Privacy Policy

PRIVACY POLICY

In this section, in accordance with the new European legislation introduced by EU Regulation 679/2016 and with Italian legislation (Legislative Decree no. 196/2003), information is provided regarding the processing of personal data of Users who consult the pages of the website www.cioccolatoabbigliamento.com (hereinafter: “Site”) or who use the purchasing services made available on the same (hereinafter “Users” or “Interested Parties”).

The information is provided exclusively for the Site and not for other websites that may be consulted by the user via links within the Site.

Data Controller

The Data Controller of the personal data of users of the Site www.cioccolatoabbigliamento.com is the individual firm of Fiori Milena (hereinafter also “Firm”), with headquarters in Via Costa 37, 10034 Chivasso TO.

Email to contact the owner and request the deletion of your data, if collected, with your consent: cioccolatoabbigliamento@libero.it.

***

A - Type of data processed

I. Identification data

In accordance with the new European legislation introduced by EU Regulation 679/2016 and with Italian legislation (Legislative Decree no. 196/2003), the consultation of the Site and the possible purchase of products sold on the Site may involve the processing of data suitable for directly or indirectly identifying a natural person such as: name, surname, residential address, e-mail address, telephone number, IP address.

The Site does not require the Interested Party to provide so-called "special" data, that is, as provided for by the GDPR (art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to health or sexual life or sexual orientation of the person. In the event that the requested service requires the processing of such data, the Interested Party will receive specific prior information and will be asked to provide explicit consent.

II. Bank details

By purchasing products on the Site, bank details will also be processed, such as the card number or bank account number indicated to make the payment, the card holder and the bank account.

III. Browsing data

Browsing data are data acquired automatically by the systems and programs used to operate the Site and are necessary for the use of web services [e.g. IP addresses, browser used, domain names of the systems used by users to connect to the web portal, the URI ( Uniform Resource Identifier ) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment].

Such data is acquired even in the absence of registration on the Site or request for information.

The navigation data are used exclusively in an aggregate manner to process anonymous statistics on the consultation of the Site and to check its correct functioning and do not allow the identification of the interested users, being, moreover, deleted immediately after processing in anonymous form.

They can, however, be used to ascertain responsibility in the event of computer crimes committed against the website.

IV. Data provided voluntarily by the user

The personal data provided voluntarily by the User (such as name, surname, e-mail address) for the purpose of sending messages to the Site and/or purchasing the products made available, are used for the sole purpose of responding to the needs of the interested party and to comply with legal obligations.

The legal basis for such processing is the fulfillment of the services relating to the requests formulated and the purchases made, as well as compliance with legal obligations.

The information that the User of the Site deems to make public through the services and tools made available to the same, are provided by the User knowingly and voluntarily, exempting the Site from any liability regarding any violations of laws.

It is up to the User to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.

V. Data collected through analytical cookies

The Site also acquires data relating to the user, through the use of cookies.

For more information on the data processed through cookies, the types of cookies active and how to disable them, please refer to the cookie policy.

These cookies are used to track the user's browsing preferences and to collect statistical data. The user can disable these cookies by accessing the settings of his/her browser, as indicated in the cookie policy of the Site.

***

B - Purpose of the processing

The personal data collected are used to:

allow the shipment of products purchased by the User;
obtain anonymous statistical information on the use of the web portal;
to check the correct functioning of the web portal;
sending communications and newsletters, both in paper and electronic format, to the email address provided by the user;
the determination of responsibility in the event of hypothetical computer crimes against the website;
compliance with any other legal obligation not included in the previous purposes.

The communication of data can be made only following a request by the Judicial Authority within the terms of the law.

***

C - Legal basis of the processing

I. Performance of a contract

The legal basis for the processing of personal data is the fulfillment of the services inherent to the relationship established with the purchase of products, the subscription to the Terms and Conditions, compliance with legal obligations and the legitimate interest of the Site to carry out the necessary processing for these purposes.

II. Consent of the interested party

The optional, explicit and voluntary sending of electronic mail, messages or any type of communication addressed to the addresses indicated on this Site entails the subsequent acquisition of the sender's address, telephone number or any other personal data that will be used to respond to requests. This processing occurs on the basis of the interested party's consent.

It is ensured that such processing will be based on the principles of lawfulness, correctness, transparency, adequacy, relevance and necessity referred to in art. 5, paragraph 1 of the GDPR. Specific summary information will be progressively reported or displayed on the pages of the sites set up for particular services on request.

III. Fulfillment of legal obligations

The processing of personal data may take place without the consent of the interested party in the event that the Data Controller must fulfill a legal obligation.

IV. Optional nature of data provision

Except for what is specified for the fulfillment of the contract or legal obligations, for cookies and for navigation data, the user is free to provide or not his/her personal data. However, failure to provide the data could make it impossible to obtain the performance of the service.

***

D - Method and duration of treatment

Personal data are processed using IT tools and in compliance with EU Regulation no. 679/2016 and Legislative Decree no. 196/2003.

The storage of the processed data will last for the time necessary for the purposes described in this information and, therefore, for the minimum time necessary or until an explicit request by the interested party and in any case in compliance with the time limits imposed by law.

The Owner undertakes to adopt all appropriate security measures to prevent the loss and alteration of personal data, as well as any illicit and unauthorized use of the same.

The data will be processed exclusively by persons authorized by the Data Controller, including any data controllers, representatives and public bodies for the fulfillment of the obligations established by law, who carry out the respective processing activities as independent data controllers.

The subjects authorized by the Owner who may process the data include, for example: collaborators of the commercial and legal departments, as well as third-party technical service providers, hosting providers and IT companies (this list is not to be considered exhaustive). The processed data will not, however, be disclosed to unspecified recipients.

Finally, the data may also be managed by third-party companies for the shipment of products.

The security of the information collected cannot be guaranteed from any hacker attacks and, in general, from violation of the security standards implemented for data protection.

In case of attacks or violations, however, these will be communicated to the interested parties and to the competent authorities according to the law.

***

E - Place of treatment

The treatments related to the services of the web portal are carried out by identified and expressly designated personnel based on the specific purposes of the services requested and subscribed to.

For the treatments in question, the Data Controller may avail itself of the help of external companies, consultants, consortia, software and service providers operating, through identified and appointed personnel, within the scope of the intended purposes and in such a way as to guarantee maximum security and confidentiality of the data. In other cases, the personal data collected will not be disclosed to third parties, unless express consent is given by the interested party, except in cases where communication to third parties is necessary to fulfill obligations imposed by laws, regulations or provisions of the supervisory authorities, or is essential to protect the rights of other users or of the website itself.

Personal data will be processed and stored, exclusively for the purposes indicated above and to store and archive them in a secure manner, on remote servers managed by industry-leading providers who ensure compliance with high standards of protection regarding the processing of personal data.

This may involve the transfer of data to non-EU countries, where all or part of the aforementioned servers may be located.

In particular, personal data may be transferred outside the European Union to the company “Shopify” ( https://it.shopify.com/ and https://it.shopify.com/legal/privacy ), an e-commerce plug-in used by the Site managed by the Data Controller.

The processing and storage of data by the aforementioned provider will take place in a third country that is “adequate” pursuant to the decision taken by the European Commission, in particular the decision on the adequacy of the protection provided by the Canadian Personal Information Protection and Electronic Documents Act or Privacy Shield certification (USA), or on the basis of a contractual obligation or standard contractual clauses approved by the European Commission, or binding corporate rules approved through the specific procedure referred to in art. 47 GDPR.

For the transfer of data to non-EU countries, as a rule it is not necessary to wait for the national authorization of the Guarantor. However, the authorization of the Guarantor will still be necessary if a controller wishes to use specific contractual clauses, not recognized as adequate by decision of the European Commission or administrative agreements stipulated between public authorities.

F - Rights of interested parties

During the processing, the interested party may exercise, at any time, the following rights:

obtain confirmation of the existence or otherwise of the same data and, if so, know their content and origin;
verify their accuracy, request the rectification of inaccurate data, the integration of incomplete data or the updating of obsolete data;
obtain the limitation of the processing, where one of the hypotheses provided for by Article 18 GDPR occurs;
request the deletion of data processed in violation of the law, or in the presence of one of the other conditions provided for by article 17, paragraph 1, letters a), b), c), e) and f) GDPR;
to object in any case, for legitimate reasons, to their processing, or to object to the processing in the other cases provided for by Article 21, paragraphs 2 and 3 and 22 GDPR;
revoke at any time your freely given consent to the processing of personal data for the purposes specified below;
to obtain the release of the personal data being processed in a format compatible with standard IT applications, to allow their transfer to other platforms of your choice, without placing obstacles to the direct transmission of the processed data to another Data Controller, where such direct transmission is technically feasible (so-called right to data portability).

Requests relating to the exercise of the aforementioned rights should be addressed to the Owner via email (Samanta@cioccolatoabbigliamento.com).

In the event of failure or partial response by the Data Controller to the aforementioned requests, the interested party will have the right to lodge a complaint with the Guarantor for the protection of personal data ( www.garanteprivacy.it ) or to seek legal action within the terms and according to the methods provided for pursuant to articles 77 et seq. of EU Regulation 2016/679 (GDPR).

G - Information updates

Future regulatory updates may lead to changes to the current information, uploaded to the Site on 01/27/2021.

In case of modification, the Owner will give notice on the Site.

----------------------------------

Cookie

Cookies are small text files that are stored on the user's device when they navigate to certain websites using their preferred browser and are stored in the browser's file directory. They are used by server-side web applications to store and retrieve information on the client side.

Cookies are divided into “technical”, “analytical” and “profiling”. In turn, cookies can be divided into “first” and “third party” cookies.

The use of cookies and similar technologies by the Site occurs in compliance with national and European legislation, as well as in compliance with the Provision of 8 May 2014, entitled "Identification of simplified procedures for the information and acquisition of consent for the use of cookies" of the Italian Privacy Guarantor.

The Site is hosted by the platform owned by Shopify, Inc. For further information on the cookies used by this platform and to disable them, please refer to the following link: https://it.shopify.com/legal/privacy .

The Site uses the following cookies:

I. Technical Cookies.

Technical cookies have the main purpose of making navigation of the Site easier. Almost all browsers are set to accept cookies, however the user can independently change the configuration of their browser or use specific additional components and block them: in this case, the use of the web portal and the use of some services may be limited.

Technical cookies are further divided into “session” and “persistent” cookies : both are stored on the user's device but the former are deleted when the browser is closed, while the latter remain stored until they expire.

The Site uses technical “session” cookies for the operation of navigation within the pages, such as for example allowing authentication to reserved areas or storing temporary user preferences; these cookies are deleted once the browser is closed.

The use of session cookies (which, in any case, are not stored persistently on the user's computer and are automatically deleted as soon as the browser is closed) is strictly limited to the purposes of transmitting data (consisting of random numbers generated by the server) that identify the specific session and are necessary to allow safe and efficient exploration.

The Site also uses “persistent” technical cookies in some cases to store the user's choices relating, for example, to the language or type of device.

Persistent cookies are stored on a user's device between browser sessions and allow the user's actions across a site to be remembered. Persistent cookies can be used for a variety of purposes, including remembering user preferences (e.g. site language) when using a site.

II. Analytical Cookies

These cookies are used to track the user's browsing preferences and to collect statistical data in anonymous form .

The Site uses only third-party analytical cookies , coming from other websites.

The user can disable these cookies by accessing the settings of their browser.

Please refer to the links for the individual browsers:

Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies ;
Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirect=no ;
Safari : https://www.apple.com/legal/privacy/it/ ;
Chrome : https://support.google.com/accounts/answer/61416?co=GENIE.Platform%3DDesktop&hl=en ;
Opera: https://blogs.opera.com/news/2015/08/how-to-manage-cookies-in-opera/

Furthermore, it is possible to disable cookies on websites by downloading specific software (such as Ghostery http://www.ghostery.com ) or activate the “anonymous browsing” mode: this is a function that allows you to browse without leaving traces of your browsing data in the browser. This function only allows you not to keep browsing data in the browser.

Analytical Cookies used by the Site

Please be advised that the Site uses the following analysis services to obtain statistical data in relation to the use of the website:

Analysis service provided by BugSnag Inc. https://docs.bugsnag.com/legal/privacy-policy/
“ Google Analytics” provided by Google Inc.. In this case, the personal data collected are stored by Google as the independent controller of the relevant processing.

For more information see https://support.google.com/analytics/topic/2919631?hl=it&ref_topic=1008008

Social network plug-in cookies

The Site may also use third-party social network plug-in cookies , in order to allow you to share content on different social networks. They allow the user to interact via social networks (e.g. share function on Facebook, Twitter, YouTube or LinkedIn). These cookies can be deactivated via the options of your browser (see the links above).

Social network cookies are not necessary for navigation. For more information on the policies of use of cookies by Social Networks, you can consult the respective privacy and cookie policies:

Facebook : https://it-it.facebook.com/about/privacy/

Google : http://www.google.com/intl/it/policies/privacy/

Twitter : https://twitter.com/it/privacy

Instagram : https://help.instagram.com/1896641480634370?ref=ig

LinkedIn: https://www.linkedin.com/legal/cookie-policy

ShareThis: https://sharethis.com/privacy/#sthash.oNiQUPLd.dpbs

YouTube : https://support.google.com/youtube/answer/7671399?p=privacy_guidelines&hl=it

Third party profiling cookies only .

Profiling cookies are used to track user navigation and create a profile of the user based on their behavior, which can then be used to send advertising messages to the user's device. Third-party profiling cookies are cookies from other websites or advertising networks (Google AdSense, etc.) that can be sent to the user's device following navigation on the Site.

Facebook Pixel

The Facebook Pixel is a service of Facebook Inc. 1601 S. California Ave., Palo Alto, CA 94204, USA ("Facebook"), which allows the tracking of user behavior after clicking on a Facebook ad and routing to the website of the respective operator. Conversion measurement allows the effectiveness of Facebook ads to be measured, analyzed and optimized for statistical and market research purposes. The data collected on the Site, with the use of the Conversion Pixel, does not allow the Site to draw any conclusions about the identity of the user. The data collected (for example, the IP address of the respective user) is transmitted via the Conversion Pixel, and Facebook stores and processes the data for conversion measurement purposes. The Site receives anonymous reports from Facebook, and these reports do not contain any reference to the identity of the respective users. However, it cannot be ruled out that Facebook will link the user data transmitted via the Site to other individual data relating to the user (for example, user information from a Facebook account) or that Facebook will use the information for its own purposes.

The Visitor Tracking Pixel is a service of a third-party company (Facebook), and the Site cannot control or influence the data processing operations of a third-party company. You can learn about Facebook's privacy policy here https://www.facebook.com/about/privacy .

Facebook and its partners allow the placement of online advertising both inside and outside the Facebook web space. For this purpose, it may also be possible that a cookie is stored on the user's personal computer.

To declare your consent for the use of the Conversion Pixel, you must be over 13 years of age. You hereby declare that you are of legal age for such consent, or that you have asked a parent or legal guardian(s) who have decided to give their consent for the Declaration of Consent in advance.

You can revoke your consent to the use of conversion measurement at any time. For this purpose, please use the following link: https://www.facebook.com/ads/website_custom_audiences/ .

Alternatively, you can also refuse the use of the corresponding cookies by deactivating the use of cookies by third-party providers by calling up the deactivation page of the Network Advertising Initiative:

http://www.networkadvertising.org/choices/

and selecting the appropriate settings using the measures offered therein.

Finally, we inform you that Users can consult the following sites from YourOnlineChoices (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada) in order to understand and manage the tracking preferences of most advertisements.