Privacy Policy

Introduction

Giovanni Raspini S.r.l. undertakes to offer its services and products to its users and customers (hereinafter collectively referred to as the “Data Subjects”), also making use of digital platforms, e-commerce sites, social channels used by the Data Subjects themselves and, in general, all the new technological platforms used by its customers.

Giovanni Raspini S.r.l. would not be able not carry out the requested activities without acquiring and processing the personal data that Data Subjects freely provide.

That said, the privacy and security of each Data Subject's personal data is a priority for our organisation; hence, it is very important to explain, in a clear, understandable and transparent way, how and why our organisation collects, stores, shares and uses the personal data of Data Subjects, and to explain the controls and option they can exercise. This will enable Data Subjects to decide if and how they wish to share their personal data with our organisation in a conscious, free and informed manner.

This is the purpose of this privacy policy (hereinafter, the “Policy”).

Purpose of the Policy

This Policy illustrates the essential details relating to the collection and processing of Data Subject personal data by Giovanni Raspini S.r.l.

The provisions of this Policy refer to all the services offered by our organisation through the website www.giovanniraspini.com  and in general during any interaction between Data Subjects and Giovanni Raspini S.r.l.

This Policy contains the information that Data Subjects need in order to understand

• what personal data is collected about them;
• the purposes for which it is collected, used and shared;
• to whom this data is or may be transferred;
• the legal basis underlying the processing of personal data by Giovanni Raspini S.r.l.;
• how personal data shared by Data Subject with Giovanni Raspini S.r.l. is used and protected;
• their rights in relation to their personal data and how their privacy is protected.

Giovanni Raspini S.r.l. trusts that this endeavour will contribute to unequivocally expressing its constant commitment to privacy. For further clarification on the terms used in this Policy and, in general, for any information, questions or concerns, you can send an email to infoprivacy@giovanniraspini.com

Data Controller

As described in detail below, the data controller of your data, (hereinafter, respectively, the “Data Controller” and the “Data”) is:

Giovanni Raspini S.r.l. Largo Torricelli, 1 Pieve al Toppo, Civitella della Chiana (AR)

You can receive information regarding the Data held by the Data Controller, the methods of processing and any other information related to this, by sending an email to the following address: infoprivacy@giovanniraspini.com.

Data Protection Officer

The Data Protection Officer is:

Sicures S.r.l. Viale Diaz, 43, Montevarchi (AR), which may be contacted at the following address: privacy@sicures.it.

General principles and commitment to the protection of personal data

Our organisation is committed to protecting all the personal data it processes, adhering to the following general principles:

• All Data is processed in a lawful, correct and transparent manner in relation to the Data Subject, in compliance with the general principles established in EU Regulation No. 2016/679 and current legislation on the protection of personal data;
• All Data is processed and collected only for the purposes indicated in this Policy or for the specific purposes already shared with the Data Subject, with the aim of collecting, processing and using as little personal data as possible;
• When the personal data collected is no longer necessary for any purpose envisaged in this Policy or which may emerge from agreements subsequently undertaken or to comply with the legal obligations of the Data Controller and/or the Data Subject, every reasonable effort will be made to delete, destroy or anonymise it;
• Specific security measures are observed to prevent the loss, illicit or incorrect use and unauthorised access of Data;
• The personal data covered by this Policy will not be shared, sold, made available or disclosed to subjects other than those indicated in the Policy without your express consent.

Purpose and legal basis of the processing

Our organisation undertakes to process the Data provided by you exclusively for the activities needed to carry out the requested services pertaining to the Data Subject or to implement pre-contractual measures undertaken at the request of the Data Subject (Article 6 GDPR):

The processing of Users' personal data is carried out for the following purposes:

a) to guarantee access to the aforementioned websites, navigation and use of the online services provided in connection with the websites themselves;

b) to authorise, enable and customise access to the various areas and related contents of the aforementioned websites for the use of the services offered therein;

c) to manage the user account, shopping cart, shopping preferences and selected payment systems;

d) for all operations required to fulfil service or contractual agreements undertaken between the Data Controller and the Data Subject;

e) where the activity is envisaged and subject to the User's express consent, to send informative and promotional communications by email, as well as newsletters by the Data Controller relating to its proprietary initiatives;

f) to ascertain responsibility in the event of cyber crimes against the Website.

The legal basis of the Processing is:

• for the purposes referred to in points a), b) and c), the fulfilment of the contract to which you are a party, the execution of pre-contractual measures, or other legal obligations;
• for the purposes referred to in points d) and e), the consent freely expressed by the Data Subject;
• for the purposes referred to in point f), the legitimate interest of the Data Controller.

Categories of subjects to whom the data may be disclosed

Data collected by the Data Controller will be shared only for the purposes mentioned above; we will not share or transfer your personal data to third parties other than those indicated in this Policy. During our activities and exclusively for the purposes listed in this Policy, your personal data may be transferred to the following categories of recipients:

• the Data Controller's commercial partners, to whom it conveys the Data exclusively to process online purchases or to guarantee the provision of services;
• third-party payment processing services to ensure the processing of payments to us. Giovanni Raspini S.r.l. does not store payment information. The payment details are provided to the payment processing service that the customer has selected; the latter is required to comply with applicable regulations and data protection laws. For details on how such entities process your personal data, please refer to the privacy policies of the relevant service providers;
• hosting providers, IT companies, communication agencies, third-party technical services, consultants and professors with professional assignments, shipping companies and couriers, credit institutions, postal couriers;
• analytics and search engine providers that assist us in improving and optimising our website;
• persons, companies or professional firms that provide assistance and advice to the Data Controller, in accounting, administrative, legal, tax and financial matters;
• subjects whose entitlement to access the data is recognised by law or by orders of public authorities and supervisory bodies.

If necessary, the Data Controller may enter into agreements with the above subjects whereby the latter are recognised as Data Processors pursuant to Article 28 of EU Regulation 2016/679 or Joint Data Controllers pursuant to Article 26 of EU Regulation 2016/679. An up-to-date list of Data Processors can always be obtained from the Data Controller.

In any case, the dissemination of your personal data is entirely excluded.

Types of data collected

The website offers informative and sometimes interactive content. During navigation, the Website may, therefore, acquire information about the visitor, in the following ways:

Browsing data

During their normal operation, the computer systems and software procedures used to operate this Website acquire some personal data whose transmission is implied when using Internet communication protocols. This information is not collected with the intention of associating it with any identified Data Subjects. However, due to its nature, it might lead to the identification of users through processing and association with data held by third parties. This category of data includes IP addresses or domain names of the computers employed by users who connect to the website, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and IT environment. This data is only used to gather anonymous statistics concerning use of the Website and to check that it is functioning correctly. It is deleted immediately after processing. The data may be used to determine liability if cyber crimes are committed against the Website.

Cookies

In order to make our services as efficient and easy to use as possible, we use cookies. Therefore, when you visit the Website, a minimal amount of information is entered into the User's device, such as small text files called "cookies", which are saved in the User's web browser directory. There are different types of cookies, but essentially the main purpose of a cookie is to make the Website work more effectively and to enable certain features.

We also collect data about your use of the Website to understand what products and services you are interested in and, if you register your account and give us your consent, a range of personal data such as your name, email address, phone number and a unique identifier associated with your device. This information may be used to assist you in the purchase process by contacting you occasionally (via email or SMS) or to personalise the advertising you see online. Please read the Privacy Policy document regarding SaleCycle's services for more details about the browsing data used by SaleCycle on our behalf.

Link: http://www1.salecycle.com/privacy-policy-it

In any case, please refer to the information on cookies https://www.giovanniraspini.com/it-it/cookie-policy/cookie-policy.html for more details on their use and management.

Social Network Plugins

Our sites also incorporate plugins and/or commands for social networks, in order to allow you to easily share content on your favourite social networks. These plugins are configured so as not to set any cookies when users access the page, thus ensuring the safeguard of User privacy. If enabled by the social networks, cookies may be set only when the User makes effective and voluntary use of the plugin. Please note that Users who browse the Website whilst logged into a social network will have previously given consent to the use of cookies conveyed through this Website at the time of registration to that social network. The collection and use of data obtained by means of plugins are regulated by the respective privacy policies of the social media networks, to which you should refer.

networks, to which you should refer.

• Facebook (policy link) https://www.facebook.com/privacy/policy/
• Instagram (policy link) https://privacycenter.instagram.com/
• YouTube (policy link) https://policies.google.com/technologies/cookies
• Pinterest (policy link) https://policy.pinterest.com/it/privacy-policy
• TikTok (policy link) https://www.tiktok.com/legal/page/eea/privacy-policy/it

Certain webpages incorporate YouTube video content. By visiting a page containing a video or clicking to view the video, cookies from YouTube might be installed. These cookies are not our proprietary tools. To find out more, visit the policy page on YouTube .

The Website may use Facebook ADS programmes managed by Facebook Inc., Google Adwords and Google Remarketing technology, managed by Google Inc. The conversion tracking feature of Facebook ADS and Google Adwords also uses cookies to help us track sales and other conversions.

Email and Cookies

Our emails contain cookies that monitor whether you have opened our emails and if you have clicked on any link contained in them. The cookies used in our emails to track such behaviour are exclusive to each email and are not stored on your computer or mobile device.

Data provided voluntarily by the User

No personal information relating to those who visit the Website is collected or used. Visitors remain anonymous. The only exception concerns information provided voluntarily by the User in the contact forms of the Website or in the event you register your personal account, which is needed to comply with the contractual obligations to provide the requested services or to process the User's requests.

In the event of a request to use the services offered by the Website, other personal data may be collected, such as

• Identity data, including information such as name, surname, title, date of birth, tax code, date of birth, which are needed to provide the requested services.
• Contact data, including information such as email address, billing address, delivery address, location, country, phone number and social media ID (if you log in via social media).
• Financial data, including information such as: payment card and bank account details.
• Transaction data, including information such as: details of your purchases and the fulfillment of your orders (such as cart number, order number, subtotal, title, currency, discounts, shipping, number of items, product number, price of the individual item, category, tax, etc.); payments to and from you and details of other products and services you have obtained from us, correspondence or communications with you regarding your orders and details of any rewards and bonuses awarded.
• Technical data, including information such as: details of the device(s) used to access our services, IP (Internet protocol) address, access data, username and password, browser type and version, time zone setting and location, browser and operating system.
• Profile data, including information such as: purchases or orders made by the User, interests in products and styles, preferences, feedback and responses to any surveys.
• Usage data, including information such as: how and when you use our website/app, how you navigated it, what you searched for; website/app performance statistics, traffic, location; loyalty program activity.
• Marketing and communication data, including information such as: your preferences in receiving marketing from us and from third parties and your communication preferences.

We also collect, use and share aggregated data such as statistical or demographic data to improve our services and our offer. Aggregate Data may derive from your personal data but is not considered personal data since this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users using a specific website feature.However, if we combine or link the aggregated data with your personal data so that they can directly or indirectly identify you, we treat the combined data as personal data that will be used in accordance with this privacy policy.

The optional, explicit and voluntary sending of email to the addresses indicated in this Website results in the acquisition of the User's address and other personal data submitted in doing so and required to respond to the requests in question.

In the event of purchase of products or services on the Website with e-commerce functions, the User will be required to provide their name, the data necessary for billing, contact data and information on payment methods and credit card or Paypal account. The Data Controller will use this information only to process purchases and to send specific information relevant to the confirmation of the same. The information provided will not be sold, transmitted, licensed or otherwise forwarded to third parties. The only parties that can acquire payment data are the credit card issuing companies, which can be contacted to verify the validity of cards themselves. In any case, the website administrator ensures the adoption of scrupulous procedures to protect browsing data and the use of special care to protect the credit card data provided during online transactions.

The Data of the Data Subject is essential to evaluate and satisfy their requests;

If the contact is successful, the Data of the Data Subject will be processed for specific contractual or pre-contractual obligations such as, by way of example, managing purchase preferences, the chosen measures, delivery addresses, etc.

If Data Subjects contact Giovanni Raspini S.r.l. by email or telephone, the latter may process the information and Data (including personal data) provided by the Data Subjects to process their requests.

The provision of such Personal Data is necessary to fulfil a contract to which Data Subjects are a party or to implement pre-contractual measures adopted on the basis of Data Subject requests, and such provision is, therefore, mandatory. Failure to provide the aforementioned Data shall prevent Giovanni Raspini S.r.l. from fulfilling any related contracts or implementing any measures requested by Data Subjects.

Subscription to the promotional newsletter of our Websites is optional and is subject to the acceptance of specific, free and informed consent. The Data are kept until any request to cancel the service is made, which can be freely done at any time through the link contained at the bottom of each message sent.

Method and duration of processing

The personal data you provide is processed mainly but not exclusively by IT means. The processing is carried out using organisational methods and rationale strictly related to the stated purposes.

The Data Controller has implemented technical, procedural and organisational measures to provide an adequate level of security, confidentiality, integrity and availability of personal data. These measures take into account the state of the art of technology, the costs of its implementation, the nature of the data and the risks associated with their processing. The purpose is to protect Data from accidental or unlawful destruction or alteration, accidental loss, unauthorised disclosure or access, and other forms of illegal processing.

In addition, when handling your personal data, the Data Controller collects and processes personal data that is adequate, relevant and not excessive, as required to meet the purposes mentioned above and ensures that such personal data remains up-to-date and accurate.

The Data is processed at the operating premises where the Data Controller is established and at appointed companies duly designated as Data Processors pursuant to Article 28 of the GDPR.

We keep your personal data

• as long as you have an account with us
• as long as it is necessary to provide you with services
• all the time necessary to provide support-related activities
• for commercial transactions for the mandatory time pursuant to the Italian Civil Code.

In certain cases, we may keep some of your information after you have closed your account or for a time when it is no longer necessary to provide you with the services. This type of situation can occur if your data is needed to meet legal or regulatory requirements, resolve disputes, prevent fraud and abuse, or enforce our terms and conditions.

Transfer of Personal Data Outside the European Union

In general, the Data processed is not transferred outside the European Union. In any case, it is understood that the Data Controller, where necessary, is entitled to relocate servers to non-EU countries or to use cloud services also located outside the European area. In this case, the Data Controller ensures as of now that the transfer of data will take place in accordance with the applicable legal provisions, stipulating, if necessary, agreements that guarantee an adequate level of protection.

The processing of data is carried out for the time strictly needed for the pursuit of the aforementioned purposes, without prejudice to any storage terms provided for by law or regulations.

Optional provision of data

Apart from what is specified for browsing data, Users are free to provide their personal data via collection forms or indicate them in the contact section in order to make online purchases, use the services offered, request information and submit other notices. If the related personal data is not provided, it may be impossible to respond to such requests. Sending Data involves acquiring the sender's email address, as well as any other personal data entered, that is needed to respond to the requests.

Rights of the Data Subject

Data Subjects, i.e. the natural persons to whom personal data refers, have the right to request the Data Controller to access their personal data, rectify or delete them and request the restriction or oppose the processing thereof. Data Subjects are also entitled to data portability. To exercise these rights, you can refer to the contacts indicated in this Policy.

All requests received will be treated and acknowledged in accordance with the concrete provisions of the applicable regulations, along with reference to the actual existence of the conditions for their acceptance. Should such conditions fail to apply, the Data Controller may not act on the requests. The Data Controller shall make every effort to respond to legitimate and well-founded requests within one month of receiving them. Depending on the complexity and number of requests, as well as the above, this period may be extended by two months. A User may oppose the outcome of a request by filing a complaint with the competent data protection supervisory authority or taking legal action.

Withdrawal of consent and opt-out

Our customers can withdraw consent for data storage and access by activating the setting on their browser that allows them to reject all or only certain cookies.

By activating the “unsubscribe” link shown in the footer of each message, you can also choose to cancel your accounts and your newsletter subscriptions (opt-out) and thenceforth discontinue the receipt of such messages.

Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Policy in order to incorporate changes in applicable legislation or to adapt to technological innovations. Any changes will be reported on this webpage, which is permanently available through the hyperlink located on the Website homepage.