Privacy

PRIVACY POLICY OF THE SITE www.sciasciacollection.com

Site informationwww.sciasciacollection.com(hereinafter, the "Site") is provided pursuant to art. 13 EU Reg. 2016/679 (General Data Protection Regulation or, simply, "GDPR") and Legislative Decree 196/2003 ("Privacy Code") as amended by Legislative Decree 101/2018. The Data Controller will take care to keep this information updated.

1. Data controller

The Data Controller is Rigato Susanna, registered in the Venice Company Register and VAT number no. 0456906272, REA Venice registration no. 428487, with registered office in Corso Silvio Trentin 94 - 30027 SAN DONA' DI PIAVE (VE), Tel. + 39 340 0696459 pec susanna.rigato@pec.it (hereinafter, the "Data Controller" or the "Data Controller" ).

1. Type of personal data collected and Purpose of the processing

The personal data (hereinafter "Data") provided by the interested party will be processed for the following purposes:

1. User account creation: when users register on the Site, data will be collected, such as name, surname, date of birth, gender, e-mail address, password, which will be used to create the user's personal account and allow use of the services offered to registered users. In the case of registered users, the Data Controller also collects information relating to access to the reserved area of the Site.

2. Conclusion and execution of purchases on the Site: Data such as name, surname, e-mail address, shipping address, billing address, telephone number and payment details, will be processed by the Data Controller in order to process purchase orders. Some personal data will be processed to also allow the Data Controller to fulfill his obligations under laws, regulations or community legislation, in particular related to civil, tax and accounting legislation.

3. Contact form and other user contact requests: in the event that the user of the Site contacts the Owner to formulate requests for information and/or requests for assistance, the Data provided by the user will be processed by the Owner for the sole purpose to process the user's request.

4. Cart: the user's e-mail address, even if not registered on the Site, may be used by the Owner to send a reminder communication in the event that the user, after placing one or more products in the cart, has not finalized the purchase;

5. Newsletter and other promotional communications: the user's e-mail address at the time of his subscription to the Owner's newsletter service will be used to send commercial and/or promotional communications on the Owner's clothing products with the SciàScià® brand or other brands of ownership of the Owner, also under licence, provided they are used to distinguish clothing and similar products, as well as carry out market research, also making use of auxiliary third parties in sending such material who will be appointed for this purpose as data processors ("Marketing direct");

6. Personalization of the Site: only with prior express consent, the Data Controller collects and analyzes the user's browsing habits by automated means or using technologies such as cookies, web server registers or web beacons in order to personalize his experience on the Site and, therefore, offer him offers in line with his tastes (“Profiled Marketing”);

7. Information collected automatically: the computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, for example, the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the computer environment of the user. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site, for security reasons and to check its correct functioning and are canceled immediately after processing.

8. Legal Basis of the Processing and consequences in case of failure to provide it 

The Data Controller processes the Data only in the presence of one of the conditions provided for by current legislation, and specifically:

• for the conclusion and execution of a contract of which the user is a part or for the execution of pre-contractual measures adopted at the request of the user of the Site pursuant to art. 6, par. 1, lit. b), GDPR.

This basis legitimizes the processing of personal data that takes place in the following activities:

1. registration on the Site and use of services reserved for registered users;

2. conclusion and execution of a contract for the purchase of the products offered on the Site;

3. management of requests for information and/or requests for assistance from the user.

The provision of data for these activities is a contractual obligation. The user is free to communicate his data or not, but in the absence of the requested data it will not be possible to conclude or execute the contract and the user's requests. This means that the user will not be able to purchase the products and will not be able to use the services of the Owner and that the Owner will not be able to manage user requests;

• to comply with a legal obligation pursuant to art. 6, par. 1, lit. c), GDPR.

In the event of conclusion of a contract for the purchase of goods on the Site, the processing of user data will take place to fulfill the legal obligations to which the Data Controller is required in accordance with the tax provisions and other regulations to which the Data Controller is subject. The user is free to decide whether to conclude a contract and whether or not to communicate his data to the Data Controller, but if he concludes it, the Data will be necessary and will be processed to implement the aforementioned legal obligations to which the Data Controller is required.

• to pursue a legitimate interest of the Data Controller pursuant to art. 6, par. 1, lit. f), GDPR.

The Owner has a legitimate interest in sending the user of the Site a reminder e-mail communication in the event that the user, after placing a product in the cart and having already communicated his e-mail address to the Owner, does not had finalized the purchase in order to encourage the conclusion of the deal.

The Data may also be processed to prevent and prosecute any fraudulent activities, counterfeiting or abusive behavior (including by third parties) in conflict with current regulations, the contractual provisions applicable to the Site and related services, the rules of correctness and good faith .

Even in this case, the processing of data responds to a legitimate interest of the owner.

• on the basis of the consent of the interested party pursuant to art. 6, par. 1, lit. a), GDPR.

The Data Controller will carry out the following treatments only if the user has given his express consent:

1. sending the Owner's newsletter by e-mail (communications on news and commercial promotions);

2. conducting opinion polls and market research;

3. analysis of browsing and consumption habits in order to personalize the experience on the Site.

Providing the Data Controller with such Data for these activities is absolutely optional and will in no way affect the possibility of purchasing and/or requesting the services offered on the Site. The user is free to provide or not provide his Data for these purposes, but in the absence it will not be possible for the Owner to carry out marketing activities, opinion polls and market research, and to analyze user habits to provide him with personalized offers.

1. Categories of recipients and personal data 

All the Data collected may be communicated to internal figures authorized for processing according to their respective duties, as well as to external subjects to whom it is necessary to communicate the Data. These recipients, should they process Data on behalf of the Data Controller (such as third party technical service providers , postal couriers, hosting providers, IT companies, communication agencies), will be designated as data processors with a specific contract or other legal act. The data of third parties will be communicated upon request by the Data Controller.

In no case will the data be disseminated.

1. Security measures

The Site processes user data in a lawful and correct manner, adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or unauthorized destruction of data. The processing is carried out using IT and/or telematic tools, using appropriate organizational, technical and administrative measures in order to protect personal data within our company, and with logic strictly related to the purposes indicated. However, no data transmission and no storage system can be guaranteed to be 100% secure. Users who have reason to believe that interacting with the Site is no longer safe should report the problem immediately.

1. Transfer of personal data abroad

Data management and storage take place on servers located within the European Union, owned and/or available to the Data Controller and/or third-party companies duly appointed as data processors. The Data may also be transferred for the purposes referred to in art. 2 to subjects based in countries outside the European Union, provided they guarantee an adequate level of protection pursuant to articles 44 et seq. of the GDPR.

1. Data retention times

The Data will be kept for a limited period of time which varies according to the type of activity and the purpose for which the Data is processed.

Once this period has expired, the Data will be definitively deleted or in any case rendered anonymous in an irreversible way. The cases in which retention for a subsequent period is required for any disputes, requests from the competent authorities or pursuant to applicable legislation are excluded.

In particular, the Data is stored in compliance with the terms and criteria specified below:

1. data collected to conclude and execute contracts for the purchase of goods on the Site, including payment data: up to the conclusion of the administrative-accounting formalities. The billing data will be kept for 10 (ten) years from the billing date;

2. data of the registered user: the data will be kept until the user requests the cancellation of his personal account or after 2 (two) consecutive years without the user having accessed the account;

3. data connected to requests for information and/or requests for assistance: the data useful for processing the user's request will be kept until the request is met;

4. data used for commercial communication activities with users who have voluntarily subscribed to the Owner's newsletter, opinion polls, market research and surveys to measure satisfaction: these data are kept until the termination of the activity or the request of interruption of the activity (withdrawal of consent) and in any case within 2 (two) years from the last interaction of the user, of any kind, with the Site and/or the Owner. The user can, at any time, autonomously stop receiving these communications by simply clicking on the appropriate link at the bottom of each e-mail;

5. data used to personalize the Site and to show the user customized commercial offers: until the user requests the cessation of the activity and in any case and in any case within 2 (two) years from the last interaction of any kind with the Owner;

6. the Data collected through cookies will be kept for the period of time established by the single cookie. 

7. Rights of the interested party, At any time the user of the Site can exercise the rights with reference to the specific processing of his Data by the Owner, and in particular:

8. the right of access, i.e. the right to obtain confirmation from the Data Controller as to whether or not the Data is being processed and, in this case, to obtain access to it;

9. the right to rectification and cancellation, i.e. the right to obtain the rectification of inaccurate Data and/or the integration of incomplete Data or the cancellation of Data for legitimate reasons;

10. the right to limit the processing, i.e. the right to request the suspension of the processing if there are legitimate reasons;

11. the right to data portability, i.e. the right to receive the data in a structured, commonly used and readable format, as well as the right to transmit the data to another data controller;

12. the right to object, i.e. the right to oppose the processing of data if there are legitimate reasons, including the processing of data for marketing and profiling purposes, if provided;

13. the right to withdraw the consent at any time without prejudice to the lawfulness of the treatment based on the consent provided before the revocation;

14. the right to lodge a complaint with the competent supervisory authority in the event of unlawful processing of the Data or to take the appropriate judicial offices.

To exercise the rights recognized by the rules indicated above, the user can send his request by e-mail to the addressinfo@sciasciacollection.com  or by registered mail to the following address: Rigato Susanna, Corso Silvio Trentin 94 - 30027 SAN DONA' DI PIAVE (VE)

1. Updates 

This privacy statement may undergo changes and additions over time, which may also be necessary with reference to new regulatory interventions regarding the protection of personal data; the user of the Site is therefore invited to periodically check its contents.
The updated version of the privacy information, in any case, will be published on this page, with an indication of the date of its last update.

 

This information is updated to 1/7/2022.