Privacy Policy

European Regulation appliance n. 679 approved on the 27th of April 2016

General Data Protection Regulation (GDPR) related to the natural persons protection, regarding the personal data processing collected in order to provide services and products (it also includes their fruition).

Privacy Policy

This privacy policy document describes the clients’, the potential ones’ and all the Couturects Srls’ stakeholders personal data handling modalities and responsibilities.

According to the EU 2016/679 Regulation it is necessary to obtain the natural person’s, entity’s, association’s or similar subject’s consent in order to send advertisements and business letters, to start direct sales relationships or to carry out market researches by using automated call systems (or call communication systems) without the operator presence and through announcements spread by: electronic mail, telefax, text messages or Multimedia Messaging Services.

Objectives of data handling and manners.

Data supplied by natural persons, entities, associations or similar subjects, obtained on account of first service request (and/or main service request) or during the contractual relationship (in other words: during a following additional or main service request), will be handled by Couturects Srls in order to comply with natural/legal person’s, entity’s, association’s or similar subject’s request; they will also be handled to meet contractual obligations arising both from the first contract and/or each following one stipulated with the interested party; your data will be handled to carry out specific requests before the contract conclusion too; furthermore they will be handled to meet legal obligations and to manage the activities related to the contractual relationship implications, including the relationships concerning any commissioned service and/or additional optional products ordered by natural persons, entities, associations or similar subjects.

Data collecting is necessary in order to accomplish these aims. It will not be possible to start any contractual relationship without data provision.

Couturects Srls will also be able to use (only with the natural person’s, entity’s, association’s or similar subject’s consent) data regarding the participation to quality surveys related to the services provision.

Natural persons, entities, associations or similar subjects will be free not to take part to those surveys and will be able to set themselves against their own data handling for free, exclusively for this specific objective, by getting in touch with the data handling interim Data Controller.

Data supplied by natural persons, entities, associations or similar subjects will be handled, according to the foretold regulation, in a lawful, correct and transparent way; they’ll be collected for specific, explicit and legitimate objectives; natural persons, entities, associations or similar subjects will not be asked to give more data than the necessary ones respecting the objectives for which they are handled; data will be preserved so that the interested persons will be identifiable exclusively during the data handling period; data handling will be conducted guaranteeing personal data adequate security and protection, putting in place some appropriate technical and organizational measures, from non authorized or illicit handling and from the risk of loss, destruction or accidental damage.

Types of handled data

The Data Processor will handle sensitive and personal data which will be collected during any contract stipulation among the interested parties.

Personal data source

Personal data, in data controller’s possession, are directly provided by the interested party during any contract stipulation.

Data Processor

Couturects Srls is the Data Processor.

Objectives of data handling

Data handling, which have been collected in order to start the contractual relationship, is legally based on the interested party consent and will be achieved for the following objectives:

– Start the contractual relationship between the customer and the Data processor;

– Wholesale E-commerce service provision;

– Answering to information request;

– Providing for assistance and support;

– Sending formative, informative and commercial messages;

– Managing profiling activities through the website

Data addressee

Data collected could be communicated (within the limits of the aforementioned handling objectives) to partners, consulting companies and private companies chosen by the Data Processor as a Data Controller.

Abroad data handling

Data collected will not be handled abroad.

Data retention

Data collected will be stored up for the necessary time to achieve the data handling objectives (conservation limiting principle, section number 5, GDPR) or until the deadline set by law. Data obsolescence checks will be carried out periodically. In the privacy evaluation document data retention period was specifically denoted.

Rights of the parties involved

The interested party has always a right to request (to the Data Processor) the access to data concerning him, those data rectification or deletion. The interested party has always a right to request for the data portability and to revoke the handling consent, claiming these and the other rights provided for by GDPR, simply communicating to the Data Processor the eventualities listed up to now.

Compulsory and not compulsory data providing

Data providing is optional for some fields and compulsory for the ones inherent to the aforementioned objectives (marked with an asterisk). The non-conferment of compulsory data leads to the impossibility to stipulate any contract among the parties.

Consent

Consent to data handling can be given signing legibly in the dedicated spaces. The interested party has a right to repeal his own consent at anytime.

Data handling manners

Personal data provided by the interested party will be handled in compliance with the aforementioned regulation and also in compliance with the Data Processor obligation of confidentiality. Data will be handled by electronic, paper and every suitable tools in compliance with technical and organizational measures prescribed by the GDPR