This information, provided pursuant to art. 13 and ss. of the General Data Protection Regulation – Regulation (EU) 2016/679 (so-called “GDPR”) and art. 13 Legislative Decree 196/2003 – Code regarding the protection of personal data (so-called Privacy Code) and subsequent amendments, describes the methods of management of the site www.studiosarta.com with reference to the processing of personal data of users who connect to the site and use the related web services.
The information applies exclusively to the online activities of the website www.studiosarta.com (hereinafter the “Site”) and is valid for users of the site itself (hereinafter “Users”). It does not apply to information collected through channels other than the Site and for other websites that may be consulted by the User through appropriate links.
HOLDER OF THE TREATMENT
The owner of the processing of personal data through the Site is Giorgia Gaeta, based in Palermo, Via I. Pizzetti 48 CF/VAT: IT06559810822. The Data Controller can be contacted by email at firstname.lastname@example.org
TYPE OF DATA PROCESSED
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the navigation of the websites. This is information which by its very nature could, through processing and association with data held by third parties, allow the computers that connect to the site to be identified. These include the IP addresses or domain names of the computers used by the Users who connect to the site, the URL addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and platform used by the User.
Data provided voluntarily by Users
The optional, explicit and voluntary sending of purchase orders and communications by means of contact forms on the Site or by e-mail to the addresses indicated on the Site, entail the subsequent acquisition of the data communicated by the sender, including his address and -mail, personal data such as name and surname, telephone number, shipping address and billing address.
In the event that the User provides personal data of third parties, for example for shipments, will ensure that the privacy information is sent to the third party at the time of the first communication.
PURPOSE OF THE PROCESSING AND LEGAL CONDITION
The processing of Users’ personal data is authorized by the relevant legislation, on the basis of at least one of the following legal conditions:
Consent: if the User has consented to the use of their data having given consent, which can be revoked at any time by email to email@example.com;
Execution of pre-contractual measures or fulfillment of contractual obligations: if the processing is necessary to conclude or to fulfill a contract or to execute pre-contractual measures;
Legal obligations: if it is necessary to use the User’s personal data to comply with the legal obligations incumbent on the Owner;
Legitimate interest: if the processing is necessary to pursue a legitimate interest of the Data Controller or to allow the Data Controller to defend himself, take legal action or make legal claims.
The purposes and specific conditions of the processing of Users’ personal data acquired through the Site are indicated below.
a) To respond to requests for information or assistance sent by the User to Customer Service.
Prerequisites for processing: consent and fulfillment of contractual obligations or execution of pre-contractual measures.
The provision of data is not mandatory, however it is necessary to allow the provision and management of services, any refusal to provide the data in question will make it impossible to obtain the provision of the service.
b) Conclude the purchase of the goods on the online shop and execute the purchase contract requested by the User;
Prerequisites for processing: fulfillment of contractual obligations.
The provision of data is not mandatory, however it is necessary to allow the conclusion and execution of the purchase order for the goods on the online shop, any refusal to provide the data in question will make it impossible to purchase the goods offered for sale on the Site.
c) Send newsletters, promotional messages and special offers via e-mail;
Prerequisites for processing: consent. The provision of data is optional, any refusal to provide the data in question involves only the inability to receive promotional messages via email. Consent can be revoked at any time via the unsubscribe link in the promotional emails or by sending an email to firstname.lastname@example.org
d) Manage and maintain the Site, process statistical research / analysis on aggregate or anonymous data, without therefore the possibility of identifying the User, aimed at measuring the functioning of the Site, measuring traffic and evaluating usability and interest, preventing or discovering fraudulent activities o abuses harmful to the Site;
Prerequisites for processing: legitimate interest of the Data Controller.
e) Fulfill legal obligations, regulations or provisions of the judicial authority, to which the Data Controller is subject;
Prerequisites for processing: fulfillment of legal obligations
f) Exercise the rights of the owner, for example to defend one’s right in court.
The User’s personal data, subject to processing for the purposes indicated above, will be kept for the period strictly necessary to fulfill the aforementioned purposes and, subsequently, for the time in which Giorgia Gaeta is subject to retention obligations for tax purposes or for other purposes provided for by law or regulation.
For greater clarity, the retention periods relating to the main purposes are indicated below:
– Marketing purposes: the registration and the related processing are considered valid until the user unsubscribes, possible through the link in each email. A verification communication will be sent to all users at least every twelve months, containing the unsubscribe link.
– Fulfillment of contractual obligations: the data processed to fulfill any contractual obligation may be kept for the entire duration of the contract as well as for 10 years after the end of the fiscal year following that of competence, to deal with any assessment and / or dispute of a fiscal nature.
– In the event of disputes: in the event that it is necessary to defend or take legal action or even make claims against the User or third parties, the Data Controller may keep the personal data that it reasonably deems necessary to process for these purposes, for the time in which this claim can be prosecuted.
PROTECTION OF USER INFORMATION
If you do not wish to be contacted by us you can follow the unsubscribe instructions that accompanies any contact e-mail. If you opt-out of certain contacts, we may still contact you about any problems or issues with your account, profile, or any purchases you have made on the site or from us. Please allow ten (10) business days from when your unsubscribe request was received to complete the removal, as some of our promotions may already have been in process before you submitted your request.
In accordance with applicable data protection laws and regulations, you have a right to request access to, rectification or erasure of your data, or restriction of processing, and to object to said processing, as well as the right to data portability to the extent applicable. These rights may be exercised directly with SARTA by sending us a written request at email@example.com. You may be asked for proof of identity. You have the following rights regarding the user information you have provided us:
To review the user information that you have supplied to us
To request that we correct any errors, outdated information, or omissions in user information that you have supplied us
To request that you user information not be used to contact you (except as otherwise provided in these terms)
To request that your user information be removed from any solicitation of ours
To request that your user information be deleted from our records
To opt out of being solicited by the site or third parties
If you request that your user information be deleted from our records, there may be a reasonable delay in processing that request, while we or our designee verifies that the request is valid and originates from you, and a copy of some or all of the user information may be retained for legal compliance purposes, and in automatic backups. You may be asked for proof of identity. If you request that your user information be deleted, we reserve the right to terminate and/or limit your access to the site. To exercise any of these rights, please contact us at firstname.lastname@example.org. We will use commercially reasonable efforts to honor your request.
We retain user information and other information to provide you with access to the site or certain features thereof. For example, in order to create your own account on the Site, you must provide us with your name and your valid, working e-mail address; and you hereby authorize us to store your name and e-mail address. Should you elect to do so, you may also provide, in your account, your telephone number, payment card information, and shipping and billing addresses. If you choose to provide us with such additional information, then you are also authorizing us to store such information until such time as you request to change or delete it and such request is reasonably processed.
The Data that is collected and processed under our Contact form shall only be kept throughout the duration of the processing of your request. The Data concerning your orders shall in principle be kept by SARTA for a period of time that does not exceed the applicable statutory limitation periods. This Data may however also be viewed from your client account as long as the latter remains active. Your bank account Data shall be kept secure for the duration that is needed for the confirmation of your order.
Should you have any questions about the collection and processing of your data by SARTA, please contact us by sending an email to email@example.com.
BACK IN STOCK NOTIFIER
By subscribing to our “In Stock” notifier service, you agree that your data will be used by SARTA, as data controller, to send you notifications about availability of stock. You may exercise your rights to request access to, rectification or erasure of your personal data, or restriction of processing, and to object to said processing as well as to withdraw your consent, by sending an email to firstname.lastname@example.org You may be asked for proof of identity.
METHOD OF TREATMENT
The Site processes User data in a lawful and correct manner, by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
Personal data are processed both on paper and electronically, through the use of a website hosted on the Cloud managed by the company OVH, a member of CISPE, a European association that collects the most important European cloud providers and which has created a code of conduct ( Coc) to protect customer data in accordance with the provisions dictated by the GDPR.
The processing is carried out by adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or unauthorized destruction of the data.
RIGHTS OF THE INTERESTED PARTIES
Pursuant to art. 15 and following of the European Regulation 679/2016 (GDPR), the User has the right to:
a) ask the Data Controller for access to personal data and information relating to them; the correction of inaccurate data or the integration of incomplete ones; the cancellation of personal data concerning him (upon the occurrence of one of the conditions indicated in art.17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of your personal data (in the event of one of the hypotheses indicated in art.18, paragraph 1 of the GDPR);
b) request and obtain from the Data Controller – in the hypothesis in which the legal basis of the processing is the contract or consent, and the same is carried out by automated means – personal data in a structured and readable format by automatic device, also for the purpose of communicate such data to another data controller (so-called right to the portability of personal data);
c) oppose the processing of personal data at any time in the event of particular situations concerning him;
d) withdraw consent at any time, limited to cases in which the processing is based on consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories of data (e.g. data revealing racial origin, political views, religious beliefs, health or sex life). The treatment based on consent and carried out prior to the revocation of the same retains, however, its lawfulness;
e) lodge a complaint with a supervisory authority (Authority for the protection of personal data – www.garanteprivacy.it).
The exercise of these rights is subject to some exceptions aimed at safeguarding the public interest (for example the prevention or identification of crimes) and the interests of the Owner. In the event that the User exercises any of the aforementioned rights, it will be the responsibility of the Owner to verify that the User is entitled to exercise it and to reply, as a rule, within one month.
In the event that the User, if the conditions exist, revoke the consent or exercise the right of cancellation, a technical time may be necessary to process the request, during which the User could still be contacted as part of the activities of marketing already started.
For the exercise of these rights, or to obtain any other information on the matter, requests should be addressed to the Data Controller, by email at email@example.com
When you provide us with personal information to complete a transaction, verify your credit card, place an order, arrange for a delivery or return a purchase, we imply that you consent to our collecting it and using it for that specific reason only. If we ask for your personal information for a secondary reason, like marketing, we will either ask you directly for your expressed consent, or provide you with an opportunity to say no. If after you opt-in to our site registration or email, and you change your mind, you may withdraw your consent for us to contact you, for the continued collection, use or disclosure of your information, at anytime, by emailing us at firstname.lastname@example.org
We may disclose your personal information if we are required by law to do so or if you violate our Terms of Service.
ONLINE ACCESSIBILITY STATEMENT
SARTA’s goal is to permit customers to successfully gather information and conduct business through our website, including individuals with visual impairments that use screen readers to view the website. SARTA has taken steps and is devoting resources to promote website accessibility.
If you have difficulty accessing features or functions on this website, email us at email@example.com and we will work with you to provide the information you seek.
QUESTIONS AND CONTACT INFORMATION
If you would like to: access, correct, amend or delete any personal information we have about you, register a complaint, or simply want more information email us at firstname.lastname@example.org.
HOLDER OF TREATMENT
Cookies are information (small text strings) that the sites visited by the user (the “User”) send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same User.
Cookies are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations regarding users who access the server, storage of preferences, etc.
TYPE OF COOKIES
- TECHNICAL COOKIES: they are those that guarantee the normal navigation and use of the website and optimize the User’s browsing experience or that allow to provide a service requested by the User. They are not used for other purposes and are normally installed directly by the owner or manager of the website.
- COOKIE ANALYTICS: they are a particular type of cookie used by website managers to collect aggregate information of a statistical nature (eg number of website visitors, most read articles, time spent on the page, etc …). These cookies can be assimilated to technical cookies provided that they are anonymized (for example by masking significant portions of the IP address).
- PROFILING COOKIES: they are designed to control the User’s browsing, tracing it in order to monitor and create profiles relating to the User, in order to send advertising messages in line with the preferences expressed by the same in the context of surfing the net.
- THIRD PARTY COOKIES: these are cookies from a site other than the one the User is visiting, installed through the latter.
THE SITE USES THE FOLLOWING COOKIES
Google Analytics (data tracking of website visits)
Facebook (social campaign tracking)
Stripe (tracking for credit card payments managed by the Stripe platform)
SOCIAL NETWORK BUTTONS AND WIDEGTS
The Site also incorporates social plugins, ie the “buttons” that depict the icons of social networks (eg. Instagram), and that allow the User who is browsing to interact directly with the social platforms with a “click” .
The cookies of these social networks are set only when the User makes effective and voluntary use of the plugin. The collection and use of the information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer.
All cookies have an owner which tells you who the cookie belongs to. The owner is the domain specified in the cookie. Whenever you visit our website, we place cookies onto your device for different reasons. Such cookies are called “first-party” cookies, whereas cookies set by a different owner such as social media platforms or ad network/ad tech providers, are called “third-party” cookies.
Here is a list of cookies that we use:
- Google Analytics__utma, __utmb,__utmc, __utmx, __utmxx, __utmz, __utmt, sid
- Facebook Pixel___datr
You can change the settings of the cookies that are downloaded to your computer or mobile device through the functionality of your browser. By doing so, it is also possible to prevent the installation of third-party cookies and remove previously installed cookies, including those containing your preferences regarding cookies that you have expressed here. To adjust or change the settings of your browser you must consult the instruction manual or the help screen of your browser.
The instructions regarding cookies of the most popular browsers are available here below:
Firefox: https://support.mozilla.org/it/ kb / Activate% 20e% 20deactivate% 20i% 20 cookie
Safari: https://support.apple.com/kb/PH19214?viewlocale=it_IT&locale=en_US Internet
Explorer: http://windows.microsoft.com/it-it/windows -view / block-or-allow-cookies
By disabling cookies, it is still possible to use some parts of the website, but some services may not be usable.
HOLDER OF THE TREATMENT
The owner of the processing of personal data is Giorgia Gaeta – Via I. Pizzetti 48, Palermo, Italy, CF/VAT: IT06559810822