All User data collected will be processed exclusively and with due expertise by subjects specifically appointed to perform this task and specially trained in the matter. The purposes of the processing are those for which the data were collected, mainly with electronic and IT tools. The data will be stored on IT and paper media, as well as on any other media deemed suitable and compliant with the security measures imposed by the applicable regulations. The data is stored in such a way as to make it possible to identify the User in the minimum time necessary to achieve the objectives for which they were collected and then processed and, in any case, always in compliance with the provisions of the law. Any damage caused by causes not directly attributable to the Owner such as inaccessibility of the Site, or viruses, damaged files, interruption of internet or telephone connections, or other causes similar to the cases listed above are not attributable to the Owner. In addition, the User is required to diligently and responsibly store all personal information strictly connected to the Site, such as, for example, Site access credentials, any order and shipping codes or other data. Any subtraction or improper use of this data, and the consequences deriving from these events are the complete responsibility of the User.
The personal data requested by the Data Controller while browsing the Site may be mandatory or optional. Failure by the User to provide the mandatory data will result in failure to fulfill the purpose for which they were requested. The compilation of optional data, on the other hand, is entirely subject to the discretion of the User who can choose whether to provide them or not. In this case, the refusal does not entail any consequences in the execution of the purposes indicated at the time of the request. The User is also responsible for the constant updating of such data, in order to allow the Owner to perform all the services effectively and efficiently without incurring delays, errors or additional charges deriving from the failure to update such data. In particular, the Data Controller collects the Data that you voluntarily declare starting from a collection form on the Site including socio-professional information (for example, your profile, your surname, traditional name, first names, gender, date of birth , sponsor and/or delivery address, profession). When placing an Order, our bank lenders also collect and process Personal Data relating to your means of payment (credit card number, date and end of validity of the credit card, visual cryptogram - since it will not be stored, etc. ). For our part, we may process the partial number of your credit card consisting of the first six (6) numbers and the last four (4) numbers and the expiry date of your credit card as transmitted to us by your bank. Therefore, this payment identifier does not allow you to carry out bank transactions. We also collect information relating to the transaction made (transaction number, purchase details, etc.), or relating to the payment of invoices issued from or through the Site (payment methods, discounts granted, receipts, balances and non-payments, or relating to the credits subscribed, the amount and duration, etc.). The Data Controller processes the Data relating to the control of the commercial relationship with you: product and/or service purchased, quantity, amount, frequency, delivery and/or billing address(es), telephone number, security code, and any other information pertinent on the delivery (control number, location of the shipment, etc.) history of purchases and provision of services, return of products, correspondence and/or telephone exchanges between you and our after-sales service, etc.
The communication of the User's personal data to third parties is subject to compliance with the legal limits imposed and with the purposes declared and set out in point 1. The third parties involved fall into the following categories: 1. those responsible for warehousing, packing, shipping, delivery and return services; 2. the subjects appointed by the Data Controller to manage the administrative, contractual, accounting and legal activities of the Site; 3. credit institutions, insurance companies and the company/companies in charge of managing payments, including electronic ones; 4. the persons in charge of managing and maintaining the Site and all its functions; 5. any other subjects to whom the Data Controller has given the possibility of accessing the data, always in compliance with the provisions of the law or regulations. 6. affiliates, related companies, and offices associated with our Company, Lastly, the User's personal data may be used for competitions and/or participation in prizes, for the sending of advertising and promotional material concerning the Site and the Owner's Partners, only with the explicit and voluntary consent expressed by the User .
In cases where the processing of data requires the explicit and voluntary consent of the User, it will be collected in a specific way with explanation of the individual purposes pursued. It is specified that Article 6 of the GDPR provides for cases in which the processing of data does not require the express authorization of the User, such as for example for the fulfillment of legal or contractual obligations assumed towards the User.
The User has the right to request confirmation of the existence of personal data concerning him at any time, pursuant to articles 12 and following of the GDPR. In particular in accordance with the Personal Data Regulation, you benefit from the following Specific Rights of: to. access (Article 15 of the GDPR), b. rectification (Article 16 of the GDPR), c. cancellation (Article 17 of the GDPR), d. restriction of processing (article 18 of the GDPR), e. transferability (Article 20 of the GDPR), f. opposition (Articles 21 and 22 of the GDPR), g. post-mortem directives (Law n. 78-17 of 6 January 1978 relating to information technology, files and freedoms).
You have the possibility of obtaining from the Data Controller confirmation that the data concerning you are or are not being processed and, if they are, access to such data and the following information: 1. the purposes of the processing; 2. the categories of data; 3. the recipients or categories of recipients to whom the data are or will be communicated; 4. when possible, the expected data retention duration or, when it is not possible, the criteria used to determine duration dates; 5. the existence of the right to ask the Data Controller to rectify or delete data, or to limit the processing of your data, or the right to oppose such processing; 6. when the data is not collected from you, any information available as to its source; 7. when data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate guarantees relating to this transfer.
You have the possibility to obtain from the Data Controller, as soon as possible, the rectification of data concerning you which are inaccurate. You also have the option to ask for incomplete data to be completed, even if you need to provide a supplementary declaration.
You have the possibility to obtain from the Data Controller the cancellation, as soon as possible, of data concerning you when for one of the following reasons: to. the data are no longer necessary in light of the purposes for which they were collected or otherwise processed by the Data Controller; b. you have withdrawn your consent to the processing of this data and there is no other legal basis for the processing; c. exercise your right to object under the conditions set out below; d. there is no overriding legitimate reason for the processing; And. the data have been subject to unlawful processing; f. the data must be deleted to comply with a legal obligation; g. the data was provided by a child.
You have the possibility to obtain from the Data Controller the limitation of the processing of your data in application of one of the following reasons: to. the Data Controller verifies the accuracy of the data following your dispute of the accuracy of the data. b. the processing is unlawful and you oppose the deletion of the data by requesting the limitation of their use in its place; c. the Data Controller no longer needs the data for the purposes of their processing but they are still necessary for the establishment, exercise and/or defense of rights in justice; d. you have objected to the processing in the conditions set out below and the Data Controller checks to find out whether the legitimate reasons pursued prevail over the reasons given.
You have the option of receiving data concerning you from the Data Controller in a structured format, currently used and machine-readable when: 1. Data processing is based on consent and/or a contract, e 2. The treatment is carried out with the help of automated procedures. When you exercise your right to portability, you have the right to have the data transmitted directly by the Data Controller to a data controller that you can designate when technically possible.
You have the right to object at any time, for reasons that pertain to your particular situation, to a processing of data concerning you based on the legitimate interest of the Controller, in which case he will no longer process the data, unless he demonstrates that there are legitimate reasons and compelling reasons for the processing which prevail over your interests and your rights and freedoms, or may retain them for the purpose of establishing, exercising or defending legal claims. When the data is processed for prospecting purposes, you can object to the processing of this data at any time. Finally, the User has the right to oppose, in whole or in part for legitimate reasons, the processing of personal data concerning him, even if pertinent to the purpose of the collection as well as the processing of personal data concerning him for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication. To exercise the rights, the User can contact the following addresses: Tony S.r.l. - Via Carducci 32, 2012 Milan - email: email@example.com
The owner of the processing of personal data of Users who use the Site is Milor S.p.A. - Via dei Gracchi 35, 20146 Milan. To exercise their rights and for any further information regarding data processing, the User can contact the Data Controller at the following addresses: Milor S.p.A. - Via dei Gracchi 35, 20146 Milan - email: firstname.lastname@example.org.
Your Personal Data is kept on an active basis for a period of three (3) years starting from your last activity on the Site or on an electronic communication medium (especially an e-mail message) or, after this period, your profile is considered "inactive" and will automatically be deactivated. It is therefore up to you to create a new one for any new Orders. Your Personal Data in connection with an Order is kept for a period of three (3) years starting from an Order. They remain accessible to you and to us, particularly after the creation of your account to enable you and us to have a complete history of your Orders. We can delete them at any time upon your simple request. However, at the end of the aforementioned periods, and where appropriate, following your request for deletion, your Personal Data may be subject to intermediate archiving to meet our legal, accounting and tax obligations.
The site is present on social networks. For more information on the protection of your data while browsing these social networks, we invite you to consult their respective privacy policies. To allow us to proceed with an easier registration or connection to our Site, you may be able to authenticate yourself on our Site via a Social network. Simply click on the dedicated button in order to automatically pre-fill your registration form on the Site based on the information you have already provided to the Social Network. For our part and as a recipient, we may collect information when you browse the pages of our social networks or use their authentication features.
Unless specifically stated otherwise, the Site services are intended for a general audience. We recognize a special obligation to protect personal information obtained from young children. Therefore, in order for children under the age of 16 to register in any service, we require the child to provide the e-mail address, or other contact information, of a parent or guardian who will be contacted by the Data Controller in order to inform him, to confirm, modify or refuse the registration of his/her child. The Data Controller reserves the right to request written proof of the parent's or guardian's authorization at any time. Until the parent or guardian responds to the Owner's email in accordance with the Owner's instructions, the use of the services by the child may be limited.