The purpose of this document is to inform Users about Personal Data collected from the website www.gioielleriadevitis.com (hereinafter “Application”). The Data Controller, as subsequently identified, may modify or simply update, in whole or in part, this Information by giving information to Users. Changes and updates will be binding as soon as they are published in the Application. The User is therefore invited to read the Privacy Statement at each access to the Application. In case of non-acceptance of the changes made to this Privacy Statement, the User is required to cease using this Application and may request the Data Controller to remove its Personal Data.
1. Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
A. Content and information provided voluntarily by the User
Contact data, credentials, contents: for example personal data, e-mail or postal address and other contact details, passwords and security information used for authentication and account access, personal interests and preferences and other personal content, etc. Sensitive data: Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, Health data or that relating to the sexual life or sexual orientation of the person. Failure by the User to provide certain Data may prevent this Application from providing its services. The User assumes the responsibility of the Personal Data of third parties published or shared through this Application and guarantees to have the right to communicate or disseminate them, freeing the Holder from any responsibility towards third parties. If the processing of Personal Data is based on consent by the User, the same can revoke it at any time.
B. Data and contents acquired automatically during the use of the Application
Technical data:the computer systems and software procedures designed to operate this Application can acquire, in the course of normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. It concerns information that is not collected to be associated with identified interested subjects, but that due to their nature, could allow, through the processing and association with Data held by third parties, identifying the users. This category includes IP addresses, or domain names used by Users that connect to the Application, URI addresses (Uniform Resource Identifier) of requested resources, request time, method used to submit the request to the server, size of the file obtained, etc.Use data: Data relating to the use of the Application by the User can also be collected, such as for example visited pages, actions performed, functionalities and services used. Geolocalisation data: the Application can collect Data regarding the position, that can be accurate or inaccurate. Accurate Data on the position can be GNSS Data (Global Navigation Satellite System, as for example GPS data), besides Data that identify the closest repeater, Wi-Fi and bluetooth hotspots, communicated when products or functionalities based on the position are enabled.
C. Personal Data collected through cookies or similar technologies
The Data collected can be used for the following purposes: Support and contact with the User registration and authentication of the User comment and feedback communicating the Data to https://www.facebook.com/full_data_use_policy
- Access to accounts on third party services communicating the Data to Facebook Ireland Ltd. https://www.facebook.com/full_data_use_policy
- Access to accounts on third party services communicating the Data to Twitter, Inc. https://twitter.com/it/privacy
- Access to accounts on third party services communicating the Data to Google LLC https://policies.google.com/privacy?hl=it&gl=it
- Visualisation of contents from external platforms communicating the Data to Google LLC https://policies.google.com/privacy?hl=it&gl=it
- External management of payments with credit cards, bank transfers or other tools. The Data used for payments are acquired directly by the requested payment service manager without being processed by this Application in any way. Payments are provided by communicating the Data to PayPal (Europe) S.à.r .l. et Cie, S.C.A. https://www.paypal.com/it/webapps/mpp/ua/privacy-full
- Statistic only with anonymous Data communicating the data to Google LLC https://policies.google.com/privacy? hl=it&gl=it
- Communication for own promotional and commercial purposes communicating the Data to The Rocket Science Group LLC https://mailchimp.com/legal/privacy/
3. Processing method
The processing of Personal Data is performed by means of computer and/or telematic tools, with organisational methods and logics strictly related to the indicated purposes. In addition to the Holder, in some cases, others involved in the organisation of this Application that provide assistance in the management of the Application and of the activities or that guarantee the performance of services to the User may have access. These appointed subjects, if necessary, Responsible of the Processing on behalf of the Holder, may access Personal Data of Users every time it is necessary and will be contractually obliged to keep the confidential. The updated list of the Managers can be requested via e-mail at the address email@example.com
4. Legal basis of the processing
The Holder processes Personal Data regarding the User in the event of one of the following conditions: the User has given consent for one or more specific purposes:
- the processing is necessry for the execution of a contract with the User and/or for the execution of precontractual measures;
- the processing is necessary to fulfill a legal obligation to which the Holder is subject;
- the processing is necessary to pursue the legitimate interest of the Holder or third parties.
- It is however always possible to request clarification to the Holder of the real legal basis of each processing.
The Data are processed at the operational offices of the Holder and in any other place where the parties involved in the processing are located. For further information, please contact the Holder at the following e-mail address firstname.lastname@example.org
6. Safety measures
The Processing is carried out with the methods and tools suitable to guarantee the safety and confidentiality of the same Data, the Holder having adopted adequate technical and organisational measures that guarantee and allow demonstrating that the Processing is performed in accordance with the reference legislation.
7. Data retention period
The Holder will process the Personal Data for the time necessary to fulfill the purposes related with the execution of a contract between the Holder and the User and, in any case, not beyond a period of 5 years from the termination of the relation with the User. When the processing of Personal Data is necessary to pursue the legitimate interest of the Holder, the Personal Data will be retained until such interest is fulfilled. Should the processing of Personal Data be based on the consent of the User, the Holder may retain the Personal Data until revocation. The Personal Data may be stored for a longer period if necessary to fulfill a legal obligation or an order by an authority. All Personal Data will be deleted upon expiration of the retention period. Upon expiration of such period the right to access, delete, correct and the right to portability of the Data can no longer be exercised.
8. Automated decisional processes
All Data collected will not be the object of any automated decisional process, including profiling, that can produce legal effects for the person o that can have a significant impact on the same.
9. User rights
Users can exercise certain rights with reference to Data processed by the Holder. In particular, the User has the right to:
- revoke consent at any time;
- oppose processing of own Data;
- access own Data;
- verify and request correction;
- obtain limitation to processing;
- obtain deletion or removal of own Personal Data;
- receive own Data or have them transferred to another holder;
- lodge a claim to the control authority for the protection of per data and/or proceed judicially.
To exercise your rights, Users must send a request to the contact details of the Holder indicated in this document. Requests submitted are without compensation and processed by the Holder in the shortest possible time, in any case within 30 days.
10. Holder of the Processing
The holder of the Processing is Gioielleria De Vitis – Piazza del Comune 7/8, Sabaudia LT – e-mail address email@example.com.