fbpx

Information on the processing of personal data

PRIVACY POLICY

REASONS FOR THE PRIVACY STATEMENT

This privacy statements contains important information on the personal data collected by TRUE DIAMOND PERFUME DOO and describes how said data is used. Where applicable, it also explained how such data, provided by the user or collected during purchases made also through related companies or during other contact with the company, is processed. This information is complementary to any other statements received in such other circumstances.

This document contains important information on the following:

  1. TREATMENT OF PERSONAL DATA
  2. PERSONAL DATA COLLECTED
  3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
  4. SHARING OF PERSONAL DATA
  5. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
  6. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
  7. RIGHTS OF ACCESS TO PERSONAL DATA
  8. DATA RETENTION
  9. POLICY ON COOKIES AND SIMILAR PROCESSES
  10. DATA PROCESSORS: COMPANY CONTACTS
  11. UPDATES ON CURRENT STATEMENT – COMMUNICATIONS

 

ACCEPTANCE

By visiting the website, using its purchase services or interacting with the company, the user confirms that he has read and understood this Privacy Policy and accepts that the company collects, uses, archives, transmits and divulges personal data collected in accordance with this Privacy Notice. The company may require the user to provide their consent (by ticking a box), where it deems it appropriate to safeguard its rights or where required by current regulations. If you do not accept the terms of this Privacy Policy, you are requested not to visit the website, to not make purchases and otherwise use this website or send personal data, and to not give your consent when this option is granted to you pursuant to the current legislation.

 

1. TREATMENT OF PERSONAL DATA

In this Privacy Policy, the term “Personal Data” is used with reference to any information that allows the company to identify the user (or a third party that the user provides the data), directly or indirectly, including any information related to the purchase of goods or services, or that the user chooses to communicate to the company or to share with it, or with third parties, during the use of the website to make purchases. The processing of personal data will be carried out in accordance with the General Data Protection Regulation (EU) 2016/679 “Reg. (EU) 2016/679” and, where applicable, to the legislation of the country where the data should be collected. The company reserves the right to perform further processing of data, where required by law or in the context of investigations or criminal or other proceedings.

2. PERSONAL DATA COLLECTED

Data source

The company collects personal data from the user only if the latter party voluntarily provides information, for example:

  1. in the case of the website: by placing an order through the website; creating a wish list (shopping cart); conducting research on the website; by contacting the company by sending a comment or a request; by subscribing to email newsletters and updates regarding the latest products and services, store openings, events or promotions; or requesting to receive confirmation of an order, shipment or other notices;
  2. in the case of the company’s customer service: requesting assistance, special services or after-sales assistance;
  3. in the case of emails or other electronic messages: communication between the company and the user.

If the user provides the company with personal data of third parties (for example, family members, other customers or potential customers), the user should ensure that such third parties are informed and have authorised the use of their data as described in this Privacy Policy.

Types of data

The Company may collect and use different types of personal data depending on the specific purposes pursued and described below:

  1. personal information, such as name, surname, gender, age / date of birth, country of origin and other personal data that the current regulations allow the collection of;
  2. contact information, such as address, email address, telephone number, mobile phone number, fax number and other contact information that current regulations allow the collection of;
  3. payment information, as payment method (credit or debit card), if applicable, and passport number, if required for tax reasons or in relation to anti-money laundering legislation;
  4. information relating to the sale, such as data, products or services provided, place of purchase, product codes, amount, total sales amount, VAT number, claims, returns, refunds or other sales information that the current regulations allow the collection of;
  5. habits and profiles, such as data on purchases (purchase history, type, quantity and price of products purchased), habits and purchase preferences (wish list – shopping cart, preferred product categories, color) that the current regulations allow the collection of.

3. PURPOSE OF THE PROCESSING OF PERSONAL DATA

Depending on the specific circumstances in which the interaction between the user and the Company occurs, personal data can be used for the following purposes.

3.1 For online sales (by the local website provider)

The personal data provided by the user or collected at the time of purchase, that is, basic personal data, contact information, purchase data, tax data, payment details, sales information and any other data strictly necessary for the delivery of the products will be used for:

  1. managing, administration of and processing product purchases, sales and after-sales services, such as administrative activities, accounting, returns, guarantees, tax-free refunds, where applicable, fraud prevention and communication with the user, including via email, for any problem relating to the management of the order or subsequent requests relating to the order;
  2. complying with obligations imposed by EU laws, regulations or legislation (including anti-money laundering legislation) and make a legal claim or defend against it.

It is necessary to provide personal data for the aforementioned purposes and the refusal would make it impossible to complete purchase.

Except where otherwise required to comply with local regulations in force, the processing of data for these purposes, as necessary to fulfill contractual and legal obligations, may be made without requesting the user’s consent.

3.2. For the specific purposes for which the data were provided voluntarily

The personal data provided by the user or collected when the user requires a specific service (for example, by registering his account on the website, handling complaints or requesting information), namely personal information, contact and data strictly necessary to follow up at the request, they will be used to:

  1. provide the requested services;
  2. manage subscription to the newsletter.

Personal data must be provided for the aforementioned purposes and the refusal would make it impossible to complete the request.

Except where otherwise required to comply with local regulations in force, the processing of data for these purposes could be carried out without requiring the user’s consent, as necessary to follow up on the request.

3.3 For the purposes of managing relationships with customers

The personal data provided by the user to make the purchase or interact with the company, namely personal and contact information and data regarding the habits and profile of the user that the Company uses to comply with any requests and not to offer promotions or carry out marketing activities and / or to perform profiling activities.

4. COMMUNICATION OF PERSONAL DATA

The Company shares your personal data with its affiliated companies, its distributors and affiliates, including those located in other countries, and with other companies that provide services on its behalf (as detailed below), under its direction or that of third parties. These companies and organizations will receive only the personal data necessary to perform the services and will not be authorised to use them for any other purpose.

4.1 Communication of personal data to data processors

When the user purchases the products or uses the company’s online sales services, their personal data may be shared by the e-commerce provider of this website with selected third parties providing services to the supplier, including those that orders, send products, process payments by credit or debit card and perform anti-fraud checks.

In particular, personal data must be communicated to the company FSM S.R.L. based in Via Roma n. 22 in Vernasca (PC) which has made available to the TRUE DIAMOND PERFUME DOO the specific IBAN code for payments and / or financial movements deriving from purchases made online.

Your personal data may be shared with third parties to monitor and analyse the activity of the website, host the contents of the website, provide technical and organisational services functional to the aforementioned purposes, maintain the customer database, provide marketing assistance and manage email, market analysis, surveys, contests, prize initiatives or promotions. Such third parties may have access to the user’s personal data or store them or process them in order to provide such services on behalf of the company in Italy, in the country in which the user is located or abroad. The service providers of the company are not authorised to use personal data for purposes other than providing the contracted services.

The processing of the user’s personal data for the purposes referred to in paragraph 3 a) and b) above will be carried out, according to the instructions provided by the company, by the associated companies that manage the company’s brands.

4.2 Distribution of personal data

Your personal data may need to be shared with payment processing companies, which operate independently as data processors, in order to provide you with online sales services.

In particular, the data must be communicated to BANCA SELLA with which FSM S.R.L. has stipulated an e-commerce acquiring contract and on which the IBAN code of support for TRUE DIAMOND PERFUME DOO depends.

The Company may also disclose your personal data to third parties (i) where required by EU or Member State legislation; (ii) in the case of legal proceedings; (iii) in response to a request from law enforcement agencies based on legitimate grounds; or (iv) to protect the rights, privacy, security or property of the company or the public.

Furthermore, as far as the law permits, the company may disclose personal data to third parties in case of complaints related to the use of the website, where deemed necessary to investigate, prevent or take measures concerning illegal activities, suspected fraud or in the event that the company, at its sole discretion, believes that the use of the website by the user is incompatible with the terms of the website.

5. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA

The processing of personal data collected through the website takes place primarily using electronic or web-based means, including web analytics services hosted by servers of selected suppliers of the company operating both within and outside the European Union.

Access to personal data will be allowed only to authorised personnel and the local e-commerce provider (for example, digital and IT marketing, retail sales, administration and security personnel), depending on the actual need to know such information and using multi-level access control tools. This personnel is committed to respecting the obligations of confidentiality and has been expressly designated as responsible for the treatment, as required by law.

If the Company needs to transfer personal data abroad in order to pursue the purposes set out in this Privacy Policy, even where the personal data legislation differs from that applicable in the country where the user is located, the company will adopt measures to ensure that such communications occur in accordance with European data protection standards or other local standards used in the country where data is collected, so that user data remains secure and confidential.

6. SAFETY AND CONFIDENTIALITY OF PERSONAL DATA

The Company has implemented appropriate measures to protect the user’s personal data from accidental loss and from unauthorised access, use, modification and disclosure. In the management of this website, password controls, a firewall technology and other technological and procedural security measures are also used. Although the company has implemented the aforementioned security measures for the website, the user must be aware that 100% security can not be guaranteed. Therefore, the user provides his personal data at their own risk and, to the fullest extent permitted by applicable law, the company will not be in any way responsible for their disclosure due to errors, omissions or unauthorised third party actions during or after their transmission to the same. The company recommends that the user (i) periodically update the software to protect the transmission of data on networks (for example, anti-virus software) and check that the provider of electronic communication services has adopted appropriate means to ensure the security of transmitted data on networks (for example, firewalls and anti-spam filters); (ii) to keep confidential and to not share with anyone the username and password to access the account; and (iii) change the password periodically.

In the unlikely event that the company believes that the security of the personal data of the user in its possession or under its control has been or may have been compromised, it will inform the user of the incident according to the procedures established by law, using the prescribed methods (providing the company with its email address, the user consents to receive such communications in electronic format through this email address).

7. RIGHTS OF ACCESS TO PERSONAL DATA – MANAGEMENT OF CHOICES

User rights

At any time and for free, the user can access their data, receive their personal electronic data in a structured and commonly used mechanically readable format and transmit them to another data processors (data portability), and have them corrected, updated, modified or deleted (subject to any applicable exceptions). The user can update the data provided to the company by contacting the address provided below. Requests for cancellation of data are subject to current legal requirements and to the retention of documents imposed on the company.

If you believe there is a problem with how your personal data has been handled, you have the right to file a complaint with your national personal data protection authority or any other country in the EU or the European Economic Area.

To exercise these rights, the user can make a request by sending an email to info@truediamondperfume.com or a letter by ordinary mail to the address given below (point 13). When contacting the company, you must ensure that you include your name, e-mail address, postal address and / or telephone number (s) to be sure that it can correctly handle your request.

8. DATA CONSERVATION

Personal data will be kept for the duration of the commercial relationship and for all the time necessary to pursue the purposes described in this Privacy Policy (for example, where the user subscribes to a newsletter, for the duration of such registration or, where a user account is active, until it is closed). After this period, the user’s personal data will be kept only to comply with legal and regulatory obligations (for example, for 10 years, for accounting purposes, for the duration of the mandatory conservation obligation, in the case of tax purposes, etc.) or to allow the company to maintain evidence of their respective rights and obligations.

9. POLICY ON COOKIES AND ANALOGUE PROCESSES

For more general information on cookies and their enabling and disabling, refer to the Privacy Policy section of the website found in the drop-down menu.

10. OWNER OF DATA PROCESSING: COMPANY CONTACTS

For the purposes of this Privacy Policy and data processing described herein, it is specified that the term “company” refers to TRUE DIAMOND PERFUME DOO, registered at 76/10 , Cara Dusana Street, Novi Sad (Serbia – non-UE). The company is the data processor (as defined in the EU Directive 2016/679) of the data collected through the website, e-commerce area for all the purposes indicated in this disclosure.

11. UPDATES OF CURRENT INFORMATION – COMMUNICATIONS

The Company, at its discretion, reserves the right to change, modify, add or delete parts of this Privacy Policy at any time, publishing its revised version on the present page of the website and updating the date of the “last modification” shown below. It is the responsibility of the user to review the Privacy Policy from time to time to be aware of any changes made. In some cases, the company may provide further communications regarding significant changes to this Privacy Policy by posting a notice on the home page of this website. As a result of the changes, where required by applicable law, your data will not be subject to treatment without yours explicit consent.

 

Last update: 25 May 2018