We can’t change the current legal system yet. But we can do our best to humanize our own privacy policy with these simple-to-read highlights.
Sharing Personal Data with us is entirely up to you.
In this privacy policy we will explain how we handle your personal data when you visit our website, contact us through our official social media pages or email, and/or use our services.
By law, you don’t have to provide us with any Personal Data, but if you do, you can withdraw your consent at any time, and we will remove your account and all Personal Data associated with it.
How do we use your Personal Data?
We use your Personal Data for three reasons: 1) to provide you with our services; 2) to ensure that our services are working properly; 3) where there is a legal obligation imposed on us, or to protect legal rights.
We do not sell, trade or rent your Personal Data.
We will never sell, trade or rent your Personal Data, for any purpose. We only share Personal Data with third parties in connection with the provision of the services to our users, for example, cloud environment, customer support, and web analytics. We may disclose your Personal Data only to legal persons, public authority, agencies, or other third parties, who either work with us or are connected to Better Mood. We will ensure the proper safety and correct use of your Personal Data at all times. We will only disclose your Personal Data to public bodies or judicial authorities only when required by law.
Do we use Cookies?
Cookies are small files that a web server sends to your device when you browse online.
Your device removes session cookies when you close your browser session. Persistent cookies last for longer periods. You can view the expiry date of each cookie, through your browser settings.
We use both types. We use persistent cookies to remember your log-in details and make it easier for you to log-in the next time you access our website and application. We use this type of cookies and session cookies for additional purposes, such as operating, protecting, and improving the website and our services, their content and how we offer them or for auditing and tracking usage statistics and traffic flow to facilitate the use of our services’ features and tools.
Every browser allows you to manage your cookies preferences. You can block or remove certain cookies, or all of them through your browser settings. Please bear in mind that blocking or removing cookies will have an effect on your user experience with our service. For example, you will need to re-enter your log-in details, or even prevent you from using features of the service.
How long do we store and process your Personal Data?
We retain your Personal Data for as long as you are a user of our services. This information is needed to provide a custom experience and the best solution for your situation. If you decide to delete your account, or we need to remove your account, we will delete your Personal Data. In some rare cases we may need to retain certain details for longer periods of time to comply with legal, tax, and accounting requirements.
Children under the age of 18 are not permitted to use our services.
If you are under 18 years old, we will need your parents’ or guardian’s consent. We’re sorry, but if you are under 18, you’ll have to wait a little longer to use our service without their approval.
We secure your personal data.
We treat your Personal Data as we treat our own data – with great care. We invest resources, deploy measures, and follow procedures to provide a safe and secure environment for your Personal Data.
If you’re actually reading our whole privacy policy, we’re impressed. You’re basically a unicorn. Seriously, consider buying a lottery ticket. But jokes aside, give it a read—it’s important stuff about how we handle your Personal Data.
Enjoy!
Terms and definitions
According to European Regulations 2016/679 art. 14
Better Mood is the tutelage of its real and/or potential customers’ and users’ personal data.
Through this document (hereinafter, the “Policy Privacy”), we intend to renew our task, in order to guarantee that the processing of personal data, which can be made through any procedure (both automated and manual), is compliant with the tutelages and the rights recognized by the Regulation (UE) 2016/679 (hereinafter, the “GDPR” or “Regulation”) and by the further applicable rules on protection of personal data.
With the expression personal data we refer to the definition included in Article 4 (1) of the Regulation, which states that: (i) “any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (hereinafter, “Personal Data”).
The Regulation establishes that, before proceeding to this processing – with this expression we refer to the definition included in Article 4 (2) of the Regulation, which says that: “any operation or set of operations, which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction ” (hereinafter, the “Processing”) – of Personal Data, it is necessary to inform the owner of the data about the reason why they are requested and the way, in which they will be used.
In this regard the purpose of this Policy Privacy – written basing on the principle of transparency and on all the elements requested by Article 14 of the Regulation – is to provide you, through a simple and intuitive manner, with all the useful and necessary information, which allow you to give consciously your personal data and to ask and obtain any explanation and/or correction in every moment.
Data controller
Better Mood is the company, which will process your Personal Data according to the main purposes explained in section B of this Policy Privacy, and which will have the role of the data controller according to the related definition included in Article 4(7) of the Regulation, which declares that:
“The natural or legal person, public authority, agency other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and the means of such processing are determined by Union or Member State law, the Controller or the specific criteria for its nomination may be provided for by Union or Member State law” (hereinafter, the “Data Controller”).
Data collections
The Data Controller has to collect some of your Personal Data in order to (i) to perform our duties and obligations to you under the contract between us, including to provide you with our services and/or (ii) reply to your information requests which come from the contact forms and/or (iii) consent your registration to receive requested services and/or (iv) consent your registration to participate in survey and/or (v) consent your registration to share your results on social medias and/or (vi) to provide, manage, and control our services to you, including to maintain contact with you and to provide you with customer service and support.
The Processing of your Personal Data will be managed by the Data Controller who will let you purchase the services, receive the newsletter, send information requests, share your results in social media accounts.
The Processing of your Personal Data will legally base on the contractual relationship that will occur between the Data Controller and you, after you have agreed with the condition of participation you find in the website (see Article 6, Paragraph 1, B of the Regulation).
Personal Data requested, will be those reported in the questionnaire and contact form: name or nickname, surname, e-mail address, age, gender.
Finally, data related to your health conditions may also be requested for the “prevention” purposes, explained in the subsequent Section C of this Policy Privacy.
Additional purposes
In addition to the purposes explained in Section B, your Personal Data may be processed for the following and further purposes:
Prevention: this term means the will Better Mood to protect your health, more than your privacy. For this reason, before proceeding with the purchase, you will be subjected to a questionnaire through which you will be asked for your personal data belonging to – according to the dictate of Article 9 of the Regulation – “specific” categories, in order to verify whether your health conditions are compatible with our recovery plan.
Direct marketing: this term refers to the will of Better Mood to carry out promotional and / or marketing activities for you and for your interest, in order to provide you with a better service and to promote products and services of your interest, which are sold and / or provided by Better Mood.
Profiling: this term refers to any form of automated processing of personal data, which consists in the use of such personal data, in order to evaluate certain personal aspects related to a natural person, and in particular, in order to analyze or predict aspects concerning the professional performance, the economic situation, health, personal preferences, interests, reliability, behavior, location or movement of that natural person.
Transfer of data to third parties: this term refers to the transmission of data collected by the Data Controller to third parties, in order to receive direct communications for marketing purposes from such third parties.
In regard of the purposes of prevention – point i. –, the processing of your Personal Data will take place only after your expressed, free and aware consent, marking the appropriate box at the bottom of the form for the collection of the data.
In regard of the purpose of direct marketing – point ii. –, it should be underlined that, according to Article 6, paragraph 1 (f) of the Regulation, Better Mood may carry out this activity basing on its legitimate interest and regardless of your consent, unless you oppose to such processing or you limit it (according to Section G letter d. of this Policy Privacy). This is better explained in the “Whereas” (47) of the Regulation: “the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest”. This will also be possible following the assessments made by the Data Controller regarding the possible prevalence of your interests, fundamental rights and freedoms that require the protection of Personal Data on your legitimate interest in sending direct marketing communications.
Transfer of personal data
Your Personal Data may be disclosed to specific subjects, who are considered recipients of such Personal Data.
Indeed, Article. 4 (9) of the Regulation defines the recipient of a Personal Data: “a natural or legal person, public authority, agency or another body to which the personal data are disclosed whether a third party or not” (hereafter, the “Recipient“).
In this regard and in order to carry out in the correct way all the activities of Processing, which are necessary in order to pursue the purposes examined in this Policy Privacy, the following Recipients may process your Personal Data:
Third parties who carry out part of the activities of Processing, or such activities which are connected with them on behalf of the Data Controller. Anyone of these subjects has been individually appointed as data processor, according to Article 4 (8) of the Regulation, which includes “natural or legal person, public authority, agency or other body which processes personal data on behalf of the Data Controller” (hereinafter, the “Data Processor”).
Natural persons, employees and / or collaborators of the Data Controller, who have been entrusted with specific and / or more processing activities on your Personal Data. Such persons have been given specific instructions about the safety and the correct use of Personal Data and are defined, according to Article 4 (10) of the Regulation: “persons, who under the direct authority of the controller or processor are authorized to process personal data” (hereinafter, the “Authorized Persons“).
If required by law or in order to prevent or suppress the commission of a crime, your Personal Data may be disclosed to public bodies or judicial authorities, without being defined as Recipient. Indeed, Article 4 (9) of the Regulation affirms: “public authorities which may receive Personal Data in the framework of a particular inquiry in accordance with Union or the Member States law shall not be regarded as Recipients”.
Use of cookies
In the website we use cookies of three main types, for the following purposes:
Required cookies – used to ensure proper performance of the website, security of customers and their data, provision of high-quality services;
Functional cookies – used to enhance the website user experience, analyze the use of the system and in accordance to such improve the provision of services;
Advertising cookies – used to observer user online behavior and optimize marketing campaigns according to such information.
Our service providers use cookies and those cookies may be stored on your computer or other devices when you visit our website.
What we use cookies for:
Google Analytics cookies to observe our website traffic. Cookies used for this purpose help us detect website errors as well as measure website bandwidth. Youtube cookies to display in our website content uploaded in Youtube.
Cookies used for this purpose help us maintain integrity, create informative and dynamic website. Twitter cookies to display in our website content posted in Twitter. Cookies used for this purpose help us maintain integrity, create informative and dynamic website. Google Maps cookies to, if the user permits, determine users location. Cookies used for this purpose help us adapt website settings in accordance to user’s location and improve user experience in our website. Doubleclick cookies to control the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. Facebook cookies to manage the display of ads to our users. Cookies used for this purpose help us distinguish users that already use our services and reduce or stop displaying our ads to such users. Google Tag Manager cookies to control advertising cookies. Cookies used for this purpose help us properly distribute ads to users. Hotjar cookies to observe how users use our website. Cookies used for this purpose help us observe the performance of the website and analyze how we can improve our website.
Storage of personal data
One of the applicable principles to the Processing of your Personal Data concerns the limitation of the period for which the personal data have to be stored, governed by Article 5, paragraph 1 (e) of the Regulation that states:
“Personal Data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed; personal data may be stored for longer periods insofar as the personal data will be processed solely for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) subject to implementation of the appropriate technical and organizational measures required by this Regulation in order to safeguard the rights and freedoms of the data subject”. Basing on this principle, your Personal Data will be processed by the Data Controller only for what is necessary in order to pursue the purposes quoted in Sections B and C of this Policy Privacy. In particular, your Personal Data will be processed for a minimum necessary period of time, as indicated in “Whereas” 39 of the Regulation, namely until the end of the contractual relationship between you and the Data Controller, except for the legitimate interest of the Data Controller in preserving them further, according to “Whereas” 47 of the Regulation. Furthermore, your Personal Data will be processed for a minimum necessary period of time which may be imposed by legal provisions in accordance with “Whereas” 65 of the Regulation.
Withdrawal and limitation of the consent
In accordance with the Regulation, if you have given your consent to the processing of your Personal Data for one or more purposes, explained in sections B and C of this Policy Privacy, you can, at any time, withdraw it totally and / or partially without compromising the lawfulness of the Processing, based on the consent given before the withdrawal.
The withdrawal methods of the consent are very simple and intuitive; you have just to contact the Data Controller, using the contact channels, reported in Section G of this Policy Privacy.
Data subjects’ rights
In accordance with Article 15 of the Regulation, you can have access to your Personal Data and ask for their amendment and their updating, if they are incomplete or wrong. You can ask for their cancellation, if their collection has been made in breach of a law or regulation, and you can oppose to the processing for legitimate and specific reasons. In particular, we report below all the rights you can exercise, at any time, against the Data Controller.
Access rights
According to Article 15, Paragraph 1 of the Regulation, you will have the right to obtain from the Data Controller the confirmation that a Processing of your Personal Data is occurring, and in this case, you will have the right to obtain the access to these Personal Data and to the information:
a) the purposes of the processing; b) the categories of Personal Data in question; c) recipients or recipients’ categories, to whom your Personal Data have been communicated or will be communicated, especially if they are Recipients coming from third countries or international organizations; d) when possible, the expected period of the Data storage, otherwise, the criteria used to determine that period; e) the right of the data subject to request the Data Controller to amend or delete Personal Data, to limit or to oppose to their processing; f) the right to make a complaint to a supervisory authority; g) if the Personal Data are not collected from the Data Subject, how the Data Controller has collected them; h) the existence of an automated decision-making processing, including also the profiling, according to Article 22, Paragraphs 1 and 4 of the Regulation and, at least in such cases, significant information about the employed logic, as well as about the importance and the effects of such Processing for the Data Subject.
Amendment right
In accordance with Article 16 of the Regulation, you can obtain the amendment of incorrect Personal Data.
Taking into account the purposes of the processing, moreover, you can obtain the integration of your incomplete Personal Data, also by presenting an additional declaration.
Cancellation right
In accordance with Article 17, Paragraph 1 of the Regulation, you can obtain the cancellation of your Personal Data without unjustified delay, and the Data Controller will be obliged to delete your Personal Data, if there is just one of the following reasons:
a) Personal Data are no longer necessary for the purposes, for which they have been collected, or otherwise processed; b) you have withdrawn the consent, on which the processing of your Personal Data is based and there is no other legal basis for their processing; c) according to Article 21, Paragraph 1 or 2 of the Regulation, you have opposed to the processing and there is any more a legitimate overriding reason to proceed with the processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data, in order to comply with a legal obligation, which is provided in a Union or member state law. In some cases, as it is indicated by Article 17, Paragraph 3 of the Regulation, the Data Controller is entitled to collect and not to delate your Personal Data, if their processing is necessary, for example, for the exercise of the right of freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for purposes of archiving in the public interest, for scientific or historical research, for statistical purposes, for verification, or for the exercise or the defense of a right before a court.
Limitation of processing right
In accordance with Article 17, Paragraph 1 of the Regulation, you can obtain the cancellation of your Personal Data without unjustified delay, and the Data Controller will be obliged to delete your Personal Data, if there is just one of the following reasons:
a) Personal Data are no longer necessary for the purposes, for which they have been collected, or otherwise processed; b) you have withdrawn the consent, on which the processing of your Personal Data is based and there is no other legal basis for their processing; c) according to Article 21, Paragraph 1 or 2 of the Regulation, you have opposed to the processing and there is any more a legitimate overriding reason to proceed with the processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data, in order to comply with a legal obligation, which is provided in a Union or member state law. In some cases, as it is indicated by Article 17, Paragraph 3 of the Regulation, the Data Controller is entitled to collect and not to delate your Personal Data, if their processing is necessary, for example, for the exercise of the right of freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for purposes of archiving in the public interest, for scientific or historical research, for statistical purposes, for verification, or for the exercise or the defense of a right before a court.
Data portability right
In accordance with Article 20, Paragraph 1 of the Regulation, at any time you can request and receive all of your Personal Data, processed by the Data Controller, in a structured format, which is of common and legible use, otherwise you can request their transmission to another Data Controller without any impediment.
In this case, it will be your responsibility to provide us with all the exact details of the new Data Controller in a written authorization.
Opposition right
In accordance with Article 21, Paragraph 2 of the Regulation and as also reiterated by “Whereas” 70 of the Regulation, at any time you can oppose to the processing of your Personal Data if these are processed for purposes of direct marketing, of profiling and of transferring the data to third parties.
Right of making a complaint to the supervisory authority
Apart from your right to appeal to any other administrative or jurisdictional office, if you believe that the processing of your Personal Data, conducted by the Data Controller, breaches the Regulation and / or the applicable legislation, you can make a complaint before the Persona Data Protection Authority.
Processing location/place
Your Personal Data will be processed by the Data Controller within the territory of the European Union.
Considering the fact that the Data Controller belongs to the Better Mood, it may be necessary for technical and / or operational reasons, to cooperate with entities who are located outside the European Union, so that they can respond to your requests. In accordance with and for the purposes of Article 28 of the Regulation, we inform you from now on that these subjects have been specifically appointed as Data Processor, and the transmission of your Personal Data to these subjects, which is limited to specific activities of processing, will be regulated in accordance with “Chapter” V of the Regulation.
All necessary precautions will therefore be taken in order to ensure the whole protection of your Personal Data. As a matter of fact the transmission is based: (a) on adequate decisions of the third country recipients, expressed by the European Commission; (b) in accordance with Article 46 of the Regulation, on appropriate guarantees, expressed by the third party recipient; (c) on the adoption of binding corporate rules; (d) on the adoption of standard contractual clauses, approved by the European Commission.
When we provide your data to others?
We may disclose your personal data to any member of our group of companies (including our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes set out in this notice.
Such may include internal administration purposes as well as provision/sharing of IT services or data centers in the group.
We may disclose your personal data to our insurers and/or professional advisers insofar as reasonably necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, obtaining professional advice, or the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure.
We may disclose your personal data to our anti-fraud, risks and compliance providers insofar as reasonably necessary for the purposes of protecting your personal data and fulfilling our legal obligations.
We may disclose your personal data to our payment service providers. We will share service data with our payment services providers only to the extent necessary for the purposes of processing your payments, transferring funds and dealing with complaints and queries relating to such payments and transfers.
We may disclose your personal data to other service providers insofar as it is reasonably necessary to provide specific services (including, providers of servers and maintenance thereof, email service providers, service providers used for data analysis, customer satisfaction surveys or market research). We take all the necessary measures to ensure that such subcontractors would implement proper organizational and technical measures to ensure security and privacy of your personal data.
In addition to the specific disclosures of personal data set out in this Section, we may disclose your personal data where such disclosure is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Persons, indicated in this Section may be established outside the United Kingdom, European Union and European Economic Area. In case we will transfer your personal data to such persons, we will take all the necessary and in the legal acts indicated measures to ensure that your privacy will remain properly secured, including where appropriate, signing standard contractual clauses for transfer of data.
Persons under 18
Our website and services are targeted at persons over the age of 18.
If we have reason to believe that we hold personal data of a person under that age in our databases without having consent from the parent rights holder, we will delete that personal data.
Third party websites
In the website you may find links to and from partner sites, information sources and related party websites.
Please take note that such third party website that you will visit by clicking on links have their own privacy policies and we take no responsibility regarding such privacy policies. We recommend familiarizing with privacy policies of such websites before providing any personal data to such.