The decisions regarding the purposes and methods of processing your personal data and the instruments used, including the security profile, are under the responsibility of the Data Controller.
For any other information on the processing of your data you can submit a request by sending an e-mail to email@example.com indicating “privacy” as subject or writing to the address of the registered office in Via Lazzaretto 16 at Cardano Al Campo (VA) 21010, Italy.
1. Data controller
Mr. Davide Giannuzzi, C.F GNNDVD89R15F205H, VAT number 03634050128, with domicile in Via Lazzaretto, 16 – 21010 Cardano Al Campo (VA), (hereinafter, “Data Controller” or “Owner”), as data controller, inform you in accordance with art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter, “Privacy Code”) and art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following manner and for the following purposes.
2. Subject matter of treatment
The Data Controller will process the personal, identification and non-sensitive data (in particular, name, surname, fiscal code, VAT, email, telephone number – hereinafter, “Personal Data” or “Data”) communicated by you during the registration on the Site and / or upon subscription to the newsletter service offered by the Owner.
3. Purpose of treatment
Your personal data are processed:
A) without your express consent (art. 24 lett. a, b, c Privacy Code and art. 6 lett. b, and GDPR), for the following Service purposes: -allow you to register to the Site; -manage and maintain the Site; -allow you to subscribe to the newsletter service provided by the Owner and any other Services requested by you; – fulfil pre-contractual, contractual and fiscal obligations deriving from commercial relationship with you; – fulfil the obligations provided for by law, regulations, Community legislation or any other order of the Authority; – prevent or detect fraudulent activities or harmful abuses of the Site; – exercise the rights of the owner, such as the right of defence in judicial proceeding.
B) Only with your specific and distinct consent (art. 23 and 130 Privacy Code and art. 7 GDPR), for the following Marketing purposes: -send you newsletters, commercial communications and/or advertising material about products or services offered by the Holder. We inform you that if you are already our customer, we may send you commercial communications relating to services and products of the Owner similar to those you have already used, without prejudice to your right to revoke the consent given at that time.
4. Processing methods and storage period
The processing of your Personal Data is carried out by means of the operations indicated in art. 4 Privacy Code and art. 4 No 2) GDPR, namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, erasure, and destruction of Data.
Your Personal Data are subject to processing both with paper and electronic and/or automated instrument. Data Controller will process Personal Data for the time necessary to fulfill the purposes mentioned above and, in any case for no more than 10 years from the termination of the relationship for the purposes of Service and for no more than 2 years from the collection of data for the purposes of Marketing.
5. Access to Data Your
Data may be made accessible for the purposes set forth in art. 3.A) and 3.B): – to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators; -third parties (for example, providers for the management and maintenance of the Site, suppliers, credit institutions, professional firms, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as external data processors.
Without your express consent (ex art. 24 letters a), b), d) Privacy Code and art. 6 letter b) and c) GDPR), the Owner may communicate your Data for the purposes set out in art. 3.A) to Supervisory Bodies, Judicial Authorities and all other subjects to whom communication is mandatory by law for the fulfillment of said purposes.
Your Data will not be disclosed to third parties without your express consent.
7. Data transfer
The management and storage of Personal Data will be performed on servers owned by third-parties subjects appointed as Data processors located both in European Union and in EU Countries.
The Data Controller hereby assures that the transfer of Data towards non-Eu Countries will take place in compliance with the applicable legal provisions, entering into, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided by the European Commission.
8. Nature of the data provision and consequences of refusal to respond
The provision of your Personal Data, which are requested in the various occasions of the collection, may be necessary to achieve the purposes identified in the appropriate information, or optional.
The mandatory nature of certain contribution is specified by the symbol (*) placed next to the mandatory information.
The provision of Data for the purposes referred to in art. 3A) is mandatory. Without them, we cannot guarantee you the registration to the Site.
The provision of Data for the purposes referred to in art. 3.B) is optional. You may, therefore, decide not to give any Data or to subsequently refuse the possibility of Processing Data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material relating to the Services offered by the Owner. In any case, you will continue to be entitled to the Services referred to in art. 3.A).
9.Rights of the interested party
In your capacity as an interested party, you are granted with the rights under Article 7 Privacy Code and Article 15 GDPR and precisely the rights:
(i) To obtain confirmation of the existence of Personal Data concerning you, even if not yet recorded, and their communication in an intelligible form;
(ii) To obtain the indication of: a) the origin of the Personal Data; b) the purposes and methods of processing; c) the logic applied in case of processing with the aid of electronic instruments; d) the identification details of the Owner, managers and representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1 of the GDPR; e) the subjects or categories of subjects to whom the Personal Data may be communicated or who may become aware of them as designated representative in the territory, managers or agents;
(iii) To obtain: a) updating, rectification or, upon your written request, integration of Data; b) cancellation, transformation into anonymous form or blocking of Data processed unlawfully, including Data whose retention is unnecessary for the purposes for which they were collected or subsequently processed; c) certification that the operations as per letters a) and b) have been notified, also with respect to their content, to those to whom the Data have been communicated or disseminated, except in the case where this requirement proves impossible or involves a manifestly disproportionate to the protected right;
(iv) to object, in whole or in part: a) for legitimate reasons, the processing of your Personal Data, even if pertinent to the purpose of collection; b) the processing of your Personal Data for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator, by email and / or traditional marketing methods by telephone and / or mail. Please note that the right of the opposition of the interested party, as set out in point b) above, for the purposes of direct marketing by automated means, extends to traditional methods and that the possibility for the interested party to exercise the right to object, even in part, is not affected. Therefore, the interested party can decide to receive only communications through traditional methods or only automated communications or neither type of communication.
Where applicable, you also have the rights listed under Articles 16-21 GDPR (Right of rectification, right to be forgotten, right to restrict processing, right to data portability, right to object), as well as the right to complain to the Guarantor (Garante della Privacy).
10. Conditions for the exercise of rights
You are entitled to exercise your rights at any time by submitting:
– a registered letter with return receipt to the Data Controller’s address;
– an e-mail to firstname.lastname@example.org indicating “Privacy” as the subject matter.
This Site and the Services of the Owner are not intended for persons under the age of 18 and the Owner does not intentionally collect Personal Data relating to minors. In the event that information about minors are involuntarily recorded, the Data Controller will delete them in a timely manner, upon written request of users.
12. Manager and appointees
At present, the following subjects -for the purposes of the Services- may process your data:
- “DHL”, which handles the data necessary to perform the activities of shipping, delivery, and the return of products purchased on the Site;
- “SHOPIFY Inc” for the processing of Data with regard to the management and maintenance services of the servers and the Site.
- “STRIPE” for processing of Data and payment mechanism
- “MAILCHIMP” for processing of Data with respect of newsletter.
- “DEL BONO FASHION LAB” for processing of Data to perform the activities of shipping.
The updated list of data processors is kept at the headquarters of the Data Controller. For more details please contact us.
13. Amendments to this Policy
This Policy may be subject to amendments. We, therefore, recommend that you regularly check this Policy and refer to the most up-to-date version.
- process the Data exclusively for the purposes and according to the methods described in the INFORMATION presented at the time of their collection;
- use the Data for purposes other than those for which the Data were specifically released only where the user’s express consent;
- make Data available to third parties only for purposes that are instrumental to the provision of the requested service and in the context of an appointment as Data Controller; not communicate, transfer or transfer Data to third parties for their own processing without the interested party having been informed in advance and having given its consent;
- respond to requests for cancellation, modification, integration of Data provided, objection to the processing of Data for the purpose of sending commercial information and advertising;
- ensure correct and lawful Data management, safeguarding the privacy of users, and apply appropriate security measures to protect the confidentiality, integrity and availability of the Data provided.
How and why we process your Personal Data
The processing of Personal Data is carried out mainly by electronic and telematic means by the Owner and other subjects who, appropriately selected for their reliability and competence, carry out operations instrumental to the pursuit of the purposes strictly related to the use of the Site, its services and the purchase of products through the Site (see below, paragraph “Subjects who may process your Personal Data”).
The specific purposes for which the Data are processed are summarised in the INFORMATION.
In general, the Data are processed for the provision of the following services available by accessing our Site:
- registration or membership of the services offered, such as the benefits offered, our newsletter, sharing your appreciation with your friends subscribed to the Site and through your social accounts;
- execution of orders and related activities;
- payment management, including anti-fraud control in case of payment by credit/debit card;
- management of your requests: technical, commercial, the progress of your orders and requests for information in the broadest sense;
- sending, with your prior consent and for marketing purposes, commercial communications through various channels, both electronic and telematic and traditional. We remind you that, as provided for by ‘art. 130, paragraph 4, Legislative Decree 196/2003, the owner may use the Data to send advertising e-mails about their products and services, similar to what has already been purchased unless you refuse such use;
When processing Data that can directly or indirectly identify you, we try to respect a principle of strict necessity.
For this reason, we have configured our Site in such a way that the use of your Personal Data is kept to a minimum: Therefore, your Data may not be processed when the purposes pursued in individual cases can be achieved through the use of anonymous Data (such as, for example, in market research aimed at improving services) or by other means that allow you to identify the person concerned only in case of need or at the request of authorities and police (such as, for example, for Data relating to traffic and your stay on the website or your IP address).
Your Data will be communicated to third parties only with your express consent, except in cases where communication is mandatory by law or is necessary for purposes provided by law for which the consent of the person concerned is not required; in such cases, the Data may be made available to third parties who will process them independently and solely for the above purposes (for example, in the case of a request made by the Public Authority or other competent bodies or to perform obligations arising from the contract concluded with you)
Any other purpose of processing than the specific one for which you have provided your Personal Data will be highlighted in the information notice and will be pursued only after obtaining your express consent.
Finally, we inform you that your Personal Data will not be transferred abroad to countries, other than those belonging to the European Union, that do not ensure adequate levels of protection of individuals. If this is necessary to provide you with services or to enter into a contract for the purchase of products on the Site, we assure you that the transfer of your Personal Data to countries that do not belong to the European Union and do not ensure an adequate level of protection will only be performed after the conclusion of specific contracts between the Owner and these entities in accordance with applicable laws and regulations.
It may happen that the Owner finds himself processing Personal Data of third parties communicated directly by its users to the Owner (for example, if the user has purchased a product to be delivered to a friend or when the person who pays the price for the purchase of the product is different from the person for whom the product is intended, or even when the user wishes to inform a friend of a service of mrkirt.eu or the offer for sale of a particular product).
The Owner reserves the right to delete the accounts created by users and all related Data in case illicit content is detected, damaging to the image of the Owner and/or its products or third parties, or otherwise offensive content or that promotes illegal or defamatory activities, pornographic content, inciting violence, promoting discrimination based on race, sex, religion, and sexual orientation.
Web Push Notification
Depending on the device you are navigating from, you may receive push notifications about our offers, news, your wish list and your shopping cart with your consent.
To disable notifications, depending on the platform and/or browser used, follow the steps below:
Desktop: Right-click on the notification > disable notifications from www.mrkirt.eu
Mobile: Go to Notification Center > Site Parameters > Notifications > Block Notifications from www.mrkirt.eu
Chrome: Settings > Show Advanced Settings > Privacy – Content Settings > Notifications – Manage exceptions > Insert www.mrkirt.eu and select “Block”
Firefox: Options > Contents > Notifications – Choose > www.mrkirt.eu – “Block”
Safari: Preferences > Notifications > From here set the switch to “Reject”
We adopt adequate security measures in order to minimize the risks – even accidental – of destruction or loss of Data unauthorized access or processing
However, the Data Controller cannot guarantee that the measures adopted for the security of the site and the transmission of Data and information on the Site limit or exclude any risk of unauthorized access or dispersion of Data by devices belonging to the user: We recommend that you ensure that your computer is equipped with appropriate software to protect incoming and outgoing Data transmission over the network (such as updated antivirus systems) and that your Internet service provider has taken appropriate measures to ensure the security of network Data transmission (such as firewalls and spam filters). On the Site, every purchase is made in maximum security thanks to the use of the most advanced technological and coding systems (SSL).
Links to other websites
Our Site contains links to other websites that may not have any links with us.
If you wish to receive further information on how the Data Controller processes your Personal Data, please write an e-mail to the e-mail address email@example.com with the subject: “privacy”.
To know your rights and to be always updated on the legislation on the protection of persons with regard to the processing of Personal Data, we recommend you visit the website of the Guarantor for the protection of personal data at www.garanteprivacy.it
The Code guarantees that personal data will be processed in compliance with fundamental rights and freedoms, as well as the dignity of the person concerned, with particular reference to confidentiality, personal identity and the right to protection of Personal Data.
Methods of acceptance
You can choose what type of cookies to install on your browser, and these differ in: Necessary cookies, preference cookies, statistical cookies, and marketing cookies and unclassified (yet to be classified) .
Necessary Cookies are essential for navigation and therefore your consent with respect to them can not be denied.
What is a cookie?
A cookie is a small file that is sent to your browser and saved on your device when you visit a website such as www.mrkirt.eu (the “Site”). Cookies allow the website to function efficiently and improve its performance, and they also provide information to the website owner for statistical or advertising purposes, mainly to personalize your browsing experience by remembering your preferences (for example remembering the language and currency you have set, to recognize you on your next visit, etc.).
What cookies do we use and for what purposes?
Our Site uses different types of first-party cookies (prepared and managed by the Manager), third-party cookies (prepared and managed by third parties in accordance with their privacy policies and not under the control of the Manager) and related technologies, each of which has a specific function. An explanatory table follows.
|Cookie types||Purpose of the cookie – Function|
|Essential Site Cookies (session and navigation)||These cookies are essential for correct navigation and to benefit from the functions of the Site. These cookies do not collect personal information that can be used for marketing purposes, nor do they store the sites you visit. The use of these cookies (which are not permanently stored on the user’s device and are automatically deleted when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the Site.
Navigation cookies are technical cookies and are necessary for the functioning of the Website, therefore this category of cookies cannot be deactivated.
|These cookies allow you to remember your choices (such as your username, language or location) and provide improved and personalized features. The information collected by these cookies may be made anonymous and do not track your activity on other websites.
Functional cookies are not essential to the operation of the Site, but they improve the quality and experience of your navigation.
These cookies, also known as cache cookies, are set by Google Analytics and are used to collect information about the way visitors use the Site, including the number of visitors, the sites of origin and the pages visited on the Site. This information is used to collect anonymous and aggregate data, compile reports and carry out statistical analyses on the methods of navigation of users on the Site. In general, these cookies remain on the visitor’s computer until they are deleted.
|Marketing or profiling cookies||These cookies are used to collect information about the websites and individual pages visited by users, both on and off the Website (which may indicate, for example, users’ interests or other characteristics). These cookies are used to provide advertising and commercial communications more relevant to the interests of the user, profiling it. When you visit the Site, these cookies are useful for showing you products that may be of interest to you or similar to those you have viewed. They are also used to limit the number of times an advertisement is displayed and to measure the effectiveness of advertising campaigns. They remain on your computer until they are deleted and are a reminder of your visit to the Site. They may also indicate whether you have arrived at the Site through an advertising link.
We share this information with other organizations such as advertisers and our contractors, who may use it in conjunction with information about how you can use other websites, for example, by identifying interests and behaviors common to different groups of users visiting websites.
|Third Party Profiling Cookies||Third party cookies are those sent by third-party companies we trust. These cookies allow us to offer you our commercial offer on other affiliate websites (retargeting). We do not have control over the information provided by the cookie on third-party cookies and we do not have access to this information. This information is fully controlled by third-party companies as described in their respective policies. To view these third-party cookies, inform you about their policies and knowingly manage their consent or rejection, please visit http://www.youronlinechoices.com|
How to disable cookies or manage your preferences
The user has the right to choose whether or not to accept cookies. Most browsers are configured to accept, control or disable cookies through the settings. However, disabling navigation or functional cookies may cause the Site to malfunction and/or limit the service offered. If you want to delete, disable or restore cookies on your computer, you can use the cookie configuration pages made available by any third party content providers, or through your browser options.
Below is the path to follow to manage cookies from the following browsers:
Turning off a cookie or category of cookies does not delete them from your browser.
Therefore, this operation must be carried out directly in the browser.
For mobile devices, please refer to your instruction manual to find out how to handle cookies.
Finally, the user can disable Google Analytics cookies by downloading a specific browser plug-in available at the following URL: https://tools.google.com/dlpage/gaoptout .