PREMISE

Information on the processing of personal data of users who consult the website www.marcoproiettidesign.com for the protection of personal data pursuant to Art. 13 of Regulation (EU) 2016/679.

PURPOSE OF THIS INFORMATION

Pursuant to Regulation (EU) 2016/679, this page describes how the personal data of users who consult the website www.marcoproiettidesign.com are processed for the protection of personal data electronically accessible at:

www.marcoproiettidesign.com 

This information does not concern other websites, pages or online services accessible through hypertext links that may be published on the website but refer to resources outside our domain.

DATA CONTROLLER

Business Name: DIAMANTE LUXURY MANAGEMENT SRL.

Registered Office: VIA TIBURTO 82 – 00019 – TIVOLI

VAT No. : 12874781003

E-mail: info@diamanteluxurymanagement.com

PEC e-mail: diamanteluxurymanagement@legalmail.it

LEGAL BASIS OF DATA PROCESSING

The personal data indicated in this page are processed by DIAMANTE LUXURY MANAGEMENT SRL. 

The Data Controller shall process the user’s personal data to the extent that at least one of the following applies:

• the user has given consent for one or more specific purposes or another of the legal basis specified below, except that the processing of personal data is specifically regulated by the European legislation on protection of personal data;
• processing is necessary for the performance of a contract with the user and/or for the execution of pre-contractual measures;
• processing is necessary for compliance with a legal obligation to which the data controller is subject;
• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the data controller;
• processing is necessary for the purposes of the legitimate interest pursued by the controller or by a third party.
• in the case of contact forms to identify the user and satisfy his/her requests ore evaluate his/her proposals;
• in the case of website navigation to ensure better usability when opening pages, introduce your company, improve the visual experience and obtain statistics.

However, it is always possible to ask the Data Controller to clarify the legal basis of each treatment and in particular, to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

TYPES OF DATA PROCESSED

Navigation Data

The computer systems and software procedures used to operate this website acquire, during the normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. 

This category of data includes IP addresses or domain names of the computers and terminalis used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.

These data, necessary for the use of web services, are also processed  for the purpose of:

• obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);
• check the correct functioning of the services offered.

Navigation data may be kept by the services we use for statistics for up to 10 years.

Data communicated by the user 

The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, the filling in and forwarding of the forms present on the Website, involve the acquisition of the sender’s contact data, necessary to reply, as well as all personal data included in the communications. The processing of this data by the Data Controller is necessary in order to communicate with the interested party and satisfy his/her requests. The communication data will be retained on our mail server for up to 10 years (except for the need to keep them for a period exceeding 10 years in the case of ongoing legal procedures).

Cookies and other tracking systems 

Cookies are used for user profiling and other tracking methods are used by the Data Controller; furthermore, some plugins or third-party services integrated into the website, to improve its efficiency, can keep track of user behavior.

Profiling cookies are mainly used to acquire information about the user in order to use them for marketing purposes.

Instead, the use of session cookies (not persistent) is strictly limited to what is necessary for safe and efficient website navigation. The storage of session cookies in terminals or browsers is under user’s control, whereas on the servers, at the end of http sessions, information relating to cookies remains recorded in the service logs, with storage times in any case not exceeding 10 years (without prejudice to the need to keep them for a period of more than 10 years in the case of ongoing legal procedures). In any case, please refer to the published cookie policy. 

METHODS OF DATA PROCESSING 

Your personal data are processed electronic and/or paper media and are protected by adequate security measures to ensure the confidentiality and security of personal data. In particular, the Company shall take appropriate organizational and technical measures to protect personal data in its possession against loss, theft, unauthorized use, disclosure or modification.
The Data Controller will anonymize personal data and remove identifiers if there is no need to process personal data in an identifiable form.

Processing of this Website services are handled by technical staff in charge of processing. No data deriving from services is communicated or disclosed. 

In addition to the Data Controller, in some cases, other subjects involved in the organization of this website (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of third party technical services, postal couriers), may have access to the Data, also appointed, if necessary, as data processors by the Data Controller.

PURPOSES OF PROCESSING

Data will be used for:
– Contractual Purposes:
allow registration on the Website and the creation of a personal account;

allow the activities regulated in the Conditions of Sale, including purchases on the Website;

allow the use of the services made available through the Website, including customer assistance services and assert and defend the rights towards users and third parties.

• Legal Purposes:

comply with any legal and regulatory obligations.

The Data Controller must always seek prior consent for:
– Marketing purposes: sending commercial communications by electronic (for example via e-mail, sms, mms, ordinary mail, mobile phone, social networks and applications) or paper means, relating to our brands, services and/or products, or participation in events and the conduct of market and statistical analysis;
– Profiling purposes: analyze habits, interests and preferences in order to better focus the marketing activities indicated above on your needs.

RETENTION PERIOD

The Data are processed and stored for the time required by the purposes for which they were collected.

Therefore:

• navigation data will be retained for the period strictly necessary for processing;
• personal data collected for purposes related to the execution of a contract between the Data Controller and the user will be retained until the execution of the contract is completed;
• personal data collected for purposes related to another legitimate interest of the Data Controller will be retained until the satisfaction of this interest.

When the processing is based on the consent of the user, the Data Controller may retain the personal data for a longer period until such consent is revoked. 

Furthermore the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or an order of an authority.

At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.

DATA SHARING AND DISCLOSURE 

The data provided by users will be processed by agents and persons in charge of data processing on behalf of the data controller, as indicated in this policy and will in no case be disclosed.

The Company shall enter into contracts with selected third parties who provide services for the maintenance of the Website, management of customer communication and other services. 

Third-party services are: Website hosting, anti-fraud checks, payment processing, shipping and delivery, correspondence, web marketing. 

The Data collected through the Website can be consulted by the aforementioned third parties, exclusively on behalf of the Company. 

In any case, according to the provisions of the law, these service providers are not allowed to use the user’s personal data for different purposes. 

The Company may also disclose the Data to financial institutions or other third parties in relation to the payment transactions performed. 

The user data are not otherwise disclosed to other third parties, except as required by law, in connection with a lawsuit or legal process, or when it is otherwise necessary to protect the rights or interests of the Company.

TRANSFER OF DATA ABROAD

The data we collect may be transferred to any of the countries in which we operate in order to allow us to use the information in accordance with this privacy policy. The data you provide may be transferred to countries (including the United States) that do not have data protection laws equivalent to those in force in the EEC. The user expressly accepts such transfers of personal data. Any transfer of your data to countries located outside the European Union shall take place, in any case, in compliance with the appropriate guarantees for the purposes of the transfer itself, in accordance with the applicable legislation and in particular with Articles 44 to 46 of the GDPR.

You can obtain a copy of all the data held by the Data Controller by sending a request to the addresses indicated in the relevant paragraph.

Minors (under 18)

If a minor under the age of 18 connects to the Website, the Data Controller shall collect and process his/her for the purposes and in the manner referred to in this information, in compliance with the rules on the processing of personal data of minors pursuant to Art. 8 GDPR with the prior consent of the parent and/or guardian and/or person acting on their behalf whose data may be collected only to obtain said consent in the manner provided by the Website.

RECIPIENTS OF DATA

There are no recipients of the acquired data as DIAMANTE LUXURY MANAGEMENT SRL manages the site independently.

RIGHTS OF THE INTERESTED PARTIES

At any time, pursuant to articles 15 to 22 of Regulation (EU) 2016/679, you may exercise the right to:

1. request confirmation of the existence of any personal data of your concern;
2. obtain information on the purposes of the processing, the categories of personal data and the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the period of retention;
3. obtain the correction and deletion of your personal data;
4. obtain the restriction of processing;
5. obtain data portability, i.e. receive data from a data controller, in a format that is structured, commonly used and machine-readable, and to transmit them to another data controller without impediment;
6. object to processing at any time and also in the case of processing for direct marketing purposes;
7. object  to any automated decision-making process relating to individuals, including profiling.
8. ask the data controller to access personal data and to correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability;
9. withdraw consent at any time without affecting the lawfulness of processing based on prior consent before its withdrawal;
10. submit a complaint to a supervisory authority.

Details on the right to object

When personal data are processed in the public interest, in the exercise of public authority vested in the Data Controller or to pursue a legitimate interest of the Data Controller, users shall have the right to object to processing on grounds relating to their particular situation.

Please note that users can object to the processing without providing any reasons, if their data are processed for purposes covered by those indicated in this document and which may be considered direct marketing. Users can refer to the respective sections of this document to verify if the Data Controller processes data for direct marketing purposes.

How to exercise your rights

To exercise their rights, users can send a request to the contact details of the Data Controller indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to update and/or modify this privacy policy at any time, informing users on this page and, if possible, on this application as well as, if technically and legally possible, by sending a notification to users through one of the contact details held by the Data Controller. Therefore, please review this page frequently, referring to the date of the last modification, indicated at the bottom.

If such modifications concern a processing whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.