DATA PROTECTION OFFICER (DPO)
The Data Protection Officer for the processing of users’ data is Alvise D’Alpaos, with registered office on Via Sandro Gallo 157, 30126 Venezia Lido (VE), the owner of the website bottegad3esign.it.
• by registered letter with advice of receipt sent to the registered office of the DPO;
• by email sent to firstname.lastname@example.org
COLLECTED PERSONAL DATA
• Connect with us so that we can answer to your specific requests;
• Provide you information regarding the services offered by BottegaD3sign;
• Administration purposes or for other legal obligations;
• Create a database exclusively used by BottegaD3sign to analyse clients’ needs in order to offer better services.
The provision of personal data for the processing purposes indicated above is optional but necessary. In case of consent, users can revoke it at any time by filing a request with the DPO.
Submitted personal data
Personal data submitted by the customer or user of online services to BottegaD3sign at various times, such as during a product order or newsletter subscription or registration to an online service, may include the following:
• basic data, such as name and contact information
• ordering and billing data, such as information about the payer of the order, its recipient and their e-mail address and phone number
• customer service data, such as customer feedback and communication with customer service
• permit data, such as information about marketing permits or other permits and prohibitions related to the use of personal data
• data about responses to studies, surveys or contests conducted by bottegad3sign
• phone data, such as customer service calls
Data collected from online service use
Data collected from the use of online services may include:
• collected data about the device or application used, such as browser version, device type or display size
• data about online service use, such as information about pages loaded, time spent at online services, navigation in online services or advertising or marketing content viewed
• data about web pages opened through customer communication
• location data by country based on IP address
• data collected by social plugins or other third parties
A user of online services can be identified through a digital identifier created in the services when the customer signs in or arrives at the online service through targeted customer communication, such as a newsletter.
When customers register or access the web service through a communication with the company, for example through a newsletter, users can be recognized on the basis of the digital credentials created on the website.
Derived and combined data
In order to serve its customers and online service users better, bottegaD3sign refines collected personal data by analyzing it using various statistical methods and by combining data collected from different sources.
Using the aforementioned methods, it is possible to make assumptions about things such as interests, gender, age group, purchasing behavior or other similar characteristics. These assumptions are based on the submitted or collected data mentioned in the previous paragraph. In order to ensure consumers’ privacy, BottegaD3sign shall not make assumptions about information that is considered sensitive.
BottegaD3sign secures the privacy of its customers or users of online services by exercising special care when carrying out the derivation and combination of data described above, so that the privacy of customers or users of online services is not compromised.
We use the Mailchimp software to send no more than two newsletters a month concerning offers and/or promotions on our products or events that we organize. Users can also easily object to further newsletter submissions by clicking on the appropriate link to withdraw their consent, which is present in each email containing the newsletter. Once the consent has been withdrawn, the DPO will send users an email confirming that the consent has in fact been withdrawn.
The personal data deemed necessary to achieve the processing objectives described above is marked in the request form through an asterisk.
Sometimes we use anonymous information, i.e. that cannot be traced back to the user’s identity, information relating to your browsing within the site https://www.bottegad3sign.it to propose advertisements during your browsing on search engines and on other websites: this type of Advertising is called retargeting.
PERSONAL DATA PURPOSES OF USE AND THE LEGAL BASIS FOR PROCESSING
BottegaD3sign collects personal data for the maintenance of customer relationships, development of products and services and commercial purposes.
Maintenance of customer relationships
BottegaD3sign uses customers’ personal data for various activities necessary for maintaining a customer relationship, including:
• delivering ordered products
• maintenance of a customer relationship or customer communication
• customer service or other customer support
• competitions or draws for prizes
Processing of personal data for maintaining a customer relationship is based on an agreement between BottegaD3sign and the customer about the delivery of a product or service, or another action that leads to the formation of a customer relationship.
The customer can influence the processing of personal data for maintaining a customer relationship by contacting customer service.
Processing methods and data retention times
The DPO will process users’ personal data through manual and computerized tools, with logics strictly related to the processing objectives and, in any case, to guarantee the security and confidentiality of the data concerned.
Scope of communication and data dissemination
Users’ personal data may also be disclosed to third parties that may process personal data on behalf of the DPO as “external data processing managers”, such as, for example, suppliers of IT and logistic services required for the operation of the website, outsourcing or cloud computing service providers, professionals and consultants.
Users have the right to obtain a list of any data processors appointed by the data controller, by submitting a request to the data controller according to the specified procedures.
RIGHTS OF DATA SUBJECTS
Users can exercise the rights guaranteed to them by currently applicable legal regulations, by contacting the DPO as follows:
• by sending a registered letter with advice of delivery to the registered office of the DPO: Via Sandro Gallo 157, 30126 Venezia Lido (VE)
• by sending an email to email@example.com
In accordance with applicable law, the DPO informs that users have the right to obtain indication of (i) the origin of personal data; (ii) the purposes and methods of data processing; (iii) the logics applied if the processing is carried out using electronic tools; (iv) the identification details of the DPO and processing managers; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it as managers or officers in charge.
Furthermore, users have the right to:
a) access their data and have it updated, amended, and if necessary, integrated;
b) have their data cancelled, converted into anonymous form or blocked if processed in violation of the law, including data that is not required to be stored in relation to the purpose for which it was collected or subsequently processed;
c) obtain a statement to the effect that the operations set out in letters a) and b) have been disclosed, also with regard to their content, to those who have received such data, except for the case where such compliance turns out to be impossible or requires means that are clearly disproportionate to the protected right.
Moreover, users have:
a) the right to withdraw their consent at any time, if the processing of their data is based on their consent;
b) the right to the portability of data, i.e. the right to receive all personal data concerning them in a structured format, that is commonly used and readable by an automatic device, the right to limit the processing of personal data and the right to have it cancelled ( “Right to be forgotten”);
c) the right to object, either wholly or in part, for legitimate reasons, to the processing of the personal data concerning them, even if relevant to the purpose of collection.
d) if they consider that the processing of their data is in violation of the regulation, the right to file a complaint with a supervisory authority (in the Member State in which they usually reside, in the one where they work or in the one where the alleged violation occurred). The Italian supervisory body is the Data Protection Authority, with offices in Piazza Venezia no. 11, 00187 – Rome.
BottegaD3sign takes appropriate information security measures to ensure the secure processing of personal data. Personal data is protected from loss, destruction, abuse, unauthorized access and transfer. Secure processing is ensured by means such as restricting access to the data and ensuring that our employees and sub-contractors are using personal data in accordance with instructions and agreements.