INFORMATION ON THE PROCESSING OF PERSONAL DATA ON THE
- Company: when this policy mentions “Company”, “we”, “us”, or “our”, it refers to GFC Srl, that is responsible for processing your personal
- User/customer: refers to the person that visits and browses the website, but may or may not be a Registered User;
- Service: refers to any services and every products, garment or accessory, put on sale on the website euthea.it.
The policy is drafted in accordance with the regulation 2016/679 (GDPR) of the European Parliament.
The processing of personal data means their collection, registration,
organization, storage, modification, selection, extraction, comparison, usage,
dissemination, cancellation, distribution, interconnection and anything else useful for the
execution of the Service, including a combination of two or more of the above operations.
This section only applies to individuals using or accessing our Services while located in the European Union (collectively, the “European Countries” ) at the time of data collection. This section applies in addition to the remainder of the Policy and prevails in case of conflicts.
Pursuant to the EU General Data Protection Regulation ( “GDPR” ), personal information is referred to as personal data. For the sake of clarity references to personal information in this Policy concern personal data in the sense of the GDPR.
2. HOW DO WE COLLECT YOUR DATA?
We collect information from you when you visit our website, register on our site, modify your account, place an order, create a wishlist, subscribe to our newsletter, respond to a survey or fill out a form.
When you use our service, we analyze navigation data, in order to verify the proper website’s functionality and to provide you the best experience.
3. WHAT INFORMATION DO WE COLLECT?
While browsing the website, the Company may collect, store and use multiple personal data, such as:
• Name and surname;
• Email address;
• Billing or shipping address;
• Telephone number;
• Type of device or credit or debit card number;
• Other information related to purchasing habits and preferences and on the
management of customer relationships.
For the purpose of browsing, purchasing our products or using our services or
Purchase Conditions and other documents cited therein (jointly “the Terms and
Conditions”) which are applicable at all times and should be reviewed to ensure you agree with them.)
The Data Controllers, as appropriate, shall use Personal Data for the following purposes:
1.1 To manage your registration as a user of the Platform. The Personal Data you provide us with shall be used to identify you as a Platform user, and to give you access to its different functionalities, products and services that are available to you as a registered user.
1.2 The development, compliance and undertaking of the purchase contract for the products you have acquired or any other contract with Us through the Platform.
In the event that you have purchased a Gift Card, if you provide us with the personal data of third parties, you shall be responsible for having informed them and obtained their consent so that, in compliance with the Platform’s Use and Purchase Conditions, we will be able to process their data for purposes of (a) managing the shipping or verifying receipt of the Gift Card and (b) attending to any requests that you or said third party may make.
If you have a Gift Receipt and you wish to return goods associated with it through the Platform, we will use the Personal Data provided in the return form for (a) managing the request and processing the collection of the goods from your home address, (b) attending to requests related to the Gift Receipt or the return that you wish to make, and (c) confirming the approval of the return and sending the voucher with the refund amount by email or other equivalent electronic means.
1.3 Contact you by email, telephone, SMS or other equivalent forms of electronic communication, regarding updates or informative communications related to the functionalities, products or purchased services, including Platform security updates, when necessary or reasonable for their implementation.
1.4 Attend and manage your requests made using the available customer service channels in relation to the Platform, as well as monitoring the quality of our service.
The duration of data processing, carried out through computerized, automated and manual system, shall either be for (i) the period set forth by laws; or (ii) an indefinite period of time (i.e. either until you request that a certain data or all your data be erased); (iii) or until the relevant purpose applicable to a particular data ceases to exist. For instance, data relating to your orders will be processed as long as the data controller might be required to hold such data under applicable laws, and will be deleted once this lawful purpose ceases to exist.
We collect personal information:
- To manage your registration as user of the Platform
- For the development, performance and execution of the purchase or services contract stipulated with Us on the Platform
- This purpose includes processing your data, mainly:
- To contact you for updates or informative notices related to the contracted functionalities, products or services, including quality surveys and to be able to establish the degree of customer satisfaction with the provided service;
- To manage payment of the products that you purchase, regardless of the payment procedure used.
- To activate the mechanisms necessary to prevent and detect unauthorised uses of the Platform
- To manage potential exchanges or returns after you have purchased and manage requests of availability information for articles, reservations of products through the Platform, depending on the availability of such options from time to time.
- For invoicing purposes and to make available to you the tickets and invoices of the purchases you have made through the Platform.
- To ensure that you are able to use other available functionalities or services, such as the purchase, receipt, management and use of the Gift Card.
- To meet requests or applications that you make through the Customer Support channels. We only process the personal data that are strictly necessary to manage or resolve your request or application. If you contact us via telephone, the call may be recorded for quality purposes and so that we can respond to your request.
- For marketing purposes.
- If and when you subscribe to our Newsletter, we will process your personal data to manage your subscription, including to send customised information on our products or services through various communication means (such as e-mail or SMS). We may also make available to you this information through push notifications in case you have activated them in your mobile device. You may unsubscribe from the Newsletter at any time without cost through the link at the bottom of each notice.
- analysis of your user or customer profile to establish your preferences and therefore which products and services are most fit to your style when sending you information. For example, based on your purchases and browsing history (i.e., depending on the articles that you clicked), we will make you suggestions on products that we believe may interest you and, if you are a registered user, we will provide you with the “recover cart ” functionality.
- Personalise the services we offer you and enable us to give you recommendations based on your interactions
- Analysis of usability and quality to improve our services. If you access our Platform, we inform you that we will treat your browsing data for analytic and statistic purposes, i.e., to understand the manner in which users interact with our Platform and with the actions we implement on other websites and apps, so we can improve them. In addition, we occasionally perform quality surveys and actions to know the degree of satisfaction of our customers and users and detect those areas in which we may improve.
5. DO WE TRANSFER PERSONAL DATA?
It may also be necessary to transfer your Personal Data to third parties who provide us with support services, such as financial bodies, entities that fight against fraud, providers of technological, logistical, transport and delivery services, customer services and/or services that analyse the transactions made on the Platform with the aim of offering users sufficient guarantees in commercial operations, etc. For purposes of service efficiency, said collaborators and providers may be located in other markets or territories situated outside of the European Economic Area.
We process your data because their processing is necessary for us to make the purchase or services contract with you.
We consider that we have a legitimate interest to carry out the necessary verifications to detect and prevent potential fraud or fraudulent uses of the Platform, for example when you make a purchase or return.
We may share portions of our log file data, including IP addresses, for analytics purposes with third parties such as web analytics partners, application developers and ad networks. If your IP address is shared, it may be used to estimate general location and other technographics such as connection speed, whether you have visited the website in a shared location, and type of the device used to visit the website. They may aggregate information about our advertising and what you see on the website and then provide auditing, research and reporting for us and our advertisers.
We may also disclose personal and non-personal information about you to the government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate in order to respond to claims, legal process (including subpoenas), to protect our rights and interests or those of a third party, the safety of the public or any person, to prevent or stop any illegal, unethical or legally actionable activity, or to otherwise comply with applicable court orders, laws, rules and regulations.
6. HOW LONG DO WE KEEP YOUR INFORMATION?
We keep your information only so long as we need it to provide GFC to you and fulfill the purposes described in this policy. The same applies to third party companies with whom we share your personal information and, in general, with who carries out services on our behalf.
When we no longer need to use your personal information and there is no need for us to keep it to comply with our legal or regulatory obligations, we’ll either remove it from our systems or depersonalize it so that we can’t identify you.
7. HOW DO WE PROTECT YOUR INFORMATION?
We take precautions to protect the security of your information. We have physical, electronic, and managerial procedures to help safeguard, prevent unauthorized access, maintain data security and correctly use your information. However, neither people nor security systems are foolproof, including encryption systems. In addition, people can commit intentional crimes, make mistakes or fail to follow policies. Therefore, while we use reasonable efforts to protect your personal information, we cannot guarantee its absolute security. If applicable law imposes any non-disclaimable duty to protect your personal information, you agree that intentional misconduct will be the standards used to measures our compliance with that duty.
We implement a variety of security measures to maintain the safety of your personal data when you place an order or enter, submit or access your personal information. We offer the use of a secure server. All supplied sensitive/credit information are managed by Stripe and encrypted into its gateway. After a transaction, your private information (credit cards, social security numbers, financials, etc) is never kept on file.
8. JOINT CONTROLLER
GFC S.r.l., Turin, Italy, Corso Re Umberto 77, VAT n. 12398820014, is acting as joint controller, if you are located in any country of the European Union. You can contact us by email: email@example.com
9. YOUR RIGHTS
We undertake to keep your personal data confidential and to ensure that you may exercise your rights. Bearing that in mind, we as Joint Controllers have agreed that you may exercise your rights free of charge by writing us an e-mail to a single e-mail address, simply informing us of the reason for your request and the right that you wish to exercise. If we consider this necessary to be able to identify you, we may request you to provide a copy of a document evidencing your identity.
In particular, notwithstanding the purpose or legal basis we use to process your data, you have the following rights:
• To request access to your personal data that we hold. We remind you that if you are a Platform registered user you may also consult this information in the relevant section of your online account.
• To request that we rectify the personal data that we hold. Please bear in mind that if you are a registered user on the Platform, you may also access the relevant personal data section of your online account to change or update your personal data. In any case, please take into account that, by putting
at our disposal your personal data through any procedure, you guarantee that they are true and accurate and you undertake to notify to us any change or modification of your data. You will be liable for any loss or damage caused to the Platform or to the person responsible for the Platform or to any third party by reporting erroneous, inaccurate or incomplete information in the registration forms. Please remember that, as a general rule, you must provide us only with your own data, not with those of third parties, other than to the extent otherwise permitted in this Privacy and Cookies Policy.
• To request that we erase your personal data to the extent that they are no longer necessary for the purpose for which we need to keep processing them, as we have explained above, or when we are no longer legally authorised to process them.
• To request that we cancel or limit the processing of your personal data, which entails that in certain cases you can request us to temporally suspend the processing of the data or request not to withhold them more than necessary.
In addition, where the processing of your data is based on our legitimate interest, you will also have the right to object to the processing of your data (www.garanteprivacy.it).
10. RIGHT TO MODIFY THIS POLICY
We may modify this Policy at any time, without prior notice, and changes may apply to any personal information that we already hold about you, as well as any new personal information collected after the Policy is modified. If we make changes, we will notify you by revising the effective date or last modified date at the top of this Policy. We will provide you with advanced notice if we make any material changes to how we collect, use or disclose your personal information that impact your rights under this Policy. If you are located in a jurisdiction other than the European Economic Area, the United Kingdom or Switzerland, your continued access or use of our Services after receiving the notice of changes, constitutes your acknowledgement that you accept the updated Policy.
Instant information: In addition, we may provide you with real time disclosures or additional information about the personal information handling practices of specific parts of our Services. Such notices may supplement this Policy or provide you with additional choices about how we process your personal information.