 18/04/2025, collects, uses, and protects personal data.

EchoWatch complies with applicable data protection laws (EU Regulation 2016/679 – GDPR and Italian Legislative Decree 196/2003 as amended by Legislative Decree 101/2018). This Policy outlines:

  • Data Controller and Processors
  • Categories of Personal Data Processed
  • Purposes and Legal Bases for Processing
  • Methods of Data Collection and Storage
  • Data Sharing and Disclosure
  • Data Subject Rights
  • Security Measures
  • Data Retention Period
  • Policy Updates
  • Contact Information

1. Data Controller and Processors

Controller:
EchoWatch S.r.l.
Piazza Miragliano, 2 – 80121 Naples
Email: info@echowatch.it

Processors:
Individuals and internal roles responsible for managing IT systems and data protection procedures.
To contact the Data Protection Officer (DPO), write to: legal@echowatch.it

2. Categories of Personal Data Processed

EchoWatch may collect the following types of data through forms, contact requests, and interactions on the Site:

  • Contact data: name, surname, email, phone number, company (if applicable)
  • Browsing data: IP address, browser type, OS, visited pages, session duration, referrer URL, traffic data via cookies (as per the Cookie Policy)
  • Contract and billing data: if you request services or documentation (e.g. billing address, tax ID/VAT number)

EchoWatch does not process sensitive or judicial data (Articles 9 and 10 GDPR), and does not intend to collect health, political, religious, or biometric data through the Site.

3. Purposes and Legal Bases for Processing

Responding to requests for info, demos, or quotes

  • Legal Basis: Express consent (Art. 6(1)(a) GDPR)
  • Data: Name, surname, email, phone, company
  • Method: Contact forms, CRM/email handling

Fulfilling legal and tax obligations

  • Legal Basis: Compliance with legal obligations (Art. 6(1)(c) GDPR)
  • Data: Billing and contract data
  • Method: Invoicing, accounting, digital/paper archiving

Traffic analysis and site improvement

  • Legal Basis: Legitimate interest of the Controller (Art. 6(1)(f) GDPR)
  • Data: Anonymized IP, pages visited, session duration
  • Method: Google Analytics (analytical cookies, see Cookie Policy)

Cookie management and compliance

  • Legal Basis: Public interest and legal obligation (Art. 6(1)(c) GDPR, Legislative Decree 196/2003, Directive 2009/136/EC)
  • Data: Cookie consent preferences (stored via technical cookie)
  • Method: Consent banner and automated recording system

Security and fraud prevention

  • Legal Basis: Legitimate interest (Art. 6(1)(f) GDPR)
  • Data: IP, log info, anomaly signals in forms
  • Method: Firewalls, server logs, session monitoring

4. Data Collection and Storage Methods

4.1 Collection

  • Contact/demo forms: data voluntarily entered by the user
  • Cookies and system logs: automatically collected via tools (server logs, Google Analytics as per Cookie Policy)
  • Email: messages sent to info@echowatch.it or legal@echowatch.it are stored in protected mail systems

4.2 Storage

  • Contact data: retained for up to 2 years from the last interaction unless otherwise required
  • Contractual/fiscal data: stored for at least 10 years (as per tax law)
  • Browsing data: anonymized cookies (_ga: 2 yrs; _gid: 24h); server logs kept for 6 months (partial anonymization)
  • Security logs (IP, system logs): encrypted and retained up to 1 year for security investigations

5. Data Sharing and Disclosure

EchoWatch does not share your data with unauthorized third parties. Data may be shared with:

  • IT Service Providers: external companies managing hosting, servers, emails, and backups, bound by Data Processing Agreements
  • Consultants/Professionals: accountants, lawyers, or tax consultants for legal/tax compliance
  • Judicial/Police Authorities: when required by law or legal orders
  • Google Ireland Ltd.: for use of Google Analytics/Search Console. Data is processed under Google’s privacy policy (see Cookie Policy)

No data is transferred outside the EU unless through services like Google Analytics, which may store data on global servers. EchoWatch uses Standard Contractual Clauses to ensure appropriate safeguards.

6. Data Subject Rights

According to Articles 15–22 of the GDPR, you have the right to:

  • Access (Art. 15): Know whether your data is processed and obtain a copy
  • Rectification (Art. 16): Correct inaccurate or incomplete data
  • Erasure (Art. 17 – “right to be forgotten”): When data is no longer needed, consent is withdrawn, or processing is unlawful
  • Restriction (Art. 18): In case of data disputes or pending objections
  • Portability (Art. 20): Receive data in a structured format to transfer to another controller
  • Objection (Art. 21): To processing based on legitimate interest
  • Consent Withdrawal (Art. 7): At any time, without affecting prior lawful processing

To exercise your rights:

  • Email: privacy@echowatch.it
  • PEC: [Certified Email, if applicable]
  • Mail: EchoWatch S.r.l., Piazza Miragliano, 2 – 80121 Naples

Requests are answered within 30 days. If complex, this may be extended by 2 more months with prior notice.
If you believe your data has been unlawfully processed, you may file a complaint with the Italian Data Protection Authority:
Garante Privacy – Piazza Venezia, 11, 00187 Rome – www.garanteprivacy.it

7. Security Measures

EchoWatch implements appropriate technical and organizational measures to protect personal data from destruction, loss, alteration, unauthorized access, or disclosure:

  • Encryption: HTTPS/TLS for secure browser-server communication
  • Protected Access: Unique credentials and complex passwords
  • Backups: Periodic database/content backups stored securely
  • Firewalls/Antivirus: Protection of servers from intrusion
  • System Logs: Stored up to 6 months, partially anonymized

8. Data Retention Period

Data TypeRetention Time
Navigation logs6 months (pseudonymized)
Analytics cookies_ga: 2 years; _gid: 24h; _gat: 1 min
Contact form dataUp to 2 years from last interaction
Contract/fiscal recordsAt least 10 years
Legal/Support requestsUp to 10 years (as per legal terms)

After the retention period, data will be permanently deleted or irreversibly anonymized.

9. Changes to the Privacy Policy

EchoWatch may update this Privacy Policy at any time, particularly to comply with legal changes or internal updates.
In the event of major updates, the modification date will change and, if needed, users will receive an explicit notice on the Site.
You are encouraged to check this page regularly for the latest version.

10. Contact for Requests

To exercise your rights or request clarification about this Privacy Policy, contact us at:

  • General Email: info@echowatch.it
  • Postal Address: EchoWatch S.r.l., Piazza Miragliano, 2 – 80121 Naples

© 2025 EchoWatch S.r.l. – All rights reserved.