Privacy Policy

FOREWORD

The purpose of this Privacy Policy is to describe how EnsMasters manages and processes the personal data of users visiting this website.

This information has been prepared in accordance with:

Legislative Decree No. 196/2003 (Personal Data Protection Code), updated and amended by Legislative Decree No. 101/2018;
European Regulation No. 679/2016 (GDPR – General Data Protection Regulation).
The information is drafted to inform users interacting with the web services provided by the ensmasters.com website.

The information is also based on Recommendation no. 2/2001 that the European authorities for the protection of personal data, brought together in the Group established by art. 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.

DEFINITIONS

Personal Data

Personal data is information that directly or indirectly identifies a natural person (such as: name, surname, email, telephone number).

User

For the purposes of this policy, “user” is defined as the natural person browsing and using this Site.

When browsing this Site, a notice will appear asking the user to authorise the tracking of his/her “cookies”.

By authorising the tracking of “cookies”, the user’s usage data will be anonymised (“anonymised cookies”) and will not allow this Website to directly identify the user.

Data subject

If the user visiting this Website authorises the processing of his or her personal data (by filling in a contact form), he or she will be referred to as a “data subject”, i.e. the person to whom the personal data refers.

Usage Data

This is the information that this site collects automatically without directly identifying users.

In particular, the following constitute usage data of this site

IP addresses or domain names of the computers used by the user who connects with this Site;
the addresses in URI (Uniform Resource Identifier) notation;
the time of the user’s request
the method used to submit the request to the server;
the user’s country of origin;
the characteristics of the browser and operating system used by the user;
the time duration of the user’s visit to the pages of this site
the user’s visit path within the Site, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s IT environment.
Data Controller

The natural or legal person who decides how the personal data of the data subjects will be used. The data controller determines how the Users’ personal data shall be used and guarantees its protection together with the Data Protection Officer (DPO).

Data Protection Officer (DPO)

The natural or legal person who ensures the protection of users’ personal data, through the adoption of technical preventive measures and also through the adoption of internal codes of conduct.

Data Processor (or Processor)

The natural or legal person who is authorised by the Data Controller to process the Personal Data of data subjects.

This Site

All the web pages of the site https://ensmasters.com/ that contain information and informative content.

Fragment of code that collects data within the device used by the user for navigation.

DATA CONTROLLER AND DATA PROTECTION OFFICER

The data controller of this site is ensmasters. Its contact details are:

email: info@ensmasters.com.
The data controllers of this site are (in the process of being updated).

REGULATORY SOURCES

COMPLIANCE WITH EU REGULATION 679/2016 – GDPR (GENERAL DATA PROTECTION REGULATION)

This Privacy Policy complies with the EU Regulation No. 679/2016 better known as “GDPR” (General Data Protection Regulation).

This website and the data controller comply with consideration No. 82 and No. 83 of the EU European Regulation No. 679/2016 better known as “GDPR” (General Data Protection Regulation).

This website and the data controller, in accordance with the provisions of Article 30, paragraph no. 1 of the EU European Regulation No. 679/2016,,have created the “Register of Processing Activities”.

This website and the data controller, in accordance with the provisions of Article 30, paragraph no. 1, of EU European Regulation No. 679/2016,,have created the “Register of Processing Activities”.

The “Register of Processing Activities” has the requirements set out in Article 30(1) (letters: a, b, c, d, e, f, g) of EU Regulation No. 679/2016.

Pursuant to Article 30, paragraph no. 3 of EU European Regulation No. 679/2016, the “Register of Processing Activities” shall be kept in electronic format.

The “Register of Processing Activities” in electronic format is kept in encrypted management software that is not accessible by users and third parties.

In the event of a request for access by the competent authorities, this website and the data controller, in accordance with the provisions of Article 30(4) of EU Regulation No. 679/2016, will make the register available to the supervisory authority.

This website and the data controller have put in place appropriate technical and organisational measures to ensure a level of security appropriate to the risk in accordance with the provisions of Article 32, paragraph no. 1 (letters: a, b, c, d, e, f, g) of EU European Regulation No. 679/2016.

WE THEREFORE INVITE YOU TO READ OUR PRIVACY POLICY, SET OUT BELOW

Scope of data communication

The personal data provided may be communicated to third parties in order to comply with legal obligations, in execution of orders from public authorities legitimated to do so, or to assert or defend a right in court.

Type of data processed and purpose of processing

Navigation data:

The computer systems and software procedures used to operate this site acquire, during normal operation, some personal data that are then implicitly transmitted when using Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation, and is deleted immediately after processing.

Data provided voluntarily by users/visitors:

If users/visitors connecting to this website send their personal data in order to access certain services, or to make requests by e-mail, this entails the acquisition by the data controller of the sender’s address and/or any other personal data that will be processed exclusively for the purpose of responding to the request, or for the provision of the service.

The personal data provided by users/visitors will be communicated to third parties only in the event that such communication is necessary in order to fulfil the users/visitors’ requests.

Processing methods and data retention period

Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected.

For newsletter subscribers: as soon as the user unsubscribes from the newsletter, the personal data are completely deleted from our management system.

For our customers: as soon as the consulting relationship with the customer is terminated, personal data is stored for a period of 1 month.

After the 1 month period has elapsed, the personal data of former clients or employees are permanently deleted.

Security measures for data retention

This site observes specific security measures to prevent data loss, illicit or incorrect use and unauthorised access.

In order to ensure that data is stored in conditions of maximum security, this site uses software with encrypted technology, with double authentication on access.

This system prevents access to unauthorised persons and prevents the data collected from being read.

Optional provision of data

Apart from that specified for navigation data, users/visitors are free to provide their personal data. Failure to provide them may only result in the impossibility of obtaining what has been requested.

Place of data processing

The processing operations connected to the web services of the above-mentioned site take place either at the premises of ensmasters, or at the premises of the company hosting and/or managing the web site, and are carried out only by technical personnel of the Office in charge of processing, or by persons in charge of occasional maintenance operations.

No data deriving from the web service is communicated or disseminated. The personal data provided by users who request dispatch of informative material are used for the sole purpose of performing the service or provision requested and are communicated to third parties only if necessary for that purpose.

Rights of data subjects

The subjects to whom the personal data refer (also defined as “interested parties”) have the right at any time to obtain confirmation of the existence or non-existence of such data and to know its content and origin, verify its accuracy or request its supplementation or update, or correction.

Pursuant to the GDPR, the interested party has the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, their processing.

Persons to whom the personal data refer have the right to:

Withdraw consent to the processing;
Obtain confirmation or otherwise of the existence of data concerning their person;
Know to whom their data is transmitted;
Obtain the rectification, cancellation, integration of their data;
To lodge a complaint with the Garante della Privacy;
Knowing whether the data is subject to profiling;
Transfer your data to another provider (right of portability).
If you wish to request more information on the processing of your data or if you wish to exercise any of the above rights, you can send an email to the following address: info@ensmasters.com.

On what legal basis we process your data

When we process your personal data for the purposes set out in this Policy we rely on one or more of the following legal bases:

Consent: we ask for your consent to use your data, to update you about our content, to send you information about our services and for profiling (i.e. to analyse the interests and behaviour of visitors to our site and to improve our marketing campaigns).
Contractual scope: when you enter into a contract of any kind with us your personal data will be processed for the purposes of the service you have purchased.
Legal obligations: when strictly necessary, we will process your personal data to comply with a legal obligation, an order imposed by a supervisory authority, a binding tax assessment.

COOKIES POLICY

What are cookies?

Cookies are pieces of information that a server can send to your PC, smartphone or tablet when you visit a website or use a social network. The same server that sent them can then read and record the cookies that are on your PC, smartphone or tablet in order to obtain various types of information.

Cookies have different functions: in many cases they are useful because they make browsing easier and faster, as is the case with technical cookies, used for example to save language preferences or a shopping cart. In other cases, cookies are used to monitor users while they are browsing; so-called profiling cookies record information about what you buy or might want to buy, analysing your reading, your hobbies, your travels, to personalise the advertising that is shown to you when you open your email or browse on a social network. Then there are third-party cookies, i.e. information that is recorded by sites other than those you have visited and that is used for profiling purposes.

Further information can be found on the Privacy Guarantor’s website.

We would like to remind you that, by proceeding with navigation on this site or by clicking on the OK and X buttons on the short information banner, you declare that you have read and accepted the privacy policy and the cookies policy and therefore consent to the use of cookies on this site.

Types of cookies we use

Two types of cookies may be used on the site: session cookies and persistent cookies:

Session cookies’ are temporary cookies that remain on your device until you leave the site.
A ‘persistent cookie’ remains on your device for longer or until you delete it manually.
Cookies used by our site

Technical cookies

Technical cookies are those whose use does not require the user’s consent. These cookies are essential to enable you to browse a website and use all of its features. Without these cookies, which are absolutely necessary, a website could not provide certain services or functions and navigation would not be as smooth and easy as it should be. A cookie of this type is also used to store a user’s decision to use cookies on the website. Other technical cookies are those that allow, for example, the saving of language or shopping cart preferences.

WordPress cookies

This website has been developed on the wordpress platform, and therefore uses cookies implemented by this platform. The cookies stored concern those who have registered an account on the wordpress blog and those who comment on articles.

The cookies used by wordpress are:

wordpress_[hash]
wordpress_logged_in_[hash]
wp-settings- {time}-[UID]
cookie_notice_accepted (this is the cookie used to store a user’s decision to use cookies on the website)
All these cookies are persistent and are issued to ensure a better browsing experience on this site.

Profiling cookies

This website makes use of cookies of this type. Advertising cookies are installed to show site visitors content related to their preferences. They can therefore be used to show advertising content targeted to the person’s interests. Cookies of this type work in conjunction with third party sites and can track past browsing on pages on different domains. Cookies of this type usually track the user’s IP address as well as other information, some of which may be personal.

Third party cookies

These cookies are used to collect information about the use of the site made by users in an anonymous form such as: pages visited, time spent, traffic origins, geographical origin, age, gender and interests for statistical purposes and marketing campaigns. These cookies are sent from third-party domains outside the site.

Google analytics cookie with anonymised IP

Our pages use third-party performance cookies from Google Analytics with an anonymised IP (a service provided by Google, Inc.) to enable us to anonymously collect and examine visitor behaviour while using the site and to improve the site’s usability and user experience. They are defined as anonymous in that they cannot be used to identify specific individuals.

Through the use of the Google Analytics panel, it is possible for us to understand whether visits have been made by new or returning visitors by verifying how pages are navigated (entry links, exit links, movement between pages, dwell times, geographical origin, etc.).

Further information on Google Analytics can be found at:

https://www.google.it/policies/privacy/partners/

https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

It is possible to disable Google Analytics through the tools provided by Google. For information on this, please consult the site

https://tools.google.com/dlpage/gaoptout

The cookies used by Google Analytics are:

_ga (persistent – 2 years)
_utma (persistent – 2 years)
__utmb (session)
__utmt (session)
__utmz (session)
_gat (persistent – 10 minutes)
How to control or delete cookies

Most browsers are configured to accept, control or possibly disable cookies through their settings. For more information on cookie management please visit the appropriate links:

Internet explorer
Chrome / windows phone
Safari / IOS
Firefox
For more information on cookies and to manage your cookie preferences (first and/or third party) you can also visit www.youronlinechoices.com.

Social network buttons and widgets

To ensure that the content of a site can be shared on social networks by visitors to the site, it is possible to integrate tools (widgets) provided by the social networks themselves into the pages.

These tools (usually blocks of code inserted in the pages of the host site) may collect third-party cookies installed by social networks (e.g. Facebook, Twitter, YouTube, etc.); the site does not share any information with such widgets.

For more information about cookies from the main social networks, please visit these sites:

Facebook privacy
Instagram privacy
Youtube privacy
Twitter privacy
Privacy LinkedIn
Pinterest Privacy
Whatsapp privacy
Telegram Privacy
Consent to the use of cookies
Please note that if you do not consent to the use of cookies and decide to disable the cookies we use, this may affect your user experience while visiting our site (preventing you from seeing certain parts or web pages).

SECURITY PROTOCOLS

This website uses the “https” (Hypertext Transfer Protocol Secure) secure communication protocol.

The ‘https’ protocol is used to ensure secure communication between two computer devices connected to the Internet.

So if you fill in one of the contact forms on our site, your message will be transmitted within an encrypted connection, using asymmetric encryption (thanks to the TLS – Transport Layer Security and SSL – Secure Sockets Layer protocols).

The ‘https’ protocol guarantees

– the authentication of the website visited;

– the protection of privacy (confidentiality or privacy);

– the integrity of the data exchanged between the communicating parties.

We use the ‘https’ protocol to protect your data through bi-directional encryption of communications between a client and a server.

This allows us to protect your data from possible eavesdropping operations:

– eavesdropping à action by which the private conversation between the parties is secretly intercepted without their consent;

– opertampering à literally ‘communication tampering or alteration’, an action by which the contents of a web communication are falsified.

In practice, the ‘https’ protocol guarantees that

– the user is communicating exactly with the intended website (as opposed to a fake site);

– the contents of communications between the user and the website cannot be intercepted or altered by third parties.

PROFILING AND MARKETING ACTIVITIES

Ensmasters, through this website, carries out marketing and profiling activities.

Marketing and profiling activities are carried out only in respect of persons who have given their consent to the processing of their personal data.

The purpose of marketing activities is to make ensmasters services and content known to interested persons who have given their consent to data processing.

Profiling activities are carried out in order to measure the results of marketing campaigns; these activities consist of collecting and processing the data of users interested in a service in order to divide them into groups based on their behaviour.

In order to carry out marketing and profiling activities, ensmasters uses the following tools.

Facebook Pixel

This website uses a script named “Facebook Pixel”.

We use this tool to collect statistical data to enable us to measure the effectiveness of paid advertising.

Thanks to the Facebook Pixel, we can understand the actions that people perform on our website. The data we collect is used to:

Ensure that advertisements are shown to the right people;
Create audience groups to which advertisements are targeted;
Take advantage of the additional advertising tools of the platform on which we advertise.
We use the Facebook Pixel to perform ‘remarketing’ and ‘retargeting’ activities; through these activities we use the cookies you leave on our site, without identifying you. In this way, your browsing data is not linked to your identity and personal data.

The data collected through the Facebook Pixel is only used by us and by external professionals who support us in our online marketing and advertising activities.

Linkedin Insight Tag

This website uses a script named “Linkedin Insight Tag”.

The LinkedIn Insight Tag is a code snippet, in lightweight ‘JavaScript’ language, that adds a cookie to the users browser each time they visit the site.

With this tool we can record when a Linkedin member performs a certain action on our website (such as booking a service or leaving an email).

We use this tool to collect statistical data that allows us to measure the effectiveness of paid advertising.

Thanks to the Linkedin Insight Tag, we can understand the actions people take on our website. The data we collect is used to:

Ensure that advertisements are shown to the right people;
Create audience groups to target advertisements;
Take advantage of the additional advertising tools of the platform on which we advertise.
We use the Linkedin Insight Tag to carry out remarketing and retargeting activities; through these activities we use the cookies you leave on our site, without identifying you. In this way, your browsing data is not linked to your identity and personal data.

The data collected through the Linkedin Insight Tag is only used by us and by external professionals who support us in our online marketing and advertising activities.

TikTok Pixel

This website uses a script named “TikTok’s Pixel”.
We use this tool to collect statistical data that allow us to measure the effectiveness of paid advertising on the social network named “TikTok”.

Thanks to the TikTok Pixel we can understand the actions that people, who have a TikTok account, perform on our website.
The data we collect is used to:

Ensure that advertisements are shown to the right people;
Create audience groups to target advertisements;
Take advantage of the additional advertising tools of the platform on which we advertise.
We use the TikTok Pixel to carry out ‘remarketing’ and ‘retargeting’ activities; through these activities we use the cookies you leave on our site, without identifying you.

In this way your browsing data is not linked to your identity and personal data.
The data collected through the TitkTok Pixel is only used by us and by external professionals who support us in our online marketing and advertising activities.

If you have a TikTok account, we do not collect any personal data that you have entered on TikTok.
After an advertising campaign on TikTok we analyse some statistical data, which is processed by the TikTok platform for advertisers.

In this way we study the way TikTok users interact with our advertising content, without directly identifying the ad recipients and without processing their personal data entered into the platform.

Newsletters and email marketing software

If you decide to subscribe to our newsletter we will ask you to enter your personal data (first name, last name, email) into a contact form.

We will use your personal data to send you emails that will update you on our content (blog articles, videos, etc.).

If you opt-in to receive ‘updates on our services’, we will use your details to send you emails explaining whether our services may be useful to you.

When you enter your data in the contact form, the data will end up in an ’email marketing’ software called Active Campaign.

Access to the Active Campaign software is covered by end-to-end encryption; we use a double authentication procedure to access the software; this prevents third parties from accessing the data in our account.

The data collected on Active Campaign is only accessed by us and external professionals who support us in our email marketing activities.

You can choose to unsubscribe from our newsletter at any time; to unsubscribe you can click on a specific button that you will find within our emails.

After you have clicked on the unsubscribe button your data will be deleted immediately from the ’email marketing’ software.

Messenger BOT

To manage our newsletter, the publication of our content and the communication of our commercial offers, we use a chatbot within the Facebook messaging application called ‘Messenger’.

You can choose to receive our communications, either by e-mail to your e-mail address or by subscribing to our Messenger BOT.

Our Messenger BOT collects your personal data entered on Facebook (first name, last name, email) and uses it to send you messages in the Facebook messaging application named “Messenger”.

We will use your personal data to send you chat messages that will contain updates about our content (Blog articles; Podcast episodes; videos; communications about our services).

When you agree to subscribe to our Messenger BOT your personal data entered on Facebook (first name, last name, email) will end up in an external software called ManyChat.

Access to the ManyChat software is covered by end-to-end encryption.

We use a double authentication procedure to access the software; this prevents third parties from accessing the data in our account.

The data collected on ManyChat is only accessed by us and external professionals who support us in our Messenger marketing activities.

You can choose at any time to unsubscribe from our Messenger Bot; to unsubscribe you can click on a specific button that you will find within our chat messages.

After clicking on the unsubscribe button your data will be deleted immediately by the ManyChat software.

SERVICES

In this section we will explain how we use your data if you request one of our services.

Ensmasters services

When you request one of ensmasters’ services, we use the data you have entered in the contact form to respond to your requests and to provide you with the service you have chosen.

To protect your data, we adopt predefined processing procedures and follow an internal code of conduct; in this way we protect your data securely.

In processing your data we may use:

– cloud storage tools, applications or services;

– e-mail tools, applications or services;

– data transfer tools, applications or services such as Wetransfer.

These activities may involve the transfer of data to servers located outside the European Union, independently of our will.

To carry out our services, we use the following software: Gmail, Google Drive, Google Calendar, Evernote, Dropbox, Slack, Zapier.

We invite you to consult the privacy policy of these programmes by clicking on these pages:

Gmail
Google Drive
Google Calendar
Google Privacy Policy
Active Campaign
Dropbox
Slack
Zapier
Typeform
Basecamp
Cloud Invoices
If you request one of ensmasters’ services your personal data will only be disclosed to third parties when it is necessary for the processing of your file.

The parties to whom we may disclose your personal data are:

Internal staff and collaborators who will be assigned to process your project;
External web agencies that will collaborate with us for the processing of your project;
External professionals who will be appointed to process your project;
External accounting professionals who will collaborate with us for the accounting management of our company;
Public administrations (if it is necessary to contact them for the processing of your project).