Gloria Federica - Via Torre Caracciolo 19 bis - 80016 Marano di Napoli (NA)
Mail: info@mrledshop.com PEC: fedegloria@postecert.it
VAT Number 03207270590 Fiscal Code GLRFRC99H48F839L
as data controller, informs you, pursuant to art. 13 and 14 of the European Regulation 679/2016 concerning the protection of personal data ("GDPR") and of Legislative Decree 196/2003 as well as the implementing provisions of the Guarantor Authority, regarding the processing of your personal data which will be carried out by the writer.
This Application collects some Personal Data from its Users. The Data Controller protects the confidentiality of users' personal data and guarantees them the necessary protection from any event that could put them at risk of infringement. As required by the European Union Regulation n. 679/2016 (GDPR) and in particular by articles 13 and 14, below we provide the user ("interested") with the following information required by law relating to the processing of their personal data.
Identity and contact details of the data controller
The data controller is Gloria Federica, with registered office in Via Torre Caracciolo 19 bis - 80016 Marano di Napoli (NA), in the person of her pro-tempore legal representative.
It is possible to send any question or request relating to your personal data and to respect for privacy through the contacts present in this statement.
Purpose of the treatment
In compliance with current legislation on the protection of personal data, the Data will be archived, collected and processed by the Data Controller for the following service purposes:
Data archiving in company databases
Respond to inquiries and information regarding the product or service
Marketing purposes: sending newsletters, advertising material or commercial communications via e-mail or post
Statistics
Interaction with social networks and external platforms
Viewing content from external platforms
Interaction with data collection platforms and other third parties
Location-based interactions
Infrastructure monitoring
SPAM protection
Platform services and hosting
This site may receive or transmit personal data to the following applications:
CRM, ERP, Management
Hosting and Backend infrastructure - Serverplan
Social Media Buttons and WidGets - Instagram button and widget
Social Media Buttons and WidGets - Like button and Facebook widget
Social Media Buttons and WidGets - Twitter button and widget
Social Media Buttons and WidGets - TikTok button and widgets
Email Marketing Software - Brevo (formerly Sendinblue)
Email Marketing Software - Integrated on site
Statistics, Performance - Google Analytics
Statistics, Performance - Integrated on the site
Support, Chat, Tickets - Facebook Messenger
Support, Chat, Tickets - Email Serverplan
Further applications connected with those indicated or replacing them in the event of evolution or transfer. In this case it will be our care to provide adequate information on the appropriate changes.
Legal bases of the treatments (art. 6)
The processing of data, for the purposes indicated above, is lawful as it can be traced back to one of the following legal bases indicated in art. 6 of the Regulation:
The processing is necessary for the execution of a contract of which the interested party is a part or for the execution of pre-contractual measures adopted at the request of the same
Processing is necessary for compliance with a legal obligation to which the data controller is subject
The processing is necessary for the pursuit of the legitimate interest of the data controller or of third parties
Outside of the cases mentioned, the processing of data will take place exclusively within the limits of the consent expressed by the User
Types of personal data processed
Personal data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.
Usage Data means information collected automatically through this Application (including from third-party applications integrated into this Application), including:
IP addresses or domain names of the computers used by the User who connects with this Application
request time
method used in forwarding the request to the server
numeric code indicating the status of the response from the server (successful, error, etc.)
country of origin
characteristics of the browser and operating system used by the visitor
various temporal connotations of the visit (for example the time spent on each page)
details relating to the itinerary followed within the Application
sequence of pages consulted
parameters related to the operating system
computer environment of the user
In cases where this Application indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation.
Any use of Cookies, or other tracking tools, by this Application or by the owners of third-party services used by this Application, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Application and guarantees that he has the right to communicate or disseminate them, freeing the Owner from any liability towards third parties.
Data transfer outside the EU
The Data Controller may transfer Personal Data collected within the EU to NON-EU countries only with specific legal bases described below.
The User can request information from the Owner regarding the legal basis applicable to each individual service.
Data transfer to countries that guarantee European standards
The transfer of Personal Data from the EU to third countries takes place on the basis of an adequacy decision adopted by the European Commission. The European Commission adopts adequacy decisions with reference to individual third countries that it deems to guarantee a level of protection of Personal Data comparable to that provided for by the European legislation on the protection of Personal Data. The User can view the updated list of adequacy decisions on the European Commission website.
Transfer to third countries on the basis of standard contractual clauses
The transfer of Personal Data from the EU to third countries takes place on the basis of standard clauses for the protection of Personal Data adopted by the European Commission.
In such cases, the recipients of the Data have agreed to process the Personal Data in accordance with the levels of protection provided for by EU legislation. Users can request further information by contacting the Owner at the contact details indicated in this document.
Period of retention of personal data
Unless the will to remove them is explicitly expressed (except in cases where the processing takes place on a legal basis other than consent), the personal data of the interested party will be kept for as long as they are necessary with respect to the legitimate purposes for which they were collected.
Starting from the date of termination of this relationship, personal data will in any case be kept for the fulfillment of the obligations that remain even after the termination of the contract (art. 2220 of the civil code); for these purposes, the Data Controller(s) will only keep the data necessary for the related prosecution. In any case, the data will be completely canceled after 10 years from the deadline for conservation necessary to protect the rights of the interested party and of the owner (prescription) unless otherwise communicated.
Processing methods
The processing of your personal data is carried out by means of the operations indicated in article 4, n. 2, GDPR - performed with or without the aid of IT systems - and precisely: collection, registration, organization, structuring, updating, conservation, adaptation or modification, extraction and analysis, consultation, use, communication by transmission, comparison, interconnection, limitation, cancellation or destruction.
In addition to the Data Controller, in some cases, other subjects involved in the organization of this Application (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
In any case, the logical and physical security of your data and, in general, the confidentiality of the personal data processed will be guaranteed, implementing all the necessary technical and organizational measures to guarantee their security.
Rights exercisable by the interested party
In compliance with the provisions of the GDPR, you can exercise the rights indicated therein and in particular:
Right of access - Obtain confirmation as to whether or not personal data concerning you are being processed and, if so, receive information relating, in particular, to: purpose of the processing, categories of personal data processed and retention period, recipients to which these can be communicated (article 15, GDPR)
Right of rectification - Obtain, without unjustified delay, the rectification of inaccurate personal data concerning you and the integration of incomplete personal data (article 16, GDPR)
Right to cancellation - Obtain, without unjustified delay, the cancellation of personal data concerning you, in the cases provided for by the GDPR (article 17, GDPR)
Right to limitation - Obtain from the Joint Controllers the limitation of processing, in the cases provided for by the GDPR (article 18, GDPR)
Right to portability - To receive, in a structured format, commonly used and readable by an automatic device, the personal data concerning you provided to the Co-owners, as well as to obtain that the same are transmitted to another owner without impediments, in the cases provided for by the GDPR (article 20, GDPR)
Right to object - Oppose the processing of personal data concerning you, unless there are legitimate reasons for the Joint Controllers to continue the processing (article 21, GDPR)
Right to lodge a complaint with the supervisory authority - lodge a complaint with the Guarantor Authority for the protection of personal data (www.garanteprivacy.it)
You may at any time modify or revoke the consent given and exercise your rights through the applications made available and in any case by contacting the Data Controller directly at the email address info@mrledshop.com