PRIVACY DISCLOSURE PROVIDED UNDER ARTICLE 13 OF REGULATION EU 2016/679 OF 27 APRIL 2016
This disclosure is provided pursuant to and for the purposes of Article 13 of Regulation EU 2016/679 of 27 April 2016 (hereinafter also the “GDPR”) governing the protection of natural persons concerning the processing of their personal data. More specifically, Fashionart S.r.l., in its capacity as Data Controller, wishes to inform you that in accordance with the obligations under the GDPR it is required to provide some information about the methods and purposes of processing the personal data it may collect following the users’ visits to and use of its website.
A. DATA CONTROLLER
The Data Controller of all the personal data collected and processed in relation to the operation of the website is Fashionart S.r.l., having its registered office in 35010 – Limena, Via Cesare Battisti, n. 29.
Email address: email@example.com
Phone: 049 8841265
B. DATA PROCESSED AND PURPOSES OF PROCESSING
1. TYPE OF DATA PROCESSED
1.1. Personal data
The optional and voluntary completion of the contact form available on our website, where the user provides his/her name and email details, implies the subsequent collection of such personal data in order to reply to the requests submitted.
Please note that the optional submission of any type of request to the email address specified implies the subsequent collection of the sender’s address and of any additional personal data provided in the message.
All contents provided on a voluntary basis by the user will be visible to the Data Controller and its agents.
1.2. Navigation data
Information systems and software procedures underlying the running of this website will, during their normal operations, collect some personal data, the transmission of which is considered as implied in the use of Internet communication protocols.
This type of data includes the IP addresses and domain names of the computers used by the users to access the website, addresses in URI (Uniform Resource Identifier) notation of the resources requested, time of request, method used to submit the request to the server, size of the file received in response, numerical code representing the status of the response provided by the server (successful, error, etc.) and other metrics related to the user’s operating system and IT environment.
These data are used for the sole purpose of gathering anonymous statistical data regarding the use of the site and to check its proper running. These data may be used to investigate and establish liability in the event of possible cybercrimes against the site and the Data Controller only upon request by the relevant supervisory authorities.
2. PURPOSE OF PROCESSING
Personal data collected through the contact form completed by the user or through messages sent by email to firstname.lastname@example.org will be processed to meet the user’s requests.
The Data Controller will, however, have the power to process the above data in an aggregate form, in compliance with the provisions stated in the EU Regulation and in the Guidelines of the Privacy Supervisory Authority — and further in line with any specific exemption from consent granted by the latter — to perform electronic processing tasks and analyses (e.g. grouping the whole class of users into consistent categories by level of services, consumption, expenditure, etc.) with the aim of monitoring the economic trend and development of Fashionart S.r.l. activities on a regular basis.
C. LEGAL BASIS OF PROCESSING
The legal basis for the processing of the above personal data is:
- stated under Article 1.1(B), Types of data processed, need to reply to the user’s requests;
- stated under Article 1.2(B), Types of data processed, need to enable users to navigate through the website.
D. PROCESSING MEANS
Personal data will be processed using automated and non-automated means for the purposes for which they are collected. Specific security measures have been adopted to prevent loss of data, illegal or inappropriate use and unauthorised access. The data thus collected may be used on behalf of the Data Controller by the administrators who are responsible for delivering processing-related services and for ensuring the smooth running of website activities. The data processing procedures connected to the web services of this website may also take place at the web service provider’s premises. It should be noted that personal data will be stored and checked — including in relation to the knowledge gained based on technical advancements, the nature of data and the specific characteristics of the processing — by adopting such suitable and preventive security measures, both physical and logical, as to minimise the risks of (i) destruction or loss of such data, (ii) unauthorised access, (iii) unauthorised processing or processing not complying with the data collection purposes. The data will be stored on a physical server located in the Italian territory. The processing will be carried out by the Data Controller and the data agents expressly authorised by the Data Controller.
E. DATA RETENTION PERIOD
- Data provided through the contact form or by email: these data are retained for the period required to reply to the user’s request.
- Navigation data: they are retained for the technical time required to perform the tasks for which they were collected and in any event for a period of time not exceeding 6 months.
The Data Controller will retain the data of the data subject until the retention term expires, with the caveat that such data will at any rate be automatically erased or depersonalised on a permanent and irreversible manner.
F. RECIPIENTS AND CATEGORIES OF RECIPIENTS
The personal data provided will not be disseminated nor will they be disclosed to unspecified entities.
The data may, on the other hand, be disclosed to entities identified only by the Data Controller for the designated purposes, including:
(a) Company managing the website;
(b) Data processors and data agents.
The list of the entities appointed as external data processors is available at: Fashionart S.r.l., having its registered office in 35010 – Limena, Via Cesare Battisti, n. 29, Phone: 049 8841265, email address: email@example.com
G. DATA SUBJECT RIGHTS
The data subject has the right to:
- access, rectify, delete, restrict and object to the processing of his/her data;
- obtain, without any impediment, from the Data Controller the data concerning him/her in a structured, commonly used and machine-readable format in order to transfer them to another data controller;
- withhold his/her consent, with the understanding that this will not affect the lawfulness of the processing based on the consent given prior to such withdrawal.
In this regard, please be informed that the time limit for responding to the data subject’s requests is, in respect of all rights, one month from the receipt of the request, though it may be extended to three months in case of particularly complex requests.
The aforesaid rights may be exercised by sending a written notice to firstname.lastname@example.org or registered letter with acknowledgement of receipt to: Via Cesare Battisti n. 29, Limena 35010.
H. COMPLAINT WITH THE SUPERVISORY AUTHORITY
The data subject has the right to file a complaint with the Data Processing Supervisory Authority.
The complaint is a measure that allows the data subject to reach out to the Supervisory Authority to report any personal data protection breaches as under Article 77 of the GDPR and request the Authority to conduct an audit.
The complaint may be lodged by the data subject to the Supervisory Authority of his/her place of residence or where he/she works or where the alleged breach occurred.
The data subject is also entitled to bring an action for judicial review before the Ordinary Court if he/she believes his/her rights have been violated following the processing.
I. TRANSFERRING YOUR DATA ABROAD
Your data will not be transferred outside of the European Union.