The personal data provided directly by the user to Amitutti.com (hereinafter "Amitutti") on the pages of the website that can be reached at (URL) amitutti.com ("Site") at the time of registration and subsequently for the use of services provided from time to time by Amitutti will be treated in compliance with the provisions of Legislative Decree 196/2003 regarding the protection of personal data ("Privacy Code") and following the entry into force of EU Regulation no. 679/2016 ("GDPR") in accordance with the provisions of art. 13 of the aforementioned European Regulation. Amitutti informs the user of the following.
Trust is the foundation of our company. Amitutti believes that the trust of its customers in the protection of personal data is fundamental. Amitutti therefore complies with applicable data protection laws and constantly strives to improve the protection of its customers.
1. Joint data controllers
The joint controllers of the processing of personal data are the companies pursuant to art. 26 GDPR - European Privacy Regulation: - Amitutti.com, with registered office in via Bellavista 45, 09048 Sinnai, CA, Italy. VAT number: 03865620920, pec: firstname.lastname@example.org, registered at the Chamber of Commerce of Cagliari under no. 303230. The essential content of the joint ownership agreement is made available to the interested party upon request to be sent to email@example.com
2. What are personal data
Personal data is information that refers to an identified or identifiable natural person, such as the name, e-mail address, telephone number, postal address or IP address of the computer.
3. What personal data are processed?
3.1 Data entered by the user
If the user enters into a contract with Amitutti, completes the registration fields on the Site or gives us his consent, we process the personal data provided in this way, in particular the data as defined in section 2.
3.2 Automatically Recorded Data
In order to provide you with the information you need in relation to our website, we also process the following data: • The address of the page you visit on our website • the address of the website you visited immediately before (the so-called "referrer") • date and time of your visit • the properties of the device, in particular the operating system, the browser used and the size of the browser window • the IP address of the device • the identification numbers stored on the device. With this identification number we are able to recognize your device on the website. Technically, these identification numbers are stored in so-called cookies or eTags • Device IDs consisting of individual characteristics of the mobile device. Based on these device identifiers, we can also recognize your device on the website. Examples of such device identifiers are: o The "Ad-ID" of the Apple iOS operating system o The "Advertising ID" of the Android operating system
4. When do we process your data?
4.1 Stipulation of contracts
We process your personal data when you create your personal user account, when you order products through our website, when you leave a review or when you subscribe to our newsletter.
Unless otherwise specified in the following provisions, the legal basis for this data processing is Article 6 paragraph 1 b) and a) GDPR (execution of a contract and consent).
4.2 Website operation
We process your personal data in order to offer you the best products, offers and content tailored to your needs and to make your visit to our site as pleasant as possible. Unless otherwise specified in the following provisions, the legal basis for this data processing is Article 6 paragraph 1 f) GDPR (legitimate interest, based on our interest in offering a website with the most interesting and attractive content possible) .
5. Purpose of data processing
To make purchases on our site you need to create a personal account (hereinafter "user account"). You can store your personal information in your user account, and facilitate shopping in our online store. To create a personal user account we need your personal details, name and surname and, as appropriate, address and telephone number. Additionally, users must provide their email address and a password of their choice. The e-mail address provided by the users also serves as the login data for the user account. In addition, users can store their personal data within the user account and then shop comfortably in the online store. The information can be updated at any time in the personal area of the user account ("User Profile").
The so-called persistent cookies (see paragraph 6.) are stored on the user's device with the "Stay logged in" function, which prevents the user from having to log in again during subsequent visits to our website. This function is not available if the user has disabled the storage of these cookies in the settings of his browser. Of course, the user can cancel their user account at any time and without giving reasons. The easiest way to do this is to send an email to firstname.lastname@example.org. The legal basis for this data processing is the article. 6 paragraph 1 b) GDPR (execution of a contract).
5.2 Order processing in our online shop
With regard to the order of products in our online shop, the processing of your personal data is aimed at enabling and optimizing the fulfillment of the order, including payment and delivery. When payment is made by credit card, we receive the payment ID and the last four digits of the credit card number from our payment service provider. We need this for the authentication and allocation of your order and therefore for your security. The personal data required for payment are collected directly by the payment service provider.
The legal basis for the aforementioned data processing is the article. 6 paragraph 1 b) GDPR (execution of a contract) and Art. 6 paragraph 1 f) GDPR (legitimate interest, based on our interest in offering you a secure payment option by credit card). All data available to us is checked as part of the credit risk assessment. In this way we determine which payment methods can be offered for an order. Among other things, we also check all previous orders placed from your customer account. The system also checks whether the delivery address is different from the billing address, whether it is a new delivery address or whether the order is to be delivered to an intermediate center.
After choosing the payment service provider, you will be asked for the data necessary to use this service. This payment information is forwarded directly to the respective payment service provider and is not stored by Amitutti. We save billing and delivery address details in your user account so that you no longer need to enter them the next time you make a purchase. This data can be changed at any time in the future. If you do not agree to the payment method or methods offered, you can inform us in writing by letter or email at email@example.com. We will then review the decision in light of your recommendations. The personal data processed in the context of the orders are deleted at the latest after the expiry of the statutory warranty terms, unless this conflicts with the statutory retention obligations.
We offer all Amitutti.com users the opportunity to receive our newsletter. To activate it, the user can register with his e-mail address on the appropriate page. The user can revoke his consent at any time and without indicating the reasons. The easiest way to do this is to click on the "Unsubscribe" link, which can be found in every newsletter. The legal basis for this process is Article 6 (1) (a). 1 a) GDPR (consent).
5.4 Contacts via Email and WhatsApp
If you send us questions via email or WhatsApp, we will process the information you send, including your account details in order to be able to answer you as best we can. In the event of subsequent exchanges of communications, we will store the subsequent information to offer a better service. The legal basis of this process is Article 6 paragraph 1 b) GDPR (execution of a contract) and 1 f) GDPR (legitimate interest, based on our interest in adapting the website in the best possible way to the interests and needs of the users).
5.5 Purpose of data processing for reviews
If you decide to leave a review on a product, we will process your data to verify that the product you reviewed corresponds to your purchase and then to authorize its publication. The legal basis of this process is Article 6 paragraph 1 b) GDPR (execution of a contract) and 1 f) GDPR (legitimate interest, based on our interest in adapting the website in the best possible way to the interests and needs of the users).
6. MONITORING TOOLS FOR THE ANALYSIS OF THE WEBSITE
6.1 GENERAL PROVISIONS
We want to design our website in the best possible way. Therefore, we use so-called "tracking" tools to technically improve our website. Tracking tools allow us to measure the use of our web offers. By using the tracking tools, we collect the following information in particular:
· What are the links that online users click on other websites to access amitutti.com?
· Which of our pages are visited when, how often and in what order?
· What information are users of our website looking for?
· Which links or offers do users of our website click on?
From this information, we compile statistics that help us understand the following questions:
· Which pages are of particular interest to users of our website?
· Which articles interest our users the most?
What offers should we make to our users?
For this purpose, we use in particular the automatically collected data referred to in point 3.2 above. The data is only saved under a pseudonym.
The legal basis is your consent according to article 3.2. 6 paragraph 1 a) The DSGVO and Art. 6 para. 1 f) DSGVO (weighting of interests based on our interest in adapting the website as much as possible to the interests and needs of users).
6.2 GOOGLE ANALYTICS
This website uses Google Analytics, a web analysis service provided by Google Inc. "(" Google "). Google Analytics uses" cookies ", which are text files that are placed on your computer to allow the website to analyze how users use the site. The information generated by the cookie about the use of this website is generally transmitted to and stored on Google's servers in the United States. However, if IP anonymization is enabled on this website, Google will shorten your IP address beforehand within member states of the European Union or other signatory states to the agreement on the European Economic Area. Only in exceptional cases is the full IP address transmitted to a Google server in the United States and abbreviated there. On behalf of the operator of this website, Google will use this information to evaluate the use of the website, to compile reports on website activity and to provide the tri services relating to website activity and Internet use to the website manager.
The IP address transmitted by your browser as part of Google Analytics is not combined with other Google data.
You can also prevent Google from collecting the data generated by the cookie and relating to your use of the website (including your IP address) and from processing this data by Google by downloading and installing the browser plugin available at the following link (http: //tools.google.com/dlpage/gaoptout?hl=it).
This website uses Google Analytics with the extension "_anonymizeIp ()". This means that the IP addresses are further processed in an abbreviated form, thus excluding the possibility of personal references. If the data collected about you relates to a person, this is excluded and the personal data is immediately deleted.
We use Google Analytics to analyze the use of our website and to improve it regularly. The statistics obtained will allow us to improve our services and make them more interesting for the user. For the exceptional cases where personal data is transferred to the United States, Google has sent the EU-US Privacy Shield, https://www.privacyshield.gov/EU-US-Framework. The processing of your data in the context of Google Analytics is carried out to safeguard the legitimate interests of Amitutti.
CONTRADICTION AGAINST DATA ACQUISITION:
You can prevent the collection and transmission to Google of data relating to your use of the website (including your IP address) and the processing of this data by Google by downloading and installing the browser plug-in available at the following link : https://tools.google.com/dlpage/gaoptout?hl=it.
6.3 GOOGLE ADWORDS / REMARKETING
6.4 GOOGLE ADWORDS / CONVERSION MONITORING
6.5 DOUBLECLICK ON GOOGLE
We also use Google's Doubleclick. Doubleclick by Google is a service provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA ("Google"). Google's double-click is used to present advertisements that are relevant to you. You can see these advertisements on our website and on the websites of other vendors working with Google.
Our website stores a so-called "cookie" with a pseudonymous identification number (ID) for Google in your browser. Google uses this cookie ID to recognize your browser when you visit our website (or other websites whose providers also use Google's Doubleclick). In this way, Google tries to collect the following information:
Which web pages have you visited?
What Google Ads have you seen?
Which of these ads did you click on?
Based on this information, Google selects the ads that Google presents to you. You can manage the display of these ads by Google here. Here you can find more information on Google advertising. Further information on the protection of personal data can be found here on Google.
Google operates its servers in the United States, i.e. in a third country outside the EU. The DoubleClick service from Google transmits your data to these servers. The European Commission has not currently decided that the United States generally offers an adequate level of protection. However, Google has submitted to the EU-US Privacy Shield Framework, which provides adequate and reasonable guarantees. Further information can be found here.
The legal basis for the integration of Google's Doubleclick described in this section is Art. 6 paragraph 1 f) DSGVO (weighting of interests, based on our interest in marketing the website for advertising purposes). Google collects and processes the data that emerge in this context under its own responsibility.
6.6 BING ADS BING CONVERSATION CONVERSATION MONITORING
If you do not wish to participate in the Bing Ads tracking process, you can opt out of this behavior at http://choice.microsoft.com/de-de/opt-out
6.7 USE OF FACEBOOK PLUGIN
We also use features of Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA. When you click on the corresponding Facebook plug-in, a connection is established between your browser and the Facebook servers. In this way you can use the various features of Facebook. The legal basis is Art. 6 par. 1 b) DSGVO (execution of the contract and pre-contractual measures).
By clicking on the Facebook plug-in, the data is transferred from your browser to Facebook in the United States. The European Commission has not currently decided that the United States generally offers an adequate level of data protection. However, Facebook is committed to complying with the EU-US Privacy Protection Agreement for the collection, use and retention of EU Member States' personal data as published by the US Department of Commerce.
If you have a Facebook account, the data transmitted by your browser can be linked to your Facebook account. If you do not want this data not to be assigned to your Facebook account, please log out of Facebook before clicking on the Facebook plugin. Interactions, in particular the use of a comment function or a "Like" or "Share" button, are also shared with Facebook.
6.8 FACEBOOK CUSTOM AUDIENCES
6.9 USE OF PLUGIN YOUTUBE
Our website displays the contents of the YouTube page operated by Google. The site is operated by YouTube, LLC, 901 Cherry Ave, San Bruno, CA 94066, USA, a subsidiary of Google. When you visit one of our YouTube content pages, your browser connects directly to the YouTube servers and retrieves the content to be displayed for you. The legal basis is Art. 6 par. 1 f) DSGVO (weighting of interests based on our interest in offering a website with content that is as interesting and attractive as possible).
When integrating YouTube content, your browser communicates with a YouTube server in the USA, which can record the corresponding retrieval of the content by your browser. The European Commission has not currently decided that the United States generally offers an adequate level of data protection. However, YouTube (as a subsidiary of Google) has agreed to comply with the privacy protection agreement between the EU and the US on the collection, use and storage of personal data of EU member states, as published by the United States Department of Commerce. Further information can be found here: https://support.google.com/analytics/answer/7105316?hl=it.
If you are logged in to your YouTube account, you can allow YouTube to directly associate your surfing behavior with your personal profile. You can prevent this by logging out of your YouTube account before visiting our website.
6.10 USE OF VIMEO-PLUGINS
We also use video integration from the Vimeo provider. Vimeo is operated by Vimeo, LLC, headquartered at 555 West 18th Street, New York, New York 10011. When you visit one of our Vimeo Content pages, your browser connects directly to Vimeo's servers and retrieves the content to display. for you. The legal basis is Art. 6 paragraph 1 f) DSGVO (weighting of interests based on our interest in offering a website with content that is as interesting and attractive as possible).
When Vimeo is integrated, your browser communicates with a Vimeo server in the United States, which can record the corresponding content retrieval by your browser. The European Commission has not currently decided that the United States generally offers an adequate level of data protection. However, Vimeo has committed to abide by the EU-US Privacy Protection Agreement for the collection, use and retention of EU Member States' personal data as published by the US Department of Commerce.
The application for our website uses the "adjust" analysis technology from adjust GmbH ("adjust"). Adjust uses users' IP and Mac addresses for analysis, but these are only used anonymously. A conclusion for a natural person is therefore not possible.
We use Optimizely on our website, a web analysis service of Optimizely Inc, hereinafter referred to as "Optimizely". Optimizely helps us to better tailor our website to your needs. As part of the service, so-called "cookies" are used. With your help, an analysis of your use of the website is made possible. The information obtained on the basis of the cookie about the use of the website is transferred to Optimizely. The transmission and storage of data usually takes place on a server located in the United States. Optimizely is certified according to the EU / US standard https://www.privacyshield.gov/participant?id=a2zt00000000000TNkWAAW.
If IP anonymization is enabled on this website, Optimizely will shorten your IP address if you are a member state of the European Union or another signatory state to the agreement on the European Economic Area. In rare exceptional cases, a complete transmission of the IP address takes place to an Optimizely server in the USA, where it is then shortened.
On our behalf, Optimizely uses the information collected to evaluate how the website was used by you. On this basis, Optimizely provides evaluations and reports to optimize the website. If the IP address is transmitted from the browser, this data is not combined with other Optimizely data.
You can refuse the storage of cookies at any time by changing your browser settings. Please note, however, that in this case you may not be able to use all the functions of this website in their entirety.
This website uses technology from Outbrain Inc. "(" Outbrain ", 39 W 13th Street New York, NY 10011 USA). This allows you to specifically target those Internet users with advertisements who have already been interested in our offers on pages of our partners, or collect data about them. The technology depends on a cookie-based analysis of user behavior. This advertisement appears only on Outbrain advertising spaces, both on Outbrain Engage advertising spaces and on the Outbrain Extended Network. you do not want interest-based advertising not to be shown, you can disable this feature here. https://www.outbrain.com/legal/
You can also object to the further use of Outbrain at the following link: https://www.outbrain.com/legal/privacy#advertising_behavioral_targeting
You can also object to the continued use of Criteo at the following link: http://www.criteo.com/de/privacy/
We also use the Braze web analytics service, a program of Braze, Inc., 318 West 39th Street, New York, NY 10018, USA (Braze).
The legal basis of this program is Art. 6 paragraph. 1 lit. f. f. DSGVO (interest in the analysis, optimization and economic management of our online services). Braze is used to analyze the use of our app and to send targeted push messages to the users of our app. Braze uses a pseudonymized function (called "Pseudonym ID") which allows us to analyze the use of our app. The version of the operating system you are using, information about your network provider, a country code, information about the device such as "Android Advertising ID" and "Advertising Identifier for iOS". (to identify users' mobile devices), the behavior and methods of use of our services are determined. At no time will the information determined by Braze ever be merged with the data relating to the holder of the pseudonym. On our behalf, Braze uses this information to evaluate the use of our application and to report on it. We use this information to send targeted push messages - if approved by you - to users of our application with information about our services or specific advertising. The information generated on the basis of the pseudonym ID about the use of our application is usually transferred and stored on a Braze server in the United States. Braze ensures compliance with the requirements of the EU standard contractual clauses. For more information on Braze's privacy practices, please visit: https://www.braze.com/privacy/.
If you do not want Braze to process your data, you can contact us at any time at https://www.braze.com/preferences.
7. USE OF EXTERNAL SERVICE PROVIDERS
For the operation of our website we use external service providers with data processing (e.g. order dispatch, newsletter software, computer centers). If necessary, these service providers also process personal data. Service providers are carefully selected and checked by us. The data is processed exclusively in accordance with our instructions and is also bound by this data protection declaration.
8. PERIOD OF CONSERVATION
Personal data will be kept only for the time necessary to achieve the purposes of the processing or for a minimum retention period required by law.
9. YOUR RIGHTS
In relation to the personal data concerning you, you have the following rights towards us: • Right to information, • Right to rectification or erasure, • right to restriction of processing, • Right to data portability.
You can therefore know what your personal data are in our possession, their origin and how they are used, request their updating, rectification or integration as well as, in the cases provided for by the provisions in force, cancellation, limitation of treatment or oppose to their treatment. If you wish, you can request to receive the personal data we hold about you in a format that can be read by electronic devices and, where technically possible, we can transfer your data directly to a third party indicated by you.
If you believe that the processing of your personal data has been carried out illegitimately, you can lodge a complaint with one of the competent supervisory authorities for compliance with the rules on personal data protection. In Italy, the complaint can be presented to the Guarantor for the Protection of Personal Data (http://www.garanteprivacy.it/).
If you have any general questions or suggestions about data protection, please contact our data protection officer by post at the address indicated above or by email at firstname.lastname@example.org.
Status: October 2019