PRIVACY POLICY
pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)
​
This privacy policy is provided pursuant to Regulation (EU) 2016/679 (hereinafter the “Regulation” or “GDPR”) and describes how personal data of users who visit and use this website, accessible at www.jenia.it (hereinafter also the “Site”), is processed.In accordance with the European Regulation on the protection of personal data no. 679/2016 (GDPR), the collection and processing of data shall always comply with the principles of lawfulness, fairness and transparency.
When visiting the Site, data relating to the user accessing the site (defined as a “data subject” as an identified or identifiable natural person) may be processed.
A. DATA CONTROLLER
​
The Data Controller is Jenia Software S.r.l., represented by the legal representative pro tempore, VAT/Tax Code: 03279411205, with registered office at Via Isonzo n. 14/3 – 40033 Casalecchio di Reno (BO), Italy
e-mail: privacy@jenia.it
certified e-mail (PEC): jeniasoftwaresrl@pec.it (hereinafter the “Controller”).
B. DATA PROTECTION OFFICER (DPO)
The Data Protection Officer (DPO) is Francesca Fumana.For any matter relating to the protection of personal data, including the exercise of the rights recognised to the data subject by current legislation, please contact the Data Protection Officer at: avv.francescafumana@bolognaavvocati.it.
C. TYPES OF DATA COLLECTED, PURPOSES, LEGAL BASIS AND RETENTION PERIODS
1. Browsing Data
​
The computer systems and software procedures used to operate this Site automatically collect, during normal use, certain personal data of users of a technical nature (e.g. IP address, type of browser used, operating system, domain name, addresses of websites from which access or exit was made, information about pages visited, time of access and time spent on each page, etc.), the transmission of which is inherent to the normal functioning of the internet.
​
Purpose: such data may be processed solely to obtain anonymous statistical information about the use of the Site and/or to ensure its correct functioning.Retention: such data will be deleted immediately after processing.
​
Legal Basis: the processing is carried out on the basis of the legitimate interest of the Controller to make the Site accessible and ensure safe browsing (Art. 6(1)(f) GDPR).
2. Contact by e-mail or telephone
The voluntary, explicit and optional sending of communications by e-mail to the addresses indicated on this Site entails the subsequent acquisition of data communicated by the user, including their e-mail address, and consent to receive any reply messages to their requests.In this case, the provision of the e-mail address and any other data indicated is optional, but necessary to use the service and receive a response. Without such data, we will be unable to process the request.
Purpose: the personal data provided are used solely to respond to the requests submitted and are communicated to third parties only where necessary for that purpose.
Retention: data are retained for the period necessary to fulfil the request and in compliance with current legislation.
Legal Basis: the processing is carried out for the performance of a contractual or pre-contractual obligation assumed by the Controller (Art. 6(1)(b) GDPR).
3. Links to other websites
The Site may include hyperlinks to other websites. By clicking on one of these links, the user may be redirected to another website or Internet resource that may collect information about the user through cookies or other technologies.The Controller assumes no responsibility or authority over these other websites or Internet resources, nor over their collection, use and disclosure of the user’s personal data. Users should review the privacy statements of these other websites to determine whether they comply with applicable privacy legislation.
4. Social media links
The Site contains links to the Controller’s social media profiles (LinkedIn, YouTube). By clicking on these links, the user is redirected to the respective social network page. In such cases, the social media provider may collect data relating to the user’s visit in accordance with its own privacy policies.If the user is logged into their social media account when clicking on one of these links, the social media provider may associate the browsing information with their account. Users are therefore advised to consult the privacy policies of the relevant social networks.
5. Cookies
The Site is hosted on the WIX.com platform, which may use technical cookies necessary for the functioning of the site and analytical cookies for the collection of anonymous statistical data.For details on the cookies used and how to manage preferences, please refer to the cookie banner on the Site and to the WIX platform documentation available at: https://www.wix.com/about/privacy
D. DATA RECIPIENTS
The personal data collected are processed by the Controller’s staff, who act with proper authorisation and on the basis of specific instructions provided regarding the purposes and methods of processing.In addition, data processors appointed pursuant to Art. 28 GDPR or sub-processors engaged by the Controller for the provision of services may receive data collected through the use of the Site, within the limits of their respective mandates.In particular, the hosting platform of the Site is provided by WIX.com Ltd., appointed as data processor pursuant to Art. 28 GDPR.An updated list of data processors may be requested from the Controller using the contact details provided in Section A.
E. DATA TRANSFERS
The personal data of Site users are not transferred outside the European Economic Area.Should a transfer of data to third countries become necessary due to technical requirements related to the hosting platform (WIX.com), such transfer shall be carried out in compliance with the safeguards provided for in Chapter V of the GDPR (e.g. Standard Contractual Clauses approved by the European Commission or adequacy decisions).
F. RIGHTS OF DATA SUBJECTS
Data subjects – identified or identifiable natural persons to whom the data relate – may exercise the following specific rights regarding data protection:
a) right of access: the right to obtain confirmation from the Controller as to whether or not personal data is being processed and, where that is the case, access to the personal data and detailed information regarding the origin, purposes, categories of data processed, recipients of communication and/or transfer of data, and more;
​
b) right to rectification: the right to obtain from the Controller the rectification of inaccurate personal data without undue delay, as well as the completion of incomplete personal data;
c) right to erasure (“right to be forgotten”): the right to obtain from the Controller the erasure of personal data without undue delay where:
i. the data are no longer necessary for the purposes for which they were collected;
ii. the consent on which the processing is based has been withdrawn and there is no other legal basis for processing;
iii. the personal data have been unlawfully processed;
iv. the personal data must be erased to comply with a legal obligation;
​
d) right to object: the right to object at any time to the processing of personal data where the legal basis is the legitimate interest of the Controller;
​
e) right to restriction: the right to obtain from the Controller restriction of processing where the accuracy of the personal data is contested, where the processing is unlawful and/or the data subject has objected to the processing;
​
f) right to data portability: the right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another controller, where technically feasible, only where the processing is based on consent or a contract and is carried out by automated means;
​
g) right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or judicial remedy, the data subject who considers that the processing concerning them infringes the Regulation has the right to lodge a complaint with the supervisory authority of the Member State in which they habitually reside or work, or of the State where the alleged infringement occurred.
​
Rights may be exercised by contacting the Controller using the contact details indicated in Sections A and B:
Data Controller: privacy@jenia.it
DPO: avv.francescafumana@bolognaavvocati.it
​
​
This privacy policy was last updated on 09/03/2026.