1 - INTRODUCTION
This section contains information on how shop.askollelectric.com manages the processing of shop.askollelectric.com users' data
This policy is also valid for the purposes of Art. 13 of Regulation (EU) 2016/679 (GDPR), on the protection of individuals with regard to the processing of personal data and on the free movement of such data, for persons interacting with shop.askollelectric.com and it is available at the address of the home page: www.shop.askollelectric.com
This information is provided only for shop.askollelectric.com and not for any other web sites that may be consulted by the user through the links contained therein.
The purpose of this document is to provide information on the methods, times and nature of the information that the data controllers must provide to users when they connect to the web pages of shop.askollelectric.com, regardless of the purposes of the connection itself, in accordance with Italian and European legislation.
This policy may be subject to change due to the introduction of new legislation in this matter, so please check this page periodically.
2 - DATA PROTECTION
The data controller is the natural person or legal entity that, alone or jointly with others, establishes the purposes and means of the processing of personal data.
With regard to this website, the data controllers are:
- New Works Webtech Srl, with registered office in Via San Gregorio, 44, 20124, Milan, Italy, tax code and VAT number 02658930132, which can be contacted at the following e-mail: firstname.lastname@example.org.
- Askoll Eva Spa, with registered office in Via Industria, 30, 36031, Dueville, Vicenza, Italy, tax code and VAT number 03873430247, which can be contacted at the following e-mail address: email@example.com.
Pursuant to Art. 26 GDPR, we hereby inform you:
- New Works Webtech is the controller of your personal data necessary: to process and manage your orders, to ship the products you have purchased, to provide you with the necessary after-sales assistance, to manage the procedure for returning any purchased products, and to comply with the provisions of the law;
- Askoll Eva Spa is the controller of your personal data required for: management of the Shop's accounts for the purposes of transition to new operators or internalisation of the services currently entrusted to New Works Webtech, to assist New Works Webtech in processing your position for the purposes of statutory or contractual warranties, including management of product return procedures, for management and maintenance of the Shop and, subject to obtaining your consent, for marketing purposes;
- for the purposes of marketing and sending commercial communications, the data controller is New Works Webtech Srl and Askoll Eva Spa.
3 - NAVIGATION
Your navigation of the website and/or the entry of data in certain areas of the website may result in the collection and further processing of your Personal Data by us. In fact, computer systems and the software procedures used to operate them automatically and indirectly administer and/or acquire certain information (such as, purely by way of example, the so-called "cookies" - as specified below - or the data expressly specified in the collection formats, such as your name, surname, e-mail address, nationality, address, telephone number, e-mail address, information about the market sector in which you operate and information about products you use or are interested in).
The information collected could be as follows:
internet protocol (IP) address;
- browser type and parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- data e orario di visita;
- date and time of visit;
- the visitor's source (referral) and exit web pages;
- possibly the number of clicks;
- comments made in fields on the site;
- e-mail address;
- the identifier for advertising on your mobile device (IDFA - Identifier for Advertising - for iOS devices and AAID - Google Advertising ID - for Android devices).
The collection and use of information obtained by means of the plug-in are governed by the respective privacy policies of the social networks, to which please refer:
|Purpose of processing
||Legal basis of processing
|Handling and responding to your specific requests by contacting us directly
|marketing activities, commercial communications, market research, receipt of newsletters
||until you revoke your consent, which can be exercised at any time by using the link at the bottom of each promotional email (as regards marketing activities and the newsletter) or by sending us an email, which you can find in the contacts above
|to provide you with the products and services you have purchased and to send you communications relating to your order or payments
||performance of the sales contract or pre-contractual measures
||10 years or end at the request of account deletion
|for you to interact with customer service operators
||performance of the sales contract or pre-contractual measures
||10 years or end at the request of account deletion
|management and performance of the statutory obligations (accounting, administrative, fiscal, etc.).
||10 years or end at the request of account deletion
|management of disputes and litigation, if any; to prevent or control unlawful conduct or to protect and enforce rights
||up to the prescribed limitation periods or up to the statutory periods
||consent, as notified by the site access banner
||the retention period of these cookies runs from the date on which they are enabled on the site until they are disabled or the cookie itself expires
- Facebook: https://www.facebook.com/help/cookies
- Instagram: https://help.instagram.com/155833707900388
- Twitter: https://support.twitter.com/articles/20170519-uso-dei-cookie-e-di-altre-tecnologie-simili-da-parte-di-twitter
- Google+: http://www.google.com/policies/technologies/cookies
- Pinterest: https://about.pinterest.com/it/privacy-policy
- AddThis: http://www.addthis.com/privacy/privacy-policy
- Linkedin: https://www.linkedin.com/legal/cookie-policy
4. PURPOSE OF DATA PROCESSING, LEGAL BASIS OF PROCESSING AND RETENTION PERIOD
We process your data for different purposes, and for each purpose we comply with the retention periods and conditions of lawfulness. The Data Controller will not retain your Personal Data for longer than is necessary to fulfil the purpose for which it was processed. Data will be kept for as long as permitted or required by law. In order to ensure compliance with the principles of necessity and proportionality of processing, the Controller has identified different retention periods for Personal Data in relation to the individual purposes pursued.
5. HOW WE PROCESS YOUR DATA
Processing of your Personal Data may include any operation such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
The operations may be carried out with or without the aid of electronic or automated tools.
The processing is carried out by the Data Controller and/or by the persons in charge of the processing who operate under the direct authority of the Data Controller in accordance with the instructions given or by third parties appointed as external data processors.
6. WHERE WE PROCESS YOUR DATA
Your Personal Data is mainly processed at the premises of the data controllers, so the physical location may vary according to the processing purposes set out in paragraph 1. In addition, they may be processed in the places where the external data processors are located.
This website may share some of the data collected with services located outside the European Union, such as Google, Facebook and Microsoft (LinkedIn) via social plug-ins and the Google Analytics service
If you consent to the processing of your Data for marketing and promotional purposes, some of your Data (name, surname, e-mail address) will be transferred to our newsletter software partners who are based worldwide, including outside the European Union.
We inform you that we only transfer your Personal Data to entities located in countries for which there is an appropriate decision of the EU Commission ensuring their adequacy and guarantee of processing in accordance with the provisions of Reg. 679/2016 (GDPR) or only after verification of the registration of the external data controller under the system called "Privacy Shield".
7. WHO THE RECIPIENTS OF YOUR PERSONAL DATA ARE
Your Personal Data may be communicated to and processed by:
- legal entities or natural persons acting as external data processors, carrying out activities in outsourcing, appointed by the Controller or by the Controller's external data processors (including entities entrusted with the assistance, communication, marketing, advertising, promotion and sale of products and/or services as well as advertisers, advertising agencies, IT service providers, Site/APP managers, electronic platform managers, partners, credit institutions, professional firms);
- employees and/or contractors of the Controller (including system administrators) who, acting under the direct authority of the Controller, will be authorised to process your Personal Data; and
- employees and/or contractors of the external data processors (including system administrators) who, acting under the direct authority of the external data controllers, will be authorised to process your Personal Data.
Your Personal Data will not be disclosed to third parties except where your Personal Data is disclosed by the Controller to consultants in order to protect its rights, nor will it be disseminated.
8. OBLIGATION TO PROVIDE DATA
The provision of data must be deemed compulsory with regard to the processing that the organisation must carry out in order to fulfil its obligations towards the data subject on the basis of the relationship (or contract) in place, as well as obligations under laws, rules, regulations.
Consent is not compulsory for all other purposes and, even if given, may be revoked at any time by the data subject.
9. REFUSAL TO PROVIDE DATA
Failure to provide the data that you are obliged to communicate may make it impossible to fulfil your requests or to initiate a business relationship and contracts that you wish to establish with the Controller.
In the event of non-compulsory data not being provided, the consequences will be assessed on a case-by-case basis and will presumably result in the non-performance of the service linked to such data.
10. RIGHTS OF THE DATA SUBJECT
|Right of withdrawal of consent (Art. 13 para. II lit. A and Art. 9 para. II lit. A GDPR)
You have the right to revoke your consent at any time for all processing operations for which you have given your consent as indicated in the purpose table above.
Withdrawal of consent shall not affect the lawfulness of the previous processing.
|Right of access to data (Art. 15)
||You may request (a) the purposes of the processing; (b) the categories of personal data concerned; (c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations; (d) where possible, the proposed period of retention of personal data or, if that is not possible, the criteria used to determine that period; (e) the existence of your right to request from the Controller the rectification or erasure of your personal data or the restriction of the processing of your personal data or to object to the processing of your personal data; (f) the right to lodge a complaint with a supervisory authority; (g) where the data are not collected from you, all available information on their origin; (h) the existence of automated decision-making, including profiling as referred to in Art. 22(1) and (4), and, at least in such cases, meaningful information about the logic used and the importance and expected consequences of such processing for you. You have the right to request a copy of the personal data being processed.
|Right to rectification (Art. 16)
||You have the right to request the correction of inaccurate personal data concerning you and to obtain the integration of incomplete personal data.
|Right to be forgotten (Art. 17)
||You have the right to obtain from the Data Controller the deletion of personal data concerning you if the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed, if you revoke your consent, if there is no overriding legitimate reason to proceed with the profiling processing, if the data have been processed unlawfully, if there is a legal obligation to delete them; if the data are related to web services to minors without consent. Deletion may take place unless the right to freedom of expression and information prevails, the data are retained for the fulfilment of a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority, for reasons of public interest in the health sector, for archiving in the public interest, for scientific or historical research or statistical purposes or for the establishment, exercise or defence of legal claims.
Right to limitation of processing (Art. 18)
||You have the right to obtain from the Data Controller the restriction of processing when you have contested the accuracy of personal data (for the period necessary for the Data Controller to verify the accuracy of such personal data), or if the processing is unlawful and you object to the deletion of your personal data and request instead that their use be restricted, or if they are necessary for the establishment, exercise or defence of a right in court, whereas the Data Controller no longer needs them.
|Right to portability (Art. 20)
||You have the right to receive in a structured, commonly used and machine-readable format the personal data concerning you that you have provided to us and you have the right to transmit them to another if the processing is based on consent, on contract and if the processing is carried out by automated means, unless the processing is necessary for the performance of a task carried out in the public interest or in connection with the exercise of official authority and such transmission does not affect the right of a third party.
|Right to lodge a complaint with the supervisory authority (Garante per la protezione dei dati personali) (Art. 77)
||Without prejudice to any other administrative or judicial remedy, if you consider that the processing of your personal data is in breach of the Data Protection Regulation, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which you have your habitual residence, work or in which the alleged breach has occurred.
11. PROCEDURE FOR EXERCISING THE RELEVANT RIGHTS
You may at any time exercise the rights listed in this notice by contacting the Data Controllers (see par. 2 and 3).
You may lodge a complaint with the Garante by following the instructions provided on the Garante's website, in the "Forms" section, under "Complaint" (or by clicking on the following link).
12. INFORMATION NOTICE ON COOKIES
When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.
Data processing agreement
We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.
Server log files
Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:
- Your consent status or the withdrawal of consent
- Your anonymised IP address
- Information about your Browser
- Information about your Device
- The date and time you have visited our website
- The webpage url where you saved or updated your consent preferences
- The approximate location of the user that saved their consent preference
- A universally unique identifier (UUID) of the website visitor that clicked the cookie banner
13. AMENDMENTS TO THIS DOCUMENT
This document may be changed or updated. If there are significant changes and updates, these will be notified to users.