The data controller is Martina Spagnoli, VAT No.: 01662240496 (“SOVAIN”). The contact details of the data controller are the following:
Address: via Pacinotti n. 12, Livorno, 57128 - Italy
Email address: email@example.com
The processing of personal data related to the services of this Website takes place at the address of the data controller indicated above and is carried out by the data controller’s collaborators and employees in charge of the processing and/or by companies expressly appointed as data processors. No personal data collected through the Website is communicated to other third parties.
Type of Personal Data Collected
SOVAIN collects the following personal data: name, surname, birth date, email address, phone number, address, payment information.
These personal data are collected when:
- Users register an account on the Website;
- Users place an order on the Website;
- Users voluntarily contact SOVAIN via email.
The legal basis of the processing of personal data are:
- fulfil pre-contractual and contractual obligations with Users;
- to fulfil fiscal, tax and legal obligations;
- the consent provided by Users once they subscribe to the newsletter and/or accept to receive commercial and/or advertising communications;
- the legitimate interest of the data controller to send communications of promotional nature via email concerning products similar to those that the User has already purchased on the Website ("Soft Spam Communications").
Purposes of the Processing
SOVAIN processes personal data, in compliance with the Privacy Legislation, for the following purposes:
- for the execution of pre-contractual and contractual obligations with the Users, including, but not limited to, the management and processing of orders placed by the Users on the Website, the sending of communications related to the orders placed; the provision of any additional services requested by the Users in relation to the orders placed;
- for answering to Users’ emails and carry out the services requested by them, including, but not limited to, the creation, the management and deletion of Users' accounts;
- to comply with the obligations provided for by the laws, the regulations and, in general, by the law applicable from time to time, to fulfil fiscal and accounting obligations or other obligations deriving from an order of the Authority;
- to allow the data controller to exercise its rights, including, but not limited to, the right to defence itself in court;
- to carry out direct marketing activities by sending newsletters and/or Soft Spam Communications.
It is acknowledged that the User may revoke his/her consent to receive the newsletter and/or stop receiving Soft Spam Communications by sending an email to firstname.lastname@example.org or by using the link found in each newsletter email or Soft Spam Communication, as indicated in the following section "Rights of the Users".
Data Retention Period
Personal data that are collected for the purposes identified above may be stored in a form that allows the identification of the User for the period of time strictly necessary to achieve the purposes of the data processing and to comply with specific legislative provisions.
Personal data of Users that delete their personal account on the Website will be no longer stored, unless the store is specifically required by a legislative provision.
Personal data collected for the sending of newsletter and/or of commercial and advertising communications will be stored for a maximum period of 24 months unless Users withdraw their consent previously.
Methods of Processing Data
SOVAIN will process personal data through electronic and manual means and in any case in such a way as to ensure the security and confidentiality of personal data, in accordance with the provisions of current legislation on the protection of personal data.
Personal data are not subject to dissemination and may be disclosed only to those persons to whom such disclosure must be made in order to comply with an obligation the laws, regulations or legislations, and to those persons to whom the communication must be made in order to execute a contractual obligation.
Personal data provided by Users may be transferred to third countries outside the European Union, subject to the verification of the existence of appropriate measures to ensure that personal data is adequately protected in the country of destination, such as the existence of an adequacy decision of the European Commission, or the adoption of standard contractual clauses for the protection of personal data pursuant to Article 46, paragraph 2, letter c) and d) GDPR, or the adoption of the binding corporate rules pursuant to Article 47 GDPR.
Rights of the Users
At any time, Users may ask the data controller to verify and obtain access to their personal data, to integrate, update, rectify, cancel or request the limitation of the processing of such data, or object to the processing. The Users have also the right to receive their personal data, which they have provided to the data controller, in a readable and commonly used format, and have the right to transmit those data to another controller without any obstacle from the data controller to which the personal data have been provided. Users may also oppose the processing of data for the sending newsletters as well as to oppose to the receipt of Soft Spam Communications.
Any requests of information or for the exercise of these rights may be sent to the e-mail address: email@example.com.
With particular regard to newsletter emails or Soft Spam Communications, Users may also object to receiving such communications by clicking on the link contained in each newsletter email or Soft Spam Communication they have received.
Pursuant to Article 13 of the GDPR, if Users believe that the processing of their personal data violates the legislation on the protection of personal data, they will also have the right to lodge a complaint with the Guarantor Authority for the protection of personal data or, alternatively, appeal to the competent judicial authority.