PRIVACY POLICY
Through this Privacy Policy, SUNNEI explains the privacy practices and the methods of managing the website, www.sunnei.it (hereinafter also “Site”), with particular reference to the purposes and methods with which the personal data of users who consult it are collected, recorded and used during any written, electronic and oral communication, both online and offline.
This Privacy Policy, addressed to those who interact with and use Sunnei’s web services, is intended to meet the requirements of art. 13 of EU Regulation no. 2016/679 (hereinafter, “GDPR”), in addition to those indicated in art. 13 of Legislative Decree no. 196/2003 – Code on the protection of personal data (hereinafter, “Privacy Code”), as subsequently amended and supplemented by Legislative Decree no. 101/2018, identifying the purposes of the processing; the arrangements for accessing, communicating and transferring data; the rights of the data subject and the arrangements for exercising them; the data controller, controller and person in charge of the processing, as well as the methods, times and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection.
WHO IS THE DATA CONTROLLER?
The Data Controller your personal data is SUNNEI S.r.l., a sole-shareholder company, with registered offices in Italy, Milan, Via Vincenzo Vela n. 8, 20 133. You may contact Sunnei at any time through the e-mail address: sunneisrl@pec.it or the certified email privacy@sunnei.it.
WHAT PERSONAL DATA IS PROCESSED AND WHY
Browsing data. The IT systems and software procedures used to operate this website acquire, in the course of their normal operation, certain personal data, the transmission of which is required by the use of Internet communication protocols. This is information which is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with other data, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the reply given by the server (bu end, error, etc.) and other parameters related to the user’s operating system and IT environment.
Data provided voluntarily by the user. The Personal Data provided voluntarily by the user include, for example: first name, surname, profession, telephone number, email address, home address and / or home address, delivery address, billing address, province, country, postal code, city, company name.
In particular, the Site collects personal information when you create an account or use the Online Selling Services. Personal information is generally information that relates to you and identifies you personally or that could be used to identify you. Personal information does not include data that has been made anonymous or that does not allow the person to be identified.
The types of personal data that are collected may include information provided by users directly and voluntarily to perform the purchase or service contract (e.g. data collected when placing an online order); information that is provided to improve products and services; information provided by the user also via live chat on the site, where active; information collected automatically through the site (e.g. browsing data).
Unless otherwise specified, all Data requested by this Site is mandatory. If you refuse to communicate them, it may be impossible for this Site to provide the Service. In cases where this Site indicates some Data as optional, Users are free to refrain from communicating them.
The potential use of Cookies – or other tracking tools – by this Site or by the owners of third-party services used by it, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Site and guarantees to have the right to communicate or disseminate it, releasing the Data Controller from any liability to third parties.
HOW WE PROCESS PERSONAL DATA WE COLLECT
The Data Controller shall take appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data. The processing is carried out by means of computer and / or telematic tools, with organizational methods and with logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data, also appointed, if necessary, Data Processors by the Data Controller I know.
LAWFUL BASIS FOR PROCESSING
The Data Controller processes the Personal Data relating to the User if one of the following conditions is met: the User has given consent for one or more specific purposes; the processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures; processing is necessary to comply with a legal obligation to which the Data Controller is subject; the processing is necessary for the performance of a task in the public interest or for the exercise of official authority vested in the Controller; processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties. Please note that in some legal systems the Data Controller may be authorised to process Personal Data without the User’s consent or another of the legal bases specified below, as long as the User does not object to such processing. This is not, however, applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data.
WHERE WE PROCESS PERSONAL DATA
The Data are processed at the operating offices of the Data Controller and in any other place where the parties involved in the processing are located. Your Personal Data may be transferred to a country other than the one in which you are located. The User has the right to obtain information about the legal basis for the transfer of Data outside the European Union or to an international organisation governed by public international law or constituted by two or more countries, such as the UN, as well as about the security measures taken by the Data Controller to protect the Data.
STORAGE PERIOD The Data are processed and stored for the time strictly necessary to fulfil the purposes for which they were collected or for a longer period of time, if the need for storage is provided for by a legal obligation or by order of an Authority. Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of such contract is completed. Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. When processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period of time, until such consent is revoked. At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this period, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
PURPOSE OF PROCESSING DATA COLLECTED
The User Data is collected to allow the Owner to provide the Service, to comply with legal obligations, for internal use, for promotional purposes and improvement of the Service provided by the Owner, to assist customers, to protect their rights and interests (or those of Users or third parties), to make effective compliance with the Terms and Conditions of Services offered by the Owner to the User, to detect possible fraudulent or fraudulent activities, as well as for the following purposes: contact the User, manage tags, interact with external social networks and platforms, SPAM protection, statistics, display content from external platforms and manage payments. USER RIGHTS The Users to whom the Personal Data refers may exercise, where the legal requirements apply, the following rights provided for in Articles 15 to 22 of the GDPR (Regulation (EU) 201/679 of 27 April 2016): access your Data, ask for its rectification; revoke the previously expressed consent; object to the processing of your Data; obtain restriction of treatment; obtain the erasure or removal of your Personal Data; receive your Data or have it transferred to another data controller; lodge a complaint. You may lodge a complaint with the competent data protection supervisory authority or take legal action. In order to exercise the User’s rights, Users may address the request to the contact details of the Owner indicated in this document, i.e. to the following e-mail address: sunneisrl@pec.it or privacy@sunnei.it?
DISCLOSURE REQUIRED BY LAW OR IN CONNECTION WITH LEGAL PROCEEDINGS
The User’s Personal Data may be used by the Owner in legal proceedings or in the preparatory stages to its eventual establishment to defend against abuse in the use of this Website or related Services by the User. The User declares to be aware that the Data Controller may be obliged to disclose the Data by order of public authorities.
INFORMATION NOT CONTAINED IN THIS POLICY
Further information regarding the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
CHANGES TO THIS PRIVACY POLICY
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Website and, where technically and legally feasible, by notifying Users through one of the contact details it holds. Please consult this page frequently, referring to the date of last modification shown at the bottom. If the changes affect processing operations whose legal basis is consent, the Data Controller will re-collect the User’s consent, if necessary.
DEFINITIONS AND LEGISLATIVE REFERENCES
This “Privacy Policy” is drafted in compliance with the rules contained in Regulation (EU) 2016/679 of 27 April 2016 (“GDPR”), Legislative Decree no. 196/2003 as amended and supplemented by Legislative Decree no. 101/2018 and the provisions stipulated by the Italian supervisory authority (http://www.garanteprivacy.it).. The main definitions provided for in these rules are as follows: Personal Data (or Data): any information which, directly or indirectly, including in connection with any other information, including a personal identification number, makes a natural person identifiable or identifiable. Usage Data: are the information collected automatically through this Website (including from third-party applications integrated into this Website), including the IP addresses or domain names of the computers used by the User who connects to this Website, the notated URI (Uniform Resource Identifier) addresses, the time of the request, the method used to forward the request, the method used to request to the server, the size of the file received in response, the numeric code indicating the status of the response from the server (good end, error, etc.), the country of origin, the characteristics of the browser and the operating system used by the visitor, the various temporal connotations of the visit (e.g. the time spent on each page) and details of the pages visited, the parameters related to the operating system and the User’s computer environment. User: the individual using this Website who, unless otherwise specified, coincides with the Data Subject. Interested: the natural person to whom the Personal Data refers. Data Controller (or Controller): the natural person, legal person, public administration and any other body that processes personal data on behalf of the Data Controller, as set out in this privacy policy. Data Controller (or Data Controller): the natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of processing personal data and the instruments adopted, including the security measures relating to the operation and use of this Website. The Data Controller, unless otherwise specified, is the owner of this Website. This Web Site (or Site): the hardware or software tool by which the User’s Personal Data is collected and processed. Service: the Service provided by this Site as defined in its terms (if any) on this Site/App. European Union (or EU): Unless otherwise specified, any reference to the European Union contained in this document shall be understood to include all current member states of the European Union and the European Economic Area. Cookie: Cookies are Tracking Tools consisting of small portions of data stored within the User’s browser. Tracking Tool: Tracking Tool means any technology – e.g. cookies, unique identifiers, web beacons, embedded scripts, e-tags and fingerprinting – that enables users to be tracked, for example by collecting or saving information on the User’s device.
FROM NOVEMBER 29TH TO DECEMBER 2ND