E-commerce policy
According to European data protection law (Art.13, European Regulation 2016/679) the User acknowledges that Unopiù S.p.A. di Socio Unico undertakes to process the User's personal data according to the principles of correctness, lawfulness and transparency and protection of confidentiality. Therefore, the User is informed that
A. DATA CATEGORIES:
object of the processing may be your personal data such as identification data (name, surname, fiscal code), contact data (number, address, e-mail), access data (username, password, IP address), activity carried out and sector to which you belong, as well as, information relating to your interests and your browsing experience on the site.
B. DATA CONTROLLER:
the data controller is Unopiù S.p.A. di Socio Unico, with legal office in 9 Pontaccio street - 20121 Milano (MI) , with headquarters in S.S. Ortana Km. 14,500 - 01038 Soriano in Cimino (VT), VAT 05516670964, and can be contacted by phone at 0761.7581 or by email at [email protected]
C. SOURCE OF PERSONAL DATA:
personal data are collected directly from the data subject.
D. PURPOSE AND LEGAL BASIS FOR PROCESSING DATA:
the processing of your data, collected and stored in relation to the compilation of this form, has as its legal basis your consent and is carried out for the following purposes:
1. Download products from the catalogue;
2. Newsletter subscription;
3. The activity: profiling activities by the Data Controller in order to offer personalised services, commercial proposals and communications in line with your interests, preferences and behaviour, taking into account the information you communicate within the profile and that derived from previous purchases (preferences on type of product, price range, quantity of items purchased and average spending) and from the activities of the cart, data relating to the way you use the portal deriving from information on your browsing experience and your preferences (also possibly deducible from the cookies to which consent has been freely modulated and is revocable. For further details on the functionality of cookies, please refer to the specific Cookie Policy )
E. RECIPIENTS AND CATEGORIES OF RECIPIENTS:
within the limits relevant to the processing purposes indicated, your data may be communicated, if necessary, to other subjects related to processing activities, internal and external to the Data Controller, such as employees and assimilated, partners, consulting companies, private companies. Your data will not be spread in any way.
F. TRANSFER OF PERSONAL DATA BETWEEN COUNTRIES:
your personal data are not transferred to or accessed by entities outside the European Economic Area.
G. DATA RETENTION PERIOD:
in the absence of specific retention periods set out in this policy, your personal data will be retained only for as long as we need it to fulfil the purpose for which we have collected it, according to the “storage limitation principle” (Article 5 of GDPR) and, if applicable, as long as required by statutory retention requirements.
H. RIGHTS OF THE DATA SUBJECT:
each user is always entitled to request the Data Controller to access, correct or delete his data, limit the processing or the possibility of objecting to the processing, requesting data portability, revoking consent to the processing of data, claiming these and other rights provided by the GDPR through a simple communication to the Controller. The data subject can also lodge a complaint with a supervisory authority.
I. OBLIGATION OF THE DATA SUBJECT TO PROVIDE PERSONAL DATA:
we inform you that the provision of data is optional for some fields and for others (indicated by an asterisk) mandatory and their failure to provide for the purposes referred to in point D.1 will make it impossible to download the product catalog. Otherwise, for purposes D.2 and D.3 the communication of data is optional and its refusal will not compromise in any way the provision of the service
J. METHODS OF PERSONAL DATA PROCESSING:
your personal data are processed manually and/or using IT and telecommunications tools. We use technical and organisational security measures in order to protect the Personal Data we have under our control against accidental or intentional manipulation, loss, destruction and against access by unauthorised persons.
L. AUTOMATED DECISION-MAKING:
the data controller use automatic decision-making processes. This automation activity does not give rise to decisions that produce legal effects or affect users in a similar way, since its use is limited only to the provision of personalized offers.