Last modified: 9-05-2022
Polinelli S.r.l., Daverio (VA), Via Roma 57 – Certified e-mail: firstname.lastname@example.org
Our Data Protection Officer (RPD/DPO) can be contacted at the following email address: email@example.com.
WHAT DATA WE COLLECT
If you wish to use the “Contacts” service in order to ask us for more information, we will ask you to provide us with some personal data, including;
- Identification data, requested in the “Contacts” and “subscribe the Newsletter” sections and/or during the process of Creating an account on the Site or when completing a purchase order, including your name, surname, e-mail address, telephone number and shipping address;
- Financial data, including data relating to your credit card for the purchase of products on the Site.
Please provide us with complete and accurate data, as well as inform us if it needs to be updated, otherwise we may not be able to provide you with the required service.
Through the specific section Facebook Insert Contact within the social network, particular conditions (discounts/promotional coupons) might be published and applied to those who, by being interested in, will voluntarily fill out the form on Facebook (for more information: https://www.facebook.com/business/help/829597887147190?id=735435806665862).
Some of your Personal Data are then automatically collected by the Site, including: IP address; date and time of accessing the Site; hardware, software or browser used; information about the operating system; the language settings; and any other data automatically collected by the Site as you navigate (the requests are not directly referred to any individual).
All categories of personal data collected by the Site are, collectively, “Personal Data”.
HOW WE USE THE PERSONAL DATA WE COLLECT
We use Personal Data for the following purposes and on the following legal basis:
- On the basis of the execution of pre-contractual measures in favour of the user, pursuant to Article 6, paragraph 1, letter b, of the GDPR, to provide the information and services required by the user.
- On the basis of the fulfilment of legal and/or regulatory obligations to which the Company is subject and arising from the operation of the Site, pursuant to Article 6(1)(c) of the GDPR, to ensure compliance with any applicable law, as well as the general conditions of the Site.
- On the basis of the legitimate interest of the Company, pursuant to Article 6(1)(f) of the GDPR, to develop and improve the Site, to ensure that the content is displayed in the most effective way for the user and the relevant device, as well as to inform the user of any significant change to the Site and/or the services offered though the same.
- With your prior consent, to send commercial and promotional communications and periodic updates regarding products, services, initiatives and events. You can choose at any time to stop receiving communications by writing to: firstname.lastname@example.org.
The data processing activities described in the abovementioned letters a, b, c are required to achieve the described purposes: without the Personal Data, it is not possible to achieve them.
WHAT METHODS DO WE USE FOR THE PROCESSING OF YOUR PERSONAL DATA?
The processing of Personal Data is carried out, electronically and manually, only to the extent necessary for the exercise of the aforementioned purposes. Polinelli is committed to protecting users’ personal data. Polinelli informs that the password is one of the account protection mechanisms. Therefore, users are advised to use a sufficiently secure password and keep it in a safe place, limiting access to it on their computers and browsers, disconnecting it after visiting the Site. All Personal Data provided by users are stored on secure servers, by adopting adequate security measures to protect Personal Data from unauthorized access, to ensure the accuracy of Personal Data and to guarantee the correct use of the information. In addition, a secure system is used to authorize credit card payments and identify fraudulent activity. Polinelli uses the SSL (Secure Sockets Layer) standard to protect the confidentiality of Personal Data.
HOW LONG WE KEEP THE PERSONAL DATA WE COLLECT
Polinelli retains Personal Data for the time strictly necessary for the exercise of the purposes for which the Personal Data were collected and subsequently processed, including any retention period required by applicable legislation.
Polinelli will process Personal Data for the entire duration of the contract (in the case of an account created on the Site, of a purchase, or in relation to the services provided by Polinelli) and for ten (10) years from completion of the sale or service provided.
Furthermore, for the described purposes of sending commercial communications referred to in the abovementioned point d, Personal Data will be processed for 2 years from the last purchase and / or from the last contact with the user, without prejudice to the right to withdraw the consent provided or to oppose the processing at any time.
PERSONAL DATA WE SHARE
We inform you that we could share Personal Data with:
– our employees and / or area agents, only if you ask us for commercial information by filling in the specific “Contacts” section;
– the courier in charge of delivering the online orders;
– the agency which offers marketing services, appointed as a data processor for the processing of personal data for the management of the website.
HOW WE PROTECT PERSONAL DATA
We take measures to protect Personal Data against unauthorized access, use or disclosure, including, but not limited to the following:
- We implement and maintain in force sophisticated technical measures to ensure that Personal Data is recorded and processed in the utmost confidentiality and security.
- We implement and maintain adequate restrictions on access to Personal Data, monitoring the access, use and transfer thereof.
- All our employees who have access to Personal Data must enter into non-disclosure agreements or similar agreements, which include obligations for them to comply with our privacy and data confidentiality requirements.
- We require business partners and third party service providers with whom we may share Personal Data to comply with all applicable data privacy and confidentiality requirements.
- We regularly provide data privacy training courses to our employees and third parties who have access to Personal Data.
WHAT ARE YOUR RIGHTS
Pursuant to applicable data protection laws and regulations, you have the right to:
- to access, rectify and / or delete Personal Data;
- to limit their processing or oppose to their processing;
- In some circumstances, to request the communication of Personal Data to yourself or to third parties in a structured, commonly used and machine-readable format;
- to the extent that our processing of Personal Data is based on your consent, withdraw it without affecting the lawfulness of our processing based on your consent prior to its withdrawal. The withdrawal of consent will be possible at any time in a simple way, through specific technical means (e.g. opt-out at the bottom of any e-mail communication received; etc.);
- to lodge a complaint about the processing of Personal Data with the competent Data Protection Authority.