The purpose of this policy statement is to describe the way in which the website https://deodato.group/ (hereinafter, the “Site”) managed to process the personal data of users who access, use or interact with it (hereinafter, the “Users”).
This is a general information notice provided in observance of Article 13 of the Regulation (EU) 2016/679 concerning the protection of individuals regarding the processing of personal data and the free movement of these data (hereinafter, the “Regulation” or “GDPR”) to all Users consulting and/or interacting with the services provided through the Site by deodato.gallery S.r.l., with head office in Via Nerino 2, 20123 – Milan, P. Iva 08963710960 (hereinafter, the “Data Controller”).
This information notice will explain the purposes and methods by which the Data Controller collects and processes the personal data of Users, which categories of data are processed, what are the rights of data subjects under the Regulations and how they can be exercised.
The statement is provided exclusively for the Site, therefore the Data Controller assumes no responsibility for third-party websites that may be consulted through hyperlinks found on the Site itself. In addition, the statement refers to the data acquired from the pages, managed by the Data Controller, of social network platforms such as, but not limited to, Facebook and Instagram.
The processing of the User’s personal data will be carried out by suitable paper, electronic and/or telematic devices, with strictly correlated logics for the above purposes and, in any case, in a way that guarantees the security and privacy of such data.
By using the Site, Users are encouraged to read this policy before providing personal information of any kind.
Personal Data categories
A) NAVIGATION DATA
The computer systems and software procedures used to operate this Web Site collect, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not gathered in order to be associated with identified interested parties, although because of their nature they could allow users to be identified through data processing and associations held by third parties.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) notation addresses of required resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to identify responsibility in case of hypothetical computer crimes that may damage the Site.
B) DATA PROVIDED VOLUNTARILY BY THE USER
Without limitation to what has been specified above in relation to navigation data, the Data Controller will acquire personal data that may be provided by the User through the Site in order to access certain services (e.g. through the contact form available on the “WRITE US” page of the Site or to receive the newsletter), or to create a personal account on the Site or make a purchase through the same.
By way of example, the Site will only acquire personal data of a common nature, provided directly by the User (such as first name, last name and e-mail address, shipping address, telephone number), as well as any other information that the User will communicate, on his/her own initiative, through the contact tools made available by the Site, i.e. the form in the “WRITE US” section and the online support chat.
2. PURPOSES, LEGAL BASIS FOR PROCESSING AND SUPPLY NATURE
The data indicated in the preceding paragraph will be processed by the Data Controller:
in order to allow the User to navigate the Site and, if applicable, to create a personal account on the same;
in order to fulfill User requests submitted via the form in the “WRITE US” section;
to enable operators to provide personalized assistance and respond to User requests submitted via the Site’s online chat;
if requested by the User, to submit the periodic newsletter of the Data Controller, containing communications of a commercial nature and concerning its own products or services similar to those offered on the Site.
The processing is therefore necessary to fulfill a User’s request, as part of the execution of the existing legal relationship with the Data Controller. The submission of such data is therefore necessary in order to comply with the User’s requests.
In addition, the data provided as part of the assistance requested via chat may also be used to monitor and improve the quality of the service offered to the User, based on a legitimate interest of the Data Controller.
At any time it is possible to request cancellation of your personal account or from the newsletter service by writing to the e-mail address [email protected], clicking on the “Unsubscribe” button in the Data Controller’s newsletter, or by following the instructions for cancelling your account found in the restricted area of the Site.
3. CATEGORIES OF SUBJECTS WHOM PERSONAL DATA MAY BE COMMUNICATED TO AND PURPOSES OF COMMUNICATION
The Data Controller may also communicate, for the same purposes indicated in paragraph 2 above, some of the User’s personal data to third parties, who will process the User’s personal data as data processors in accordance with Article 28 of the Regulations.
The list of data processors can be requested from the Data Controller at any time by writing to [email protected].
4. PERIOD OF DATA RETENTION AND DURATION OF PROCESSING
The Data Controller will store the data for as long as necessary to pursue the purposes described in this policy and, in particular, to enable the User to take advantage of the services made available through the Site. After this period has expired, the Data Controller may retain Users’ data for an additional period of 10 years in order to comply with legal obligations or protect its interests in court.
Data collected through the form on the “WRITE US” page or through online chat will be kept until the request is processed. Afterwards, the data may be kept for a period of time not exceeding 12 months.
For the purpose of sending the newsletter, the Data Controller will store the data until the User requests to stop receiving such communications by sending an email to [email protected] or by clicking on the unsubscribe button present in the communications. Following such a request, the Data Controller will proceed to permanently delete the User’s email address from the newsletter mailing list.
5. TRANSFER OF PERSONAL DATA ABROAD
The User’s personal data will not be transferred outside the European Union.
6. RIGHTS OF DATA SUBJECTS
The User is entitled to exercise the rights provided for in Articles 15 ess. of the Regulations, in particular:
- the right to access personal data and, in particular, to access, as well as to request and obtain information about the existence of personal data relating to you in the availability of the Data Controller;
- the right to rectification and, in particular, to request and obtain the rectification and/or correction of your personal data if you believe that they are inaccurate or incomplete;
- the right to request, if the circumstances mentioned in the Regulations apply, the deletion of personal data or the restriction of processing concerning them;
- the right to request, where appropriate, the portability of personal data;
- the right to revoke the consent previously given.
Such requests may be addressed to the Data Controller by sending an email to [email protected].
Finally, that in accordance with the regulations in force, the User may propose any claims regarding the processing of his/her personal data to the Guarantor Authority for the Protection of Personal Data.
7. DATA CONTROLLER
The Data Controller is deodato.gallery S.r.l., with registered office in Via Nerino 2, 20123 – Milan, P. Iva 08963710960, P.e.c [email protected], tel. +39 0280886294, e-mail: [email protected].
What are Cookies?
Cookies are pieces of information sent by a web server (e.g., the site) to the Internet browser of the user, automatically stored by the user on the computer and automatically sent back to the server each time the site is accessed. By default, almost all web browsers are set to automatically accept cookies. Typically, cookies can be installed:
- directly by the owner and/or manager of the website (so-called first-party cookies);
- by external parties outside the website visited by the user (so-called third-party cookies). Unless otherwise specified, it is recalled that these cookies fall under the direct and exclusive responsibility of the same operator. Further information on privacy and their use can be found directly on the websites of the respective operators.
This website may use, also in combination with each other the following types of cookies classified according to the indications of the Privacy Guarantor and the Opinions issued in the European context by the Working Group Art. 29 / European Data Protection Committee:
- Session: they are not stored persistently on the user’s computer and are deleted when the browser is closed. They are strictly limited to the transmission of session identifications necessary to enable the safe and efficient exploration of the site while avoiding the use of other IT techniques potentially prejudicial to the privacy of users’ browsing.
- Persistent: they remain stored on the computer’s hard drive until they expire or are deleted by users. Through persistent cookies, users accessing the site are automatically recognized each time they visit. Users can set their computer’s browser to accept/reject all cookies or to display a warning whenever a cookie is offered so that they can consider whether to accept it. Users can, however, change the default configuration and disable cookies (i.e., block them outright) by setting the highest level of protection.
- Technical: these are the cookies used to authenticate, to enjoy multimedia content or to allow the choice of navigation language. Since they are necessary for the easy navigation and correct display of the site, it is not necessary to acquire the user’s consent for these markers. Also included in this case are cookies used to statistically analyze access/visits to the site, only if used exclusively for statistical purposes and through the collection of information in aggregate form.
- Non-technical: these are all cookies that are not essential for the proper use of the site. Their use on users’ terminals is forbidden unless they have first been adequately informed and have given free, specific, informed and unequivocal consent in this regard. Based on the purposes they perform, these markers can in turn be grouped into:
- Analytics. These are the cookies used to collect and analyze statistical information about access/visits to the website. In some cases, associated with other information such as credentials entered for access to restricted areas (such as e-mail address and password), they can be used to profile the user (personal habits, sites visited, content downloaded, types of interactions made, etc.).
- Widgets. This category includes all those graphic components of a program’s user interface, which is intended to facilitate the user’s interaction with the program. For example, social network cookies (Facebook, Instagram, Twitter) are widgets.
- Advertsing. This category includes cookies used to advertise within a site.
- Web beacons. Code snippets that allow a website to transfer or collect information through the request of a graphic image fall into this category. Web sites may use them for a variety of purposes, such as analyzing Web site usage, monitoring and reporting activities on advertisements, and customizing advertisements and content.
Cookies on the website
Technical cookies for which consent is not required
The Data Controller will install on your device and, in particular, in your browser or allow third parties to install certain cookies that are necessary for us to acquire or have our partners acquire statistical information in an anonymous and aggregate form related to your navigation on the pages of the Site.
Non-technical cookies for which your consent is required
Subject to your free, specific, informed and unambiguous consent, the Data Controller or third parties may install other markers that do not fall under the definition of technical cookies.
By default, such cookies are disabled.
When you first access the Site, you will see a banner that briefly informs you about the cookies used and allows you, via a special button, to select your preferences on such cookies. Please be advised that where you do not set preferences or close the banner without making choices, the Site will only use technical cookies for which consent is not required.
At any time, you may change your choices regarding these cookies through the appropriate preference management panel by clicking on the appropriate button at the bottom left.
If you do not wish to receive third-party cookies on your device, you may, through the link below, access the policies and consent forms of those third parties and exclude their receiving. These cookies are not directly controlled by the Site, therefore, you will need to refer to the third party websites, or to https://www.youronlinechoices.com/uk/ for information on how you can delete or manage cookies based on the browser you are using and to manage your preferences on third party cookies.
How to disable cookies by browser configuration
If you wish, you can also manage cookies directly through your browser settings. However, by deleting cookies from your browser, you may remove the preferences you have set for the Site, including technical cookies that record your preferences and your previous access to the Site. In that case, when you log in to the Site again, the cookie banner may appear again.
For more information and support you can also visit the specific help page of the web browser you are using, such as:
– Internet Explorer / Microsoft Edge:https://support.microsoft.com/en-gb/windows/delete-and-manage-cookies-168dab11-0753-043d-7c16-ede5947fc64d
– Google Chrome: https://support.google.com/chrome/answer/95647?hl=en-GB