INFORMATION NOTICE ON PROCESSING DATA ACCORDING TO THE ARTICLES 13 AND 14 OF REGULATION (EU) 2016/679 (“GDPR”)
For the purposes set out in EU Regulation 2016/679 on the protection of individuals with regard to the processing of personal data, we inform you that the processing of personal data you have provided and acquired by Dario Coos srl con sede a 33045 NIMIS via Ramandolo n. 5 will be processed in compliance with the regulations set forth in the foregoing Regulation and the resulting rights and obligations.
- Why do we collect your data? (purpose of processing) and what data do we collect?
Dario Coos srl collects the following customer personal data for:
- a) management of contract relationships with customers and legal obligations: name, surname, place and date of birth, gender, address, mail, fiscal code, identification document.
Only after your freely given consent, personal data indicated in point a) and other following personal data will be collect, archived, used and processed by Dario Coos srl:
- b) to carry out any statistical analysis;
- c) to provide personalized sales services (by way of example but not limited to: personal shopping services, free assistance services, courtesy services), for sending (also via ordinary mail, email, sms and mms, social networks, instant messaging) of communications on our products, our initiatives, exclusive sales and events and similar initiatives organized by the Dario Coos srl, including any invitations to such events, as well as for the sending of questionnaires for the detection of the degree of satisfaction of the services offered.
In relation to the purposes referred to in points b) and c) above, Dario Coos srl will be able to collect, store, use and process data other than those necessary for the management of the contractual relationship and comply with legal obligations, as indicated below purely by way of example:
- data collected during visits to stores, including the use of the Wi-Fi system or when participating in events, or through online data collection procedures, by filling in the form at the address https://www.dariocoos.it/contatti, creation of the reserved area, use of “favorites” and “saved searches”, or of purchases made online or other information sent voluntarily through a form on the site or which you have shared by contacting us: date of birth, age group, dates of family events, profession, hobbies, registration of individual purchases, use of particular social networks or ID of social networks, telephone, e-mail address, photography, audio and video, nationality, gender, language, categories of preferred products, details of products purchased, price, discount, level of statistical expenditure attributed, how to use the ancillary services provided by the company, preferences on services offered in the store, response to contacts, events in which the customer participated , products selected for purchase but not purchased;
The provision of personal data with respect to the purposes referred to in point a) is mandatory and in case of refusal, the Dario Coos srl will not be able to proceed with the contractual services requested. For the purposes referred to in paragraph 1 letters b) and c), the conferment is free and optional and the use of the data is subject to consent. Any refusal to provide data will not however allow Dario Coos srl to pursue the purposes indicated therein.
Particular categories of data: we will not ask you to provide and will not process your sensitive personal data (for example, on health, race, ethnicity, political opinions, etc.) except when the processing of information is requested or permitted by applicable law or we have obtained your free and explicit consent, expressed in writing.
- Conditions applicable to the consent of minors.
The processing of personal data of minors is lawful where the minor is at least 16 years old. If the child is under the age of 16, such treatment is lawful only if and to the extent that such consent is given or authorized by the holder of parental responsibility.
If we have reason to believe that one of our users is underage and that we have obtained your personal data without proper consent, we will delete such data within a short time.
- On what legal basis do we process your data?
The processing of your personal data is based on one or more of the following legal bases:
– Consent: we request your consent to use your data, for advertising and promotions; – Contractual services: your purchase request will make it necessary to process the personal data provided; – Legal obligations: when strictly necessary, we will process your personal data to fulfill a legal obligation; – Legitimate interests: to the extent that our use does not affect your rights, we will collect and process your personal data where we have a legitimate interest for the purposes of judicial protection and protection of our services.
- What are the methods of processing your personal data?
The treatment is carried out through operations, carried out with or without the aid of electronic tools and consists in the collection (also through video surveillance system), registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction of data.
Dario Coos srl does not adopt any automated decision making process, including profiling.
- How much time do we keep the data (data retention)?
The retention of personal data will take place in paper and / or electronic / informatics form and for the time strictly necessary to satisfy the aforementioned purposes, in compliance with current regulations
For direct marketing purposes we keep your data for a maximum period equal to that required by applicable law (equal to 24 months). Invoices, accounting documents and transaction data are kept for 10 years (also for tax purposes).
In the case of the exercise of the right to be forgotten through the request for explicit cancellation of personal data processed by the owner, we remind you that such data will be kept, in a protected form and with restricted access, only for purposes of ascertainment and repression of crimes. no more than 12 months from the date of the request and will subsequently be securely deleted or anonymised irreversibly.
Finally, we remind you that for the same purposes, the data relating to electronic traffic, excluding the contents of communications, will be kept for a period of no more than 6 years from the date of communication, pursuant to art. 24 of the Law n. 167/2017, which implemented the EU Directive on anti-terrorism.
- What happens if I do not provide the requested personal data (refusal to provide data)?
The provision of personal data is necessary for the purposes of carrying out the activities referred to in point 3) and the refusal by the party concerned to provide personal data implies the impossibility to perform the activities themselves.
The conferment is optional for the promotional purposes and the refusal to give consent in relation to these last purposes does not have negative consequences on the execution of the order.
- With whom do we share your personal data (data communication)?
I dati personali possono venire a conoscenza esclusivamente dagli soggetti autorizzati del trattamento di Dario Coos srl appositamente nominati e dotati di istruzioni per il corretto trattamento dei dati personali, anche in via orale.
The Data Controller of personal data entrusts some processing of data to persons external to the structure, who, in the context of their professional activity, are Data Processors and have declared that they comply with the legislation on the protection of personal data. External delegated treatments concern the fulfillment of accounting, tax and tax obligations, maintenance of hardware and software. In addition, personal data may also be processed by service providers, in particular administrators of our databases, cloud computing services, help desk services, advertising services, data analysts, multiple SMS sending services, companies that perform services shipping / delivery of catalogs and / or products, companies that perform services for the mailing of the newsletter, advertising material or promotional communications, companies that perform customer care services, companies that perform market analysis and research, companies that perform services of maintenance of IT systems. These suppliers are bound by contract to guarantee maximum confidentiality. They are not authorized to use or disclose your personal data, except in relation to the provision of their services. The data collected may also be processed by third parties who are independent data controllers, such as companies that perform services for the management of payments by credit card and tax free.
Personal data will in no case be disseminated, Dario Coos srl does not rent, sell or transmit your personal data. Personal data may be transferred to countries of the European Union or to third countries with respect to those of the European Union, within the scope of the purposes set out in point 3). The interested party will be informed whether or not an adequacy decision of the EU Commission exists.
- How do we protect your data?
All personal data will be processed in full compliance with the EU Regulation 2016/679 and the additional regulatory provisions on the protection of personal data and security measures in ways that ensure confidentiality and security and with logic strictly related to the purposes of above. We nevertheless stick to industry standard practices, such as firewalls, antiviruses updated annually, back up on NAS, password access to safeguard your personal data from unauthorized access, alteration, disclosure, misuse or destruction
- How do we update, correct, limit or delete your data?
The interested party can access the personal data provided, request at any time to limit our use of your data or to delete the data provided, stop sending updates and other communications by communicating to firstname.lastname@example.org.
A copy of the personal data provided or a transfer of the same to another person may be requested. These requests will be processed as quickly as possible. The data will be stored, if necessary, only the information necessary to prevent fraud and / or comply with legal obligations, if any.
- What are, in short, the RIGHTS of the interested party:
- a) request confirmation of the existence or otherwise of personal data; b) obtain information about the purposes of the processing, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the retention period; c) oppose the processing at any time and also in the case of treatment for direct marketing purposes; d) to oppose an automated decision-making process concerning individuals, including profiling, e) requesting the data controller to access personal data and to correct or cancel them or limit their processing or to object to their treatment, in addition to the right to data portability;
- f) revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given prior to the revocation; g) to propose a complaint to italian Autorità Garante per la protezione dei dati personali – www.garanteprivacy.it.
These rights may be exercised by sending a written communication via e-mail to the following address email@example.com The above rights may be exercised personally or by proxy or written power of attorney.
- Who is the Data Controller?
The Data Controller of data processing is Dario Coos srl con sede a 33045 NIMIS via Ramandolo n. 5.