Pursuant to art. 13, of Ital. Law. Decree no. 196 dated 30 June 2003 as amended and of EU Regulation no. 2016/679 (hereafter, the “Privacy Code – GDPR”), please be informed as the Data Subject that the personal data you supply or is otherwise acquired in a lawful manner as part of our activities (hereafter, the “Data”) is processed in compliance both with the Privacy Code-GDPR and with secrecy obligations which are among the inspiring principles of Bottega S.p.A.
The Data Controller is BOTTEGA S.p.A. (“Data Controller” and/or “Bottega”) with registered office in Rubiera (RE), Via Emilia Ovest 53/A, VAT No. 02860110358, email@example.com, phone (+39) [•].Data are gathered with electronic methods in encrypted form and subsequently processed with IT and manual means, exclusively for purposes associated with the supply of services requested by you, the user. Processing is carried out in compliance with all applicable provisions and regulations on security.
The Data will be accessible within Bottega corporate organisation exclusively by persons who need to know them because of the duties they perform for execution of the contractual relationship with you. A complete, updated list of any Person in charge of the processing who may be named will be at your disposal at the Data Controller’s location. The Data may be communicated to agencies, authorities, public institutions, banks and credit institutes, professionals, independent contractors, commercial partners and third parties employed by Bottega for executing the contractual relationship, as well as to anyone who is a lawful recipient of communications prescribed by laws or regulations. Such entities will process the Data as Data Controllers or persons in charge of the processing, as the case may be, exclusively for the purposes that are specified above. The Data will not be disseminated in any way.
The Data will be stored for the time required for fulfilling the purposes indicated above and in compliance with the time frames prescribed by law. You have a recognised, guaranteed right to ask the Data Controller for access to your personal data and to correct or delete it, or to limit or oppose its processing, in addition to the right of data portability.
A Data Subject has the right to submit a claim with the supervisory authority if his/her requests for information made to the Data Controller have not been met with satisfactory responses.The supervisory authority of reference is the Italian Authority for Personal Data Protection http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524
The computer systems and programs are configured for minimising the use of personal and identifying data that are not necessary for fulfilling the purposes of processing specified above.Communicating the Data is necessary for providing services. If you fail to provide it, you will not be able to take advantage of them.
Bottega notes that the processing required for providing such services as subscription to the newsletter, and the processing required for answering a user’s questions and providing the latter with the requested information, to the extent and in the ways established by law and by this Policy, require your consent pursuant to art. 24 of the Italian Data Protection Act.
TYPE OF DATA GATHERED
METHODS AND PLACE OF PROCESSING COLLECTED DATA
The Data Controller takes suitable security measures whose purpose is to prevent unauthorised access to, dissemination of, modification of and destruction of users’ personal data. Such measures include computer and/or electronic tools and are performed through organisational methods and a framework that are strictly correlated with the purposes described herein. In addition to the Data Controller, other persons in charge of the processing and involved in the site organization (such as administrative, commercial, marketing and legal personnel, and system administrators) or outside entities (such as third-party suppliers of technical services, mail couriers, hosting providers, IT companies and publicity agencies) may have access to the data. The data is processed at the Data Controller’s offices and in any other place where the parties involved in processing are located.
Processing is carried out using automated systems for the time strictly required to achieve the purposes for which the data was collected and, in any case, in accordance with applicable laws and regulations on data protection. At any time, the user may ask that processing be halted or that the data be deleted.
PURPOSES OF PROCESSING COLLECTED DATA
The user’s data is collected to enable the Data Controller to provide its services, as well as for the following purposes: Statistics, advertising, contacting the user, interaction with social networks and outside platforms, managing addresses and sending emails. The types of personal data used for each purpose are specified in specific sections of this document.
DETAILS OF PERSONAL DATA PROCESSING SENDING EMAILS
When the user subscribes to the newsletter, his/her email address is entered on a list of contacts to whom emails containing information of a commercial/ promotional and other nature regarding this Application may be sent. Personal data gathered: email address.
ADDITIONAL INFORMATION ON PROCESSING DEFENCE IN COURT
If the Data Controller must protect its interests before a court of law from abuse associated with the utilisation of services, it is entitled to employ the user’s personal data and to reveal it to public authorities. Upon the user’s request, the website may provide additional relevant information on specific services or on the collection and processing of personal data.
SYSTEM AND MAINTENANCE LOGS
This website and any third-party services it uses compile system logs which contain the user’s IP address. The logs are used for managing and maintaining the services provided by the website.
USERS’ EXERCISE OF RIGHTS
At any time, the subjects whose Personal Data has been gathered may obtain confirmation of its existence or non-existence from the Data Controller, learn its content and origin, check its accuracy or ask for its completion, deletion, update or transformation into an anonymous format, or request that Personal Data processed in violation of law be blocked, as well as to object to – on legitimate grounds – the processing of the Data. Requests in this regard must be made to the Data Controller.
At any time, the Data Controller may change this Policy. When doing so, it will communicate said changes to users on this page. The latest revision is indicated using the date placed at the end of this document. The user may ask for his/her data to be removed if the changes made by the Data Controller are unacceptable. For further information, the user is asked to contact the Data Controller.