Privacy Policy

INFORMATION PURSUANT TO REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL

Last update date: July 14, 2023

This information on the processing of personal data ("Information") contains information relating to the processing of your personal data by Hercle S.r.l. pursuant to and by effect of art. 13 of EU Regulation no. 2016/679 of the European Parliament and of the Council of 27 April 2016 (the "GDPR").

Hercle S.r.l (hereinafter also "Hercle" or "Data Controller" or even just the "Controller") respects your privacy and wants to help you understand how we collect, process and share your data.

Definitions used in this Notice

The definitions of the terms used in this Notice correspond to those contained in the GDPR to which reference should be made for completeness. In particular, pursuant to art. 4 GDPR, for the purposes of this Notice:

  • "Personal data": means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
  • "Processing": means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
  • "Controller": means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

1. CATEGORIES OF PERSONAL DATA PROCESSED

Hercle collects personal data that you provide when you complete the registration process on the website www.hercle.financial (the "Site"). You acknowledge that you have the legal authority to represent and bind the organization or entity for which you register and/or act on behalf of.

1.1 Data collected during registration or use of the Site

This data includes, but is not limited to, the following personal data:

  • Personal identification data, such as name, surname;
  • Contact details such as home address, telephone number, email address;
  • Company information, such as organization name and type and VAT/fiscal code;
  • Other information you choose to provide to Hercle, for instance through the contact form on the Site.

1.2 Connection data

Each time you visit our Site, some data is automatically collected. This data includes:

  • Technical information including IP address, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
  • Information about your visit, including the URL clickstream to, through and from our Site, products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.

2. VERIFICATION OF YOUR IDENTITY

To comply with our regulatory requirements, we are obliged to verify your identity when you register with Hercle. The verification may include ID documents and address verification documents. The data collected through identity verification serves to comply with Anti-Money Laundering (AML) regulations and Know Your Customer (KYC) requirements.

3. LEGAL BASIS FOR PROCESSING

Hercle processes your personal data on the following legal bases:

  • Processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract (Art. 6(1)(b) GDPR);
  • Processing is necessary for compliance with a legal obligation to which Hercle is subject, such as AML and KYC requirements (Art. 6(1)(c) GDPR);
  • Processing is necessary for the purposes of the legitimate interests pursued by Hercle or by a third party, such as ensuring network and information security, preventing fraud, and direct marketing (Art. 6(1)(f) GDPR);
  • You have given consent to the processing of your personal data for one or more specific purposes, such as receiving marketing communications (Art. 6(1)(a) GDPR).

4. PROVISION OF DATA AND CONSEQUENCES OF REFUSAL

The provision of your personal data is voluntary. However, failure to provide certain data may make it impossible for Hercle to provide you with the requested services or to fulfill legal obligations.

5. PROCESSING METHODS AND SECURITY MEASURES

Your personal data is processed both electronically and on paper. Hercle implements appropriate security measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. These measures include encryption, access controls, and regular security assessments.

6. RETENTION PERIOD

Hercle will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. In general, Hercle will keep your data for:

  • Account data: For the duration of your relationship with Hercle and for a period of 10 years after the termination of the relationship to comply with legal obligations;
  • Transaction data: For a period of 10 years after the execution of the transaction to comply with legal obligations;
  • Communications data: For a period of 2 years after the last communication;
  • Marketing data: Until you withdraw your consent or for a period of 2 years from the last interaction.

7. NEWSLETTER AND MARKETING COMMUNICATIONS

If you consent, Hercle may send you newsletters, commercial communications, or promotional material via email. You can withdraw your consent at any time by following the unsubscribe instructions in each communication or by contacting Hercle directly.

8. PROFILING AND AUTOMATED DECISION-MAKING

Hercle does not use your personal data for profiling purposes or for automated decision-making that produces legal effects or significantly affects you.

9. RECIPIENTS OF PERSONAL DATA

Your personal data may be shared with the following categories of recipients:

  • Hercle employees and collaborators who need to access the data to perform their duties;
  • Third-party service providers, such as IT service providers, cloud service providers, customer support services, and payment processors;
  • Professional advisers, such as lawyers, auditors, and consultants;
  • Public authorities, regulatory bodies, or other third parties when required by law or regulation.

Hercle requires all third parties to respect the security of your personal data and to treat it in accordance with the law.

10. TRANSFER OF PERSONAL DATA OUTSIDE THE EEA

Hercle may transfer your personal data to countries outside the European Economic Area (EEA). When transferring data outside the EEA, Hercle ensures that appropriate safeguards are in place, such as:

  • Standard contractual clauses approved by the European Commission;
  • Adequacy decisions issued by the European Commission;
  • Binding corporate rules.

11. COOKIES

Hercle uses cookies and similar technologies on its Site. Cookies are small text files that are stored on your device when you visit a website. For more information on the cookies we use and how to manage your cookie preferences, please see our Cookie Policy.

12. YOUR RIGHTS

Under the GDPR, you have the following rights:

  • Right of access: You have the right to obtain confirmation as to whether your personal data is being processed and, where that is the case, access to the personal data;
  • Right to rectification: You have the right to obtain the rectification of inaccurate personal data concerning you;
  • Right to erasure: You have the right to obtain the erasure of your personal data in certain circumstances;
  • Right to restriction of processing: You have the right to obtain the restriction of processing in certain circumstances;
  • Right to data portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format;
  • Right to object: You have the right to object to the processing of your personal data in certain circumstances;
  • Right not to be subject to automated decision-making: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you;
  • Right to withdraw consent: If the processing is based on your consent, you have the right to withdraw your consent at any time.

To exercise any of these rights, please contact the Data Controller at the details provided below.

13. DATA CONTROLLER

The Data Controller is Hercle S.r.l., with registered office at Via Andrea Solari 19, Milano (MI), 20144, VAT no. 10942550962, email: info@hercle.financial.

14. DATA PROTECTION OFFICER

Hercle has appointed a Data Protection Officer (DPO) who can be contacted at dpo@hercle.financial.

15. RIGHT TO LODGE A COMPLAINT

If you believe that the processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement.

16. CHANGES TO THIS NOTICE

Hercle may update this Notice from time to time. Any changes will be posted on the Site, and, where appropriate, notified to you by email. We encourage you to periodically review this Notice to stay informed about how we are protecting your personal data.