Information on the processing of personal data
Michele Inzerillo protects the data of the users of the Site and its Customers and guarantees that the processing is in compliance with the provisions of the privacy legislation pursuant to Legislative Decree no. 196/2003 (the "Code") integrated with the changes introduced by the d. lgs. n. 101/2018 for adaptation to EU Regulation no. 679/2016 (the "GDPR").
Owner of the processing of personal data collected on the Site is Michele Inzerillo Srl, with registered office in Palermo, Viale Alcide De Gasperi n. 62, 90146, registration with the Palermo Companies Register n. 14177, Fiscal Code and VAT number n. IT04645570823, PEC email@example.com .
Inzerillo can always be contacted by e-mail at firstname.lastname@example.org .
Personal data processing means any operation or set of operations, performed with or without the use of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction .
Personal data collected and purposes of processing
Browsing data and cookies
The computer systems and software procedures used to operate the Site, during their operation, collect some data whose transmission is implicit in the use of Internet communication protocols. Such data may be, for example, IP addresses, domain names and other information relating to the user's operating and computer system; said information, although not collected to be associated with subjects for their identification, if associated with other data, could allow the identification of users.
In addition, to improve the operation and the browsing experience, the Site uses profiling cookies of its own and of other sites, and other similar technologies, through the Google Analytics, Facebook web platforms.
Cookies are small files that an Internet site sends to the browser and saves on the computer when you visit the Internet site, allow it to work, or improve its performance.
The user can always disable cookies through the browser settings and / or deny consent to their use through the banner that appears at the first access to the site.
Disabling cookies, however, may cause the Website to malfunction and / or limit the service offered. For more information on the use of these technologies, as well as on the modalities of decommissioning, see the Cookie s Policy.
Therefore, following the consultation of the Site, in the case of consent to their use and non-deactivation of cookies, some information is automatically recorded, collected on the basis of Inzerillo's legitimate interest in being able to improve and offer all the features of its own Site.
This information is not associated with identified but used data in order to obtain anonymous statistical information on the use of the Site, to check its correct functioning, to improve the browsing experience.
Personal data provided voluntarily by the interested party
The personal and fiscal personal data communicated by the Customer during the purchase phase (name, surname and e-mail address, telephone number, data necessary for the provision of the online sales service, such as those used to make the payment and shipment / exchange of the purchased products) are collected by Inzerillo in order to fulfill the pre-contractual, contractual and fiscal obligations (for example to allow the management of orders, invoicing and delivery of products ordered by users on the Site, activate the procedures for execution of the contract and the related necessary communications) and fulfill the obligations established by law.
The data necessary for the delivery are communicated to the carriers for the sole purpose of being able to carry out the relative service.
With reference to the information on the transactions, it is specified that payments are received through authorized external platforms, in compliance with the law, the management of payment data (Paypal Credit Card) or by bank transfer directly on the current account in Inzerillo.
In particular, in the case of payment by credit card, the fundamental information for the execution of the transaction (credit / debit card number, expiry date, security code) are processed by Banca Sella - Paypal - Worldpay - Adyen or possibly by companies in charge of the anti-fraud control using an encrypted protocol and without any third parties being able to access it in any way. This information will never be displayed or stored by the owner.
The communication of personal data by the Customer to complete the purchase, payment and delivery of goods is mandatory as a necessary condition for the correct and timely execution of the purchase contract. In default, the Customer's request can not be given and it will be impossible to provide the relative services.
Any other data are provided by the Customer on an optional basis, subject to specific and separate consent to the processing (eg for marketing purposes, for registration of the account); failure to provide them does not affect the conclusion of the purchase and / or the provision of related services.
The personal data provided voluntarily by the Customer who intends to register on the Site by creating an account to facilitate their purchases and be able to view the history, are used by Inzerillo to manage the account itself and, if the registered Customer makes a purchase, even for the fulfillment of pre-contractual, contractual, tax and legal obligations.
If the Customer declares that he wishes to receive newsletters, by selecting the optional subscription to the newsletter and providing the specific consent required, the e-mail address provided will also be used to send promotions and marketing information material.
You can choose any time not to receive further marketing communications by clicking on the relevant subscription cancellation link at the bottom of any marketing e-mail.
Purpose of the treatment
The personal data of the user, freely communicated and acquired directly and / or through third parties on the basis of the activity carried out by Inzerillo, is collected electronically in relation to the processing methods.
In particular, personal data are processed lawfully for the following purposes:
A) without the express consent of the user (Article 24 letter a, b, c Code and Article 6 letter b, and GDPR), for the following purposes related to and instrumental to the activation and operation of the services provided by Inzerillo:
The provision of the data requested at the time of activation of the services, for the purposes mentioned above, is mandatory, as it is strictly functional to the performance of the same.
B) Only subject to specific and distinct consent (articles 23 and 130 of the Code and Article 7 of the GDPR), for the following marketing purposes:
The provision of data for the purposes mentioned above is optional. The refusal of consent for these purposes will not produce any consequence on the purchase of products and / or the provision of services.
Methods of data processing and communication
Personal data, collected electronically, are processed through appropriate electronic or automated means, computerized and telematic or through paper, for the purposes for which they were collected and in such a way as to guarantee the confidentiality and security of the data .
Inzerillo undertakes to treat data and information transmitted by the user with confidentiality and not to disclose it to unauthorized persons, or to use it for purposes other than those for which it was collected.
Personal data is processed by internal personnel duly authorized for processing in the scope of the tasks performed and possibly by external parties acting on behalf of Inzerillo as external processors (banks and lenders, technical service providers, hosting providers , IT companies, communication agencies, postal couriers and shipping companies, consultants) and communicated exclusively for the purposes for which they were acquired.
Personal data may also be disclosed to Public Administrations, judicial authorities and to those subjects to whom the communication is mandatory for the performance of the institutional functions within the limits established by law or regulations.
The personal data of the user, stored in electronic form, are stored and stored on servers located within the European Union.
In any case, it is understood that the Data Controller, if necessary, will have the right to move the servers even outside the EU. In this case, Inzerillo ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission.
Time of conservation
In any case, the acquired data will be kept for a period of time not exceeding that necessary for the purposes for which they were collected or subsequently processed.
At the end of the processing period, the data will be securely deleted or permanently anonymized.
Rights of the interested party
The user has the right to request at any time information relating to their personal data held by the Owner.
In particular, in his capacity as an interested party, the user enjoys the rights referred to in Articles 7 of the Code and 15 of the GDPR and precisely the rights of:
the. obtain confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in an intelligible form;
ii. obtain the indication: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) of the identification details of the owner, the managers and the designated representative pursuant to art. 5, paragraph 2 Code and art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the territory of the State, managers or agents;
iii. obtain: a) updating, rectification or, when interested, integration of data; b) cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which such fulfillment is it proves impossible or involves a use of means manifestly disproportionate to the protected right;
iv. to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning him / her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and / or through traditional marketing methods by telephone and / or paper mail.
Where applicable, the person concerned also has the rights set forth in articles from 16 to 21 GDPR (Right of rectification, right to be forgotten, right to limit the processing, right to data portability, right to object to the treatment), as well as the right to lodge a complaint with the Guarantor.
How to exercise rights
To exercise their rights as well as to receive information about the subjects to whom the data are stored or to which the data are communicated or to the subjects who, as managers or agents, may become aware of the data, the user can contact at any time Inzerillo at email@example.com .
This Site and the services of the Owner are not intended for minors under the age of 18; therefore the Owner does not intentionally collect personal information related to minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of users.
Changes to this information
Update of 4/11/2018