Privacy Policy
FIVE GROUP S.r.l.s., data controller – is constantly committed to protecting the online privacy of users who use the application and the website www.sabbatiniturco.com
This document (“Information”) has been drawn up in order to allow you to understand how your Personal Data will be processed in the context of the use of the application and to provide you with all the information necessary for you to express explicit and informed consent to the processing carried out.
In general, the processing of any information or Personal Data that you will provide to the Data Controllers through the application, or that will be collected in another way through the site, will take place according to the internationally recognized principles of lawfulness, correctness, transparency, limitation of purposes and storage, data minimization, accuracy, integrity and confidentiality and will be aimed at providing the services offered on the site itself, the sale of the Products and the activation of an information service with a newsletter service.
1. Data Controller
FIVE GROUP S.r.l.s., as identified at the beginning of the Information, is the Data Controller for all Personal Data processed through this application.
2. Personal Data Subject to Processing
Following navigation of the Site, we inform you that the Data Controllers will process your Personal Data, which may consist of – also depending on your decisions on how to use the Services – an identifier such as your name and surname, an identification number, an online identifier or one or more characteristic elements of your physical, physiological, cultural or social identity suitable to make you identified or identifiable (hereinafter only “Personal Data”).
Among the Personal Data collected by this Application, independently or through third parties, there are also: Cookies, Usage data, Email, Password,. Other Personal Data collected may be indicated in other sections of this privacy policy or through informative texts displayed contextually with the collection of the Data themselves. Personal Data may be entered voluntarily by the User, or collected automatically during the use of this Application. Any use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application, unless otherwise specified, has the purpose of identifying the User and recording their preferences for purposes strictly related to the provision of the service requested by the User.
Failure by the User to provide certain Personal Data may prevent this Application from providing its services. The User assumes responsibility for the Personal Data of third parties published or shared through this Application and guarantees that he or she has the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
The Personal Data processed through the platform are the following:
A. NAME, CONTACT DETAILS AND OTHER PERSONAL DATA
In various sections of the Site, in particular the one relating to the creation of a personal account and the one for subscribing to the newsletter, you will be asked to enter information such as your Email, Password, name, surname, date of birth, gender.
B. SPECIAL CATEGORIES OF PERSONAL DATA
Some sections of the Site Platform include free fields in which you can provide the Controllers with some information, which may contain Personal Data.
Since these fields are free, you may use them to communicate (voluntarily or not) some sensitive categories of Personal Data, such as data suitable for revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data intended to uniquely identify a natural person, data relating to health or sexual life or sexual orientation of the person.
The Controllers invite you not to send such Personal Data unless strictly necessary.
Indeed, these special categories of Personal Data can be processed only with your explicit consent (manifestable through the flag present in the specific format) and in compliance with the legislation in force at the time.
The Controllers therefore underline the importance of expressing your explicit consent to the processing of special categories of Personal Data, if you decide to share such information.
C. DATA PROVIDED VOLUNTARILY BY THE INTERESTED PARTY
As already mentioned above, in some parts of the Site you are allowed to enter text messages or information, visible to the Owners, which may contain Personal Data of other people.
With respect to these hypotheses, you act as an independent data controller, assuming all legal obligations and responsibilities. In this sense, you grant the broadest indemnity with respect to any dispute, claim, request for compensation for damage from processing, etc. that may be received by the Owners from third parties whose Personal Data have been processed through your use of the functions of the Site in violation of the applicable rules on the protection of personal data.
In any case, if you provide or otherwise process Personal Data of third parties in the use of the Site, you guarantee from now – assuming all related liability – that this particular hypothesis of processing is based on the consent of such interested third party or on another suitable legal basis that legitimises the processing of the information in question.
D. NAVIGATION DATA
The computer systems and software procedures used to operate the platform acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site and to check its correct functioning, to identify anomalies and/or abuses, and is deleted immediately after processing.
The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the platform or third parties.
E. PAYMENT DATA AND MANAGEMENT
Payment management services allow this Application to process payments by credit card, bank transfer or other means. The data used for payment are acquired directly by the manager of the requested payment service.
Some of these services may also allow the scheduled sending of messages to the User, such as emails containing invoices or notifications concerning the payment.
The payment services are Multisafepay and PayPal which collect the data as specified in their privacy policy.
F. ADDRESS MANAGEMENT AND SENDING EMAIL MESSAGES
These services are managed by Mailup and allow you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. These services may also allow you to collect data relating to the date and time the messages are viewed by the User, as well as the User’s interaction with them, such as information on clicks on links inserted in messages.
G. INTERACTION WITH SOCIAL NETWORKS AND EXTERNAL PLATFORMS
These services allow interaction with social networks, or other external platforms, directly from the pages of the Application. The interactions and information acquired by this Application are in any case subject to the User’s privacy settings for each social network. If a service for interaction with social networks is installed, it is possible that, even if the Users do not use the service, it may collect traffic data relating to the pages in which it is installed.
H. THE BUTTONS
TWITTER TWEET BUTTON AND SOCIAL WIDGETS (TWITTER)
The Tweet button and Twitter social widgets are services of interaction with the social network Twitter, provided by Twitter Inc. and the data processed are Cookies and Usage data. Place of processing: USA – Privacy Policy.
Like button and Facebook social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc. The Personal Data collected are Cookies and Usage data.
Place of processing: USA – Privacy Policy.
I. GOOGLE ANALYTICS (GOOGLE)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google. Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
Personal Data collected are Cookies and Usage Data.
Place of processing: USA – Privacy Policy – Opt Out.
L. GOOGLE ADWORDS CONVERSION TRACKING (GOOGLE)
Google AdWords conversion tracking is a statistics service provided by Google, Inc. that connects data from the Google AdWords advertising network with actions performed within this Application.
Personal data collected are Cookies and Usage data.
Place of processing: USA – Privacy Policy.
M. VIEWING CONTENT FROM EXTERNAL PLATFORMS
These services allow you to view content hosted on external platforms directly from the pages of this Application and interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
N. YOUTUBE VIDEO WIDGET (GOOGLE)
Youtube is a video content viewing service managed by Google Inc. that allows this Application to integrate such content within its pages. Personal data collected: Cookies and Usage data.
Place of processing: USA – Privacy Policy.
O. VIMEO, LLC
Displaying content from external platforms. Vimeo is a video content viewing service provided by Vimeo, LLC that allows this Application to integrate such content within its pages.
Personal data collected: Cookies and Usage data.
Place of processing: USA – Privacy Policy – Cookie Policy.
3. PURPOSES OF THE PROCESSING
The Owners will use your Personal Data, collected through the Platform, for the following purposes:
- purchase and delivery of products and services: we use your personal data to receive and manage orders, provide products and services; to verify your identity and help you, in case you lose or forget the login/password details of your personal account on the platform; purchase a loyalty card; send you the newsletters that you have requested as a Service by signing up; allow you to save your favorite items and provide you with any service that you request;
- marketing and remarketing: we use your personal data to show you advertising defined based on interests in relation to features, products and services that may interest you, to be able to send you promotions by email, SMS, push notifications, by telephone, via banners, instant messaging, through the official social media pages of the Data Controllers, relating to products and/or services also attributable to third parties;
- soft spam: processing for this purpose is based on the interest of the Data Controllers in sending you marketing communications via email regarding products and services similar to those you have already purchased through the Site. You can stop receiving these communications, without any consequences for you (other than the fact that you will no longer receive further communications of this kind from the Data Controllers).
- compliance: to comply with legal obligations that require the Data Controllers to collect and/or further process certain types of Personal Data;
- abuse/fraud: to prevent or identify any abuse in the use of the platform, or any fraudulent activity and therefore allow the Data Controllers to protect themselves in court.
4. LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING
The legal bases used by the Data Controller to process your Data, according to the purposes indicated in the previous Paragraph 3, are the following:
- purchase, delivery and supply of services and products: processing for this purpose is necessary to be able to provide you with the Services and products and, therefore, to execute the contract stipulated with you. It is not mandatory to provide the Data Controller with your Personal Data for this purpose, but otherwise it will not be possible to provide you with any Service. The same applies to the Newsletter Service that arises from your specific request by entering an email address and that you can revoke at any time by following the instructions in Paragraph 7 of this Policy.
- marketing and remarketing: processing for this purpose is based on your consent. It is not mandatory to give your consent to the Data Controller for this purpose and you are free to revoke it at any time without any consequences (except for the fact that you will no longer receive marketing communications from the Data Controller). You can revoke your consent previously granted by following the instructions in Paragraph 7 of this Policy.
- soft spam: processing for this purpose is based on the interest of the Data Controller to send you marketing communications via email regarding products and services similar to those you have already purchased through the Site. You can stop receiving these communications, without any consequences for you (other than the fact that you will no longer receive further communications of this kind from the Data Controllers).
- Compliance: processing for this purpose is necessary for the Data Controller to fulfill any legal obligations. When you provide Personal Data to the Data Controller, they must be processed in accordance with applicable legislation, which may involve their retention and communication to the Authorities for accounting, tax or other obligations.
- abuse/fraud: the information collected for this purpose will be used exclusively to prevent and/or identify any fraudulent activity or abuse in the use of the Site and therefore allows the Data Controllers to protect themselves in court.
5. SUBJECTS TO WHOM PERSONAL DATA IS RECIPIENT
Your Personal Data may be shared with the parties indicated below (the “Recipients”):
- subjects who typically act as data controllers (internal and external), namely: i) persons, companies or professional firms that provide assistance and consultancy to the Data Controllers in accounting, administrative, legal, tax and financial matters;
- subjects who own websites within the platform;
- subjects with whom it is necessary to interact for the provision of the Services;
- subjects delegated to carry out technical maintenance activities (including maintenance of network equipment and electronic communication networks);
- persons authorised by the Data Controller to process Personal Data necessary to carry out activities strictly related to the provision of the Services, who have undertaken to maintain confidentiality or have an adequate legal obligation of confidentiality (e.g. employees of the Data Controller);
- subjects, bodies or authorities to whom it is mandatory to communicate your Personal Data for Compliance, Abuse or Fraud purposes, or by order of the authorities.
6. STORAGE OF PERSONAL DATA
The Personal Data processed for the purpose of purchasing, delivering and supplying services and products will be retained by the Data Controllers for the time strictly necessary for the aforementioned purpose (e.g. for sending the purchased product).
In any case, since such Personal Data are processed to provide you with the Services, the Data Controller may retain them for a longer period, in particular for as long as may be necessary in order to protect the interests of the Data Controllers from possible complaints relating to the Services.
The Personal Data processed for Marketing and remarketing purposes will be retained by the Data Controller until you revoke your consent.
In any case, we will remind you of the consents you have given us every 24 months. Once you revoke your consent, the Data Controller will no longer use your Personal Data for such purposes, but may still retain them, in particular for as long as may be necessary in order to protect the interests of the Data Controller from possible complaints based on such processing.
The personal data processed for the purpose of Soft Spam will be retained by the Data Controller until you object to such processing through the link found at the bottom of each Soft Spam email.
The Personal Data processed for the purpose of Compliance will be retained by the Data Controller for the period required by specific legal obligations or by applicable legislation.
The Personal Data processed for the purpose of preventing Abuse/Fraud will be retained by the Data Controller for the time strictly necessary for the aforementioned purpose and therefore until the time in which the Data Controller will be required to retain them to protect themselves in court to communicate said data to the competent Authorities.
7. RIGHTS OF THE INTERESTED PARTY
You have the right to ask the Owner, at any time:
- access to your Personal Data (or a copy of such Personal Data), as well as further information on the processing in progress on them
- the rectification or updating of your Personal Data processed by the Data Controller, where they are incomplete or out of date;
- the deletion of your Personal Data from the Data Controller’s databases;
- the limitation of the processing of your Personal Data by the Data Controller;
- to obtain in a structured, commonly used and machine-readable format the Personal Data concerning you;
You can also:
- oppose the processing of your Personal Data by the Owner (e.g. Soft Spam);
- withdraw your consent for Marketing and Remarketing purposes.
- We inform you that most of the Personal Data that you have provided to the Owner can be modified at any time, by accessing, where possible, your personal account created on the Site.
When requesting the Services, you may have selected which communication channels you wish to be contacted through for Marketing purposes (i.e., telephone, SMS, email, post, push notifications, social media).
You may revoke your consent for Marketing relating to each of these communication channels through your personal account on the Site by deselecting the relevant options.
You may also revoke your consent to Marketing sent by email and stop receiving Soft Spam using the appropriate link at the bottom of each email received. The same method may be used to stop receiving the newsletter, if you have requested it as a Service.
In addition to the above, you may also exercise your rights by writing to the Data Controllers at the following address: fivegroupsrls@gmail.com
In any case, you always have the right to lodge a complaint with the competent Supervisory Authority (Guarantor for the Protection of Personal Data) if you believe that the processing of your Personal Data is contrary to the legislation in force.
8. CHANGES
The Owner reserves the right to modify or simply update the content, in part or completely, also due to changes in the applicable legislation. The Owner will inform you of such changes as soon as they are introduced and they will be binding as soon as they are published on the Site. The Owner therefore invites you to visit this section regularly to take note of the most recent and updated version of the privacy policy in order to always be updated on the data collected and on the use that the Owner makes of it.