INFORMATION ON THE PROCESSING OF PERSONAL DATA ON THE SENSES OF ART. 13 AND 14 OF THE GDPR (GENERAL DATA PROTECTION REGULATION) 2016/679
in observance of the provisions of the 2016/679 European Regulation (in the acronym GDPR), Man Socks Italia srl wishes to inform you that the personal data supplied by you or acquired by us in the context of our activity, necessary to implement the services offered to you, will be treated in compliance with the law on privacy and the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. We also wish to send you the following information:
1. Holder of the treatment
The data controller is the undersigned company MAN SOCKS ITALIA SRL (VAT number with registered office in Castiglione delle Stiviere (MN), code 46043, via G. Mazzini No. 105, which can be contacted at the following numbers: telephone +39 0376.639889, e-mail: firstname.lastname@example.org, pec: email@example.com.
2. Nature of data processed and purpose of the treatment
As indicated in the art. 1 of the General Conditions of Sale, the sales made on THINKPINK.IT (hereinafter also the "Site") have as a subject a limited number of products available and are reserved exclusively for users registered on the Site. In order to access the Site and use the sales service You will be asked to register on the Website and provide some data concerning you. The data in question will be handled by Man Socks Italia srl ("MAN SOCKS ITALIA SRL"), the entity that makes sales on the Website and which acts as the data controller. When registering on the Site or in case of purchase from our site, you will be asked to enter your name, surname, e-mail address and password, address, tax code or VAT number and telephone number. MAN SOCKS ITALIA SRL does not process sensitive or judicial data relating to its users.
Personal data processed are personal identification data such as, for example: name and surname, company name, tax code and VAT number, address, telephone / fax, e-mail, bank and payment details.
The legal basis that legitimizes the processing of such data is the need to make the functionality of the company website usable as a result of User access.
The personal data indicated above will be used for the following purposes:
A) to register on the Site and allow the correct provision of the sales service as well as the fulfillment of the obligations imposed by the law on tax matters and in compliance with the provisions on public security;
B) for internal administrative-accounting purposes related to the customer-supplier relationship and to fulfill the obligations generally provided for by the owner by laws or regulations, by community legislation, by requests of the judicial authority or to exercise the rights of the Holder (for example the right to defense in court);
C) only in the presence of specific specific consent of the User, personal data will be used for the following marketing purposes: to send (via e-mail, post, sms or telephone contact) newsletters, updates on the activities of the Owner, advertising material or commercial communications - possibly also customized based on the User's consumption habits (profiling) - on products or services offered by the Owner that the User may consider to be of interest and to determine the degree of satisfaction on the quality of services, including requests for participation in analysis or research market;
D)only in the presence of specific specific consent of the User, for the development of the commercial profile of the customer finalized, both to monitor the degree of customer satisfaction to ensure a better satisfaction of the needs of the same, and the sending by e-mail of information material and / or advertising of specific interest to the customer.
Upon payment you will be asked to enter the 16 numbers of your credit card and the expiry date of the same. The data will be transferred to the company that manages online payment transactions (so-called "acquirer") in encrypted format and according to the security requirements set by the PCI certification. These data will in no way be processed by MAN SOCKS ITALIA SRL. Payments will be processed through a secure server-to-server connection using the SSL protocol (Secure Sockets Layer) with 128-bit encryption.
The legal basis that legitimizes the processing of data referred to in points "a" and "b" is the execution of an online sales contract of which the User is a party, or the performance of pre-contractual activities upon request of the User.
In the cases expressly indicated in points "c" and "d", the legal basis is the consent freely given by the User.
3. Data conference and consent
The provision of personal data indicated above for preceding points A) and B) is optional. However, since this processing is necessary to allow registration to the Site and the performance of the sales service and related activities, your refusal to provide the data in question will make it impossible to complete the registration procedure and to perform purchases on the Site.
The provision of data for the purposes referred to in points C) and D) of the preceding paragraph is optional and the failure to provide consent will not have any consequence on the contractual relationship with MAN SOCKS ITALIA SRL or the impossibility for MAN SOCKS ITALIA SRL to process the profiles customer consumption habits, as well as sending you information and advertising material of your specific interest.
In any case, the Data Controller will NOT process data qualifying as "particular categories of personal data" (articles 9 and 10 of the GDPR) or data revealing "racial or ethnic origin, political opinions, religious or philosophical convictions, or union membership ... genetic data, biometric data intended to uniquely identify a natural person, data related to health or sexual life or sexual orientation of the person ", or contractual requirements and related fulfillment of legal and tax obligations as well as for personnel selection needs, except in cases imposed by law and/or by the GDPR 679/2016.
In any case, you may object to the processing of your data for one or more of the aforementioned purposes by contacting Man Socks Italia srl at firstname.lastname@example.org.
4. Method of treatment
The data concerning you will be collected electronically and processed through operations of registration, organization, consultation, communication, processing, modification, extraction, use, storage, deletion and destruction of data, carried out mainly with the help of electronic tools, ensuring the use of suitable measures for the security of the data processed and ensuring the confidentiality of the same. The personal data concerning you, stored in electronic form, are stored and stored on an OTG INFORMATICA SRL server.
The data are processed either by manual processing in paper format or with electronic or automated, computerized and telematic tools. The collected data are recorded and stored by OTG INFORMATICA SRL and by the Data Controller in computer and paper archives, as well as stored and controlled in such a way as to minimize the risks of accidental destruction or loss, unauthorized access and unauthorized processing or not compliant with the purposes of the collection.
The data are processed by employees or collaborators of the Data Controller and/or OTG INFORMATICA SRL, duly instructed in this regard.
The data recorded on the server are adequately protected against the risk of intrusion and unauthorized access. In addition, all suitable security measures have been adopted to guarantee the integrity and availability of data as well as the protection of the areas and premises relevant for their safekeeping and accessibility.
5. Data communication
For the purposes referred to in point A), the personal data of the user will be processed by employees or collaborators of MAN SOCKS ITALIA SRL as persons in charge of data processing or data processors.
MAN SOCKS ITALIA SRL may communicate the user's data to specific subjects, appointed by the owner of the supply of services that are necessary or necessary for the execution of the obligations related to registration on the Website and online purchase, within the limits and in accordance with the instructions given.
In particular, your data may be communicated to:
- post offices, couriers or shippers responsible for delivering the purchased products;
- companies or internet providers in charge of sending advertising material on behalf of MAN SOCKS ITALIA SRL;
- by professionals, companies, associations or professional firms that provide the Data Controller with assistance or advice for administrative, accounting, tax, legal protection or selection of personnel
- companies or consultants possibly responsible for the installation, maintenance, updating and, in general, the management of the MAN SOCKS ITALIA SRL hardware or the hardware of which MAN SOCKS ITALIA SRL uses for the provision of its services;
- from banking institutions for collection and payments as well as any professionals - in single, associate or company form - for services and the management of payments by credit cards or electronic payment instruments in general, for the eventual recovery of credits or for certification activities of the holder's financial statements.
The updated list of Data Processors and the persons in charge of processing is kept at the registered office of the Data Controller.
Furthermore, your data will be communicated to all those subjects who have access to personal data by law, administrative or judicial measures and in any case by all public institutes established by law and, more generally, by all the bodies established by the law. current accounting and tax regulations as recipients of mandatory communications;
The personal data concerning you are not subject to disclosure.
6. Transfer your personal data outside the European Union
It may happen that your data transits or is hosted on servers owned or owned by our partners. For example, Data collected as part of our customer service can be transferred to our service providers located outside the European Union. These servers can be located all over the world, in countries whose laws could provide a different level of protection than ours. However, we are committed to taking the necessary measures to maintain an adequate level of privacy and security. For example, we may require our subcontractors and partners to implement measures to ensure the level of protection required by applicable regulations on Personal Data.
7. Transfer of data to a third Country or International Organizations
As part of the management of the contractual relationship, no transfer of the User's data to third countries outside the EU or to international organizations is envisaged.
8. Period of conservation of personal data or criteria used to determine this period
Without prejudice to the specific provisions for credit card numbers and the fight against fraud, presented in Article (10) below, your Personal Data is stored in our active database, unless written revocation (e-mail) by of the customer, or starting from:
- your last purchase;
- your last visit to our site, provided that you have logged into your account and have visited our pages;
- your last contact with our customer service;
- the opening of a hyperlink in a newsletter or other commercial e-mail we send you (if you have consented).
The deletion of your data from our active database will be followed by a period of temporary storage in order to meet our legal, accounting and tax obligations, as well as to be able to handle any complaints, within the limits of the applicable limitation periods.
In the event that your data must be archived later, they will be irreversibly anonymised.
In any case, and in accordance with Article 9 below, you have the option at any time to request the cancellation of all or part of your data, to request their rectification if they ere not correct, to oppose their treatment or to request its limitation.
For the purposes referred to in art. 2, letters "a" and "b" the personal data of the User will be processed and stored by the Owner for the entire duration of the contractual relationship between the User and the Owner and, at the end of the same for any reason, will be kept for the expected time - for each category of data - by the current legislation on accounting, tax, civil law and litigation.
For the purposes referred to in art. 2, letters "c" and "d" the personal data of the User will be processed and stored by the Data Controller until the User has given his consent or until the User has exercised his right to object to the processing or of the cancellation of personal data.
9. Rights of the interested party
In your status as Data Subject and in relation to the processing described in this Notice, you have the rights set out in Articles 7, 15 to 21 and 77 of the GDPR and, in particular, the:
· Right of access - article 15 GDPR: the right to obtain confirmation that personal data concerning the User is being processed and, in this case, to obtain access to such personal data, including a copy thereof;
· Right of rectification - article 16 GDPR: right to obtain, without unjustified delay, the correction of incorrect personal data concerning the User and / or the integration of incomplete personal data;
· Right to cancellation (right to be forgotten) - Article 17 GDPR: right to obtain, without unjustified delay, the deletion of personal data concerning the User;
· Right of limitation of treatment - article 18 GDPR: right to obtain the limitation of treatment, when: the interested party disputes the accuracy of personal data, for the period necessary for the Data Controller to verify the accuracy of such data; the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited; personal data are necessary for the interested party to ascertain, exercise or defend a right in court; the interested party opposed the treatment pursuant to art. 21 GDPR, in the period of waiting for the verification on the possible prevalence of legitimate reasons of the Data Controller with respect to those of the interested party;
· Right to data portability - Article 20 GDPR: right to receive, in a structured format, commonly used and readable by an automatic device, personal data concerning the User provided to the Owner and the right to transmit them to another Owner without impediments, if the treatment is based on consent and is carried out by automated means. Furthermore, the right to obtain that the personal data of the User is transmitted directly to another Data Controller if this is technically feasible;
· Right of opposition - Article 21 GDPR: right to object, at any time for reasons related to its particular situation, to the processing of personal data concerning the User based on the lawfulness of legitimate interest or the execution of a task of public interest or the exercise of public powers, including profiling, unless there are legitimate reasons for the holder to continue the treatment that prevail over the interests, rights and freedoms of the interested party or for the assessment, exercise or defense of a right in court. Furthermore, the right to oppose the processing at any time if personal data are processed for direct marketing purposes, including profiling, to the extent that it is related to such direct marketing;
· Right of revocation - article 7 GDPR: the User has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation;
· Right of complaint - article 77 GDPR: the User has the right to lodge a complaint with the Authority for the protection of personal data, Piazza di Montecitorio 121, 00186, Rome (RM).
10. Modalities of exercise of rights
The User may at any time exercise his rights by sending a registered letter to:
Man Socks Italia srl, via G. Mazzini n. 105, cap 46043, Castiglione delle Stiviere (Mn), fax: +39 0376 632600
or write to PEC: email@example.com providing a document proving the identity and specifying:
- surname, name, e-mail address;
- Subject of Inquiry;
- address to which the reply must be sent;
We will reply within 30 days of receiving your request from our services. You also have the right to make a complaint with a supervisory authority.
For the exercise of the rights as indicated in this Notice and to receive any information relating to the same, the User may contact the Owner who, also through the designated facilities, will take charge of the request and provide the User without unjustified delay and in any case, at the latest, within one month of receipt of the same, information relating to the action taken regarding the request.
The exercise of rights by the User is free under Article 12 of the GDPR. However, in the case of manifestly unfounded or excessive requests, also due to their repetitiveness, the Owner may charge the User a reasonable fee, in light of the administrative costs incurred to manage his request, or deny the satisfaction of his request.
11. Safeguarding and confidentiality of payments
We attach great importance to the fact that your purchases are made under the best security conditions. Therefore, the transactions are confidential, encrypted and protected thanks to the SSL (Secure Sockets Layer) Domain & FO protocol. When you pay the order by credit card, the transaction takes place between you and Banca Monte Paschi di Siena SpA recognized for its reliability in Internet transactions.
We use different mechanisms in the fight against fraud:
- when you click on the "Confirm" button in addition to the order, our bank checks the validity of the credit card number and guarantees that there are no problems.
- At the time of online payment, you may be asked to log in before completing the transaction (through a redirect to your bank's website, via an SMS or with personal questions such as date of birth, zip code ...);
As part of this treatment, we remind you that you have all the rights listed in Article 9 above.
We do not store your bank details on our servers. For each order you will need to complete the appropriate fields during the purchase of your order. However, at the time of payment of the order, your data are routed automatically from our system to the banking system (as required by banking regulations) and are neither processed by us nor stored directly.
Navigation data and cookies
IP address storage
MAN SOCKS ITALIA SRL informs you that it will keep, within the terms of the law, the log files and IP addresses used when making an online purchase and this in order to prevent and ascertain any fraud in online transactions.
By clicking on the 'Do not accept and close' link, the default settings will be applied, no consent will be given for cookies except for technical ones.
You can change your choice at any time in our privacy center.
What are cookies
Cookies are short fragments of text (letters and / or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit to the site (session cookies) or later, even at a distance of days (persistent cookies).
Cookies are stored, according to user preferences, by the single browser on the specific device used (computer, tablet, smartphone).
Similar technologies, such as, for example, web beacons, clear GIFs and all forms of local storage introduced with HTML5, can be used to collect information on user behavior and use of services.
In the remainder of this document, we will refer to cookies and all similar technologies by simply using the term "cookie".
Types of cookies
Which cookies are used on this site
MAN SOCKS ITALIA SRL uses different types of cookies, small text files that the Site sends to the user's browser where they are stored before being re-transmitted to the Site on the user's next visit. While browsing the Site, the user can also receive cookies from different sites on their browser (so-called "third-party" cookies); this happens because on the Site there may be elements such as images or specific links to web pages of other domains that reside on servers other than the Site.
Session cookies are used to store the products that are placed in the cart during the purchase process, to perform authentication, multimedia cookies (so-called flash cookies) necessary for the reproduction of video or audio content. If the user requests it (by selecting the "remember me" box at login), persistent cookies are activated to allow the authentication credentials to be stored.
The cookies described above are so-called cookies. "Technical", that is, they serve exclusively for technical purposes or respond to specific requests from the Site user.
Third party cookies
Browsing the web, you can receive cookies both from the visited site ("owners"), and from sites managed by other organizations ("third parties"). A notable example is the presence of "social plugins" for Facebook, Twitter, Google+ and LinkedIn. These are parts of the visited page generated directly by the aforementioned sites and integrated into the page of the host site. The most common use of social plugins is aimed at sharing content on social networks.
The presence of these social plugins involves the transmission of cookies to and from all sites managed by third parties. The management of the information collected by "third parties" is governed by the relevant information to which reference should be made. To ensure greater transparency and convenience, the web addresses of the various information and methods for managing cookies are shown below.
The Site uses plug-ins to allow users of social networks to share content they like with their "friends" (and offer other related features such as posting comments). These plug-ins store and access cookies in the user's terminal equipment in order to allow the social network to identify members when they interact with these plug-ins.
In particular, the Site uses plug-ins from Facebook, Twitter and Google +.
Facebook "Like" button (from the social network facebook.com managed by Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA). When you access another website from the Site that contains this type of plug-in, the browser establishes a direct connection with the Facebook servers and sends this data to Facebook. This happens regardless of whether you are a Facebook member, you are logged in to the Site as a Facebook member or if you click on the plug-in. If you are a member of Facebook and you are logged in to Facebook while you are on the Site, Facebook will enter your visit to the Site on your Facebook account, even if you do not click the social plug-in. If, on the other hand, you click on the plug-in, this information will be transmitted to your Facebook account, where it will be stored. We do not know in detail which of your data will be transmitted to Facebook or for what purpose Facebook uses this data. This data includes your IP address, Facebook information about the site you visited, the date and time of the visit, and other browser-related information. If you enter the Site while you are still connected to Facebook, your login identification code will also be collected and processed and Facebook will assign this visit to your Facebook account. If you do not want Facebook to collect your personal data through the Site, you must log out of Facebook before visiting the Site.
To know the purpose and information on data collection and the consequent processing and use of the data by Facebook, as well as your rights and possible settings on the protection of your privacy, the indications on data protection of Facebook are valid.
More information on the collection, storage and use of your personal data by Facebook, as well as on the configuration options available to you to protect your data, are available at http://www.facebook.com/about/privacy/ .
Button "g + 1" of the Google Plus social network (managed by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, US) When you select the "+1" button on a page of the Site, the "+1" button will allow your browser to create a direct connection with Google's servers. The content of the "+1" button - is transmitted by Google directly to your browser and integrated by it into the website. BNK4 has no control over the data collection carried out by Google through the selection of the button (surely your IP address will be registered by Google Plus). To know the purpose and information on data collection and the consequent processing and use of the data by Google, as well as your rights and possible settings on the protection of your privacy, read carefully the information on data protection by Google on "+1" button. If as a member of Google Plus you do not want Google to collect your personal data through the Site and link it to your data saved in Google, since you are a member, you must log out of Google Plus before visiting the Site.
To improve the services offered, the Site uses the technologies of Google Analytics in order to perform a statistical evaluation on the use of the Site. Information may be collected, albeit anonymously, including the time of access, the type / version browser used, operating system, enabled Java scripts, addressing URLs. None of this data can be directly attributed to a particular user. With reference to each type of cookie it is specified that:
• It will be possible to prevent Google from detecting data obtained from cookies and relating to your use of the Site (for example, the number of clicks made on a page while browsing the Site), by downloading and installing the browser plug-ins available by selecting the following link https://tools.google.com/dlpage/gaoptout?hl=it.Find more information on the pages: http://www.google.com/intl/it/analytics/privacyoverview.html .
It is also specified that on this web page Google Analytics has been enriched with the code "gat.anonymizeIp ();", to guarantee an anonymous transmission of IP addresses (so-called IP-Masking, masking of an IP).For more information, please refer to the link below: https://www.google.it/policies/privacy/partners/
The user can selectively disable the action of Google Analytics by installing the opt-out component provided by Google on their browser. To disable the action of Google Analytics, please refer to the link below: https://tools.google.com/dlpage/gaoptout Cookie management The user can decide whether or not to accept cookies using the settings on their browser.
How to disable cookies
It is possible to choose at any time to disable cookies on your terminal through the browser configuration. Some pages may not work if you completely disable cookies but many third party cookies can be blocked without problems. You can configure your browser to accept all cookies, reject them all or receive a notification when a cookie is set. Each browser is different, so it is advisable to check the procedures for changing cookie preferences in the browser guide. Eg:
• In Internet Explorer it is possible to block all cookies by selecting “Tools”, “Internet Options”, “Privacy” and selecting “Block all cookies” using the scroll selector.
• In Firefox it is possible to block all cookies by selecting "Tools", "Options" and deselecting "Accept cookies from sites" in the "Privacy" tab.
• In Chrome it is possible to block all cookies by selecting the icon representing the wrench located on the browser toolbar. Select Parameters then View the advanced parameters. In the "Privacy" section, select Content parameters.In the "Cookies" section you can:- Delete the cookies- Block cookies by default- Authorize cookies by default- Define the exceptions for cookies of some websites or domainsHowever, blocking all cookies will have a negative impact on the functionality of the Site. It is also possible to delete cookies already stored on your computer. Please check the help of your browser.
Disabling "third party" cookies does not affect navigability in any way. Furthermore, the best browsers allow you to define different settings for "proprietary" and "third party" cookies.
Duration of cookies
Some cookies (session cookies) remain active only until the browser is closed or the logout command is executed. Other cookies "survive" when the browser is closed and are also available on subsequent visits by the user.These cookies are called persistent and their duration is set by the server at the time of their creation.
In some cases a deadline is set, in other cases the duration is unlimited.However, by browsing the pages of websites, you can interact with sites managed by third parties that can create or modify persistent and profiling cookies.
For any information on the cookies used by the Site, it is possible to contact the Data Controller at the addresses indicated in paragraph 10 above.