REASONS FOR THE PRIVACY STATEMENT
This privacy statements contains important information on the personal data collected by TRUE DIAMOND PERFUME DOO and describes how said data is used. Where applicable, it also explained how such data, provided by the user or collected during purchases made also through related companies or during other contact with the company, is processed. This information is complementary to any other statements received in such other circumstances.
This document contains important information on the following:
- TREATMENT OF PERSONAL DATA
- PERSONAL DATA COLLECTED
- PURPOSE OF THE PROCESSING OF PERSONAL DATA
- SHARING OF PERSONAL DATA
- ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
- SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
- RIGHTS OF ACCESS TO PERSONAL DATA
- DATA RETENTION
- POLICY ON COOKIES AND SIMILAR PROCESSES
- DATA PROCESSORS: COMPANY CONTACTS
- UPDATES ON CURRENT STATEMENT – COMMUNICATIONS
1. TREATMENT OF PERSONAL DATA
2. PERSONAL DATA COLLECTED
The company collects personal data from the user only if the latter party voluntarily provides information, for example:
- in the case of the website: by placing an order through the website; creating a wish list (shopping cart); conducting research on the website; by contacting the company by sending a comment or a request; by subscribing to email newsletters and updates regarding the latest products and services, store openings, events or promotions; or requesting to receive confirmation of an order, shipment or other notices;
- in the case of the company’s customer service: requesting assistance, special services or after-sales assistance;
- in the case of emails or other electronic messages: communication between the company and the user.
Types of data
The Company may collect and use different types of personal data depending on the specific purposes pursued and described below:
- personal information, such as name, surname, gender, age / date of birth, country of origin and other personal data that the current regulations allow the collection of;
- contact information, such as address, email address, telephone number, mobile phone number, fax number and other contact information that current regulations allow the collection of;
- payment information, as payment method (credit or debit card), if applicable, and passport number, if required for tax reasons or in relation to anti-money laundering legislation;
- information relating to the sale, such as data, products or services provided, place of purchase, product codes, amount, total sales amount, VAT number, claims, returns, refunds or other sales information that the current regulations allow the collection of;
- habits and profiles, such as data on purchases (purchase history, type, quantity and price of products purchased), habits and purchase preferences (wish list – shopping cart, preferred product categories, color) that the current regulations allow the collection of.
3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
Depending on the specific circumstances in which the interaction between the user and the Company occurs, personal data can be used for the following purposes.
3.1 For online sales (by the local website provider)
The personal data provided by the user or collected at the time of purchase, that is, basic personal data, contact information, purchase data, tax data, payment details, sales information and any other data strictly necessary for the delivery of the products will be used for:
- managing, administration of and processing product purchases, sales and after-sales services, such as administrative activities, accounting, returns, guarantees, tax-free refunds, where applicable, fraud prevention and communication with the user, including via email, for any problem relating to the management of the order or subsequent requests relating to the order;
- complying with obligations imposed by EU laws, regulations or legislation (including anti-money laundering legislation) and make a legal claim or defend against it.
It is necessary to provide personal data for the aforementioned purposes and the refusal would make it impossible to complete purchase.
Except where otherwise required to comply with local regulations in force, the processing of data for these purposes, as necessary to fulfill contractual and legal obligations, may be made without requesting the user’s consent.
3.2. For the specific purposes for which the data were provided voluntarily
The personal data provided by the user or collected when the user requires a specific service (for example, by registering his account on the website, handling complaints or requesting information), namely personal information, contact and data strictly necessary to follow up at the request, they will be used to:
- provide the requested services;
- manage subscription to the newsletter.
Personal data must be provided for the aforementioned purposes and the refusal would make it impossible to complete the request.
Except where otherwise required to comply with local regulations in force, the processing of data for these purposes could be carried out without requiring the user’s consent, as necessary to follow up on the request.
3.3 For the purposes of managing relationships with customers
The personal data provided by the user to make the purchase or interact with the company, namely personal and contact information and data regarding the habits and profile of the user that the Company uses to comply with any requests and not to offer promotions or carry out marketing activities and / or to perform profiling activities.
4. COMMUNICATION OF PERSONAL DATA
The Company shares your personal data with its affiliated companies, its distributors and affiliates, including those located in other countries, and with other companies that provide services on its behalf (as detailed below), under its direction or that of third parties. These companies and organizations will receive only the personal data necessary to perform the services and will not be authorised to use them for any other purpose.
4.1 Communication of personal data to data processors
When the user purchases the products or uses the company’s online sales services, their personal data may be shared by the e-commerce provider of this website with selected third parties providing services to the supplier, including those that orders, send products, process payments by credit or debit card and perform anti-fraud checks.
In particular, personal data must be communicated to the company FSM S.R.L. based in Via Roma n. 22 in Vernasca (PC) which has made available to the TRUE DIAMOND PERFUME DOO the specific IBAN code for payments and / or financial movements deriving from purchases made online.
Your personal data may be shared with third parties to monitor and analyse the activity of the website, host the contents of the website, provide technical and organisational services functional to the aforementioned purposes, maintain the customer database, provide marketing assistance and manage email, market analysis, surveys, contests, prize initiatives or promotions. Such third parties may have access to the user’s personal data or store them or process them in order to provide such services on behalf of the company in Italy, in the country in which the user is located or abroad. The service providers of the company are not authorised to use personal data for purposes other than providing the contracted services.
The processing of the user’s personal data for the purposes referred to in paragraph 3 a) and b) above will be carried out, according to the instructions provided by the company, by the associated companies that manage the company’s brands.
4.2 Distribution of personal data
Your personal data may need to be shared with payment processing companies, which operate independently as data processors, in order to provide you with online sales services.
In particular, the data must be communicated to BANCA SELLA with which FSM S.R.L. has stipulated an e-commerce acquiring contract and on which the IBAN code of support for TRUE DIAMOND PERFUME DOO depends.
The Company may also disclose your personal data to third parties (i) where required by EU or Member State legislation; (ii) in the case of legal proceedings; (iii) in response to a request from law enforcement agencies based on legitimate grounds; or (iv) to protect the rights, privacy, security or property of the company or the public.
Furthermore, as far as the law permits, the company may disclose personal data to third parties in case of complaints related to the use of the website, where deemed necessary to investigate, prevent or take measures concerning illegal activities, suspected fraud or in the event that the company, at its sole discretion, believes that the use of the website by the user is incompatible with the terms of the website.
5. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
The processing of personal data collected through the website takes place primarily using electronic or web-based means, including web analytics services hosted by servers of selected suppliers of the company operating both within and outside the European Union.
Access to personal data will be allowed only to authorised personnel and the local e-commerce provider (for example, digital and IT marketing, retail sales, administration and security personnel), depending on the actual need to know such information and using multi-level access control tools. This personnel is committed to respecting the obligations of confidentiality and has been expressly designated as responsible for the treatment, as required by law.
6. SAFETY AND CONFIDENTIALITY OF PERSONAL DATA
The Company has implemented appropriate measures to protect the user’s personal data from accidental loss and from unauthorised access, use, modification and disclosure. In the management of this website, password controls, a firewall technology and other technological and procedural security measures are also used. Although the company has implemented the aforementioned security measures for the website, the user must be aware that 100% security can not be guaranteed. Therefore, the user provides his personal data at their own risk and, to the fullest extent permitted by applicable law, the company will not be in any way responsible for their disclosure due to errors, omissions or unauthorised third party actions during or after their transmission to the same. The company recommends that the user (i) periodically update the software to protect the transmission of data on networks (for example, anti-virus software) and check that the provider of electronic communication services has adopted appropriate means to ensure the security of transmitted data on networks (for example, firewalls and anti-spam filters); (ii) to keep confidential and to not share with anyone the username and password to access the account; and (iii) change the password periodically.
In the unlikely event that the company believes that the security of the personal data of the user in its possession or under its control has been or may have been compromised, it will inform the user of the incident according to the procedures established by law, using the prescribed methods (providing the company with its email address, the user consents to receive such communications in electronic format through this email address).
7. RIGHTS OF ACCESS TO PERSONAL DATA – MANAGEMENT OF CHOICES
At any time and for free, the user can access their data, receive their personal electronic data in a structured and commonly used mechanically readable format and transmit them to another data processors (data portability), and have them corrected, updated, modified or deleted (subject to any applicable exceptions). The user can update the data provided to the company by contacting the address provided below. Requests for cancellation of data are subject to current legal requirements and to the retention of documents imposed on the company.
If you believe there is a problem with how your personal data has been handled, you have the right to file a complaint with your national personal data protection authority or any other country in the EU or the European Economic Area.
To exercise these rights, the user can make a request by sending an email to email@example.com or a letter by ordinary mail to the address given below (point 13). When contacting the company, you must ensure that you include your name, e-mail address, postal address and / or telephone number (s) to be sure that it can correctly handle your request.
8. DATA CONSERVATION
9. POLICY ON COOKIES AND ANALOGUE PROCESSES
10. OWNER OF DATA PROCESSING: COMPANY CONTACTS
11. UPDATES OF CURRENT INFORMATION – COMMUNICATIONS
Last update: 25 May 2018