Privacy & Cookie Policy

Privacy & Cookie Policy

SIMPLIFIED PRIVACY NOTICE

 

The purpose of this privacy notice is to ensure maximum transparency relating to personal data collected by this website and to explain how this information will be used.

In accordance with the obligations imposed by the European Regulation for the protection of personal data No. 679/2016 (GDPR), this site respects and safeguards the confidentiality of visitors and users and takes all possible and proportional steps not to prejudice the users’ rights.

This site does not carry advertisements; however, it may use third-party services for purposes of improving use of the site. 

This site is designed and adapted to safeguard users’ privacy as carefully as possible and to minimise the collection of personal data. 

For further information please read the complete information notice below.

COMPLETE PRIVACY INFORMATION NOTICE

 

INDEX

DATA CONTROLLER
TYPE OF DATA COLLECTED
LEGAL BASIS
PURPOSES OF PROCESSING
DATA PROCESSING MANAGER
RETENTION PERIOD OF DATA
PROCESSING METHOD
TRANSFER OF DATA COLLECTED TO THIRD PARTIES
PLACE OF PROCESSING
RIGHTS OF INTERESTED PARTIES
DETAILS ON RIGHTS TO OBJECT
HOW TO EXERCISE THE RIGHTS
AMENDMENTS TO THIS PRIVACY POLICY

 

 

DATA CONTROLLER
The Data Controller for data collected through this site is IPE S.R.L., with registered office in ZOLA PREDOSA (BO), No. 1 VIA ENRICO MATTEI, postal Code 40069, Economic and Administrative Index BO – 484037, Tax Code 03007721206, VAT No. 03007721206. 
The Data Controller can be contacted at the following e-mail address: [email protected]
This information notice is valid only for this website and not for any other website which may be viewed via links published on this site; the Data Controller is not deemed responsible in any way for such third-party sites.
Users are hereby informed that hosting of this site is provided by the company Rackspace, on a server based in the UK, in accordance with the GDPR

TYPE OF DATA COLLECTED

This site collects data in two ways

Automatically:

  • Through the collection of usage data which means information collected automatically though this Website (including through third-party applications integrated into this Website), through which: IP addresses or domain names of the computer used by the User to connect to the Website, URI addresses (Uniform Resource Identifier), time of request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.) the Country of origin, browser characteristics and the operating system used by the visitor, the various time details of the visit (for example the time spent on each page) and the details relative to the navigation carried out through the Application, with particular reference to the sequence of pages viewed, the parameters relating to the operating system and the User’s IT environment.
  • Through releasing cookies regarding which we request that you read our cookie policy at the end of this privacy policy.

Voluntarily:

  • Through the control panel of marketing cookies
  • When you subscribe to the newsletter or interact with our social medial buttons or when you access our e-boutique

LEGAL BASIS

As regards data voluntarily provided through the contact form, the legal basis is the existence of a contractual relationship or precontractual actions such as, for example, accessing our E-boutique.

In specific instances, data may be processed in fulfilment of a legal obligation.

In achieving the purpose for which data is collected, such data may also be retained where a legal obligation to do so exists or in the legitimate interests of the controller to re-contact the user to provide additional information in relation to correspondence between the parties or for purposes related to the security of the internet site.

Consent given when subscribing to the newsletter or managing non-necessary cookies or when interacting with our social media pages.

This site uses Google Analytics version GA4.

Compared with the previous version of Google Analytics, GA4 has introduced important implementations for the protection of personal data. With Google’s membership of the TADPF (Transatlantic Data Protection Framework) any transfer of personal data to the USA is deemed to be covered by the EU-USA agreement.

PURPOSES OF PROCESSING

  • Contact form
    Is only for purposes of allowing visitors to the site to be contacted, when the data controller may wish to do so, by sending the relative form via e-mail. The purpose of the collection and processing of personal data is only to ensure contact with the user is through the details sent in the contact form to satisfy any requests in the message sent to the user. These types of services enable a contact database to be managed for communication with the User.
    These services permit the collection of data relating to the date and time of reading of messages by the User, such as the User’s interaction with the messages, and information on clicking on the links contained in the messages.
  • Subscription to the newsletter
    The purpose of these types of services is to enable the Data Controller to send users who are subscribed to the promotional or information notifications intended for clients. The Data Controller uses the MailChimp platform to send out the newsletter. The user has the right to exercise at any time the right not to receive further e-mails and to be deleted from the database of the Data Controller. To exercise such right (opt out) the user can send an e-mail to the e-mail address of the Data Controller.
  • Interaction with social media networks and external platforms 
    The purpose of these types of services is to enable the Data Controller to initiate interaction with social media networks, or other platforms, directly on the page of this Website. The interaction and the information acquired by this Website are in any case subject to the User’s privacy settings relating to each social media network. In the event that a service for interaction with social media networks is installed, it is possible that, even in circumstances where the User does not use the service, such service will collect data traffic relating to the page on which it is installed.
  • Statistics
    The purpose of such types of services is to enable the Data Controller to monitor and analyse data traffic and to keep track of User behaviour.
  • Google Analytics
    The purpose of such types of services is to enable the Data Controller and third parties to track and study the use of this Website, compile reports and share with other Google developmental services. The latter, namely Google, may use Personal Data to contextualise and personalise advertisements on its own advertising network.
  • Security
    Collecting data and information for purposes of safeguarding security of the site (antispam filters, firewall, virus detection) and Users, and to prevent or expose fraud or abuses damaging to the Website. The data are registered automatically and may even include any personal data (IP address) which may be used, in compliance with laws currently in force, for purposes of attempting to mitigate damage to the site itself or to cause harm to other users, or to activities which are harmful, or which constitute an offence. These data are not used for identifying or profiling the User and will be deleted periodically.

DATA PROCESSING MANAGER

The manager appointed external to the processing of the web hosting provider, is the company Rackspace, with offices in the United Kingdom. The United Kingdom is a Country that complies with the GDPR.

RETENTION PERIOD OF DATA

Personal data will be retained, including in digital form, for a period of time no longer than necessary to achieve the purposes for which it was collected unless required by law or in the legitimate interests of the Data Controller which may prescribe a longer period of retention.

PROCESSING METHOD
The Data Controller has adopted the appropriate safety measures to prevent the unauthorised access, disclosure, modification, or destruction of Personal Data. Processing is carried out using either IT and/or telematic and/or paper-based tools, via organisational means and for purposes strictly related to the objectives indicated.

TRANSFER OF DATA COLLECTED TO THIRD PARTIES 

Data collected by the site is not generally provided to third parties, except in specific circumstances and in particular for: a lawful request from the judicial authorities and only in circumstances permitted by law; to carry out security controls or for optimisation of the site.

Apart from the Data Controller, other persons involved I in the organisation of the Website may be able to access the data (administrative and legal personnel and system administrators) or external persons (such as providers of third-party technical services, mail couriers, hosting providers, IT companies, advertising agencies) appointed, when necessary, by the Data Protection Manager. The list updated by the manager can be requested from the Data Controller.