Privacy Policy of website www.cuoieriafiorentina.it

Information sheet pursuant to article 13 of EU Reg. 2016/679.

On this page you can find the description of how the website is managed as far as its users’ personal data processing.

N.B.: if the user is a minor (under 18 years old), a parent or guardian must read these conditions and approve them before using the website and its services.

The report, in compliance with article 13 of GDPR, is referring only to the present website and not other websites linked to it and browsed by the user..

THE DATA CONTROLLER

The data controller is Cuoieria Fiorentina S.r.l., which can be contacted through the contact information found in this report in order to request information on the Data Processors appointed by the Data Controller and Joint Controllers.

The Joint Controllers are companies connected to the Data Controller and partners that work together for the management of the services provided with the website and for the satisfaction of the requests of the data subjects.

TYPES OF PROCESSED DATA

After browsing through this website, data related to identified or identifiable people may be processed.

Browsing Data
The IT systems and the software procedures in charge of the functioning of this website process some personal data during its normal operation; this implicit processing is necessary for the use of the Internet communication protocols.

This information is not collected to be associated to identified subjects, but because of its nature it could identify the users thanks to elaborations and associations to data held by third parties.

Many types of data belong to this category, for example Internet Protocol addresses or domain names of computers used by users that connect to the website, URI (Uniform Resource Identifier) address notations of the requested resources, the time of the request, the method used to undergo the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (success, error, etc.) and other parameters related to the operating system and the IT environment of the user, such as the type and version of the browser, the types and versions of the browser’s plug-in, the mobile device identifier (IDFA or AndroidID) and other parameters related to your operating system and the IT environment of the user.

These data, without a specific consent to their processing for other purposes, are used only in order to acquire anonymous statistical information on the use of the website and monitor its proper functioning. Data might be used for detection only in case of responsibility for hypothetical computer criminal offences for damaging the website and, only in this case, specific procedures can be activated in order to identify the author.

The Legal basis for the processing of these data is based on the legitimate interest pursued by the Controller for the protection of data security, proper functioning of the website and improvement of the service standards.

Personal Data
Personal data are all the personal information given by a visitor through the website, for example when writing to an email found in the contact area in order to request information and/or proceeding with a purchase of products sold on the website and/or registering to a reserved area, etc.

The Legal basis for the processing of these data derives from the necessity to process such data in order to satisfy the requests of the data subjects and/or fulfil the contractual obligations.

PROVISION OF DATA

Apart from what is specified in relation to browsing data, the user is free to provide the personal data requested while browsing in order to submit requests to the Company, solicit the sending of informative material or other communications, proceed with the purchase of products sold on the website. In case of no provision, what requested might not be possible to obtain.

User Data Given Intentionally
When entering the website for the first time, an informative banner with a link to this document appears; by interacting with the website, the choice to continue browsing is registered (through a specific cookie [see below]).

The optional transmission, explicit and voluntary, of emails to the address on this website implicates the subsequent processing of sender address, necessary to answer to user’s requests, as well as other potential personal data written in the message that, unless different needs are duly communicated, will be kept for the time necessary to fulfil the requests.

If, in the request of contact, the data subject communicates special categories of personal data (such as: personal data which reveal racial or ethnic origin, political opinions, religion or philosophical beliefs, or trade union membership, as well as genetic data, biometric data which allow the unique identification of a natural person, data concerning a person’s health or sex life or sexual orientation), a specific consent for their processing can be necessary, or otherwise such requests by the data subject might not be possible to be carried out.

MODALITIES OF PROCESSING AND PROCESSORS

Personal data are processed with automated tools for strictly the time necessary to fulfil the purposes for which they were collected. The processing carried out for the web services of this website is handled by staff mandated by the Controller as well as external entities, called Processors, appointed for the technical management and maintenance of the website and its computer systems. Specific security measures are employed in order to prevent data loss, unlawful or incorrect use and unauthorised accesses.

Personal data provided by users that request informative materials (newsletter, answers to questions, etc.) are only used to carry out the requested service and are communicated to third parties only in case of necessity to fulfil the request.

Processing Resulting from a Contact Request, Purchase, Registration or Subscription to the Newsletter Service
Personal data provided voluntarily by the data subject through the contact area or in the registration area, where the user can subscribe to the newsletter:

  1. are processed mostly with automated tools in order to:
    1. ensure a reliable and timely response and meet the demands of the user, who - in case of registration or subscription to the newsletter - has the power to suspend the processing at any time;
    2. comply with obligations arising from European laws, rules and regulations; fulfil provisions issued by the Judicial Authority;
    3. provide information to the system of acquisition of public knowledge with statistical analysis, made through anonymous and aggregated data, which is necessary for the verification, improvement and thus designing of a service that is increasingly capable of meeting the demand;
    4. send courtesy communications and/or communications containing information/offers related to products offered and services performed by the Data Controller, of course, only with the consent of the data subject, as well as via SMS or other means of communication connected with the contact information, postal addresses and emails provided. It is understood that the data subject will nonetheless have the power to refuse the processing of his/her data at any time; in this regard, we specify that, even by giving consent, the subject has the power to express his/her own choices about the channels used to send those communications by entering even only one contact of those requested in the form;
  2. may be processed by communication and marketing staff, computer system maintenance staff whose role is to ensure the proper functioning of the systems, the security of the data and backup operations, other staff within the limits of its job description and as provided by company procedures and other entities that provide services for auxiliary purposes in order to meet the demands of the subject, within the limits strictly necessary to carry out the tasks assigned to them;
  3. can be communicated or made available to:
  • individuals who may access the data by virtue of provisions of European laws, rules and regulations, within the limits set by these rules;
  • other individuals who provide services in order to meet the demands of the subject, within the limits strictly necessary to carry out the tasks assigned to them.

We remind the users that filling the fields marked with an asterisk (*) is mandatory, without those data it will not be possible to fulfil the requests or answer to the inquiries of the data subject.

We point out that the Newsletter service is managed through the Mailchimp platform, property of The Rocket Science Group LLC (see specific privacy policy at http://mailchimp.com/legal/privacy/), called External Processor (data processor), with headquarters in the USA and that has regularly accepted the agreement known as "EU-U.S. Privacy Shield” and guaranteed the observance of the European provisions requested by the GDPR.

DATA STORAGE - DISSEMINATION - TRANSFER ABROAD

Any data provided, unless governed by duly-communicated instructions from the data subject stating otherwise, will be stored for as long as it is necessary to satisfy the requests of the subject and comply with legal requirements.

In case of registration to some sections of the website or subscription to some services, data will be stored until the cancellation of the service, after which the data will continue to be stored only if provided for by law and in accordance with the rules on the storage of administrative documentation.

Where the subject has a contractual relationship with the Data Controller, the data will be stored - if relevant thereto - for the duration of the contract, upon the expiry of which it will continue to be stored only if provided for by law and in accordance with the rules on the storage of administrative documentation.

The contact information, for which the consent to send commercial communications has been provided, will be stored for up to 12 months from when the last communication is sent, or until the subject withdraws his/her consent.

No data gathered by the web service is disseminated.

Personal data will be transferred to other entities outside of the European Union, to the Country in which the subject resides or is, exclusively if necessary to meet the demands and as provided for by current regulations.

Some third parties, services providers, could have headquarters and/or their servers abroad (server provider, Mailchimp, etc.), whether within or outside of the EU. In this case, the data processing will be carried out exclusively in accordance with the purposes and modalities described in this information sheet and according to the relevant provisions and with the proper guarantees of adequacy and security requested by the current regulations.

COOKIES

WHAT COOKIES ARE
A “cookie” is a small quantity of data, often contained in a unique and anonymous identification code that is sent to users’ browsers by a web server and which are subsequently memorised on the users’ hard disk. The cookie can be read and recognised only by the website that sent it whenever another visit happens.

We remind you that the browser is the software that allows users to browse the Net by viewing and transferring information on the users’ hard disk. If the browser preferences are set to accept cookies, any website may send its cookies to the browser, but - in order to protect the user’s privacy - it can only and exclusively detect those sent from the website, and not those sent to the browser by other websites.

In any case, cookies cannot cause any damage to the user’s computer.

COOKIES SETTING ALTERNATIVE
Users’ privacy is essentially guaranteed by the fact that they may at any time:

  • set the browser so as to accept all cookies, refuse all cookies or receive a notice when one is sent;
  • delete one, some or all cookies.

Each browser has its own specific settings, so please consult the “Help” section of the used browser for more information on how to change preferences.

Most browsers are initially set to accept cookies automatically. In case of different devices (for example, computer, Smartphone, tablet, etc.), the User must make sure that the settings of the browser of each device are reflecting the cookie preferences of the user.

As an example, below there is a list of links to online information on the main browsers:

 

HOW COOKIES ARE USED ON THIS WEBSITE
The potential use of the so-called session cookies (which are not permanently stored on the user’s computer and disappear as soon as the browser is closed) is strictly limited to the transmission of session identification data needed to allow safe and efficient browsing of the website.

We use cookies mainly to understand how our visitors interact with the Service and to help the user by speeding up and customising communication and browsing as much as possible and to put ourselves in the position to provide the best service. Thanks to cookies, we can recognise the user (more precisely, the device used) who has already visited our website, so we can for example remind him/her what was already visited, pointing out any updates.

In any case, cookies cannot cause any damage to the user’s computer.

Third-Party Service Cookies / Social Plugins
There are links to third-party websites that allow the user to access and use some services present on the website. Moreover, this website uses “Social Plugins” (hereunder called “buttons”) of social networks such as Facebook or Instagram. These buttons are disabled by default, so they do not send data to their respective social network without your consent.

Upon activation of the service or button, these third-party websites may also store cookies on the user’s computer through the browser and may use information about the user’s visits to provide focused advertisements on their websites.

In order to discover the purpose and entity of the detection and processing/use of data by third-party websites, which we have nothing to do with, the user can access the information notices and privacy policy made available on the portals on the following links:

  • https://www.facebook.com/policies/
  • https://policies.google.com/privacy
  • http://www.google.com/intl/en/policies/privacy/
  • https://www.hotjar.com/privacy
  • https://clerk.io/privacy

While browsing the website, the User could also receive on his/her terminal cookies of websites or web servers of third parties that are not known to the Data Controller (so-called “third-party” cookies). This happens because on the website there could be elements - for example images, maps, sounds, specific links to web pages of other domains, which are hosted on servers different from the one on which the requested page is located. In other words, such cookies are set directly by managers of websites or servers different from the Website. Theoretically, these third parties could set cookies while you are visiting the Website and thus obtain information concerning the fact that you visited the Website.

For further information on these third party companies, not known to the Data Controller, which - through cookies - may have acquired and may handle personal data, you can visit the following link www.youronlinechoices.com/ and access the customising service “your online choices” and provide your consent.

COOKIEs list of the website
Below you can find a list of the cookies employed on this website specifying their category according to the following classification

Category

Description

A

"TECHNICAL" or FUNCTIONAL COOKIE: Technical cookies are those used exclusively to "carry out the transmission of a communication on an electronic communication network, or insofar as this is strictly necessary to the provider of an information society service that has been explicitly requested by the contracting party or the user to provide the said service." (see art. 122, subsection 1, of the Code). They are not used for further purposes. They can be grouped into browsing or session cookies, which allow users to navigate and use a website properly (e.g. to purchase items online or authenticate themselves to access certain reserved areas); analytics cookies, which can be equated to technical cookies insofar as they are used directly by the website manager to collect aggregate information on the number of visitors and the pattern of visits to the website; functional cookies, which allow users to navigate as a function of certain pre-determined criteria (such as language or products to be purchased) so as to improve the quality of service. To install these cookies the user’s consent is not requested.

P

PROFILING COOKIE: Profiling cookies are used to create user profiles in order to send targeted advertisements in line with the preferences showed when browsing online.

T

THIRD-PARTY COOKIE:Third-party cookies are placed directly and autonomously by different website providers or servers other than the website of the Controller.

N.B.: for THIRD-PARTY cookies, please refer to the pages of the websites of the third-party companies that are available at the aforementioned links, limiting the list to those cookies which this document refers to, with purposes functional to the services requested by the Controller to third parties.

Cookie Name

CATEGORY

What does it do

PERMANENCE on the computer

OWNER
(Link to the third party website)

_cookielaw

A

Register the choice on the visitor’s cookies.

1 month

Cuoieria Fiorentina

_ga

A

Register a univocal ID used to generate statistical data on the use of the website and to identify if the user accessed the website in the past.

It does not contain any personal information.

2 years from set/update

Google analytics (*)

_gat

_gid

A

Register a univocal ID used to generate statistical data on the use of the website by the user.

It does not contain any personal information.

session

Google analytics (*)

(*) GOOGLE ANALYTICS

This website uses Google Analytics, a web analysis service provided by Google Inc. in order to generate statistics on the use of the web portal.

Google Analytics uses "cookies” that are stored on your computer in order to analyse the use of the website by users. The information generated by the cookie for the website use (IP address included) is transmitted from the user’s browser to Google, headquarters at 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA, and stored on its servers.

Google Analytics collects the information anonymously, without identifying the single visitors. Browsers do not share proprietary cookies of Google Analytics among various domains. Google Analytics does not report information related to the actual addresses: Google Analytics communicates only a portion of the IP address by using a masking IP in order to geolocate the user without showing the entire address.

Google will use this information in order to track and examine the use of the website, compile reports on the website activities and provide additional services to the owner of the website about the website activities, connection modalities (mobile, pc, browser employed, etc.), research modalities and the portal page views. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data in its possession.

It is possible to disable Google Analytics’ cookies by using the additional opt-out plug-in provided by Google for the main browsers. This way it will be possible to use the online services too:

See also:

  • the terms of service of Google Analytics
  • the privacy overview of Google https://policies.google.com/privacy?hl=en#intro
  • the privacy policy of Google https://policies.google.com/privacy?hl=en
  • https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

RIGHTS OF DATA SUBJECTS
The data subject has the right to:

  • request access to personal data from the data controller and to rectify or erase them or limit personal data processing that concerns the subject and to object to the processing of his/her data.
  • receive the personal data concerning the subject in a structured, commonly used and machine-readable format, if the processing is carried out by (computer) automated means and with the subject approval, and/or transmit them directly to another data controller, where technically feasible.
  • withdraw his/her own consent at any time (without affecting the lawfulness of processing based on consent before its withdrawal), obviously related to the processing carried out based on this condition.
  • lodge a complaint with a supervisory authority: the Italian Personal Data Protection Supervisor - Piazza di Monte Citorio n. 121 00186 ROME - Fax: (+39) 06.69677.3785 - Telephone switchboard: (+39) 06.696771 - Email: garante@gpdp.it - Certified email: protocollo@pec.gpdp.it

The requests must be addressed to the Controller:

  • by email to info1@cuoieriafiorentina.it;
  • via registered mail to Cuoieria Fiorentina S.r.l., Via dei Ciliegi, 25, 50066 REGGELLO (FI);
  • calling +39 055 8635629 and specifying the nature of the request to the operator, bearing in mind that it is not possible to answer requests over the phone if there is no certainty of the applicant’s identity.

Legal Validity
For a proper interpretation, discrepancies and for legal purposes, the Italian version shall prevail over any other language.