Data privacy is of high importance for Due Fcs s.r.l. and we want to be open and transparent with our processing of your personal data.
We therefore have a policy setting out how your personal data will be processed and protected.
1 The controller of your personal data
The Italian company, Due Fcs s.r.l., is the controller of the personal data andis responsible for your personal data under the General Data Protection Regulation (EU) 2016/679 and the applicable national data protection law.
Due Fcs s.r.l.
Headquarter: VIA DEI NOTAI N° 143 | BLOCCO 30 CENTERGROSS
40050 FUNO DI ARGELATO (BO)| ITALIA
Cap.Soc. Euro 30.000,00 i.v.
Reg. Imprese, CF and VAT Number. 02936541206
REA BO 478905
This privacy notice applies to the web site of Due Fcs s.r.l. accessible at the address www.soallure.it
2 The legal ground for processing
For every specific process of personal data we collect from you, we will inform you whether the provision of personal data is statutory or required to enter a contract and whether it is an obligation to provide the personal data and possible consequences if you choose not to.
Your personal data will be deleted once the purpose of the processing has been achieved unless the law prevents us from so doing.
We ask you to read carefully the following information on the specific processes.
3 Data processing
3.1.a Use of personal information
We may collect information through automated tracking mechanisms and technology to make our Site more interesting and useful to you and for various purposes related to our business. For instance, whenyou come to our Site, we may collect information about your computer, including where available your IP address,URL referrer, operating system and browser type. Such information may be used for systemadministration and to analyze the frequency with which visitors to our Site visit various parts of our sites; and we may combine such information with personally identifiable information.
3.1.b Legal Basis for Processing Personal Information
We collect personal data from the users of the website on the basis of the controller’s interest under Article 6, par. 1, lett. f) of Regulation (EU) 2016/679 – (GDPR) in order to provide entry to content and services provided from the website.
3.1.c Retention of Data
Your personal data will be deleted or blocked as soon as the purpose of processing has been achieved unless the law prevents us to do so. The processing of data is necessary for the operation of the website. Consequently, the user has no way of objection.
3.2.a Use of personal information
On our web site you can subscribe to our free newsletter. This will keep you updatedthrough e-mails on our new collections, makertinginformations, new stores opening and new initiatives promoted by our brand. We only need your email to subscribe to our service. If you don’t like we use your information, please do not enter them.
3.2.b Legal Basis for Processing Personal Information
The processing of your personal data is based on your consent when you agree to direct marketing(art. 6 par. 1, lett. a) GDPR).
3.2.c Retention of Data
We will keep your data for direct marketing until you withdraw your consent. Your email address will be deleted after you cancel your subscription. Further retention could happen only if required by law in individual cases.
Mailchimp is an online marketing platform operated by The Rocket Science Group LLC, a company headquartered in the State of Georgia in the United States.
The legal basis for processing personal information of EU Citizens is consent.
3.2.e International Transfers
Mailchimp participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. To learn more about the Privacy Shield Frameworks, and to view Mailchimp’s certification, visit the U.S. Department of Commerce’s Privacy Shield website available herehttps://www.privacyshield.gov/welcome.
With respect to Personal Information received or transferred pursuant to the Privacy Shield Frameworks, Mailchimp is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, they may be required to disclose Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
Mailchimp states to take appropriate and reasonable technical and organizational measures designed to protect Personal Information from loss, misuse, unauthorized access, disclosure, alteration, and destruction, taking into account the risks involved in the processing and the nature of the Personal Information. For further information about our security practices, please see their Security page available https://mailchimp.com/about/security/. If you have any questions about the security of your Personal Information, you may contact us at firstname.lastname@example.org.
4 Transfer to third parties
Data that is forwarded to third parties is only used to provide you with the service mentioned above, to technical suppliers for management of the service.
We never pass on, sell or swap your data for marketing purposes to third parties outside our organization.
5 Data subjects’ rights
Data subjects have the right to obtain from the controller access to their personal data as well as rectification or erasure of such data or the restriction of the processing concerning them, and to object to the processing (pursuant to Articles 15 to 22 of the Regulation).
– Right of access – Article 15 GDPR
The right of access grants the data subject comprehensive insight into the data concerning them and into other important criteria, such as the purposes of the processing or the period for which the data shall be stored.
– Right to rectification – Article 16 GDPR
The right to rectification implies the possibility for the data subject to have inaccurate personal data concerning the subject rectified.
– Right to erasure – Article 17 GDPR
The right to erasure entails the possibility for the data subjects to have data erased at the controller. This is, however, only possible if the data concerning them are no longer necessary, if they have been unlawfully processed, or a corresponding consent has been withdrawn.
– Right to restriction of processing – Article 18 GDPR
The right to restriction of processing includes the possibility for the data subject to prevent for the time being any further processing of personal data concerning them. A restriction mainly occurs at the stage of examining other exercises of rights by the data subject.
– Right to data portability – Article 20 GDPR
The right to data portability implies the right for the data subject to receive from the controller the personal data concerning them in a commonly used, machine-readable format in order to have them, if necessary, transferred to another controller. In accordance with Art. 20 para. 3 sentence 2 of the GDPR, that right is not available if the data processing serves the purpose of performing public tasks.
– Right to lodge a complaint
If a data subject considers that the processing of personal data relating to them infringes the Regulation, they have the right to lodge a complaint pursuant to Article 77 of the Regulation.
6 Right to object – Article 21 GDPR
The right to object includes the possibility for data subjects to object, in a particular situation, to the further processing of their personal data as far as this processing is justified by the performance of public tasks or of public and private interests.
Please contact us via email email@example.com to lodge all requests to exercise these rights.
7 Security measures and data protection
No data transmissions over the Internet can be guaranteed to be 100% secure. Consequently, we cannot ensure or warrant the security of any information you transmit to us and you understand that any information that you transfer to us is done at your own risk. That said, once we receive your transmission, we have technical and organizational measures in place to help protect your data from loss, manipulation, unauthorised access, etc. We continually adapt our security measures in line with technological progress and developments. We protect your data using encryption using Secure Sockets Layer (SSL). SSL is a function that encrypts all information sent between you and us.
8 Social media
Facebook and Instagram