PRIVACY NOTICE FOR THE WEBSITE WWW.CERAMICHEDELWEISS.IT
Updated June 2018
Table of Contents
- General Information on Privacy.
- Definition of Personal Data and Data Processing.
- Identification of the Data Controller, Data Processor, and Data Processing Officer.
- List of Main Data Processing Activities.
- User Rights According to EU Regulation 2016/679.
For any clarification, information, or exercise of the rights listed in this notice, please contact: firstname.lastname@example.org
Registered mail address: Via Rizzi n. 24, Nove (VI)
Tel +39 0424 590037
General Information on Privacy
With this notice, the company EDELWEISS 1970 S.N.C. di Morlin Roberto and Simone (hereinafter: EDELWEISS 1970 Snc), represented by its legal representative pro tempore, with VAT number 04241140245 and registered office at Via Rizzi n. 24, Nove (VI), as the data controller, wishes to inform you about the processing of personal data that you will provide during your navigation on this website.
EU Regulation 2016/679 establishes rules to protect and safeguard the personal data of individuals, and this notice is drafted in accordance with this new regulatory framework.
This notice may undergo changes following the introduction of new regulations or changes to the website, so we invite you to periodically visit this section for updates.
According to the law, the processing of personal data is based on the principles of fairness, lawfulness, transparency, protection of user privacy, and the protection of their rights. EDELWEISS 1970 Snc undertakes to observe these principles, and for this purpose, we inform you that, except for those processing activities for which the law requires your explicit consent, by browsing this website, uploading, or providing personal data, you accept and consent to be bound by the terms and conditions of this notice.
If you are under 16 years old, your consent is valid only if given or authorized by the person with parental responsibility for you.
In any case, we would like to provide you with some information about the concept of personal data processing, the individuals who manage them, the main processing activities we carry out, and your rights as a user.
Definition of Personal Data and Data Processing
Personal data refers to all information that identifies or makes an individual person identifiable. This includes information that directly allows the identification of the person (such as name, surname, or tax code) or indirectly (such as profiling cookies). Data processing refers to any operation or set of operations, whether automated or not, applied to personal data, including collection, recording, organization, structuring, storage, adaptation, or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment, or combination, restriction, erasure, or destruction.
Identification of the Data Controller, Data Processor, and Data Processing Officer
The data controller is the natural or legal person, public authority, service, or other body that, alone or jointly with others, determines the purposes and means of processing personal data and is also responsible for security profiles. Regarding this website, the data controller is EDELWEISS 1970 Snc, represented by its legal representative pro tempore, as indicated above, and for any clarification or exercise of your rights, you can contact them at the addresses already provided.
The data processor, on the other hand, is the natural or legal person, public authority, service, or other body that processes personal data on behalf of the data controller. Concerning the personal data you provide during navigation on this website, EDELWEISS 1970 Snc has appointed its WEB Agency as the data processor, which may process the data you provide during navigation on behalf of the data controller. In any case, your data will also be processed by the company’s employees who have been trained for this purpose to adequately protect the information you provide. For more information about these subjects, please contact the addresses already indicated.
List of Main Data Processing Activities Carried Out Following Navigation on This Website
1) Data collected during navigation will not be disclosed or transferred to non-EU countries (the hosting used by the data controller is located within the EU). However, for the effective execution of the requested service or legal obligations, some data may be shared with external parties appointed by our company to perform specific tasks on our behalf (for example, IT consultants, professionals). In any case, the data controller is committed to protecting the security of all your personal data by adopting the necessary computer and physical measures to protect them. It is important to note, however, that no security system can guarantee absolute protection, and therefore, except in cases of the data controller’s fault, EDELWEISS 1970 Snc is not responsible for actions taken by third parties who access the systems without the necessary authorizations.
3) By clicking the “Contact” button in the menu, the user accesses a form where they can provide personal data (name, subject, email, phone, message). Providing this data is optional, but not filling out the form will prevent the company from providing two different and independent types of services:
3.1) The first is to respond to general requests for information about the company’s activities, provide information about franchising, or becoming a retailer. The legal basis for processing is either the user’s consent or the performance of pre-contractual measures. Processing will be carried out using computer and paper systems. Data will be retained for the time necessary to provide the information service. After this period, your data will be immediately deleted. In the case of the extension of the relationship through the signing of a contract, your data will be retained for 10 years from the termination of the contractual relationship, for legal, tax, and accounting purposes required by law. Information can only be requested by users who are at least 16 years old; users under 16 must be previously authorized by their legal guardians.
3.2) The second processing activity is intended to send advertising to the user via email or SMS. The legal basis for processing is the user’s consent. Processing will be carried out using computer systems, and the duration of the processing depends on the user’s will, who can revoke the consent previously given at any time by contacting the addresses provided at the beginning of this notice. The advertising service can only be requested by users who are at least 16 years old; users under 16 must be previously authorized by their legal guardians.
4) By contacting the phone number and email address provided
at the bottom of the website, the user provides their personal data (e.g., name, surname, phone number). Providing this data is optional, but not providing it will prevent the company from responding to the user’s information requests. This data will be processed using computer and paper systems, and the processing will end when the company completes the information service.
User Rights According to EU Regulation 2016/679
The data subject, i.e., the individual who provides their personal data to the data controller, has the following rights:
- The right to request access to personal data held by the data controller, i.e., to know what data the data controller processes.
- The right to obtain updates to their data.
- The right to rectify, i.e., the right to have their data modified if it has changed.
- The right to have their data integrated with other information provided by the data subject.
- The right to restrict processing related to them, i.e., to limit the use of the data by the data controller.
- The right to object, for legitimate reasons, to their processing.
- The right to data portability, i.e., the right to receive all personal data processed by the data controller in a structured and machine-readable format.
- The right to request the deletion of their data from the data controller.
- The transformation into anonymous form or the blocking of data processed in violation of the law, including data that does not require storage for the purposes for which the data was collected or subsequently processed.
- The right to obtain confirmation that operations related to data updates, rectification, integration, deletion, blocking, transformation, have been brought to the attention of those to whom the data has been communicated or disclosed, except when such compliance proves impossible or involves a manifestly disproportionate use of resources compared to the protected right.
- The right to withdraw consent given explicitly at any time, without affecting the lawfulness of the processing carried out up to that point.
- The right to lodge a complaint with the Italian Data Protection Authority in case of violations of the regulations.
For a more in-depth examination of your rights, refer to Articles 15 – 16 – 17 – 18 – 20 – 21 of EU Regulation 679/2016. Requests can be addressed to the data controller, without formality, at the addresses indicated in the heading, or alternatively, by using the model provided by the Italian Data Protection Authority, available at the following link: http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924;