Purpose of the processing
The Personal Data collected will be used to respond to your requests for information, as well as to conclude and execute contracts of purchase of products on the Site. With your optional consent, we may use the Personal Data that concerns you for further purposes such as commercial or advertising communications, sending newsletters, invitations to events.
The Site is managed and Personal Data are processed by: AD Dal Pozzo S.r.l., with registered office in via Mazzini 24, Grisignano di Zocco (VI), telephone 0444 614521, email firstname.lastname@example.org (Data Controller).
The collected data
We only collect and process Personal Data provided by you voluntarily and solely in order to handle your enquiries, collect your orders and provide online showcase service and after-sales services (for example administrative, accounting, return and guarantee management). The Personal Data we collect and process includes: name, surname, nationality, e-mail address, telephone number, business and purchasing habits. You have no obligation to provide your personal information. The indication of your Personal Data in order to use the service is voluntary and discretionary. However, if you do not provide your Personal Data or incorrectly provide it, it will not be possible for the Site to provide the online sales service and manage your requests. In cases where arredodalpozzo.it indicates some data as optional, you are free to refrain from communicating such data, without this having any effect on the availability of the service or its operation. Consent for marketing purposes is optional and any refusal will have no consequence other than the failure to receive promotional communications.
Legal basis for processing
The Personal Data will be processed only in the presence of one of the presuppositions previewed from the enforced norm and in the specific: For the conclusion of a contract of which you are a party in relation to the purchase of products on the Site and the provision of the consequent services; In order to fulfil a legal obligation to which the Owners are subject within the scope of the purposes they pursue; For the legitimate interest of the Owners (such as for internal administrative purposes or for the prevention and prosecution of fraudulent activities); Based on your consent with reference to marketing and advertising activities. Personal Data Collected Automatically – Cookies – Social Network Data related to navigation: The computer systems and software procedures through which we operate our Site automatically collect certain Personal Data implicitly transmitted during each use of the internet (Internet Traffic Data). Internet Traffic Data cannot be directly associated with users of the Site and is not collected for the purpose of identifying users. However, Internet Traffic Data may allow user identification when combined with data stored by third parties (such as for example: IP addresses, users’ computer domain names, other parameters related to operating systems and users’ IT environment). Internet Traffic Data is used only for the purpose of obtaining anonymous statistical information about the use of the Site or to check its proper operation, and is deleted immediately after processing. After deletion can no longer be recovered. However, they may constitute evidence to establish liability for cyber crimes against the Site. The Internet Traffic Data is strictly confidential and can only be disclosed if requested by public authorities who have the right to receive it under the Law. We apply the necessary technical and organisational measures to ensure its confidentiality.
How Personal Data is treated
Your Personal Data is mainly processed through IT tools, but also with paper tools. We always process your Personal Data in a correct, legal and transparent way in order to ensure their security and confidentiality.
How Personal Data is stored
Your Personal Data is stored in dedicated databases owned by the Data Controller. Such databases shall be protected in appropriate environments with limited access to authorised personnel only. We carry out continuous checks to ensure that the information collected is stored safely. We have computer security agreements to minimize the risk of unauthorized access, improper use, alteration, destruction or accidental loss of your Personal Data. We take appropriate organisational and technical security measures, including specific IT security standards for the protection of your Personal Data. We respect applicable laws and best practices in the field of security and make every effort to ensure the confidentiality of your Personal Data. How Personal Data is disseminated Your Personal Data can be accessed at: Employees and consultants of the Data Controller who have the need to have access to Personal Data for the purposes of processing them as you request; Suppliers and firms or consultancies assisting the Data Controller in matters of administration and management; Consultants and firms or consultancies that assist the Data Controller in the development, maintenance, updating and more generally management of the hardware and software used by him, of the Site and of the services provided through it. All the aforementioned subjects will be charged in compliance with the law and will receive only the data necessary to perform the agreed services. We only communicate your Personal Data if required by law or by a competent authority for institutional purposes. Your Personal Data will never be disclosed to an indistinct number of persons or companies and will not be transferred by us to third parties for marketing or profiling activities. Retention period Compulsory data for contractual and accounting purposes shall be kept for as long as is necessary for the conduct of the business and accounting relationship. Invoicing data will be kept for 10 years from the invoicing date. The registered user’s data will be retained until the account is active. After closing, we will keep the data if necessary to comply with obligations imposed by laws or regulations, to protect our rights or to prevent fraud. The data related to requests to our Customer Service will be kept until the satisfaction of the request.
Pursuant to the GDPR you have the right to obtain from the Data Controller confirmation that your Personal Data is being processed and – if such processing is ongoing– obtain access to the data, to know the processing methods and information on the purposes of their processing and the type of data processed; the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of other countries or international organisations, the estimated period for which Personal Data will be stored or, if this is not possible, the criteria for determining that period. You have the right to have your Personal Data deleted from our systems at any time, except for the following situations: – whether there is an open position with Customer Service; – if you have an open order that has not yet been shipped, or has only been partially shipped; – if you have an open debt with AD Dal Pozzo, regardless of the method of payment. For any purchase made, the personal data of the user in relation to the transaction will be kept in accordance with the accounting rules. You have the right to obtain rectification, integration, deletion of your Personal Data, limitation of their processing, transformation into anonymous form, blocking of data processed in violation of the law. You have the right to receive in a readable format the data that is processed according to your consent or on the basis of a contract you have entered into. YOU HAVE THE RIGHT TO OBJECT, IN WHOLE OR IN PART, TO THE PROCESSING OF DATA FOR THE PURPOSE OF SENDING ADVERTISING MATERIAL OR DIRECT SALE OR FOR THE COMPLETION OF MARKET RESEARCH OR COMMERCIAL COMMUNICATION. You can exercise the above rights by contacting us at any time at the address of the Data Controller indicated in this information. If you feel that your Personal Data has not been processed correctly, You also have the right to lodge a complaint with the competent authorities in accordance with the law in the Member State of the European Union where you are habitually resident, where you work or where the alleged infringement has occurred. In Italy, the complaint can be lodged with the Data Protection Supervisor: www.garanteprivacy.it.