XStore theme eCommerce WordPress Themes XStore wordpress support forum best wordpress themes WordPress WooCommerce Themes Premium WordPress Themes WooCommerce Themes WordPress Themes wordpress support forum Best WooCommerce Themes XStore WordPress Themes XStore Documentation eCommerce WordPress Themes
check availability

WEBSITE DATA PRIVACY POLICY

updated to EU Regulation 2016/679

(European Regulation on the protection of personal data)

 

1) Identification details of the OWNER, the person responsible and the Privacy Officer

The DATA CONTROLLER is:

Valentina Bacchetta (hereinafter OWNER)

Contrada Mangiatello, MARTINA FRANCA (TA) 74015 Italy

Email: itrullidizoe@gmail.com

 

2) Introduction

The OWNER takes the user’s privacy seriously and undertakes to respect it. This privacy policy (“Privacy Policy”) describes the personal data processing activities carried out by the OWNER through this site and the related commitments undertaken in this regard by the Company. The OWNER may process the user’s personal data when the user visits the Site and uses the services and features on the Site. In the sections of the Site where the user’s personal data are collected, a specific information notice is normally published pursuant to art. 13 /15 of EU Reg. 2016/679.

Where required by EU Reg. 2016/679, the user’s consent will be requested before proceeding with the processing of his/her personal data. If the user provides personal data of third parties, he/she must ensure that the communication of the data to the DATA CONTROLLER and the subsequent processing for the purposes specified in the applicable privacy policy complies with EU Reg. 2016/679 and applicable legislation.

 

3) Type of data processed

Visiting and consulting the Site does not generally involve the collection and processing of the user’s personal data except for navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the user may be processed when the user interacts with the Site’s features or requests to use the services offered on the Site. In compliance with the Privacy Code, OWNER may also collect the user’s personal data from third parties in the course of its business.

 

4) Cookies and navigation data

The Site uses “cookies”. By using the Site, the user consents to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the hard disk of the user’s computer. There are two macro-categories of cookies: technical cookies and profiling cookies.

Technical cookies are necessary for the correct functioning of a website and to allow the user to navigate; without them the user may not be able to correctly view the pages or use some services.

Profiling cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the user during navigation.

Cookies can also be classified as:

_ “session” cookies, which are deleted immediately when the browser is closed; _ “persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site, facilitating authentication operations for the user;

_ “proprietary” cookies, generated and managed directly by the manager of the website on which the user is browsing;

_ “third party” cookies, generated and managed by parties other than the manager of the website on which the user is browsing.

5) Cookies used on the site

The Site uses the following types of cookies:

1) first-party cookies, session and persistent, necessary to allow navigation on the Site, for internal security and system administration purposes;

2) third-party cookies, session and persistent, necessary to allow the user to use multimedia elements present on the Site, such as images and videos;

3) third-party, persistent cookies used by the Site to send statistical information to the Google Analytics system, through which the OWNER can perform statistical analyses of accesses/visits to the Site. The cookies used pursue exclusively statistical purposes and collect information in aggregate form. Through a pair of cookies, one persistent and the other session (expiring when the browser is closed), Google Analytics also saves a log with the times of start of the visit to the Site and exit from it. You can prevent Google from detecting data via cookies and the subsequent processing of data by downloading and installing the browser plug-in from the following address: http://tools.google.com/dlpage/gaoptout?hl=it

 

4) third-party cookies, persistent, used by the Site to include in its pages the buttons of some social networks (Facebook, Instagram, Whats App and Google+ etc.). By selecting one of these buttons, the user can publish on his personal page of the relevant social network the contents of the web page of the Site he is visiting

 

The Site may contain links to other sites (Facebook, Instagram, Whats App, Google+ etc.). OWNER does not perform any access or control over cookies, web beacons and other user tracking technologies that may be used by third-party sites that the user can access from the Site; OWNER does not perform any control over content and materials published by or obtained through third-party sites, nor over the related methods of processing of the user’s personal data, and expressly declines any related liability for such eventualities. The user is required to verify the privacy policy of third-party sites accessed through the Site and to inform themselves about the conditions applicable to the processing of their personal data. This Privacy Policy applies only to the Site as defined above.

 

6) How to disable cookies in browsers

If you wish, you can also directly manage cookies through your browser settings. However, deleting cookies from your browser may remove the preferences you have set for the site, so it would be advisable to periodically visit this page to re-check your preferences.

For further information and support you can also visit the specific help page of the web browser you are using:

7) Storage of personal data

Personal data are stored and processed through computer systems owned by the OWNER and managed or by third-party technical service providers; for further details, please refer to the section “Scope of accessibility of personal data” below. The data are processed exclusively by specifically authorized personnel, including personnel in charge of carrying out extraordinary maintenance operations. Personal data will be stored for the duration of the contract and after the end of the contract in order to fulfill the legal obligation of the OWNER, including claims for any complaints, in accordance with applicable law, and will then be deleted or made anonymous.

If we consent to the processing of our products and services for direct marketing purposes after the expiry of the contract, we will process the data until the consent is revoked.

8) Purposes and methods of data processing

OWNER may process the user’s common and sensitive personal data for the following purposes: use by users of services and features on the Site, management of requests and reports by its users, etc.

Furthermore, with the additional and specific optional consent of the user, OWNER may process personal data for marketing purposes, i.e. to send the user promotional material and/or commercial communications relating to the Company’s services, to the contact details indicated, both through traditional methods and/or means of contact (such as, paper mail, telephone calls with an operator, etc.) and automated methods and/or means (such as, communications via the Internet, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablets – so-called APPS -, social network accounts – e.g. via Facebook or Instagram -, telephone calls with an automatic operator, etc.).

Personal data are processed both in paper and electronic form and entered into the company information system in full compliance with EU Regulation 2016/679, including security and confidentiality profiles and inspired by the principles of correctness and lawfulness of processing. In compliance with EU Regulation 2016/679, the data are stored and preserved for the time necessary to achieve the purposes for which they are processed and in any case for the entire time in which you decide to be registered on our website.

 

9) Security and quality of personal data

OWNER undertakes to protect the security of the user’s personal data and complies with the security provisions set forth by applicable legislation in order to avoid data loss, illegitimate or illicit use of data and unauthorized access to the same, with particular reference to the Technical Regulations regarding minimum security measures. Furthermore, the information systems and computer programs used by OWNER are configured in such a way as to minimize the use of personal and identifying data; such data are processed only for the achievement of the specific purposes pursued from time to time. OWNER uses multiple advanced security technologies and procedures designed to promote the protection of users’ personal data; for example, personal data are stored on secure servers located in places with protected and controlled access. The user can help OWNER to update and maintain correct personal data by communicating any changes relating to their address, qualification, contact information, etc.

 

10) Scope of communication and access to data

Your personal data may be communicated to:

all subjects whose right to access such data is recognised by virtue of regulatory provisions;

to our collaborators, employees, within the scope of their respective duties;

to all those natural and/or legal persons, public and/or private, when communication is necessary or functional to the performance of our activity and in the ways and for the purposes illustrated above;

 

11) Nature of the provision of personal data

The provision of some personal data by the user is mandatory to allow the Company to manage communications, requests received from the user or to contact the user to follow up on his request. This type of data is marked with an asterisk [*] and in this case the provision is mandatory to allow the Company to follow up on the request which, in its absence, cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide them will not entail any consequences for the user.

The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and methods of processing” is optional and refusal to provide them will have no consequences. The consent given for marketing purposes is intended to be extended to the sending of communications carried out through both automated and traditional methods and/or means of contact, as exemplified above.

 

12) Rights of the interested party

12.1 Art. 15 (right of access), 16 (right of rectification) of EU Reg. 2016/679

The interested party has the right to obtain from the DATA CONTROLLER confirmation as to whether or not personal data concerning him or her are being processed and, where that is the case, to obtain access to the personal data and the following information:

  1. a) the purposes of the processing;
  1. b) the categories of personal data concerned;
  1. c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  1. d) the envisaged period for which the personal data will be stored, or, if that is not possible, the criteria used to determine that period;
  1. e) the existence of the right of the interested party to ask the DATA CONTROLLER to rectify or erase personal data or to limit the processing of personal data concerning him or her or to oppose their processing;
  1. f) the right to lodge a complaint with a supervisory authority;
  1. h) the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

12.2 Right under art. 17 of EU Reg. 2016/679 – right to erasure (“right to be forgotten”)

The interested party has the right to obtain from the DATA CONTROLLER the erasure of personal data concerning him or her without undue delay and the DATA CONTROLLER has the obligation to erase personal data without undue delay, if one of the following reasons exists:

  1. a) the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  1. (b) the data subject withdraws consent on which the processing is based according to Article 6, paragraph 1, point (a), or Article 9, paragraph 2, point (a), and where there is no other legal ground for the processing;
  1. (c) the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
  1. d) the personal data have been unlawfully processed;
  1. e) the personal data must be erased for compliance with a legal obligation under Union or Member State law to which the DATA CONTROLLER is subject;
  1. f) the personal data have been collected in relation to the offer of information society services referred to in Article 8, paragraph 1 of EU Reg. 2016/679

12.3 Right under art. 18 Right to restriction of processing

The interested party has the right to obtain from the DATA CONTROLLER the limitation of the processing when one of the following hypotheses occurs:

  1. a) the interested party contests the accuracy of the personal data, for the period necessary for the DATA CONTROLLER to verify the accuracy of such personal data;
  1. b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  1. c) although the DATA CONTROLLER no longer needs them for the purposes of the processing, the personal data are necessary for the interested party to ascertain, exercise or defend a right in court;
  1. d) the interested party has opposed the processing pursuant to Article 21, paragraph 1, EU Regulation 2016/679 pending verification of the possible prevalence of the legitimate reasons of the DATA CONTROLLER with respect to those of the interested party.

12.4 Right under art. 20 Right to data portability

The interested party has the right to receive in a structured, commonly used and machine-readable format the personal data concerning him/her provided to the DATA CONTROLLER and has the right to transmit such data to others without impediments by the DATA CONTROLLER.

 

13) Revocation of consent to processing

The interested party has the right to revoke consent to the processing of his/her personal data by sending a registered letter with return receipt to the addresses described in point 1) of this document accompanied by a photocopy of his/her identity document, with the following text: <<revocation of consent to the processing of all my personal data>> or by certified email or email. At the end of this operation, your personal data will be removed from the archives as soon as possible.

If you wish to have more information on the processing of your personal data, or exercise the rights referred to in the previous point 7, you can send a registered letter with return receipt to the addresses described in point 1) accompanied by a photocopy of your identity document. Before we can provide you with, or modify any information, it may be necessary to verify your identity and answer some questions. An answer will be provided as soon as possible.