Categories
  • Language
    ITA | ENG
Useful Info

PRIVACY & COOKIE POLICY

www.svapoforniture.com

This notice (hereinafter referred to as 'the privacy policy') is provided in compliance with the current legislation regarding the personal data protection and, in particular, with the article 13 of EU Regulation 2016/679 concerning the protection of individuals with regard to the processing of personal data and the free movement of data ("GDPR") and it relates to the processing of personal data of the visitors to the website www.svapoforniture.com.

This Privacy Policy aims to describe in a simple and transparent manner to the users which personal data are processed, for what purpose, by whom and how the data are processed and to inform the users about the measures undertaken to protect the data subjects' rights and freedoms. This Privacy Policy, therefore, concerns only this Website and does not apply to other websites that may be visited by the user through hyperlinks accessed on the Website.

Index

1. Data Controller

2. Purposes of the data processing

3. Nature of data provision

4. Categories of data processed

4.1 Navigation data

4.2.1 Data supplied voluntarily by the User (messages - "Ticket" service)

4.2.2 Data supplied voluntarily by the User (personal account and e-commerce platform)

4.2.3 Data supplied voluntarily by the User (advertising materials and/or quotes)

4.3.1 Cookie

4.3.2 General types of cookies used on the Web Site

4.3.3 Specific types of cookies used on the Web Site

4.3.4 How to disable cookies?

5. How are processed the data?

6. To whom can the collected data be disclosed?

7. Which are the data subject's rights?

8. Contact point

9. Privacy policy's changes

1. DATA CONTROLLER

1. The Controller of the processing of personal data of the users is DATASTORE S.R.L., Milano (MI), Via Enrico Toti n. 2, P.IVA. 04389440969; e-mail: privacy@svapoforniture.com, PEC datastore@arubapec.it.

2. PURPOSES AND METHODS OF DATA PROCESSING

1. By accessing and visiting this Website, as well as receiving the services offered to users through the Site, information concerning the user as an identified or identifiable natural person can be collected and processed. In the event that personal data are acquired, they will be processed in compliance with the current legislation on the personal data protection and only to meet the following purposes:

a) purposes strictly related and instrumental to allow the user to access and use the Site and its features;

b) for internal operational and management purposes relating to the services offered through the Website;

c) for statistical purposes, in a completely anonymised and aggregate form (for further information, see article 4.4.3);

d) to comply with any obligation provided for by law and European legislation;

e) for the execution of the requested service (i.e. personal account) or to fulfil contractual obligations (purchases through e-commerce platform);

f) responding to users' requests (for "Ticket" service, see article 4.2.1).

2. The data collected by users who use the site for the purposes indicated in the previous point could also be used for other purposes, but for each further processing will be required an explicit and express consent to the users. Therefore, the data of the users collected for the aforementioned purposes may also be processed for other processing activities only where explicit and voluntary consent has been provided by the user (i.e. for marketing and / or commercial promotion purposes, including paper and / or digital advertising material, with regard to the services and / or products offered by Data Store).

3. NATURE OF DATA PROVISION AND PROCESSING LEGAL BASES

1. The provision of personal data is mandatory for the purposes referred to in Article 2 as the legal basis of the processing is:

- in cases a), b) e c): the legitimate interests pursued by the controller to the correct operation of the Website and the continuous improvement of its functions in accordance with art. 6.f GDPR;

- in case d): for compliance with a legal obligation to which the controller is subject in accordance with art. 6.c GDPR;

-in cases e) and f): the performance of the contract to which the data subject is party in accordance with art. 6.b GDPR.

Any failure to provide such consent will therefore prevent the performance of the services required; however, it will be possible to visit the Site without providing any personal data, even if some features may not be available and some services not provided.

2. The provision of personal data is always voluntary for the purposes referred to in Article 2, par. 2 as the legal basis of the processing is the data subject consent, specific, informed and freely given in accordance with art. 6.a GDPR. If the data subject has not consented to processing, such operations will not be carried out without any consequences for the user; in particular, the user will be able to use the Website and the services for all the other purposes specified in art. 2, par. 1.

4. CATEGORIES OF DATA PROCESSED

Different types of personal data may be processed and treated differently, depending on the services rendered.

4.1 Navigation data

The information systems and software procedures used to the operation of this web site acquire personal data as part of their standard functioning. Such information is not collected in order to relate it to identifiable data subjects, however, it may allow User identification after being processed and matched with data held by third parties.

This data category includes the: IP addresses or names of computer domains used by visitors who access the website; URI (Uniform Resource Identifier) addresses of the requested resources; time of request; method used to submit the request to the server; size of the file obtained in response; numerical code indicating the status of the response from the server and other details relating to the operating system and the information environment of Users. This data is used only to obtain anonymous statistical information about the website and to check its correct functioning and is deleted immediately after processing. This data may also be used to ascertain responsibility in the case of possible computer crimes against the website. Excepting this, data on web contacts is not stored for more than seven days. As for cookies, please refer to paragraph 4.3.

4.2.1 Data supplied voluntarily by the User (messages - " Ticket" service )

The voluntary and explicit sending of communications using the contact form on this website ("Ticket service") will entail the subsequent acquisition of the sender's data, including his e-mail address, and the consent to receive replies to his request.

The personal data provided herein are used solely for the purpose of responding to the submitted requests and are disclosed to third parties only if this is necessary for that purpose. The data will be stored for the times prescribed by law.

4.2.2 Data supplied voluntarily by the User (personal account and e-commerce platform)

DataStore collects and processes information that constitutes personal data necessary for the registration of a personal user account by filling in the form on the page https://www.svapoforniture.com/customer/account/create/ and for the conclusion of purchase transactions through the e-commerce platform. In particular, the personal data of the user, such as his e-mail address and password for access to the personal account, are processed during the purchase process through the site. These data are collected and processed for the aforementioned purposes and activated at the request of the user. These data will also be used for accounting, administrative, declarative, financial and credit management purposes.

4.2.3 Data supplied voluntarily by the User (advertising materials and/or quotes)

Users can voluntarily provide personal information to Data Store in the context of a product they requested by it. Such provided data may be used to send e-mail communications relating to products similar to those previously required by the user, pursuant to art. 130, paragraph 4, of the Italian Legislative Decree n. 196/2003, without the need for express and prior consent ("soft spam"). Each message includes a notice that its recipient can at any moment revoke his/her consent without formalities to such processing of personal data. Data subject can request the Data Controller to delete or anonymize his/her personal information.

4.3.1 Cookie

What is a cookie ? Cookies are information stored by the browser when you visit a Web Site using a PC, smartphone or tablet. Each cookie contains several pieces of data (e.g. the name of the server from which it originates, a numeric identifier, etc.). Cookies can remain in the system for the duration of a session (until the closing of the browser), or for long periods, and may contain a unique identifier.

What are they used for ? Cookies are used for different purposes, depending on their type: some are strictly necessary for the correct function of the Web Site (technical cookies), whereas others optimise performance in order to provide the User with a better experience while they are visiting the Web Site. In addition, cookies allow Web Site usage statistics to be obtained, such as cookies analytics; others are for the purpose of displaying advertisements (in some cases advertisements are targeted based on cookie profiling).

Consent : Consent from the Users is stored by the Controller, for the purpose of fulfilling its responsibilities, through a technical cookie that has a duration period of 12 months. The User is informed both by the brief privacy notice (displayed in a banner upon the first visit to the Web Site until permission is granted or denied, as explained in paragraph 4.4 "How to disable cookies?") and by this privacy policy. Furthermore, see paragraph 4.3 for links to the privacy policy of third parties, in addition to disabling third party cookies (if directly available through the same).

How can you disable them ? You can disable cookies either through your browser settings (paragraph 4.4 "How to disable cookies?"), or through the mechanisms made available by a third party (paragraph 4.3 "Specific types of cookies used on the site").

4.3.2 General types of cookies used on the Web Site

Technical cookies (first party): these are essential for the proper operation of this Web Site (i.e. to allow authentication to the web site and facilitate the purchase of products).

Analytics cookies (first party) : these are used for statistical purposes in aggregate form.

Analytics cookies (third party ): are used to create User profiles in order to send advertising messages in accordance with the preferences expressed by the User during the browsing, by using a third-party service. Profiling or commercial cookies (third party): these are used to publish advertisements, based or not on users' interests and they are installed by third parties. Names and links to relevant information of third parties are available in the next paragraph.

4.4.3 Specific types of cookies used on the Web Site

Technical cookies : Stores the user's cookie consent state for the current domain (expiry: 12 months) and users states across page requests (expiry: 12 months).

Frontend, frontend_cid: identify and preserve user session state across page requests.

Third parties' cookies : this Web Site uses third-party cookies provided by the third parties listed below, together with the links to their respective to privacy policy (also for their disablement):

Technical cookies :

Pingdom__cfduid: to distribute traffic to the website on several servers in order to optimise response times.

Session cookies:

mailchimp_landing_page: recognizes and saved the number of the user visits coming from an e-mail the user received.

https://kb.mailchimp.com/campaigns/landing-pages/landing-page-privacy (in order to disable - opt -out);

Analytics cookies:

Google Analytics: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html e: https://tools.google.com/dlpage/gaoptout (in order to disable - opt-out);

Profiling cookies :

Google Inc.:

NID : collect user's data with the purpose of displaying targeted ads during the use of Google's services, such as Google Research, http://www.google.com/policies/technologies/cookies/ e http://www.google.com/settings/ads (in order to disable Google profiling cookies).

Facebook Inc.:

fr: used to track the usage of services through the social network facebook.com, https://www.facebook.com/policy/cookies/ (in order to disable - opt-out).

There is no cookie:

related to YouTube, but it may be useful to indicate the link to the related privacy policy:

Google Inc., https://www.google.it/intl/it/policies/privacy/ .

4.3.4 How to disable cookies?

Control via browser: The browsers commonly used (e.g. Internet Explorer, Firefox, Chrome, Safari) accept cookies by default, but this setting can be changed by the User at any time. This applies to both PCs and mobile devices like tablets and smartphones, and it is a function generally and widely supported.

Therefore, cookies can easily be disabled or turned off by accessing the browser's options or preferences, and in general third-party cookies can also be blocked. As a general rule, these options will only have an impact on that browser and on that device, unless there are active options to synchronize the preferences on different devices. Specific instructions can be found on the Options page or Help page of the browser itself. Disabling technical cookies, however, may affect the full and/ or proper functioning of different sites, including this one.

Normally, browsers used today:

  • offer the "Do not track" option, which is supported by some websites (but not all). Thus, these websites are no longer able to collect certain navigation data;

  • offer the option of anonymous surfing or incognito mode: in this way, data will not be collected in the browser and browsing history will not be saved, but the navigation data may still be acquired by the operator of the Web Site that was visited;

  • allow the deletion of cookies stored in whole or in part, but after visiting a Web Site again they are usually installed, where such possibility is not blocked.

Below are links to the support pages for the most popular browser (with instructions on how to disable cookies on these browsers):

Firefox (https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie);

Internet Explorer (http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11);

Safari (iOS) (https://support.apple.com/it-it/HT201265);

Chrome (desktop: https://support.google.com/chrome/answer/95647?hl=it; Android e iOS https://support.google.com/chrome/answer/2392971?hl=it).

Third-party cookies: these may be disabled either using the methods described above, or by referring to each third party (following the links listed in the previous paragraph).

On-line tools: You may note that from http://www.youronlinechoices.com/ you can not only learn more about cookies, but also check the installation of numerous cookies on your browser and/or device and, if supported, also disable them.

5. HOW THE DATA ARE PROCESSED

1. Data will be managed lawfully and used only for the aforementioned purposes (art. 2). It will be processed using suitable means to guarantee its security and confidentiality, using the most appropriate, also automated, means (hard copy or electronic) to store, manage and transmit the data. The Controller assess the appropriate level of security in particular from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

2. This data will be retained for the period stipulated under the relevant law and, anyway, for no longer than is necessary for the purposes for which the personal data are processed and/or until the data subject revokes the consent given for the purposes referred to in art. 2, par. 1.f and par. 2.

6. TO WHOM CAN THE COLLECTED DATA BE DISCLOSED?

1. The processing operations related to the web services of this site take place at the Data Controller's premises and are only handled by internal and/or external technical staff specifically delegated for processing. In particular, the data may be disclosed to third parties whose collaboration is needed for the performance of the services offered. The data collected via the web, or in any case arising from web services, may be disclosed to the technological and instrumental partners who cooperates with the Data Controller to provide the services required by users, always in compliance with the purposes set forth in article 2. To this purpose, the subjects who will have access to personal data will be specifically authorized for processing by the Data Controller and, if due, appointed as Data Processors, pursuant to Articles 28 and 29 of the GDPR.

2. The data collected for the aforementioned purposes may also be disclosed to subjects authorized under the relevant legislation.

3. A list of the subjects to whom the Data Controller discloses the personal data collected for the aforementioned purposes is available and can be consulted at the Data Controller's office and can be requested at the addresses indicated above.

7. WHICH ARE THE DATA SUBJECT'S RIGHTS?

1. The interested party is the natural person, identified or identifiable, to whom the personal data processed relates and, therefore, the user who accesses the Site and who, if necessary, requests the provision of services by the Data Controller.

2. Each data subject have the right of access at any time to personal data which have been collected concerning him or her (right of access) in order to be aware of, and verify, the lawfulness of the processing. The data subject is also entitled to exercise all the existing rights pursuant to the current national and European legislation on the personal data protection: in particular, he/her may request at any time the rectification and updating of incorrect or inaccurate data, the limitation of the processing and the erasure of the same (right to be forgotten), as well as lodging a complaint to the Data Protection Supervisory Authority.

3. With reference to personal data processed by automated means and based, if based on the user's consent, the data subject may also receive data concerning him or her in a structured, commonly used, machine-readable and interoperable format, and to transmit them to another data controller (right to data portability).

4. Each data subject has also the right to withdraw his or her consent at any time, without prejudice to the lawfulness of the processing based on consent before its withdrawal and the data subject is also always entitled to object to the processing of any data concerning him or her if it was carried out for direct marketing purposes by the Data Controller; in this case, his/her data will no longer be processed for these purposes (right of objection).

8. CONTACT POINT

1. Any request regarding the processing of personal data and any communication concerning the exercise of their rights may be addressed to the Data Controller by sending a communication via e-mail, to privacy@svapoforniture.com, PEC, to datastore@arubapec.it., by mail, to DATASTORE S.R.L., via Grandi 4 - 20068 Peschiera Borromeo (MI).

9. PRIVACY POLICY'S CHANGES

1. This Privacy Policy could be modified, also as a consequence of legislative or regulatory changes, technological developments and the provision of new services or modifications to those already rendered. The user / customer is therefore invited to periodically consult the Svapoforniture Privacy policy.

Contattaci

Loading cart items
Search