With Regulation (EU) 679/2016 and aligning (Italian) Legislative Decree 101/2018 laying down provisions on the protection of individuals with regard to the processing of personal data, Tecnostyle Srl, owner of the domain name www.tecnostyle.com, with registered office in Via Monte Bianco 8/10 - 31040 Trevignano (TV), Italy, hereinafter referred to as “Company", as Data Controller is required to provide certain information about the use of personal data and cookies.
Legal basis of processing
Expression of consent to data collection and processing is optional. The user may refuse to consent and at any time withdraw consent already provided (using the email address email@example.com). Nevertheless, refusing consent may make it impossible to deliver some services or process purchase orders, and the browsing experience on the website may be compromised.
In any case, the user is free to provide his/her data to the company.
From 25 May 2018 (date of entry into force of the GDPR), this website will process some data according to the legitimate interests of the Data Controller.
Nature of data processed
This website processes generic and anonymous data. Specifically, it uses log files to store data collected electronically while the user is visiting a web page on the website. The data collected is as follows: Internet Protocol (IP) address; browser type and parameters of the device used to connect to the website; name of the Internet Service Provider (ISP); date and time of visit; visitor’s referral and exit pages; country of origin; and possibly the number of clicks; as well as the numerical server response status code (success, error, etc) and other parameters relating to the user’s operating system and IT environment. This data is only used to obtain anonymous statistical information about usage of the website and to check it is operating correctly. Only at the request of the relevant supervisory authorities may the data be used to determine responsibility in the event of computer crimes committed against the website.
The optional, explicit and voluntary sending, also by email, involves the subsequent acquisition of the sender’s address, necessary to respond to requests or process orders, as well as any other personal data included in the message/communication.
How data is collected and used
a. Order: The Company collects and processes customer data for the execution of purchase orders, for any complaints after purchases and to provide the customer with the services available. This data is necessary to manage orders, also with business partners (e.g. logistics providers, couriers, banks). It is essential to enter a correct delivery address to order items. A telephone number is also necessary to allow the Company to contact the customer with any questions or requests for clarification. Finally, an email address is necessary for the Company to communicate acknowledgement of receipt of the order to the customer and for any other communications.
b. Customer data: The data related to customer orders is saved in the Company’s system but cannot be freely accessible for security reasons.
Purpose of data processing and storage methods
The data is processed for the following purposes:
• In an exclusively aggregate and anonymous form in order to verify the correct functioning of the website. None of this information is related to the individual/website user, and does not in any way allow its identification (from 25 May 2018 this information will be processed according to the legitimate interests of the Data Controller);
• For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may also include personal data such as the IP address which may be used, in accordance with applicable laws, to block attempts to damage the website itself or cause damage to other users, or otherwise damaging or criminal activities. This data is never used for the identification or profiling of the user, nor cross-referenced with other data, nor provided to third parties. It is used only to protect the website and its users (from 25 May 2018 this information will be processed according to the legitimate interests of the Data Controller);
• Commercial and contractual purposes and the consequent fulfilment of legal and contractual obligations arising from the online purchase of products on the website, as well as to efficiently manage the relative commercial relationships. The sole purpose of the processing of your personal data is so that the Company can deliver all the activities inherent and instrumental to the proper management and execution of tax and accounting obligations for the management and execution of any contracts, as well as administration and payment management operations;
• Technologies necessary for continued operation of the website;
The data received will be used exclusively to process the purchase order or for requests made by the user and only for the time necessary to deliver the service. However, please note that when the user visits the website www.tecnostyle.com, some data is collected and saved. The domain name or IP address of the access computer is temporarily saved for security reasons. Other data may also be saved, such as the access date, response code and quantity of data (bytes) transmitted. Data is only analysed on a strictly anonymous basis.
The user is responsible for checking that he/she has the permission to enter personal data of third parties or content protected by national and international regulations.
In any case, the data collected by the website during its operation is used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities.
In any case, the personal data recorded by the website will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authorities and only in the cases provided for by law. However, the data may be provided to third parties if this is necessary for the provision of a specific service requested by the user or for carrying out security checks or website optimisation.
Scope of disclosure and categories of subjects
The personal data will be known and processed, in accordance with applicable laws, by the personnel of the Company, identified as the Data Processor and in service at the relevant premises. The personal data collected by the Company may be also disclosed, within the limits strictly relevant for the purposes indicated above, to the following subjects or categories of subjects:
• Persons to whom the communication is required by law, regulation or national and EU legislation (e.g. public administrations and bodies whose duties include safety and protection in the workplace), as well as for the performance of contractual or pre-contractual obligations (credit institutions, insurance companies and similar organisations);
• Persons to whom it was essential to disclose the data for activities strictly related to the relationship with the Company, such as consultants, professionals, collaborators or suppliers who collaborate with the organisation for aspects related to the management of activities;
• Legal, accounting and employment consultants, also for the study and resolution of any legal problems related to the existing contractual position (e.g. attorneys, for the purpose of managing criminal, civil and administrative proceedings; judicial authorities of any order and level; arbitrators; independent professionals, for the purpose of representation or consultancy, including those of the counterparty when due; insurance companies in the case of insurance policies requiring such communications).
Location of data processing
The processing related to the services of this website takes place at the aforementioned registered office of the Company and is carried out only by technical personnel in charge of processing, or by persons in charge of occasional maintenance operations. No data from the web service is communicated or disclosed. The personal data provided by users who request information material is only used to perform the service or performance requested.
Session cookies (technical cookies)
These cookies are essential to allow you to move around the website and use its features. Without these cookies, the services requested cannot be provided. No prior user consent is required for this type of cookie to be used.
How to remove or block cookies
You can prevent a website from using cookies for the activities described or you can delete all cookies saved using the tools provided by your browser (the browser is the programme used to browse websites). Please note that if you decide to disable all cookies, some functions of the website you are browsing may be compromised. You can browse by temporarily preventing your browser from recording cookies generated by websites by enabling incognito browsing mode (also called "private browsing" or "anonymous browsing"), available on modern browsers. In this mode the browser, depending on the version used, does not record cookies or only records some cookies necessary for operation of the website. The cookies are nonetheless deleted once the window is closed. Furthermore, in this mode the websites displayed in the history are not saved and the information typed in the forms present on the pages is not saved.
Further instructions are available on the support websites of the browser used: Google Chrome and Google Chrome Mobile, Microsoft Internet Explorer, Mozilla Firefox, Apple Safari, Apple Safari Mobile.
You can disable cookies altogether or delete them. You can prevent only advertising or behavioural cookies from being saved using the service provided by the website Your Online Choices.
Cookies are not used to send information of a personal nature, nor are any so-called persistent cookies used, i.e. systems for tracking users. The use of so-called session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable secure and efficient browsing of the website. The so-called session cookies used on this website avoid resorting to other computer techniques potentially damaging to confidentiality of user browsing and do not allow the acquisition of personal identification data of the user.
As specified above, cookies are small text files that are stored locally in the intermediate memory of the browser used by the web visitor. Cookies allow the visitor to be recognised.
This website processes user data in a lawful and correct manner, taking appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of data. Processing takes place using IT and/or telematic tools, with organisational procedures and logics strictly related to the indicated purposes. In particular, the website management software is constantly updated and regularly scanned to check for viruses and dangerous code.
In addition to the Data Controller, in some cases categories of subjects involved in the organisation of the website (administrative, commercial, marketing and legal personnel as well as system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies and communication agencies) may have access to the data.
At any time, users may exercise their rights with the Data Controller pursuant to Regulation (EU) 2016/679, by contacting the Data Processor. To ensure the proper exercise of rights, the user must make him/herself uniquely identifiable. The company undertakes to provide feedback within 30 days and, if it is impossible to comply with these deadlines, to justify any extension of time limits. Feedback will be free of charge except in cases of groundlessness (e.g. there is no data concerning the applicant) or excessive requests (e.g. repetitive over time), for which a fee may be charged that does not exceed the costs actually incurred for the research carried out in the specific case. The rights relating to personal data concerning deceased persons may be exercised by those who have a vested interest or who act to protect the data subject, or for family reasons worthy of protection. The data subject may also lodge a complaint with the supervisory authority. In case of violation of personal data suffered by the Company, the Data Controller will notify the violation to the competent supervisory authority within 72 hours of the occurrence and will also communicate the event to the data subject.
In particular, the data subject has the right to obtain:
• The origin of personal data
• The categories of data processed
• The purposes and methods of processing
• The retention period
• The logic applied in case of processing carried out using electronic tools
• The identification details of the Data Controller
• The subjects and categories of subjects to whom the personal data may be communicated or who may become aware of the data in their capacity as Data Processors or persons in charge, also in third countries.
• The existence of profiling.
• Confirmation of the existence or not of their personal data and that this data is made available in an intelligible form.
• The updating, correction, integration of data and limitation.
• The deletion, transformation into anonymous form or blocking of data processed in violation of the law (including data for which retention is unnecessary in relation to the purposes for which it was collected and subsequently processed).
• A copy of the data being processed
Right to object
Finally, the data subject is informed of the right to oppose:
• The processing of personal data concerning the data subject, including profiling for legitimate reasons, even if it is relevant for the purpose of collection.
• The processing of personal data concerning the data subject for the purposes of: sending advertising material, direct selling, carrying out market research, commercial communications;
• The processing of data for scientific or historic purposes or for statistical purposes except in the case of public interest in the processing.
The Data Controller is Tecnostyle Srl and all communications can be addressed to the Data Processor at the email address firstname.lastname@example.org or at the Company’s registered office address.