Privacy Policy
EXTENDED PRIVACY INFORMATION
With this information, Piume e Piume Trapuntificio (hereinafter also the "Owner" or the "Company"), defines the methods of acquiring the data of users who consult the website http://www.domus-homecollection.com (hereinafter, the "Site, pursuant to art. 13 Legislative Decree 30.6. 2003 No. 196 (hereinafter, the "Privacy Code") and Articles 13 and 14 of EU Regulation No. 2016/679.
1. HOLDER, OBJECT AND PLACE OF THE PROCESSING
This is an information provided pursuant to current national and international laws to those who browse the Site, regardless of the methods and the tool used.
Following the authorization to process, the Data Controller will process the Data transmitted in accordance with the provisions of the Regulations and current national legislation, including any provisions of the Control Authority (ie Guarantor for the protection of personal data) where applicable.
The data of the interested parties may be transferred to a country other than the one in which the interested party is located. For more information about the place of treatment, the interested party can always contact the Data Controller at the references referred to in points 10 and 12 of the Information.
The Owner is committed to protecting the privacy of all users of the Site and invites all Users to read the Privacy Policy illustrated below.
2. METHODS AND PURPOSES IN THE TREATMENT AND USE
2.1. The Data of the interested parties is collected for the purpose of updating the Users about the initiatives and events organized and/or attended by the company regarding the wholesale trade of textile products.
The data are collected and stored exclusively for the purposes indicated above, both through the official website http://www.domus-homecollection.com , and through third-party platforms (Vimeo, Youtube, Facebook, Twitter, etc ..)
The Data may be communicated to employees and collaborators trusted by the Data Controller present in the national territory or outside it.
Acceptance of this information legitimates the data controller to communicate or disseminate the collected data to third parties.
In any case, personal data are not disclosed to third parties or disclosed without the prior consent of the interested party, except in the cases expressly indicated by art. 24 of Legislative Decree 196/03.
2.2. Any new and different data processing will be activated only after the notification of new information to users and interested parties to obtain their specific consent, where required.
2.3. The Data Controller adopts all appropriate security, practical and IT measures aimed at preventing unauthorized access, modification, disclosure or destruction of the data of the interested parties.
The treatment is carried out with organizational methods related to the indicated purposes and in agreement with the DPO if present or with the data controller.
It is always possible to obtain detailed information on the purposes of the processing and on the Data collected for each purpose by contacting the Data Controller at the references indicated in points 10 and 12 of the Information.
The protocols and privacy standards used by the Company for the protection of personal data are based on the following principles:
2.3.1. RESPONSIBILITY FOR TREATMENT AND USE
Data processing is managed over time by managers identified within the company organization (the company must indicate here - and also appoint according to the stringent GDPR regulations - the person / s responsible for data processing, specifying if subject outside or inside the company).
In some special cases, in addition to the Data Controller, different subjects involved in various ways in the organization of the Site (e.g. administrative, commercial, system administrators, hosting providers) may also have access to the data.
In any case, the interested party can always request the updated list of Managers from the Data Controller.
2.3.2. TRANSPARENCY IN TREATMENT AND USE
The data are collected and processed according to the principles expressed in this statement.
Before the acquisition and/or the provision of data, the interested party will have the opportunity to consult the privacy policy and decide whether or not to give consent to their acquisition and storage.
Consent is required and can be tacitly provided even when the data have been acquired through automated procedures (technical or profiling cookies).
However, it is always possible for the data subject to request the Data Controller for the concrete legal basis of each treatment, specifying, in particular, whether the same is based on the law, on a contract, or necessary for the conclusion of a contract.
2.3.3. RELEVANCE IN THE COLLECTION
The data are collected and processed in a lawful and correct manner. They are registered only for specific, explicit and legitimate purposes, identified in par. 2 of this document, and for purposes not exceeding the specified purposes.
2.3.4. VERIFICATION PRINCIPLE
The collected data is updated, organized and stored so that all interested parties are given the opportunity to know which data has been collected and recorded, to check its quality and to request any correction, integration, cancellation for violation of the law or to exercise all rights under art. 9 of this information, through the methods provided by art. 10 of this information.
2.3.5. SAFETY PRINCIPLE AND MEASURES ADOPTED
2.3.5.1. The data collected and processed are protected with the aim of preventing their unlawful disclosure or alteration through technical and/or IT security measures that aim to minimize the risks of destruction, loss (even accidental), or access by unauthorized parties. (the controller must identify, in practice, the appropriate security measures to prevent destruction, loss and unauthorized access. They must not, however, be specified here. However, they must be recorded in a document that presents the various compliance requirements variously specified. GDPR standards).
2.3.5.2. These measures are periodically checked and updated on the basis of technical progress, the nature of the data and the specific characteristics of the treatment.
2.3.5.3. The third parties that carry out support activities of any kind for the provision of services by the Company, in relation to which they perform personal data processing operations, are designated as data controllers and are required to comply with the security measures and confidentiality of the treatments.
2.3.5.4. The information acquired can be disclosed to the following third parties.
3. TYPE OF DATA AND PROCESSING METHODS
3.1. The data collected through the web domain http://www.domus-homecollection.com and the platforms owned by third parties (Youtube, Twitter, Vimeo, Facebook, etc ..), may include: name, surname, telephone number, mail, connection IP and any other information communicated directly by Users, making use of the links on the web page, aimed at making contact with the company.
In general, the data can be:
a) Data provided voluntarily by users: The data collected and processed on the Site are necessary for the provision of services. Consequently, in the event of failure to provide or lack of consent, the services that require their use cannot be provided.
Without the express consent of the interested parties to the use of the data provided (eg e-mail, landline or mobile phone) they will not be used for advertising purposes, direct sales or interactive commercial communication.
Specific information may be provided in the sections of the Site that may be prepared for the provision of Data.
In the event of a voluntary sending of e-mails to the owner's addresses, the same will acquire the sender's e-mail references and any other information that may be contained in the message. This data will be used to be contacted and in order to make it possible to perform any services requested.
b) Navigation data: The automated procedures of the Site acquire some Data, the transmission of which is implicit in the use of internet communication protocols.
Despite being information not intended to be associated with identified users, by their nature, if associated with other data held by third parties (eg internet service provider), they could allow identification of users (eg IP addresses, domain names of the PCs used by users who connect to the Site, URL addresses of the requested resources, request time, numerical code relating to the status of the response given by the server).
These data are used for statistical purposes only to verify traffic on the site and its correct functioning.
The Data Controller, or the designated managers, keep the layout of the connections made for a limited period, in order to comply with any request from the judicial authority, legitimated to request it in the phase of ascertaining responsibility in the event of computer crimes.
4. COOKIE POLICY
4.1. The site uses cookies. Cookies are portions of code installed in a browser that assist the Data Controller in providing the services according to the purposes described.
Any use of cookies, unless otherwise specified, simply aims to provide the service requested by users, ensuring the usability of the website and making it possible to navigate between the different pages.
Some of the purposes of installing temporary markers may, however, require users' consent.
For information, the main categories of cookies are:
a) technical and statistical aggregate cookies
Technical cookies have the function of allowing the performance of activities strictly related to the functioning of a web space. The technical cookies used by the Owner can be divided into the following subcategories:
- navigation, which allow you to save users' browsing preferences and optimize the browsing experience;
- analytics cookies, which acquire statistical information on how users navigate. This information is processed in an aggregate and anonymous form;
the. functionality cookies - also from third parties, which activate specific site features and are necessary for the provision of services.
These cookies do not require users' prior consent for their installation and use.
Other types of Cookies or third-party tools that could make use of them
Some of the services listed below may not require users' consent and could be managed directly by the Owner, without the need for third parties. If among these tools there are services managed by third parties, these could possibly perform user tracking activities, even without the knowledge of the owner.
In detail, the cookies used by the Owner are: ForceFlashSite; hs; smSession; XSRF-TOKEN; svSession; SSR-caching; smSession.
Control of the installation of cookies
In addition to what is indicated in this statement, interested parties can manage all preferences relating to cookies through their browser, preventing, for example, installation by third parties.
By disabling all cookies, the functioning of the Site may be compromised.
You can find information on how to manage cookies in your browser in the appropriate sections relating to the privacy policy of Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Explorer.
The Owner informs that the User can use tools such as Your Online Choices (http://www.youronlinechoices.com/it/), through which it is possible to manage the tracking preferences of most advertising tools.
The Data Controller strongly recommends the interested parties and users of the Site to use this resource in addition to the information provided in this statement.
For any other technical information relating to cookies, in addition to what is indicated in this statement, please consult the address:
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/2142939.
5. DATA STORAGE METHODS
The data, including navigation, will be stored, in compliance with the GDPR, only for the time necessary to fulfill the purposes referred to in this information and that is 2 years where the processing takes place for marketing and/or promotional initiatives, 10 years for purposes different.
6. ACCESS TO DATA
6.1. The Data processed by the Data Controller may be accessible to employees and collaborators of the same, in their capacity as persons in charge and/or internal managers of the processing and/or IT systems. Access to the data by these subjects will take place only if the processing is necessary for the performance of their duties by performing only the operations necessary for the performance of the duties themselves.
6.2. the Data Controller provides for the protection of user information against unauthorized access, illicit treatment, accidental loss, destruction, damage and keeps the information for the period strictly necessary for the pursuit of the purposes for which the data were collected.
7. COMMUNICATION OF DATA
7.1. Without the need for express consent pursuant to art. 6 lett. b) and c) GDPR), the Data Controller may communicate the Data upon reporting by the Supervisory Bodies (such as IVASS) or by the judicial Authorities, as well as to those subjects to whom the communication is mandatory by law to fulfill legal obligations, or to do assert or defend a right in court. These subjects will process the data in their capacity as independent data controllers. The data will not be disclosed, unless the requested service requires it.
7.2. If necessary, in relation to particular services or products requested, the Data may also be communicated to third parties who perform, as independent data controllers, functions strictly connected and instrumental to the provision of services, given that without such communication, these services and products could not be supplied.
7.3. Apart from the above, the Data Controller does not transfer personal data to third countries with respect to the EU or to international organizations.
8. TRANSFER OF DATA
8.1. Personal data is stored on an external server, not owned, managed by Wix.com.
9. DATA SUBJECT'S RIGHTS
9.1. The interested party has the rights referred to in art. 7 Privacy Code and art. 15 GDPR and precisely to obtain:
i. confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
ii. the indication:
a) the origin of personal data;
b) the purposes and methods of treatment;
c) the logic applied in case of treatment carried out with the aid of electronic instruments;
d) the identity of the owner, managers and the representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR;
e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
iii.
a) updating, rectification or, when interested, integration of data;
b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed;
c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment occurs proves impossible or involves the use of means manifestly disproportionate to the protected right;
to oppose:
iv. in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition even if only partly. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication.
Please note that data subjects always have the right to object to the processing of their data for direct marketing purposes, without the need to provide any reasons.
Where applicable, it also has the rights referred to in articles 15-21 GDPR (Right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
9.2. Where permitted by law, the user may have the right to obtain a copy of the Data in our possession.
9.3. Before responding to any specific request, optional information may be requested from the User, such as:
(i) verification of identity;
(ii) further details necessary to better respond to the request.
9.4. The Data Controller will provide the individual answers within an appropriate period of time and, in any case, within the period of time required by law. If the User wishes to exercise this right, he must contact us using the contact details provided in articles 11 and 13 of the Information.
10. METHODS OF EXERCISE OF RIGHTS
Users and interested parties can exercise the rights provided by the EU regulation 2016/679 at any time and for free, alternatively by sending:
- a communication by e-mail to the e-mail address:
11. OWNER, MANAGER AND OFFICERS
The owner of the treatment is Piume e Piume Trapuntificio.
The updated list of data processors and appointees is kept at the address just mentioned and can be accessed through a specific request formulated in the manner indicated above. (The list of data processors must bear specific characteristics and be kept by carefully observing the rules contained in the GDPR Reg.)
12. CONTACTS
For more information, you can always contact the owner.
Any comments, questions or requests relating to the use made by the Data Controller of the User must be sent to the email address:
Pursuant to art.11 of this privacy policy, the Data may be processed by persons appointed as internal and external managers, as well as by persons in charge of processing in charge of managing the requested service and will be communicated or disclosed to third parties within the limits and with the purposes envisaged by the information.
13. FUTURE CHANGES TO THE PRIVACY POLICY
The possible entry into force of new sector regulations, as well as the constant examination and updating of services to users, could entail the need to vary these methods.
It is therefore possible that the privacy policy may undergo further changes over time and therefore we invite interested parties to periodically consult the specific section of the site relating to the privacy policy.
For this purpose, the information discloses the update date to the fund.
It should be noted that, if the changes affect treatments whose legal basis is the consent of the interested party, the Data Controller will collect the consent of the same again, where necessary.
14. REDIRECT TO THIRD PARTY SITES
The Site contains plug-ins for redirection to other platforms or social networks (Youtube, Vimeo, Facebook, Linkedin, etc ..). These plug-ins are provided for the convenience of the Users and to facilitate the interconnection between the different pages, also promoting the publicity of the image of Piume e Piume Trapuntificio.
The Owner has no control over sites other than the one through which it promotes its business and their accessibility to the public.
For this reason, the Data Controller will not be held responsible for the data that is collected, disseminated and processed by the aforementioned sites, and invites Users to view their respective privacy policies.
Last modified: May 28, 2018