This Website collects some Personal Data from its Users.
Data Controller
Mecif, Via Piani dAppresso 6, 60010 Ostra Vetere (AN)
Treatment Manager Ivan Rossetti
Owner email address: info@rossetticollection.com
Types of Data Collected
This site automatically collects the following data: Cookies, Usage data, name, email, surname, address and various types of Data. The requested data is essential and necessary for the execution of orders: due to the minimization of data, no data is requested not necessary.
Full details of each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected.
The Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Website.
Unless otherwise specified, all the Data required by this Website are mandatory and necessary for the execution of the order; in case of failure to supply the data, orders cannot be executed. In cases where this Website indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation.
For holders who request an invoice, the VAT number or tax code will also be required, which will be kept according to Italian accounting laws.
Any use of Cookies – or other tracking tools – by this Website or third-party owners used by this Website, unless otherwise stated, is intended to provide the Service requested by the User, in addition to to the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes the responsibility of the Personal Data of third parties obtained, published or shared through this Website and guarantees to have the right to communicate or disseminate, freeing the Owner from any liability to third parties.
Data collection methods
The data is collected through the forms present on the site, protected by Google recaptcha anti-hacking system, to verify that the user who inserts them is not a robot, but a human being. The connection to the site respects the security standards with HTTPS encryption and TLS transmission to guarantee the confidentiality of the data provided. The user password is blurred with dots, so as not to be traced.
The data is collected with the user creation form, order creation, or by telephone, for customers who require this service mode.
Method of processing the collected data
The Data Controller uses appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
Processing is carried out using IT and / or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Owner, in some cases, other parties involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers) may have access to the Data. , carriers such as DHL, SDA, GLS, Poste Italiane, hosting providers, IT companies, communication agencies, Paypal, Amazon Pay, Facebook, Google) also appointed, if necessary, Data Processors by the Owner.
The updated list of Data Processors may always be requested from the Data Controller.
The subjects involved in the organization can access the data through an access control, through username and password, through the company’s computer and smartphone, or their own, duly protected by antivirus systems (windows users) or by linux systems (not attacked by viruses) .
Access to the data is also allowed to the owner of the same, through authentication with username and password. The login page is protected with a re-captcha anti-intrusion system to protect against hacker attacks.
The user who has lost the password can request it with the automatic password recovery procedure and will receive a reset link directly to his email.
It should be noted that in the creation of new features of the site, or in the implementation of new services, real data of owners registered on the site are not used.
The managers and employees of rossetticollection.com have been trained in the use of the data and in the rules of the GDPR, and are familiar with the methods of processing that comply with the text of the regulation.
Legal basis of the processing
The Owner processes Personal Data relating to the User if one of the following conditions exists:
– the User has given consent for one or more specific purposes; Note: in some jurisdictions the Data Controller may be authorized to process Personal Data without the User’s consent or another legal basis specified below, as long as the User does not object (“opt-out”) to such treatment. However, this is not applicable if the processing of Personal Data is regulated by European legislation on the protection of Personal Data;
– the processing is necessary for the execution of a contract with the User and / or for the execution of pre-contractual measures;
– processing is necessary to fulfill a legal obligation to which the Owner is subject;
– processing is necessary for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller;
– processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
Place of Treatment and Preservation
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located, as well as in the server where the hosting site provider is located. For more information, contact the owner.
The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information on the place of treatment, the User can refer to the section on the details on the processing of Personal Data.
In case of greater protection, the User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization of public international law or constituted by two or more countries, such as example the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
If one of the transfers described above takes place, the User may refer to the respective sections of this document or request information from the Data Controller by contacting him at the details indicated at the beginning.
The integrity of the data is guaranteed by protected accesses and by the use of protection systems (antivirus, anti-intrusion, etc …) and the same are saved in backup copies.
The email address is stored at the communications sending system (automatic responder). To unsubscribe, simply click the “unsubscribe” link at the bottom of the emails received, or simply send a communication to the data controller.
Access to data
The user can at any time check his data by accessing his private area, downloading them in a convenient format for the transfer, requesting their deletion. In this last case, if this does not compromise the execution of the order, the data will be immediately deleted from the databases, but will be kept in the accounting records, if this is required by law (for example in the case of invoice issue).
The user identified with the correct username and password can access the data and request transferability, cancellation or can verify them. In the event of a lost password, the password recovery procedure can be carried out independently, or assistance can be requested from the data controller.
Period of conservation
The Data is processed and stored for the time required for the purposes for which it was collected.
Therefore:
– The Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
– The Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User can obtain further information on the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
When the treatment is based on the consent of the User, the Owner may keep the Personal Data for longer until such consent is revoked. Furthermore, the Data Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the storage period the Personal Data will be deleted. Therefore, upon expiration of this term the right of access, cancellation, rectification and the right to the portability of the Data can no longer be exercised.
Purposes of the processing of the collected data
The User Data is collected to allow the Owner to provide its Services, as well as for the following purposes: Access to accounts on third party services, Interaction with external social networks and platforms, Statistics, Business Affiliation, Contacting the User, Management of payments, Infrastructure monitoring, Display of content from external platforms, Content commenting, Remarketing and behavioral targeting, User database management, Contact management and sending messages, Tag management, Support and contact request management, Management of landing pages and invitation pages, Interaction with data collection platforms and other third parties, Optimization and distribution of traffic, Protection from SPAM, Performance testing of content and features (A / B testing) and Data Transfer outside the EU.
To obtain further detailed information on the purposes of the processing and on the Personal Data that are concretely relevant for each purpose, the User may refer to the relevant sections of this document.
Facebook permissions required by this Website
This Website may require certain Facebook permissions that allow it to perform actions with the User’s Facebook account and to collect information, including Personal Data, from it. This service allows this Website to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
For more information on the following permissions, refer to the Facebook permissions documentation and the Facebook privacy policy.
The required permits are as follows:
Basic information
The basic information of the User registered on Facebook which normally includes the following Data: id, name, image, gender and language of localization and, in some cases, the “Friends” of Facebook. If the User has made additional data publicly available, they will be available.
Google Analytics and Adwords
This site uses Google Analytics to track users anonymously and through Adwords can learn about the keywords entered by users to view ads, whose click leads to the website rossetticollection.com.
Analytics detects numerous data, always anonymously, on the type of device used, the location of origin, the time on the site, the number of pages visited and numerous other statistical information.
Google Fonts
This site uses Google Fonts, which records usage data and various types of Data as specified by the privacy policy of the service.
Retargeting and Remarketing
Through the Facebook Ads and Google Adwords / Analytics platforms it is possible to target users’ behavior to present specific offers to users, using remarketing and retargeting paid campaigns.
Contact Form
The user has at his disposal a contact form on the site, in order to get in touch with rossetticollection.com, entering the requested data, including his own email, in which he will receive the reply. The system is protected by Google Recaptcha.
Subscribe to the newsletter
The user can subscribe to the newsletter by email and receive discounts and promotions. The address is saved in a third-party automatic responder, from which communications are sent. The user can unsubscribe at any time by clicking on the “unsubscribe” link at the bottom of the email received.
Payment systems
Upon completion of the order, the user can make payment using various methods, including some virtual systems such as Paypal, Amazon Pay, Satispay, etc. In this case they will be redirected directly to the chosen site, which after authentication will transfer the payment information to the site rossetticollection.com
This site does not require credit card information. The user can make payment using this method through other services, such as Paypal.
On the site are also available payment systems such as Paypal Express Checkout or Amazon Direct Pay, which redirect the user directly to the external site, which is authorized to transfer to Rossetticollection.com the data necessary to complete the order such as the ‘shipping address
Automatic answerer
The email address is saved on an email sending service, from which the user can unsubscribe at any time by clicking at the bottom of the email on the “unsubscribe” link or by sending an email to the data controller (indicated at the beginning of the privacy policy).
Interaction with external social networks and platforms
Inside the site there are sharing buttons on social networks (Facebook, Google Plus, Pinterest, Twitter, etc …) that allow the user to publish articles or sections of the site on their personal profiles.
Cookie Policy
A cookie is a short text sent to your browser by a website visited.
Allows the site to store information about your visit, such as your preferred language and other settings. This can facilitate your next visit and increase the usefulness of the site in your favor. Cookies play an important role. Without them, using the Web would be a much more frustrating experience.
Cookies are used for various purposes. We use them, for example, to store your preferences, to help you register for our services and to protect your data.
Our privacy policy explains how we protect your privacy when using cookies and other information.
Some people prefer not to enable cookies and for this reason almost all browsers offer the possibility to manage them in order to respect users’ preferences.
In some browsers you can set rules to manage cookies on a site by site basis, an option that gives you more precise control over your privacy. This means that you can disable cookies on all sites, except those you trust.
In the Google Chrome browser, the Tools menu contains the Clear browsing data option. You can use this option to delete cookies and other site and plug-in data, including data stored on your device by Adobe Flash Player (commonly known as Flash cookies). See our instructions for managing cookies in Chrome.
Another feature of Chrome is its incognito mode. You can browse in incognito mode when you don’t want your website visits or downloads to be recorded in browsing and download histories. All cookies created in incognito mode are deleted after closing all incognito browsing windows.
The list of cookies is indicated in the popup that appears to each new visitor, allowing the disabling or enabling of the necessary or optional categories of cookies.
Further information on Personal Data
Sale of goods and services online
The Personal Data collected are used for the provision of services to the User or for the sale of products, including payment and possible delivery.
The Personal Data collected to complete the payment may be those relating to the credit card (via paypal, these data are not saved on this site), to the current account used for the transfer or to other payment instruments provided. The payment data collected from this website depends on the payment system used.
Analysis of User Data and forecasts (“profiling”)
The Owner may process the usage data collected through this Website to create or update user profiles. This type of processing allows the Owner to evaluate User choices, preferences and behavior for the purposes specified in the respective sections of this document.
User profiles can also be created thanks to automated tools, such as algorithms, which can also be offered by third parties. To obtain further information on the profiling activity, the User can refer to the respective sections of this document.
Personal Data collected through sources other than the User
The Owner of this Website may have legitimately collected Personal Data relating to the User without his involvement, drawing on sources provided by third parties, in accordance with the legal bases described in the section on legal bases of processing.
If the Data Controller has collected Personal Data in this way, the User may find specific information regarding the sources in the respective sections of this document or by contacting the Owner.
Automated decision making processes
When a decision that can produce legal effects for the User or can affect a person in a similarly significant way is taken exclusively with technological tools and without human intervention, there is an automated decision-making process.
In the context of the purposes described in this document, this Website may use the User’s Personal Data to make decisions based completely or partially on automated processes.
This Website uses automated decision-making processes to the extent necessary to conclude or execute a contract between the User and the Owner or, if required by the law, subject to the consent of the User.
Automated decisions depend on technological tools provided by the Data Controller or third parties and are generally based on algorithms that meet predefined criteria.
The logic behind automated decision making aims to:
– allow or improve the decision-making process;
– guarantee to Users a fair and impartial treatment;
– reduce the resulting potential damage
For additional information about the purposes, the third-party services, and the logical specifications of the automated decision-making processes adopted by this Web site, the user may refer to the respective sections of this document.
Effects of Automated Decision Making Processes and User Rights Submitted to Users
Users subject to this type of treatment may exercise specific rights to prevent or limit the potential effects of automated decision-making processes.
Users have the right to:
– receive an explanation of each decision made as a result of an automated decision-making process and express an opinion on it;
– challenge the decision inviting the controller to reconsider or adopt a new decision for different reasons;
– request and obtain from the controller a human intervention in the treatment.
For more information about user rights and user rights, the user can refer to the section of this document about user rights.
