SYSTHUB PRIVACY POLICY


SystHub collects some Personal Data concerning Users.


Data Controller

Fifthub s.r.l.
Vicolo del Carmine 3
43121 Parma (PR) - Italy
TAX ID/VAT no.: 02903900344
Share Capital paid-up: 20,000€ Chamber of Commerce of Parma, Italy
Email address of controller: fifthub@pec.it / info@fifthub.com


Types of Data Collected

The Personal Data collected by SystHub, directly or via third parties include:

  • Account Details - username, password, profile picture.
  • Contact Details - email address, phone number.
  • Location Details - physical address, billing address, time zone.
  • Identity Details - full name, proof of identity (e.g. drivers licence, passport), proof of address (e.g. utility bill), photograph of the User.
  • Financial Information - credit card details, wire transfer details, payment processor details (e.g. skrill, paypal), tax numbers.
  • User Generated Content - project descriptions and attachments, user profiles, user reviews, contest descriptions and attachment, user messages etc.

    We may also collect or process the following information:
  • Metadata - IP address, computer and connection information, referring web page, standard web log information, language settings, time zone, etc.
  • Device Information - device identifier, device type, device plugins, hardware capabilities, etc.
  • Location - GPS position.
  • Actions - pages viewed, buttons clicked, time spent viewing, search keywords, etc.

    Links to other sites
    On our website, you will encounter links to third party websites. These links may be from us, or they may appear as content generated by other Users. These linked sites are not under our control and therefore we are not liable for their actions. Before providing your personal information via any other website, we advise you to examine the terms and conditions for using that website and its privacy policy.
    Complete details on each type of data collected are provided in the privacy policy sections or through specific information messages displayed before data collection.
    Personal Data can be provided by the User, or in the case of Use data, they can be collected automatically while using SystHub.
    Unless otherwise specified, all the data requested by SystHub are mandatory. If the User refuses to provide such data, SystHub may be unable to supply the requested service. In cases where SystHub indicates that data provision is optional, Users may choose not to supply such data, with no consequences on the availability of the service or on its efficiency.
    Should you have any doubt regarding which information is mandatory, please contact the Data Controller.
    Unless otherwise specified, the use of cookies or other tracking tools by SystHub or by third party services used by SystHub is aimed at providing the service requested by the User, in addition to the purposes described in this document and in the Cookie Policy.
    The User takes responsibility for any Personal Data of third parties obtained, published or shared via SystHub and guarantees that he/she is entitled to communicate or disclose them, thus relieving the Controller from any third party liability.


    Data processing procedure and location

    Processing method
    The Data Controller implements the safeguards required to prevent unauthorised access, disclosure, change or destruction of Personal Data.
    Processing is carried out by means of IT and/or telematic tools, using organizational methods and logics strictly connected to the above-mentioned purposes. In addition to the Controller, Data may in some cases be accessed by other subjects involved in the organization of SystHub (administration, sales, marketing, legal system administration staff) or by external subjects (e.g. third party providers of technical services, mail carriers, hosting providers, IT companies, communication agencies) who may, if necessary, be appointed as Data Processors by the Controller. The updated list of Processors may always be requested to the Data Controller.
    Legal basis for processing
    The Data Controller processes Personal Data related to the User where one of the following conditions apply:
  • the User has given his/her consent to one or more the specific purposes; Note: in some judicial systems, the Data Controller may be entitled to process Personal Data without the consent of the User or another one of the legal bases specified below, unless the User opts out of such process. However, this may not apply if processing of Personal Data is regulated by European laws on Personal Data protection;
  • processing is necessary for the performance of a contract with the User and/or or in order to take steps prior to entering into a contract;
  • processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
  • processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
  • processing is necessary for the pursuit of a legitimate interest of the Data Controller or of third parties.
    However, it is always possible to ask the Data Controller to clarify the specific legal basis for each processing activity and in particular to specify whether the processing activity is based on the law, set forth in a contract or needed to close a contract.
    Location
    Data shall be processed at the operating offices of the Controller and at any other place where the parties involved in data processing are located. For further information, please contact the Controller.
    The User's Personal Data may be transferred to a country other than the one where the User is located. For further information on the location of processing, the User may refer to the section on details about the processing of Personal Data.
    The User is entitled to obtain information regarding the legal basis for transfer of Data outside the European Union or to an international organization under public international law or established by two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect Data.
    The User may check whether the above-described transfers take place by viewing the section of this document relating to details of Personal Data processing or request information from the Data Controller, using the contact details provided at the top.
    Retention period
    Data will be processed and retained for the period of time needed for the purposes for which they have been collected.
    Therefore:
  • Personal Data collected for purposes connected with the performance of a contract between the Data Controller and the User will be retained until the performance of said contract has been completed.
  • Personal Data collected for purposes linked to a legitimate interest of the Data Controller will be retained until such interest is fulfilled. The User may obtain further information on the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
  • Personal Data collected for purposes connected with the performance of a contract between the Data Controller and the User will be retained until the performance of said contract has been completed and the obligations thereunder have ceased.
  • The Personal Data collected will be retained throughout the period during which the User is registered with the service.
    When processing is based on the User's consent, the Data Controller may retain the Personal Data for longer until said consent is revoked. Moreover, the Data Controller may be obliged to retain the Personal Data for a longer period of time to comply with a legal obligation or by order of an authority.
    At the end of the retention period, the Personal Data will be erased. Therefore, upon expiry of said period, the right to access, erasure, rectification and data portability may no longer be exercised.


    Data processing purposes

    Users' data are collected to enable the Data Controller to provide its Services, as well as for the following purposes: Registration and authentication, Access to accounts on third party services, Processing payments, Statistics, Heat mapping and session recording, Display of contents from external platforms and Hosting and backend infrastructure.
    For further detailed information on the purpose of processing and on the Personal Data required for each purpose, the User may refer to the relevant sections of this document.


    Social media permission requested by SystHub

    SystHub may request Social media permissions to enable it to perform actions with the User's Social media account and to collect information from it, including Personal Data. This service enables SystHub to connect with the User's account on the various social networks after the User has provided his or her express consent.
    For further information on the permissions listed below, please refer to the documentation of the Social media that you have chosen to connect and to their privacy policy.
    The following permissions are needed:
    Basic information
    The basic information provided to the Social media on registration, which usually includes: ID, name, image, gender and localisation language and in some cases also its connections. If the User has made additional data available publicly, these will also be available.


    Details on Personal Data processing

    Personal Data are collected for the following purposes and using the following services:

    Access to third party services
    This type of service enables SystHub to pull Data from your accounts on third party services and to perform actions with them.
    These services are not activated automatically, but require the User's express consent.
    Processing payments
    Payment processing services enable SystHub to process payments by credit card, bank transfer or other transaction tools including those provided by third parties. The data used for payment are acquired directly by the provider of the requested payment service with no handling by SystHub.
    Some of these services could also enable the programmed dispatch of messages to the User, such as emails containing invoices or notices regarding payment.
    Heat mapping and session recording
    Heat Mapping services are used to identify which areas of a page are scrolled or clicked on in order to find out which ones attract most interest.
    Thanks to these services, traffic data can be monitored and analysed and the User’s behaviour can be tracked.
    Some of these services could record sessions and make them available for later viewing.
    Hosting and backend infrastructure
    The function of this type of services is to host data and files that enable SystHub to operate, allow its distribution and provide a ready-to-use infrastructure to perform specific functions of SystHub.
    Some of these services operate through servers located in different geographic locations, making it difficult to determine the exact place where your Personal Data are stored.
    Registration and authentication
    With registration and authentication, you authorise the Application to identify you and to give you access to dedicated services.
    In accordance with what is specified below, registration and authentication services may be provided with the assistance of third parties. If this is the case, this application may access some of the Data stored by the third party services used for registration and authentication.
    Direct registration (SystHub)
    Users register by filling in the registration form and providing their Personal Data directly to SystHub.
    Personal Data collected: fist name, last name, date of birth, address, personal information and various types of Data that the User intends to share.
    Indirect registration (Social media)
    Users register through their social media account.
    Personal Data collected in addition to those available on the social profile: fist name, last name, date of birth, address, personal information and various types of Data that the User intends to share.
    Statistics
    The services in this section make it possible for the Data Controller to monitor and analyse traffic data as well as keep track of the User’s behaviour.
    View contents from external platforms
    This type of service makes it possible to display contents hosted on external platforms directly from SystHub pages and to interact with them.
    If this type of service has been installed, traffic data relating to the pages where it is installed may be collected even if Users are not using the service.


    Additional information on Personal Data

    Contacting the User
    Mailing list or newsletter (SystHub)
    When registered with the Service, the User automatically subscribes to our mailing list or newsletter, i.e. a list of contacts to whom we may send email messages containing information, including of a commercial and promotional nature, relating to this or other Applications.
    You are free to revoke your consent to the processing described for the future in accordance with the method specified in each message received or through the privacy settings in your account.
    Managing contacts and sending messages
    This type of service makes it possible to manage a database of email contacts, telephone contacts or any other type of contacts, used to communicate with the User.
    These services may also enable the collection of data relating to the date and time the messages were viewed by the User, as well as to the User's interaction with them, such as information on clicking of links included in the messages.
    Moreover, the Data Controller may send messages to a User to notify receipt of messages, and in general all the notifications from other Users of SystHub.


    User's rights

    Users may exercise a number of rights relating to the Data processed by the Data Controller.
    Specifically, the User has the right to:
  • revoke consent at any time. The User may revoke his or her consent to processing of Personal Data expressed previously if not necessary for operation of the platform.
  • object to processing of his or her Personal Data. The User may object to processing of Personal Data when it takes place on a legal basis other than consent. Further details on the right to object are provided in the section below.
  • access Personal Data The User has the right to obtain information on the Data processed by the Data Controller, on given aspects of processing and to receive a copy of processed Data.
  • verify and request rectification. The User may verify the correctness of his or her Personal Data and request updating or rectification.
  • obtain restriction of processing. Under specific conditions, the User may request restriction of processing of their Data. In this case, the Data Controller will not process Data for any purpose other than its retention.
  • obtain erasure ore removal of Personal Data. Under specific conditions, the User may request erasure of his or her data by the Data Controller.
  • receive one's Data or have them transferred to another Data Controller. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have them transmitted to another controller without hindrance. This measure is applicable when Data are processed by means of automated instruments and processing is based on the User's consent, on a contract which the User is party to or on contractual measures associated to it.
  • lodge a complaint. The User may lodge a complaint with the competent data protection authority or engage in legal proceedings.
    Details on the right to object
    When Personal Data are processed in the public interest, in the exercise of official authority vested in the controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to processing for reasons connected with their specific situation.
    Users are informed that where their Data are processed for direct marketing purposes, they may object to processing without providing any reason. To find out whether the Data Controller is processing data with direct marketing purposes, Users may refer to the relevant sections of this document.
    How to exercise one's rights
    To exercise their rights, Users may send a request to the Data Controller's contacts provided in this document. Requests are lodged free of charge and processed by the Data Controller as soon as possible, and always within one month.


    Cookie Policy

    SystHub uses Cookies. To find out more and view policy details, please read our Cookie Policy.


    Further information on processing

    Defence in court
    The User’s Personal Data may be used for legal purposes by the Data Controller in court or in the stages leading to possible legal action arising from improper use of SystHub or associated services by the User.
    The User declares to be aware that the Controller may be required to disclose Personal Data upon the order of public authorities.
    Specific information
    Upon the User’s request, in addition to the information contained in this privacy policy, SystHub may give the User additional and contextual information regarding specific services or the collection and processing of Personal Data.
    System logs and maintenance
    For operation and maintenance purposes, SystHub and any third party services used by it may contain system logs, i.e. files recording interactions and that may contain Personal Data or metadata, such as the User’s IP address.
    Information not contained in this policy
    Additional information relating to data processing may be requested at any time from the Data Controller using the contact details provided.
    Response to "Do Not Track" requests
    SystHub does not support “Do Not Track” requests.
    To find out whether the third party services used support them, Users are advised to read their respective privacy policies.


    Changes to this privacy policy

    The Data Controller reserves the right to make changes to this privacy policy at any time; information will be provided to Users through this page and, if possible, on SystHub, if technically and legally feasible, by sending a notification to Users through one of the contact details provided to the Data Controller.
    Users are therefore advised to regularly check this page, which shows the date of the latest update at the bottom.
    If the changes relate to processing activities that require consent, the Data Controller will request the User's consent again, if necessary.


    Definitions and legal references:
    Personal Data (or Data)
    Personal Data is any information that makes it possible to directly or indirectly identify a physical person, also in connection with any other information, including a personal identification number.
    Use Data
    Information collected automatically through SystHub (including by third party applications integrated into SystHub), such as: IP addresses or domain names of the computers used by the User to connect with SystHub, URI (Uniform Resource Identifier) addresses, request time, method used to forward the request to the server, the size of the file obtained in response, numerical code indicating the server's response status (successful, error, etc.) country of origin, browser characteristics and operating system used by the visitor, the various time elements of the visit (e.g. time spent on each page) and details relating to the path followed inside the Application, with special reference to page browsing sequence, to parameters relating to the User's operating system and information environment.
    User or Member
    The individual using SystHub who, unless where otherwise specified, coincides with the data subject.
    Data subject
    The physical person to whom the Personal Data refer.
    Data Processor (or Processor)
    The natural or legal person, public authority and any other agency process personal data on behalf of the Data Controller in accordance with the provisions of this privacy policy.
    Data Controller (or Controller)
    The natural or legal person, public authority, service or other organization which, alone or jointly with others, determines the purposes and means of the processing of personal data, including security measures relating to the operation and use of SystHub. Except as otherwise provided, the Data Controller is the owner of SystHub.
    SystHub (or this Application or the Service or Website or Platform or Portal)
    The hardware or software tool used to collect and process the Users' Personal Data.
    Service
    The Service provided by SystHub as defined in the relevant terms (if any) of this website/application.
    Social media
    Online IT service that enables users to share text content, images, video and audio files and to interact with one another, such as, for example: Facebook, LinkedIn, Pinterest, Instagram, Twitter, YouTube, etc..
    European Union (or EU)
    Except as otherwise specified, every reference to the European Union made herein is meant as extended to all the current member states of the European Union and of the European Economic Area.
    Cookies
    Small piece of data stored on the User's device.
    Legal references
    This privacy policy was drafted in accordance with multiple legal systems, including articles 13 and 14 of Regulation (EU) 2016/679.
    Unless otherwise specified, this privacy policy regards exclusively SystHub.