INFORMATION ON THE PROCESSING OF PERSONAL DATA ON THE SENSES OF ART. 13 AND 14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
in observance of the provisions of the 2016/679 European Regulation (in the acronym GDPR), Man Socks Italia srl wishes to inform you that the personal data supplied by you or acquired by us in the context of our activity, necessary to implement the services offered to you, will be treated in compliance with the law on privacy and the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. We also wish to send you the following information:
1. HOLDER OF THE TREATMENT
The data controller is the undersigned company MAN SOCKS ITALIA SRL (VAT number with registered office in Castiglione delle Stiviere (MN), code 46043, via G. Mazzini No. 105, which can be contacted at the following numbers: telephone +39 0376.639889, e-mail: email@example.com, pec: firstname.lastname@example.org.
2. NATURE OF DATA PROCESSED AND PURPOSE OF THE TREATMENT
As indicated in the art. 1 of the General Conditions of Sale, the sales made on THINKPINK.IT (hereinafter also the "Site") have as a subject a limited number of products available and are reserved exclusively for users registered on the Site. In order to access the Site and use the sales service You will be asked to register on the Website and provide some data concerning you. The data in question will be handled by Man Socks Italia srl ("MAN SOCKS ITALIA SRL"), the entity that makes sales on the Website and which acts as the data controller. When registering on the Site or in case of purchase from our site, you will be asked to enter your name, surname, e-mail address and password, address, tax code or VAT number and telephone number. MAN SOCKS ITALIA SRL does not process sensitive or judicial data relating to its users.
Personal data (personal identification data such as, for example: name and surname, company name, tax code and VAT number, address, telephone / fax, e-mail, bank and payment details).
The legal basis that legitimizes the processing of such data is the need to make the functionality of the company website usable as a result of User access.
The personal data indicated above will be used for the following purposes:
A) to register on the Site and allow the correct provision of the sales service as well as the fulfillment of the obligations imposed by the law on tax matters and in compliance with the provisions on public security;
B) for internal administrative-accounting purposes related to the customer-supplier relationship and to fulfill the obligations generally provided for by the owner by laws or regulations, by community legislation, by requests of the judicial authority or to exercise the rights of the Holder (for example the right to defense in court);
C) in the presence of specific specific consent of the User, for the following marketing purposes: to send (via e-mail, post, sms or telephone contact) newsletters, updates on the activities of the Owner, advertising material or commercial communications - possibly also customized based on the User's consumption habits (profiling) - on products or services offered by the Owner that the User may consider to be of interest and to determine the degree of satisfaction on the quality of services, including requests for participation in analysis or research market;
D) in the presence of specific specific consent of the User, for the development of the commercial profile of the customer finalized, both to monitor the degree of customer satisfaction to ensure a better satisfaction of the needs of the same, and the sending of information material and / or advertising of specific interest to the customer, via e-mail.
Upon payment you will be asked to enter the 16 numbers of the credit card and the expiry date of the same. The data will be transferred to the company that manages online payment transactions (so-called "acquirer") in encrypted format and according to the security requirements set by the PCI certification. These data will in no way be processed by MAN SOCKS ITALIA SRL. Payments will be processed through a secure server-to-server connection using the SSL protocol (Secure Sockets Layer) with 128-bit encryption.
The legal basis that legitimizes the processing of data referred to in points "a" and "b" is the execution of an online sales contract of which the User is a party, or the performance of pre-contractual activities upon request of the User.
In the cases expressly indicated in points "c" and "d", the legal basis is the consent freely given by the User.
3. DATA CONFERENCE AND CONSENT
The provision of personal data indicated above for the aforementioned purposes is optional. However, as this processing is necessary to allow registration to the Site and the performance of the sales service and related activities, your refusal to provide the data in question will make it impossible to complete the registration procedure and to perform purchases on the Site.
The provision of data for the purposes referred to in paragraph C) of the preceding paragraph is optional and the failure to provide consent will not have any consequence on the contractual relationship with MAN SOCKS ITALIA SRL or the impossibility for MAN SOCKS ITALIA SRL to process the profiles customer consumption habits, as well as sending you information and advertising material of your specific interest.
In any case, the Data Controller will NOT process data qualifying as "particular categories of personal data" (articles 9 and 10 of the GDPR) or data revealing "racial or ethnic origin, political opinions, religious or philosophical convictions, or union membership ... genetic data, biometric data intended to uniquely identify a natural person, data related to health or sexual life or sexual orientation of the person ", for contractual needs and related fulfillment of legal and tax obligations and for staff selection needs.
In any case, you may object to the processing of your data for one or more of the aforementioned purposes by contacting Man Socks Italia srl at email@example.com.
4. METHOD OF TREATMENT
The data concerning you will be collected electronically and processed through operations of registration, organization, consultation, communication, processing, modification, extraction, use, storage, deletion and destruction of data, carried out mainly with the help of electronic tools, ensuring the use of suitable measures for the security of the data processed and ensuring the confidentiality of the same. The personal data concerning you, stored in electronic form, are stored and stored on an OTG INFORMATICA server.
The data are processed either by manual processing in paper format or with electronic or automated, computerized and telematic tools. The collected data are recorded and stored by OTG INFORMATICA and by the Data Controller in computer and paper archives, as well as stored and controlled in such a way as to minimize the risks of accidental destruction or loss, unauthorized access and unauthorized processing or not compliant with the purposes of the collection.
The data are processed by employees or collaborators of the Data Controller and/or OTG INFORMATICA, duly instructed in this regard.
The data recorded on the server are adequately protected against the risk of intrusion and unauthorized access. In addition, appropriate security measures have been adopted to guarantee the integrity and availability of data as well as the protection of the areas and premises relevant for their safekeeping and accessibility.
5. DATA COMMUNICATION
For the purposes referred to in point A), the personal data of the user will be processed by employees or collaborators of MAN SOCKS ITALIA SRL as persons in charge of data processing or data processors.
MAN SOCKS ITALIA SRL may communicate the user's data to specific subjects, appointed by the owner of the supply of services that are necessary or necessary for the execution of the obligations related to registration on the Website and online purchase, within the limits and in accordance with the instructions given.
In particular, your data may be communicated to:
- post offices, couriers or shippers responsible for delivering the purchased products;
- companies or internet providers in charge of sending advertising material on behalf of MAN SOCKS ITALIA SRL;
- by professionals, companies, associations or professional firms that provide the Data Controller with assistance or advice for administrative, accounting, tax, legal protection or selection of personnel
- companies or consultants possibly responsible for the installation, maintenance, updating and, in general, the management of the MAN SOCKS ITALIA SRL hardware or the hardware of which MAN SOCKS ITALIA SRL uses for the provision of its services;
- from banking institutions for collection and payments as well as any professionals - in single, associate or company form - for services and the management of payments by credit cards or electronic payment instruments in general, for the eventual recovery of credits or for certification activities of the holder's financial statements.
The updated list of Data Processors and Data Processors is kept at the registered office of the Data Controller.
Furthermore, your data will be communicated to all those subjects who have access to personal data by law, administrative or judicial measures and in any case by all public institutes established by law and, more generally, by all the bodies established by the law. current accounting and tax regulations as recipients of mandatory communications;
The personal data concerning you are not subject to disclosure.
6. TRANSFER YOUR PERSONAL DATA OUTSIDE THE EUROPEAN UNION
It may happen that your data transits or is hosted on servers owned or owned by our partners. For example, Data collected as part of our customer service can be transferred to our service providers located outside the European Union. These servers can be located all over the world, in countries whose laws could provide a different level of protection than ours. However, we are committed to taking the necessary measures to maintain an adequate level of privacy and security. For example, we may require our subcontractors and partners to implement measures to ensure the level of protection required by applicable regulations on Personal Data.
7. TRANSFER OF DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANIZATIONS
As part of the management of the contractual relationship, no transfer of the User's data to third countries outside the EU or to international organizations is envisaged.
8. PERIOD OF CONSERVATION OF PERSONAL DATA OR CRITERIA USED TO DETERMINE THIS PERIOD
Without prejudice to the specific provisions for credit card numbers and the fight against fraud, presented in Article (10) below, your Personal Data is stored in our active database, unless written revocation (e-mail) by of the customer, or starting from:
- your last purchase;
- your last visit to our site, provided that you have logged into your account and have visited our pages;
- your last contact with our customer service;
- the opening of a hyperlink in a newsletter or other commercial e-mail we send you (if you have consented).
The deletion of your data from our active database will be followed by a period of temporary storage in order to meet our legal, accounting and tax obligations, as well as to be able to handle any complaints, within the limits of the applicable limitation periods.
In the event that your data must be archived later, they will be irreversibly anonymised.
In any case, and in accordance with Article 8 below, you have the option at any time to request the cancellation of all or part of your data, to oppose their treatment or to request the limitation.
For the purposes referred to in art. 2, letters "a" and "b" the personal data of the User will be processed and stored by the Owner for the entire duration of the contractual relationship between the User and the Owner and, at the end of the same for any reason, will be kept for the expected time - for each category of data - by the current legislation on accounting, tax, civil law and litigation.
For the purposes referred to in art. 2, letters "c" and "d" the personal data of the User will be processed and stored by the Data Controller until the User has given his consent or until the User has exercised his right to object to the processing or of the cancellation of personal data.
9. RIGHTS OF THE INTERESTED PARTY
In your status as Data Subject and in relation to the processing described in this Notice, you have the rights set out in Articles 7, 15 to 21 and 77 of the GDPR and, in particular, the:
· Right of access - article 15 GDPR: the right to obtain confirmation that personal data concerning the User is being processed and, in this case, to obtain access to such personal data, including a copy thereof;
· Right of rectification - article 16 GDPR: right to obtain, without unjustified delay, the correction of incorrect personal data concerning the User and / or the integration of incomplete personal data;
· Right to cancellation (right to be forgotten) - Article 17 GDPR: right to obtain, without unjustified delay, the deletion of personal data concerning the User;
· Right of limitation of treatment - article 18 GDPR: right to obtain the limitation of treatment, when: the interested party disputes the accuracy of personal data, for the period necessary for the Data Controller to verify the accuracy of such data; the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited; personal data are necessary for the interested party to ascertain, exercise or defend a right in court; the interested party opposed the treatment pursuant to art. 21 GDPR, in the period of waiting for the verification on the possible prevalence of legitimate reasons of the Data Controller with respect to those of the interested party;
· Right to data portability - Article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, personal data concerning the User provided to the Owner and the right to transmit them to another Owner without impediments, if the treatment is based on consent and is carried out by automated means. Furthermore, the right to obtain that the personal data of the User is transmitted directly to another Data Controller if this is technically feasible;
· Right of opposition - Article 21 GDPR: right to object, at any time for reasons related to its particular situation, to the processing of personal data concerning the User based on the lawfulness of legitimate interest or the execution of a task of public interest or the exercise of public powers, including profiling, unless there are legitimate reasons for the holder to continue the treatment that prevail over the interests, rights and freedoms of the interested party or for the assessment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing;
· Right of revocation - article 7 GDPR: the User has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation;
· Right of complaint - article 77 GDPR: the User has the right to lodge a complaint with the Authority for the protection of personal data, Piazza di Montecitorio 121, 00186, Rome (RM).
10. MODALITIES OF EXERCISE OF RIGHTS
The User may at any time exercise his rights by sending a registered letter to:
Man Socks Italia srl, via G. Mazzini n. 105, cap 46043, Castiglione delle Stiviere (Mn), fax: +39 0376 632600
or write to PEC: firstname.lastname@example.org providing a document proving the identity and specifying:
- surname, name, e-mail address;
- Subject of Inquiry;
- address to which the reply must be sent;
We will reply within 30 days of receiving your request from our services. You also have the right to make a complaint with a supervisory authority.
For the exercise of the rights as indicated in this Notice and to receive any information relating to the same, the User may contact the Owner who, also through the designated facilities, will take charge of the request and provide the User without unjustified delay and in any case, at the latest, within one month of receipt of the same, information relating to the action taken regarding the request.
The exercise of rights by the User is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Owner may charge the User a reasonable fee, in light of the administrative costs incurred to manage his request, or deny the satisfaction of his request.
11. SAFEGUARDING AND CONFIDENTIALITY OF PAYMENTS
We attach great importance to the fact that your purchases are made under the best security conditions. Therefore, the transactions are confidential, encrypted and protected thanks to the SSL (Secure Sockets Layer) Domain & FO protocol. When you pay the order by credit card, the transaction takes place between you and Banca Monte Paschi di Siena SpA recognized for its reliability in Internet transactions.
We use different mechanisms in the fight against fraud:
- when you click on the "Confirm" button in addition to the order, our bank checks the validity of the credit card number and guarantees that there are no problems.
- At the time of online payment, you may be asked to log in before completing the transaction (through a redirect to your bank's website, via an SMS or with personal questions such as date of birth, zip code ...);
As part of this treatment, we remind you that you have all the rights listed in Article 9 above.
We do not store your bank details on our servers. For each order you will need to complete the appropriate fields during the purchase of your order. However, at the time of payment of the order, your data are routed automatically from our system to the banking system (as required by banking regulations) and are neither processed by us nor stored directly.
NAVIGATION DATA AND COOKIES
IP address retention
MAN SOCKS ITALIA SRL informs you that it will keep, within the terms established by law, the log files and IP addresses used when making an online purchase and this in order to prevent and verify possible fraud in online transactions.
Which cookies are used
MAN SOCKS ITALIA SRL uses different types of cookies, small text files that the site sends to the user's browser where they are stored before being re-transmitted to the site at the next visit of the same user. In the course of browsing the Website, the user can also receive cookies from different websites on his or her browser (so-called "third-party" cookies); this happens because on the Site there may be elements such as images or specific links to web pages of other domains that reside on servers other than the Site.
Session cookies are used to store the products that are placed in the shopping cart during the purchase process, to perform authentication, multimedia cookies (so-called flash cookies) necessary for the reproduction of video or audio content. If the user requests it (by selecting the "remember me" box when logging in), persistent cookies are enabled to allow the authentication credentials to be stored.
The cookies described above are cookies c.d. "Technicians", that is, they are used exclusively for technical purposes or respond to specific requests from the user of the Site.
The Site uses plug-ins to allow users of social networks to share content they like with their "friends" (and to propose other related features such as posting comments). These plug-ins store and access cookies in the user's terminal equipment in order to allow the social network to identify members when they interact with such plug-ins.
In particular, the Site uses plug-ins of Facebook, Twitter and Google +.
Facebook "Like" button (of the social network facebook.com managed by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). When the website accesses another website that contains this type of plug-in, the browser establishes a direct connection with the Facebook servers and sends this data to Facebook. This happens regardless of whether you are a member of Facebook, that you have logged in as a Facebook member or if you click the plug-in. If you are a member of Facebook and you are connected to Facebook while you are on the Site, Facebook will insert your visit to the Site on your Facebook account, even if you do not click the social plug-in. If you click on the plug-in, this information will be transmitted to your Facebook account, where it will be stored. We do not know in detail which of your data will be transmitted to Facebook or for what purpose Facebook uses this data. This information includes your IP address, the Facebook information on the site you have visited, the date and time of the visit and other information about the browser. If you enter the Website while you are still connected to Facebook, your login ID will also be collected and processed and Facebook will assign this visit to your Facebook account. If you do not want Facebook to collect your personal information through the Site, you must disconnect from Facebook before visiting the Site.
To know the purpose and information on the collection of data and the consequent treatment and use of the data by Facebook, as well as your rights and possible settings on the protection of your privacy are the indications on data protection of Facebook.
More information on the collection, storage and use of your personal data by Facebook, as well as on the configuration options available to you to protect your data are available at http://www.facebook.com/about/ Policy /.
"G + 1" button of the Google Plus social network (managed by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, US) When you select the "+1" button on a page of the Site, the "+1" button will allow your browser to create a direct connection with Google's servers. The content of the "+1" button - is transmitted by Google directly to your browser and integrated into the web page. BNK4 has no control over the collection of data carried out by Google through the selection of the button (surely your IP address will be registered by Google Plus). To know the purpose and information on the collection of data and the subsequent processing and use of the data by Google, as well as your rights and possible settings on the protection of your privacy read carefully the information on data protection of Google on "+1" button. If as a member of Google Plus you do not want Google to collect your personal data through the Site and link them to your data saved in Google, being you a member, you must disconnect from Google Plus before visiting the Site.
To improve the services offered, the Site uses the technologies of Google Analytics in order to perform a statistical evaluation on the use of the Site. Information can be collected, although anonymously, including the time of access, the type / version the browser used, the operating system, Java scripts enabled, URL addressing. None of this data can be directly attributed to a specific user. With reference to each type of cookie it is specified that:
• It will be possible to prevent Google from detecting data obtained from cookies and related to your use of the Site (for example, the number of clicks made on a page while browsing the Website), by downloading and installing the available browser plug-ins by selecting the following link https://tools.google.com/dlpage/gaoptout?hl=it.
Find more information at http://www.google.com/intl/it/analytics/privacyoverview.html. It is also specified that on this web page Google Analytics has been enriched with the code "gat.anonymizeIp ();", to guarantee an anonymous transmission of IP addresses (so-called IP-Masking, masking of an IP).
How to disable cookies
It is possible to choose at any time to disable cookies on your terminal through the browser configuration. Some pages may not work if you disable cookies completely but many third-party cookies can be blocked without problems. You can configure your browser to accept all cookies, reject them all, or be notified when a cookie is set. Each browser is different, so it is advisable to check the procedures in the browser guide to change your cookie preferences. Eg:
• Internet Explorer can block all cookies by selecting "Tools", "Internet Options", "Privacy" and selecting "Block all cookies" using the scroll selector.
• In Firefox you can block all cookies by selecting "Tools", "Options" and deselecting "Accept cookies from sites" in the "Privacy" tab.
• In Chrome you can block all cookies by selecting the icon that represents the wrench that is on the browser toolbar Select, then, Parameters then Display the advanced parameters. In the "Privacy" section, select Content parameters.
In the "Cookies" section you can:
Block cookies by default
Authorize cookies by default
Define the exceptions for cookies of some websites or domains
The blocking of all cookies will have, however, a negative impact on the functionality of the Site. You can also delete cookies already stored on your computer. Please check the guide of your browser.
For any information on cookies used by the Site, contact the Data Controller at the addresses indicated in paragraph 10 above.
The last modification to this Privacy Statement was made on 24.05.2018.