top of page

Privacy Policy

Francesca Botte, with registered office at: Sestiere San Marco 2861, 30124 Venice (VE), VAT No. 01845370624, Tax Code BTTFNC94B62H501M (hereinafter referred to as the "Data Controller"), owner of the website www.waterflower.eu (hereinafter referred to as the "Website"), in her capacity as the data controller of the personal data of the users of the Website (hereinafter referred to as the "Users"), provides the following privacy notice in accordance with Article 13 of the EU Regulation 2016/679 (hereinafter referred to as the "Regulation", the Regulation and the Privacy Code pursuant to Legislative Decree No. 196/2003 are jointly referred to as the "Applicable Law").

This Website and the services potentially offered through the Website are reserved for individuals who are at least eighteen years old. Therefore, the Data Controller does not collect personal data of individuals under 18 years of age.

At the Users' request, the Data Controller will promptly delete any personal data inadvertently collected related to individuals under 18 years of age.

The Data Controller places the utmost importance on the right to privacy and the protection of personal data of its Users. For any information regarding this privacy notice, Users can contact the Data Controller at any time using the following methods:

  • Sending a registered letter with return receipt to the Data Controller's registered office at Sestiere San Marco 2861, 30124 Venice (VE);

  • Sending an email to: info@waterflower.eu

Users may also contact the Data Protection Officer, whose contact details are provided below: Dr. Francesca Botte, email: francescadiletta.botte@gmail.com

1. Purpose of Data Processing

The personal data of Users will be lawfully processed by the Data Controller in accordance with Article 6 of the Regulation for the following processing purposes:

  1. To fulfill the User's request: The personal data of Users is collected and processed by the Data Controller solely to fulfill the Users' requests regarding the provision of free consultancy. The data collected by the Data Controller for this purpose includes the User's Name, Surname, Denomination, Telephone Number, and Email Address. Unless the User provides the Data Controller with specific and optional consent to process their data for additional purposes set out in the following sections, no other processing will be carried out by the Data Controller in relation to the personal data of Users. Subject to what is provided elsewhere in this privacy notice, in no case will the Data Controller make Users' personal data accessible to other Users and/or third parties.

  2. Administrative and accounting purposes, including compliance with a contractual obligation, or to perform activities of an organizational, administrative, financial, and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;

  3. Legal obligations, to comply with obligations provided by law, by an authority, by a regulation, or by European legislation.

The provision of personal data for the above processing purposes is optional but necessary, as failure to provide such data will make it impossible for the User to receive free consultancy from the Data Controller. In the event of consent, the User may revoke it at any time by making a request to the Data Controller using the methods indicated in paragraph 6 below.

2. Additional Processing Purposes: Marketing (Sending Advertising Material, Direct Sales, and Commercial Communication)

With the User's free and optional consent, some of the User's personal data (namely, the name, surname, denomination, email address, and telephone number) may also be processed by the Data Controller for marketing purposes (sending advertising material and commercial communication), so that the Data Controller can contact the User by email, telephone (landline and/or mobile, with the intervention of an operator), and/or SMS or Social Networks to promote the services offered by the Data Controller and present offers and commercial opportunities. In the event of consent, the User may revoke it at any time by making a request to the Data Controller using the methods indicated in paragraph 6 below.

The User may also easily oppose further promotional communications via email by clicking on the appropriate link for revoking consent, which is present in each promotional email. Once consent is revoked, the Data Controller will send the User an email confirming the revocation of consent. If the User wishes to revoke their consent to receive promotional communications via telephone while continuing to receive promotional communications via email, or vice versa, please send a request to the Data Controller using the methods indicated in paragraph 6 below.

3. Additional Processing Purposes: Profiling

No profiling activities are carried out.

4. Methods of Data Processing and Data Retention Period

The Data Controller will process Users' personal data using manual and IT tools, with logics strictly related to the purposes themselves and, in any case, to ensure the security and confidentiality of the data.

The personal data of the Users of the Website will be retained for the time strictly necessary to carry out the primary purposes outlined in paragraph 1 above or, in any case, as necessary for the protection of civil interests of both the Users and the Data Controller. In the case referred to in paragraph 2 above, the personal data of Users will be retained for the time strictly necessary to achieve the purposes outlined therein and, in any case, for no more than twenty-four (24) months.

5. Scope of Data Communication and Disclosure

Employees and/or collaborators of the Data Controller who are in charge of managing the Website and Users' requests may become aware of Users' personal data. These subjects, who have been instructed in this regard by the Data Controller in accordance with Article 29 of the Regulation, will process Users' data exclusively for the purposes indicated in this privacy notice and in compliance with the provisions of the Applicable Law.

Third parties who may process personal data on behalf of the Data Controller as "External Data Processors," such as, for example, providers of IT and logistic services functional to the operation of the Website, outsourcing or cloud computing service providers, professionals, and consultants, may also become aware of Users' personal data.

The personal data provided by users are not transferred to non-EU countries.

Users have the right to obtain a list of any data processors appointed by the Data Controller by making a request to the Data Controller using the methods indicated in paragraph 6 below.

6. Rights of the Data Subjects

Users may exercise their rights granted by the Applicable Law by contacting the Data Controller using the following methods:

  • Sending a registered letter with return receipt to the Data Controller's registered office at Sestiere San Marco 2861, 30124 Venice (VE);

  • Sending an email to: info@waterflower.eu

Pursuant to the Applicable Law, the Data Controller informs that Users have the right to obtain:

(i) the origin of personal data; (ii) the purposes and methods of processing; (iii) the logic applied in case of processing carried out with the aid of electronic tools; (iv) the identification details of the data controller and processors; (v) the subjects or categories of subjects to whom personal data may be communicated or who may become aware of it as processors or appointees.

Furthermore, Users have the right to obtain:

a. access to, update, rectification, or, when interested, integration of data; b. deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data that does not need to be retained for the purposes for which the data was collected or subsequently processed; c. certification that the operations mentioned in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data has been communicated or disseminated, except in the case where such fulfillment proves impossible or involves a manifestly disproportionate use of means compared to the right being protected.

In addition, Users have:

d. the right to withdraw consent at any time, if the processing is based on their consent; e. the right (where applicable) to data portability (the right to receive all personal data concerning them in a structured, commonly used, and machine-readable format), the right to limit the processing of personal data, and the right to erasure ("right to be forgotten"); f. the right to object:

  • in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection.

  • in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising material or commercial communication;

  • if personal data is processed for direct marketing purposes, at any time, to the processing of their data for such purpose;

g. if they believe that the processing concerning them violates the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State where they usually reside, work, or where the alleged violation occurred). The Italian Supervisory Authority is the Data Protection Authority, located at Piazza Venezia No. 11, 00187 - Rome (http://www.garanteprivacy.it/).

The Data Controller is not responsible for updating all the links viewable in this Notice; therefore, whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such link.

bottom of page