The following
information is provided by Opinion Ciatti s.r.l.
(hereinafter also referred to as "Opinion Ciatti" or "Data
Controller"), pursuant to art. 13 of EU Regulation 2016/679 (“Regulation”
or “GDPR”) in relation to the processing of personal data of the Users of the
website www.opinionciatti.com (“Website”), who can choose:
a) to ask for specific information about Opinion
Ciatti’s products, events and activities via the contact form (https://www.opinionciatti.com/it/pages/16-contatti) or by sending an e-mail;
b) to register
on the Website to create an account for placing orders and buying Opinion
Ciatti’s products on-line,
c) to give
their freely given and specific consent for Opinion Ciatti to send newsletters
and marketing communications about Opinion Ciatti’s products, as such as
advertising material, direct marketing proposals, market research, etc., at
their email addresses;
d) to give their freely given and specific consent for processing their personal data provided during the registration and for placing orders (full name, birthdate, home address and location data, preferences, purchase choices, personal interests etc.) for profiling purpose, namely evaluating User’s profile as a consumer and/or to analyse his/her behaviours and consumer habits, in order to provide him/her targeted advertising based upon his/her profile.
For the purposes of the Regulation (art. 4.1), "personal data" means any information relating to an identified or identifiable natural person (“Data subject” or, for purposes of this information, “User”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
This information
relates solely to the processing of data collected by Opinion Ciatti website
and is not otherwise applicable.
1. DATA CONTROLLER
The Data Controller is Opinion Ciatti s.r.l., with
registered office in: via di Prato, 80 - 50041 Calenzano, Florence (Italy), VAT
and C.F. 05372720481.
The Data Controller can be contacted:
2. PURPOSES AND LEGAL BASIS OF PROCESSING
Personal data voluntarily provided by Data
subjects who interact with the services provided through the Website are
processed for purposes related to the Users’ requests and/or to the given consent.
Depending on the choice/option:
a) in case the
Data subject asks for specific information about Opinion Ciatti, the latter
will process the provided contact data to answer the request, by sending one or
more e-mail communications;
b) in the case
the Data subject register an account for placing orders and buying Opinion
Ciatti’s products on-line, the latter will process the provided data:
1. for the
performance of possible contracts for purchasing Opinion Ciatti’s products or
services;
2. for
customer administration, management of orders, deliveries, invoicing of
material and immaterial services etc.;
3. for the fulfillment
of legal obligations arising from national commercial or tax law;
4. to ensure
Opinion Ciatti’s rights arising from the contract.
c) upon freely
given and specific consent, Opinion Ciatti will process provided personal data
for marketing purposes, namely sending, via email, newsletters, commercial and
promotional communications, advertising materials and direct marketing
proposals about Opinion Ciatti’s products and activities.
1. without the
Data subject´s consent, Opinion Ciatti may also use the email contact
information that was made available by the Data subject to directly sell own
products or services (direct marketing), providing the product or service in
question is similar to the one previously sold and the Data subject does not
object to the use of his/her data. At any moment the Data subject has the right
to object to such use of his/her data.
d) upon freely
given and specific consent, Opinion Ciatti will process provided personal data
for profiling purposes, namely to evaluate User’s profile as a consumer and/or
to analyse his/her behaviours and consumer habits, in order to provide him/her
targeted advertising based upon his/her profile.
The lawfulness of the processing referred to in
par. 2, lett. a) and lett. b), point 1 and 2, is based on the fact that the
processing is necessary for the performance of a contract to which the Data
subject is party or in order to take steps at the request of the Data subject
prior to entering into a contract [art. 6.1.b) of the Regulation].
The processing referred to in par. 2, lett. b),
point 3 is necessary for compliance with a legal
obligation to which Opinion Ciatti is subject [art.
6.1.c) of the Regulation].
The processing referred to in par. 2, lett. b),
point 4 is necessary for the purposes of the legitimate interests pursued by
Opinion Ciatti, in order to ensure its rights arising from the contract [art.
6.1.f) of the Regulation].
The legal basis for processing personal data for
marketing purpose (par. 2, lett. c)) and/or profiling purpose (par. 2, lett.
d)) is the consent of the Data subject [art. 6.1.a) and art. 7 of the
Regulation], given by actively ticking the specific checkboxes. This consent is
not necessary for the performance of the potential contract and the User has
the right to withdraw his or her consent at any time by contacting Opinion
Ciatti. The withdrawal of consent will not affect the lawfulness of processing
based on consent before its withdrawal.
The processing referred to in par. 2, lett. c)
point 1 is carried out for a legitimate interest of Opinion Ciatti [art. 6.1.f)
and Recital 47 of the Regulation; art. 130.4 legislative decree n. 196/2003].
At any time, the User may also unsubscribe from
the mailing list by clicking the unsubscribe link at the bottom of every
marketing email communication sent by Opinion Ciatti.
By contacting Opinion Ciatti, the Data subjects
can exercise at any time the right to object to processing of personal data for
direct marketing and/or profiling purposes. The personal data will no longer be
processed for such purposes.
3. NATURE OF THE PROVIDING OF THE DATA AND CONSEQUENCES OF REFUSAL
Providing personal data is necessary for the
performance of a contract or in order to take steps at the request of the data
subject prior to entering into a contract, as well as for the fulfillment of
legal obligations. Any refusal to provide the personal data requested will
render impossible the achievement of the processing (par. 2, lett. a) and lett.
b), point 1, 2 and 3).
Providing personal data for which specific
consent is requested (par. 2, lett. c) and lett. d)) is not necessary, as well
as giving consent itself. Any refusal to provide such data, or choosing not to
give the consent for marketing and/or profiling purposes, is not conditional
for the performance of a contract between the User and Opinion Ciatti.
4. DURATION OF DATA STORAGE
With the exception of the navigation data, the
data voluntarily provided by the User will be kept by Opinion Ciatti for the
time strictly necessary to pursue the achievement of the objectives of the
processing.
Personal data processed for marketing and/or
profiling purposes (par. 2, lett. c) and lett. d)) will be kept until the User
withdraws his/her consent, objects to the processing, or unsubscribes from the
mailing list for marketing communications.
The criteria used to determine the periods
stated above are valid unless a longer period is required by law or regulation.
5. CATEGORIES OF RECIPIENTS OF THE PERSONAL DATA
The personal data provided by the User and
collected by Opinion Ciatti for the purposes stated at par. 2,
par. 2, lett. a) and lett. b), point 1, 2 and
3 may be disclosed to and processed by the following categories of recipients:
legal, financial and consultants, banks and insurance companies; law firms; web
agencies (e.g. LipsiaGROUP s.r.l., creator of the Website) and companies who
provide IT services (hosting, information security, web marketing etc.),
external auditors for certification of financial statements; shippers, transporters, post offices
and logistics companies; supervisory boards.
Personal data processed for
marketing and/or profiling purposes (par. 2, lett. c) and lett. d)) may be
disclosed also to companies who provide web-analysis and email marketing
services.
These recipients will carry out
the processing on the behalf of Opinion Ciatti, pursuant to art. 28 of the
Regulation, with the exception of public authorities or recipients which may
receive personal data in the framework of a particular inquiry in accordance
with Union or Member State law.
Persons acting under the authority
of Opinion Ciatti (art. 29 GDPR) or of the processor may also heve access to personal data processed by the Data
Controller (e.g. Opinion Ciatti’s employees).
Public authorities or recipients
which may receive personal data in the framework of a particular inquiry in
accordance with Union or Member State law are not regarded as recipients. The
processing of those data by those public authorities is in compliance with the
applicable data protection rules according to the purposes of the processing.
6. DATA SUBJECTS' RIGHTS
By contacting Opinion Ciatti, the Data subject
has the right to obtain from the Data Controller:
If the Data subject considers that the processing of personal data
relating to him or her infringes the Regulation, without prejudice to any other
administrative or judicial remedy, he / she has the right to lodge a complaint
with a supervisory authority, in particular in the Member State of his or her
habitual residence, place of work or place of the alleged infringement.
The supervisory authority with which the
complaint has been lodged shall inform the complainant on the progress and the
outcome of the complaint including the possibility of a judicial remedy.
7. ACTIONS OF DATA CONTROLLER FOLLOWING THE EXERCISE OF THE RIGHTS OF THE DATA SUBJECT
The data controller provides the Data subject
with information about the actions taken in relation to a request to exercise
the rights recognized by the articles from 15 to 22 of the Regulations and
referred to in the specific paragraph above (“Data subjects’ rights”), without
undue delay and at the latest within one month after receiving the request.
This deadline may be extended by two further months if necessary, taking into
account the complexity and the number of requests. The
data controller informs the Data subject of this extension, and about the
reasons for the delay, within one month after receiving the request. If the
Data subject submits the request by electronic means, the information is
provided, where possible, by electronic means, unless otherwise indicated by
the Data subject.
8. COOKIE POLICY
For information regarding the
use and management of cookies via this site, please read the cookie policy.
9. COLLECTION OF NAVIGATION DATA
This website
collects a series of general data and information when a Data subject or
automated system calls up the website. This data is not collected to be
associated with identified Data subjects, but by its very nature could make
possible the identification of Users through processing and association with
data held by third parties. This data category includes the IP addresses and/or
the domain names of the computers and terminal equipment used by any User, the
URI (Uniform Resource Identifier) addresses of the requested resources, the
time of such requests, the procedure used for submitting a given request to the
server, returned file size, a numerical code relating to server response status
(successfully performed, error, etc.), and other parameters related to the
User's operating system and computer environment. These data are used for the
sole purpose of obtaining anonymous statistical information about the use of
the site and to check its correct functioning and are deleted immediately after
processing. The data could be used to ascertain responsibility in case of
supposed computer crimes against the site; except for this case, at present the
data on web contacts do not persist for more than seven days.
10. CHANGES TO THE INFORMATION ON THE PROCESSING OF PERSONAL DATA
This information may be subject
to changes and updates, also to make it simplier and
easier to read and understand. We invite you to visit this page regularly, to
review any changes.
Date of last update: November 5, 2018