INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA (PRIVACY) based on Legislative Decree 196/2003 "Code regarding the protection of personal data" and EU Regulation 2016/679
With reference to the provisions of Legislative Decree 196/2003 "Code regarding the protection of personal data", and of EU Regulation 2016/679, in particular with regard to articles 12 and 13, we inform You that your personal data will be processed in accordance with current legislation.
Gioielleria Caso based in Via Bisignano, 13 - 80121 Naples is constantly committed to adopting technical and organizational solutions aimed at guaranteeing high standards of lawfulness, security and protection in the processing of personal data: the requirements of the General Data Protection Regulation of the 'European Union (hereinafter in the text "GDPR" acronym for General Data Protection Regulation) and other legal provisions, including, in particular, those of the Code regarding the protection of personal data.
1. Who is the data controller? Gioielleria Caso based in Via Bisignano, 13 - 80121 Naples (hereinafter in the text "Gioielleria Caso" or "We"), is the owner of the processing of your personal data in accordance with the GDPR and the Code.
2. What data are processed by us? Personal data means any type of information relating to an identified or identifiable natural person (hereinafter "Data").
Data you provide
All the Data You have provided to us to request the purchase and sale of a good and / or the provision of a service. The Data could, by way of example, be: Your name and surname, Your contact details (including address, telephone number and e-mail address), profession, date and place of birth, tax code. The provision of such information, if required by the contract or essential for the execution of the same, is a necessary requirement for the conclusion of the Contract; failure to communicate such data may make it impossible to conclude the Contract and / or provide the related services and products by Gioielleria Caso. Gioielleria Caso does not acquire and does not process categories of personal data, such as information revealing Your racial origin, Your political opinions, Your religious or philosophical beliefs.
3. On what legal bases and on what rules will we process your data? Personal Data means any type of information relating to an identified or identifiable natural person (hereinafter "Data"). We will only process your Data where permitted by applicable legal provisions. Specifically, we will process your data on the basis of articles. 6 and 9 GDPR and on the basis of consent pursuant to art. 7 GDPR, as well as in compliance with the corresponding rules of the Code:
• Consent art. 6 (1) paragraph 1 (a), art. 7 GDPR): we will process certain data exclusively in the presence of your preliminary, free and express Consent. You have the right to withdraw the consent given at any time with effect for the future;
• Execution of a Contract: in order to conclude and execute the requested Contract, it is necessary to have access to and process certain Data;
• Compliance with a legal obligation art. 6 (1) paragraph 1 (c) GDPR): in order to ensure compliance with these requirements, we must process certain Data.
4. For what purposes are your data processed? Your Data will be processed by us only and exclusively for the purposes permitted by the Data protection legislation such as: a) purposes previously approved by You; b) processing of data in order to execute the Contract; c) execution of pre-contractual measures at Your request; d) fulfillment of the legal obligations to which we are subject; e) safeguarding our legitimate interests or the legitimate interests of third parties, unless Your interests prevail over them; f) assessment, exercise or defense of a right or legal claim; g) for reasons of significant public interest; h) marketing and advertising, in particular direct marketing activities.
Among other things, we will process Your Data for the specific purposes as indicated below by way of example:
- for purposes related to the Contract: especially to execute the Contract entered into with You;
- contact You in relation to the Contract and for the management of the same;
- Customer service: in order to offer You a valid customer service, we will regularly process your Data, in order, for example, to give You comprehensive advice. For the sole purpose of improving the quality of the customer care and staff training processes, moreover, we may process the personal Data collected through the sample recording of telephone calls, in compliance with the privacy legislation and the provisions of the Guarantor for the protection of personal Data;
- management of requests for legal guarantees, product compliance, assistance, requests for withdrawal, management and termination of the Contract;
- transfer of Data to third parties only and solely for the management of the request if carried out with "remote" procedures via video, internet and only and exclusively for the personal Data requested from the operators of the platforms used for these procedures.
Processing of Your Data subject to Consent
In the following cases, we will process Your Data only and only if You have given Your express consent for:
i) market research, possibly based on profiling activities: we conduct market research regarding the interests of our Customers, in order to offer them interesting and targeted offers. This includes, for example, customer satisfaction studies with our services. As part of our market research activities, we exclusively process - whenever possible - anonymised and aggregated data. For these activities, however, we may also process Your personal Data.
ii) advertising and marketing: if You have previously given your consent to this effect, we will process Your Data to inform You of any offer that may interest You and we will contact you using the communication channels expressly authorized by you. The promotional and marketing activities (including participation in competitions and prize operations) in question can be carried out by telephone, SMS, email: obviously you can object to the processing for these purposes at any time.
In addition to the above, Gioielleria Caso may process Your Data to comply with legal obligations and, therefore, to comply with any rule or provision of law that we intend and must comply with or for indispensable measures for the security of Your Data and company data. from external attacks and / or in order to ward off external attacks. Furthermore, to comply with legal obligations imposed on us and / or in order to prevent fraud or in the event of a dispute. Lastly, for mandatory fiscal, accounting and administrative purposes, always in compliance and in compliance with current regulations.
Finally, Gioielleria Caso may process Your Data for the protection of legitimate interests of the same Gioielleria Caso except in the case in which Your interests prevail. This is done with sales checks to improve the services rendered and in an aggregate and anonymous form without indicating Your identity or for studies aimed at improving the products and services rendered as well as our procedures.
5. How long will we process Your Data? As expressly provided for by art. 5, co. 1, lett. e) of the GDPR, we will keep Your Data only for the time necessary to process them for the purposes for which they are processed. If we process the Data for multiple purposes, they will be automatically deleted or saved in a format that does not allow any direct conclusions to be reached in relation to Your identity, as soon as the last specific purpose has been fulfilled. In order for all Your Data to be deleted or made anonymous in line with the principle of data minimization and in accordance with art. 5, co. 1, lett. e) of the GDPR.
Indicatively, Your Data will be kept for the following periods:
- fiscal / administrative obligations: 10 years;
- regulatory obligations regarding product warranty: 28 months;
- contractual obligations regarding additional after-sales services: from 36 to 78 months depending on the service chosen.
How is your data protected? Gioielleria Caso will process Your personal data on the basis of the security obligations relating to the processing of data pursuant to art. 32 GDPR. In order to guarantee an adequate level of Data protection aimed at limiting the risk of using the same in an improper or illegal way, technical and organizational measures have been implemented that comply with internationally recognized IT standards, these measures are constantly subject to verification.
With whom will your data be shared? Your Data may be shared with third parties including:
• external third parties to the extent that this is necessary or appropriate to achieve the purposes referred to in points 3 and 4, or as part of any legal obligation regarding information and reporting. These third parties are, in particular, external service providers including IT services, external consultants or collaborators, within the following contexts:
- enveloping, sorting and transmission of communications to customers, as well as archiving and substitutive storage of Data;
- supply and management of administrative procedures and IT systems, communication networks and protection and security systems;
- customer assistance activities (also with call centers, help desks);
- appraisal, auditing and certification of financial statements;
- commercial information activities carried out by external companies with legal authorizations in compliance with current regulations, organization of events or advertising campaigns, detection of the quality of products and services, market surveys;
- professional consultancy and assistance.
Gioielleria Caso will appoint all the aforementioned subjects as Data Processors, if the relevant conditions exist, and in any case it will bind such third parties to maintain confidentiality in relation to Your Data.
Your rights. According to the GDPR and other applicable provisions on data protection, You have specific and unlimited rights.
As interested, he has in particular the following rights under the GDPR, towards Gioielleria Caso:
- Right of access (Article 15 of the GDPR): You may at any time request that You be provided with information on Your Data stored by us. This information refers, among other things, to the categories of data processed by us, the purposes of the processing, the origin of the Data if we did not obtain it directly from You, as well as the recipients to whom we may have transferred Your Data. , where applicable. You will be able to receive a free copy of Your Data which are the subject of the Contract;
- Right of rectification (Article 16 of the GDPR): you may request a rectification of Your Data. We will take appropriate measures aimed at ensuring that Your Data stored and processed by us on a continuous basis, are kept correct, complete, updated and relevant, based on the most recent information provided to us;
- Right of cancellation (Article 17 of the GDPR): you may request the cancellation of Your Data, provided that the relevant conditions provided by law exist. For example, this could occur based on art. 17 of the GDPR:
• if the Data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
• if You withdraw the Consent on which the processing of the Data is based, and there is no other legal basis for the processing;
• if you object to the processing of Your Data and there are no overriding legitimate reasons to proceed with the processing, or if you object to the processing of your data for direct marketing purposes;
• if the Data have been processed unlawfully; unless the processing is necessary: a) for the fulfillment of a legal obligation that requires the processing of Your Data; in particular with regard to the retention periods for documents required by law; b) for the assessment, exercise or defense of a right or legal claim.
- Right to limitation of treatment (Article 18 of the GDPR): you will be able to obtain a limitation of the processing of Your Data if these are not correct or if they are no longer necessary;
- Right to data portability (Article 20 of the GDPR): You have the right to receive a copy of Your Data, previously provided by You directly to Gioielleria Caso, and if expressly requested by You we undertake to transfer the same - where possible at a technical level - to another data controller indicated by you;
- Right to object (Article 21 of the GDPR): You may object at any time, for reasons related to Your particular situation, to the processing of Your Data, pursuant to art. 6, paragraph 1, letters e) or f) of the GDPR, or if the personal data are processed for direct marketing purposes. In this case, we will no longer process Your Data. This last condition does not apply if we can demonstrate the existence of compelling legitimate reasons that justify the processing and that prevail over your interests, or if we need Your Data to ascertain, exercise or defend a right in court;
- Right to withdraw consent at any time (Article 13 of the GDPR): if the processing is based on Consent - without prejudice to the lawfulness of the processing based on the Consent given prior to the revocation, by sending the relevant request to the contacts listed below or using the methods techniques possibly made available by Gioielleria Caso.
Gioielleria Caso will try to manage all requests within a reasonable period and, approximately, within 30 days, unless an extension is motivated and communicated.
- Complaint: You always have the right to make a report and lodge a complaint with a competent data protection authority, pursuant to art. 77 of the GDPR.
In any case, You will find a wider reference on the subject of Current Legislation on the website of our Guarantor for the protection of personal Data at the internet address www.garanteprivacy.it and the complete text of the GDPR can be consulted by accessing the following website: http: //eur-lex.europa.eu/legal content/IT/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ITA&toc=OJ:L:2016:119:TOC
The data controller is Gioielleria Caso, in the person of the Legal Representative, who can be contacted at the following address Via Bisignano, 13 - 80121 Naples.
For all requests for information and to exercise your rights, you can contact Gioielleria Caso:
- by post to Gioielleria Caso, Via Bisignano, 13 - 80121 Naples;
- by telephone or fax at +39 081 403940/405639;
- by email at firstname.lastname@example.org.
The Data Protection Officer can be contacted directly at the following e-mail address: email@example.com.
Gioielleria Caso will promptly inform You if there are substantial changes with regard to the way Your Data is processed, we will promptly inform You of such changes.
Cookies (use, purpose, deactivation)
Cookies are computer files that can be saved on the user's computer (or other devices enabled to browse the internet, for example smartphones or tablets) when he visits the Websites. Usually a cookie contains the name of the website from which the cookie itself comes from and the 'life span' of the cookie (i.e. how long it will remain on the user's device).
Cookies inserted as essential for the functioning of the Websites
The Websites use session and persistent cookies, for the sole purpose of offering a more efficient service.
The use of these cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow you to provide the services and functions of the Websites in a complete way.
The cookies used on the Websites avoid the use of other IT techniques that are potentially prejudicial to the privacy of users' browsing and do not allow the acquisition of data directly identifying the user.
Interested parties who do not want the cookies in question can delete them after browsing by simply going to the privacy settings of their browser and selecting the option to delete cookies.
Cookies inserted for the purpose of aggregate analysis of visits to the site
Gioielleria Caso uses aggregate navigation data analysis tools that allow you to improve the Websites (Web Trends and Google Analytics).
Users who do not want the cookies in question can prevent them from being stored on their computer through the appropriate "Add-on browser component for deactivating Google Analytics" made available by Google at: https://tools.google.com / dlpage / gaoptout
To activate the component, which inhibits the system for sending information about the user's visit, simply install it following the instructions on the screen, close and reopen the browser.
Cookies inserted to serve interest-based ads
The Website may use third-party cookies to publish advertisements defined according to the interests of users. This information is collected during the user's navigation and is in no way linked to the account with which the user accesses the Website.
More generally, each browser allows the user to disable third-party cookies aimed at allowing online advertising based on the user's interests. For example, in the case of the Firefox browser, the deactivation of the cookies in question can be carried out by following the instructions on the page: http://support.mozilla.org/it/kb/Disattivare%20i%20cookie%20di%20terze%20parti
In the case of Internet Explorer, the instructions on disabling third-party cookies are given at the following link: http://support.microsoft.com/kb/283185/it
How to disable cookies
Most internet browsers are initially set up to accept cookies automatically. The user can change these settings to block cookies or to warn that cookies are sent to the user's device. There are various ways to manage cookies. The user can refer to the instruction manual or the help screen of his browser to find out how to adjust or change the settings of his browser. In the case of different devices (for example computers, smartphones, tablets, etc.), the user must ensure that each browser on each device is adjusted to reflect their preferences regarding cookies.