The purpose of this document (hereinafter "Privacy disclaimer") Is to inform Users about personal data, understood as any information that allows the identification of a natural person (hereinafter the"Personal data"), Collected from the fedelia.shop website (hereinafter "Application").
The Data Controller, as subsequently identified, may modify or simply update, in whole or in part, this Information by informing Users. Changes and updates will be binding as soon as they are published on the Application. The User is therefore invited to read the Privacy Notice at each access to the Application.
Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
Content and information provided voluntarily by the User
- Contact details and contents: are those Personal Data that the User voluntarily provides to the Application during its use, such as personal data, contact details, access credentials to the services and / or products provided, personal interests and preferences and other personal content, etc.
- Personal data collected by social media: Users can share data provided to social media with the Application. The User has the right to control the Personal Data that the Application can access through the privacy settings available on the social media in question. By associating accounts managed by social media with the Application and authorizing the Data Controller to access such Personal Data, the User consents to the acquisition, processing and storage in accordance with this Privacy Notice.
Failure by the User to provide Personal Data, for which there is a legal, contractual obligation or if they constitute a necessary requirement for the use of the service or for the conclusion of the contract, will make it impossible for the Data Controller to provide or in part its own services.
The User who communicates the Personal Data of third parties to the Data Controller is directly and exclusively responsible for their origin, collection, processing, communication or dissemination.
Data and content acquired automatically during the use of the Application:
- Technical data: the computer systems and software procedures used to operate this Application may acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified Users, but which by its very nature could, through processing and association with data held by third parties, allow Users to be identified. This category includes IP addresses, or domain names used by Users who connect to the Application, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.
- Usage data: Personal Data relating to the use of the Application by the User may also be collected, such as the pages visited, the actions performed, the features and services used.
- Geolocation data: the Application may collect Personal Data on the User's location which may be GNSS (Global Navigation Satellite System, for example GPS) data, in addition to data that identify the nearest repeater, Wi-Fi and bluetooth hotspots, communicated when enable location-based products or features.
Personal data collected through cookies or similar technologies:
- Content and information provided voluntarily by the User
The Personal Data collected can be used for the execution of contractual and pre-contractual obligations and for legal obligations as well as for the following purposes:
- User registration and authentication: to allow the User to register on the Application to access and be identified.
- Support and contact with the User: to respond to the User's requests and help in case of problems.
- Comment and feedback: to allow the User to send reviews or comments.
- Internal management of payments by credit card, bank transfer or other instruments: to manage payments by acquiring payment data directly from the User.
- Login through accounts on external platforms: to allow the User to log into the Application through an account on external platforms (eg. Google, Facebook).
- Statistics only with anonymous data: to perform statistical analysis based on aggregate data or which do not allow the User to be identified.
- User database management: to organize, access and modify User data.
- Monitoring, analysis and tracking of User behavior: to monitor and analyze how the User behaves on the Application.
- User Profiling: to automatically group and analyze the characteristics or behavior of the User and provide them with personalized services or messages.
- Customization of the User's experience of use: to modify the Application and adapt it to the User's needs.
- Advertising and remarketing targeting: to show advertisements that are more relevant to the User on the basis of their browsing behavior and preferences.
- Sending emails or newsletters and mailing list management: to contact the User with emails containing commercial and promotional information relating to the Application.
The processing of Personal Data is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
In some cases, subjects involved in the organization of the Data Controller may also have access to Personal Data (such as, for example, personnel management personnel, sales personnel, system administrators, etc.) or external subjects (such as IT companies, suppliers of services, postal couriers, hosting providers, etc.). If necessary, these subjects may be appointed as Data Processors by the Owner, as well as access the Personal Data of Users whenever necessary and will be contractually obliged to keep the Personal Data confidential.
The updated list of Managers can be requested by email at firstname.lastname@example.org.
Legal basis of the processing
The processing of Personal Data relating to the User is based on the following legal bases:
- the consent given by the User for one or more specific purposes;
- the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures
- the processing is necessary to fulfill a legal obligation to which the Data Controller is subject
- the processing is necessary for the performance of a task of public interest or for the exercise of public authority vested in the owner
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties
- the processing is necessary for the pursuit of a vital interest of the owner or third parties.
However, it is always possible to ask the Data Controller to clarify the legal basis of each treatment at the address email@example.com.
Personal Data are processed at the Data Controller's operating offices and in any other places where the parties involved in the processing are located. For more information, contact the Data Controller at the following email address firstname.lastname@example.org or at the following postal address Viale Marconi 1, Castiglion Fiorentino (AR) 52043 Italy.
The processing is carried out in a manner and with suitable tools to guarantee the security and confidentiality of the Personal Data, having the Data Controller adopted adequate technical and organizational measures that guarantee, and allow to demonstrate, that the Processing is carried out in compliance with the relevant legislation.
Data retention period
Personal Data will be kept for the period of time necessary to fulfill the purposes for which they were collected.
In particular, the Personal Data will be kept for the entire duration of the contractual relationship, for the execution of the related and consequent obligations, for compliance with applicable legal and regulatory obligations, as well as for own or third party defensive purposes.
If the processing of Personal Data is based on the User's consent, the Data Controller may keep the Personal Data until the consent is revoked.
Personal Data may be kept for a longer period if necessary to fulfill a legal obligation or by order of an authority.
All Personal Data will be deleted or stored in a form that does not allow the identification of the User within 30 days of the end of the retention period. At the expiry of this term, the right of access, cancellation, rectification and the right to the portability of Personal Data can no longer be exercised.
Automated decision-making processes
All Personal Data collected will not be subject to any automated decision-making process, including profiling, which may produce legal effects for the person or which may significantly affect it.
Rights of the User
Users can exercise certain rights with reference to the Personal Data processed by the Owner. In particular, the User has the right to:
- withdraw consent at any time;
- oppose the processing of their Personal Data;
- access their Personal Data;
- verify and request rectification;
- obtain the limitation of the processing;
- obtain the cancellation of their Personal Data;
- receive their Personal Data or have them transferred to another owner;
- lodge a complaint with the supervisory authority for the protection of Personal Data and / or take legal action.
To exercise their rights, Users can direct a request to the contact details of the Owner indicated in this document. The requests are made free of charge and processed by the Data Controller as soon as possible, in any case within 30 days.
The Data Controller is BAR 2000 di Botti Debora, Menci Michela and CSNC, with registered office in Viale Marconi 1, 52043, Castiglion Fiorentino (AR), Tax Code / VAT number 01635770512, e-mail address email@example.com, address PEC firstname.lastname@example.org.
Representative of the owner
The Representative of the Data Controller isDebora Botti, via della Crocina SNC 52043 Castiglion Fiorentino (AR), Tax Code BTTDBR80M55A390V, e-mail address email@example.com, telephone 0575659943.
Last updated: 11/18/2020