Privacy Policy

Privacy

As provided for by article 13 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”)

For the purpose of this policy, find below the following “definitions”.

Definitions

  • Personal Data”: means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

  • Processing”: means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

  • Controller”: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

  • Recipient”: means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.

  • Consent” of the data subject: means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

  • Profiling”: means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.

  • EU”: European Union.

  • Website”: www.federico-bellini.com.

  • User”: anyone who visits the Website and/or buys Controller’s products.

  1. Controller

The Controller is Lenti & Villasco S.r.l. (P.IVA 01914930068), con sede legale in 15048 Valenza (AL), Piazza Lanza, 2 (“Registered Office”), e-mail: privacy@federico-bellini.com.

  1. Location of the Processing

Registered Office.

  1. Legal Basis of the Processing

We will process your Personal Data if:

  • you give us your Consent;

  • it is necessary to execute a contract;

  • it is necessary to fulfill a legal obligation.

  1. Categories of Personal Data

We could process the following Personal Data:

  • Contact Data: name, surname, date of birth, fiscal code, address, e-mail, mobile.

  • Payment instruments: for example, credit cards.

  • Prefereces: these data depend on what you visit on the Website.

  • Technical Data: we could process some technical data, for example, IP address; this is to verify Users’ identity and avoid frauds and any abuse, if it is possible.

We could also partially process your Personal Data. In any case, we will not be able to answer you without your Consent.

We do not process Personal Data of people under 18 years old. If someone under 18 years old gives us Personal Data, we will delate all Personal Data as soon as we will ascertain the true identity of the User.

  1. Purposes of the Processing

We could process your Personal Data:

  1. to answer Users’s requests;

  2. to execute a contract;

  3. to fulfill legal, fiscal and contractual obligations;

  4. for accounting and / or administrative requirements;

  5. for sending offers and commercial information;

  6. for managing our customer service;

  7. for profiling and commercial offers.

  1. Mandatory Consent

We can not answer to any request without your Consent; saving article 5, points V and VII, in these cases, your Consent is not mandatory.

  1. Processing methods

Personal Data will be processed both using paper and electronic tools. The databases where Personal Data are stored meet the security requirements set by the GDPR.

  1. Ricipients of Personal Data

We could have the necessity to send Personal Data to the following people and / or entities:

  1. labour consultants;

  2. accountants and auditors;

  3. lawyers;

  4. commercial agents;

  5. IT consultants;

  6. contractors and sub-contractors;

  7. people or entities with whom / which the Controller has signed contracts for the development of its business;

  8. competent authorities for inspection or verification purposes;

  9. banks;

  10. insurance companies;

  11. IT service providers (For example, cloud platforms, hosting)

  12. couriers / carriers.

We will ask all Recipients the signing of specific letters of assignment in compliance with the obligations of correctness, lawfulness and transparency imposed by the current legislation. Personal Data may in any case be disclosed to third parties to comply with legal obligations, to comply with orders from public authorities or in case the Controller needs to exercise a right in judicial or extra-judicial proceedings.

In the event that a Recipient is not established in an EU country, we will ascertain the existence of the conditions required by the applicable legislation for the transfer of data to a third country or international organization or we will request the necessary documents for the transfer of data pursuant to Article 46 of the GDPR.

  1. Personal Data Retention

Personal Data will be kept for the period of time established by current the legislation, in any case for the period necessary to perform the activities indicated above (“5. Purposes of the Processing”).

  1. Right of access

You have the right to access to your Personal Data and the right to obtain from the Controller confirmation as to whether or not Personal Data concerning you are being processed.

  1. Right to rectification

You have the right to obtain from the Controller without undue delay the rectification of inaccurate Personal Data concerning you. Without your Consent or in case of incorrect or incomplete communication of your Personal Data, we may not be able to fulfill legal obligations and we will not be able to answer any question and / or fulfill contractual obligations.

  1. Right to be forgotten

You have the right to ask us the deleting of your Personal Data. Without your Consent we will not be able to fulfill legal obligations and we will not be able to answer any question and / or fulfill contractual obligations.

  1. Right to restriction of Processing

You have the right to ask us the restriction of the Processing. In case of incomplete communication of Personal Data, we may not be able to fulfill legal obligations and / or answer any question and / or fulfill contractual obligations.

  1. Right to object the Processing

You have the right to object the Processing. Without your Consent we will not be able to fulfill legal obligations and answer any question and, consequently, fulfill contractual obligations.

  1. Right to Personal Data portability

You have the right to your Personal Data portability. You have the right to receive your Personal Data in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided.

  1. Withdraw of the Consent

You have the right to withdraw your Consent. The withdrawal of your Consent does not affect the lawfulness of the treatment based on consent before your withdrawal. Without your Consent we will not be able to fulfill legal obligations and we will not be able to answer any question and / or fulfill contractual obligations

  1. Right to lodge a complaint with a supervisory authority

You have the right to lodge a complaint with a supervisory authority (www.garanteprivacy.it) and / other authorities as provided for by the current legislation.

  1. Please, write to us for any question: info@federico-bellini.com.