Privacy policy for website users
WHO WE ARE
Your privacy matters to us: you can count on us! Read our policy to understand how we process your personal data, and if you have any questions, write to info@anidi.it.
INTRODUCTION
Your privacy is important to us at https://anididesign.it/
We have drafted this privacy policy (hereinafter also referred to as "policy") in a simple and understandable way to help you understand who we are, what data about you we collect, and what we do with it. We want you to be aware that your personal data (hereinafter also simply "data" or "your data") refers to any information or set of information from which you can be identified, directly or indirectly, particularly in reference to an identifier, such as name, surname, email address, telephone number, etc.
Please consider that since this is a generic policy: you may find more specific information regarding the various services we offer in other parts of the site, just as we may provide different information in relation to specific processing activities. We ask you to take some time to read the entire policy, so if you do not agree with how we process personal data, you can avoid providing it to us.
What is the purpose of this policy?
This policy explains how we collect and use (i.e., process) your data when you visit or use our website, or when you register on our site.
WHO WE ARE
When this policy says "we" it refers to the data controller of personal data, which is Letizia Moretti, Via Bacchilide 37 (06134) Perugia (PG)
WHAT TYPES OF DATA DO WE COLLECT?
We collect your data when you interact with us. You provide us with data when, for example, you enter into a contract with us, contact us to purchase products on our site or request information; but we also collect your data automatically when, for example, you browse our website.
WHAT TYPES OF DATA DO WE COLLECT ABOUT YOU?
We may collect your data when you visit our site or ask us for information. We not only collect data that you directly provide us when you contact us or otherwise use the site to communicate with us or send us requests, but some data is collected automatically as a result of browsing the site. Below you will find an overview of the categories of data we may process:
A) Information you provide to us directly
Categories of data:
- Identification data (Examples of data types: Name, surname, date of birth).
- Contact data (Email, telephone number*).
- Shipping data (Address, Country).
- Banking data (Bank accounts, data related to payments made with credit cards or Paypal accounts).
- Login credentials - for registered users only (Username, password** or other security codes).
- Order history - available for registered users (Products purchased, quantity, prices).
- Any other information you decide to share with us (Feedback, opinions, reviews, and any information you provide us by any means).
*We will use your phone number only if necessary to deliver your order and will share it only with the courier for this purpose.
** This does not mean that we will see your password, but only that we can manage it, allowing you to enter it to log in or reset it.
b) Information we collect automatically
When you visit or use our website, in addition to the information you provide us directly, we may collect information that your computer, mobile phone, or other devices you use to access our channels automatically send us.
Categories of data:
- device information (data types: Model, IMEI code and other unique device identifiers MAC address, IP address, operating system version, device settings you use to access various services);
- log information (data types: Time and duration of your use of the digital channel);
- location information (data types: your location (i.e., the geographic area you are in) derived from your IP address or other geolocation-based technologies that allow us to have this type of information when you enable location sharing on your PC or smartphone, if the application or browser you use to access our site allows it).
DO WE TRANSFER YOUR DATA ABROAD?
By using the hosting service that hosts the https://anididesign.it/ site, your data is transferred to servers located outside the EU, specifically to Canada. The safeguards adopted for transfers to third countries are the standard contractual clauses and the adequacy decisions of the European Commission. In particular, an adequacy decision of the European Commission is used for transfers to Canada.
FOR HOW LONG DO WE PROCESS YOUR DATA?
We process your data until the purpose for which we collected it has been fulfilled, but sometimes we may need to process certain data for longer, to comply with a legal obligation.
FOR HOW LONG DO WE RETAIN YOUR DATA?
We retain your data for the time necessary to achieve the purpose for which we collected it (for clarification on purposes, read the paragraph "How do we use your data?"). Please keep in mind that in some cases a longer retention period may be permitted or required by law. The criteria for determining the retention period include:
- How long do we need the data transmitted through the site to provide you with the service or to carry out our business?
- How long do we need your data to provide you with feedback?
- How long do we need your browsing data to ensure the security of the site?
- Have you revoked the consent you gave us (for processing activities that require consent)?
- Are we subject to a legal, contractual, administrative, or similar obligation regarding the retention of your data? For example, when there are regulations that require data retention, or judicial orders to retain relevant data in an investigation, or data must be retained to assert a right in court. For example, we retain billing data for ten years, in compliance with the current legal obligation, just as we also retain data relating to the execution of the contract for ten years, within which period any actions are time-barred.
- Finally, if you decide to provide us with a review through the form on the site, if the review is approved, we will retain the review and related personal data as long as the product is available, reserving the right to remove it if it appears no longer truthful due to the time elapsed or changes in product characteristics. Unapproved reviews are deleted, along with the connected data, and are therefore only kept for the time necessary for the approval process.
WHY DO WE COLLECT YOUR DATA?
We use your data to provide you with the best possible experience, from improving our services to providing customer support.
HOW DO WE USE YOUR DATA?
We may use your data for various legitimate reasons and purposes related to our business. Below are the purposes for which we process your data:
Purposes:
- Conclusion and execution of contracts - Case: sales, invoicing, shipping of goods, pre-contractual activity, account management;
- Provide you with assistance (upon your request) - Case: providing you with assistance through our communication channels;
- Manage withdrawal, return, warranty, and complaints - Case: providing you with assistance and following up on complaints or communications aimed at asserting the right of withdrawal or conformity warranty;
- Security and protection of our interests or assets - Case: Developing and maintaining technical and organizational security measures, conducting internal audits, also with reference to the cybersecurity of the site itself.
- Legal obligations - Case: Disclosing data and information to competent authorities, to data protection supervisory authorities, in accordance with current legislation, obligations relating to record keeping and reporting, conducting audits related to compliance with regulations, complying with inspections and requests from governments or authorities, fulfilling procedural requests, for example regarding testimonial obligations;
- Legal defense: Acting or defending ourselves in court;
- Cybersecurity (legitimate interest of the data controller) - Case: Ensuring the security of our website.
- Publishing the reviews you spontaneously send us.
WHAT HAPPENS IF I DON'T WANT TO GIVE YOU MY DATA?
We ask you to provide us with the personal data necessary for registration, to conclude the sales contract or for shipping; or you can send us your data if you ask for information. However, if you decide not to give us the data necessary to conclude the contract, register on the site, ship products to you or give you information, we will not be able to guarantee that you will be able to use our services or purchase our products or we may not be able to respond to your requests.
WHAT IS THE LEGAL BASIS FOR OUR PROCESSING?
To lawfully process your data, we can rely on various legal bases:
- Your consent (only when required or permitted by law). If we use consent as the legal basis for processing your data, you can easily and freely withdraw it at any time;
- The necessity to enter into a contract with you and fulfill the obligations arising therefrom;
- The necessity to comply with obligations imposed on us by law, or to exercise a right or defend ourselves in court;
- The necessity to pursue our legitimate interest, such as:
- ensuring that our network and our information are secure;
- To prevent suspected breaches of law or investigate actual breaches of law, as well as breaches of contracts with business customers or non-compliance with policies or standards we follow. - The necessity to respond to your request, or fulfill your request.
- Publishing the reviews you spontaneously send us:
the legitimate interest of the data controller is to inform website users about the opinions of those who have already experienced the products offered and to share opinions on them; the person reviewing the product may object to the publication of identifying data (name) and request that the review be published anonymously, by indicating a fictitious name (nickname). The publication of the reviewer's identifying data is justified by the desire to transparently make known that the review is truthful and expressed by customers who have tried the product and is not a figment of the data controller's imagination for commercial purposes.
The requested data are mandatory, although the email will not be published, as without them the review cannot be considered. If you wish to remain anonymous, it is sufficient to enter a fictitious name (nickname) in the field dedicated to the name.
The necessity to request the aforementioned mandatory data has been considered in compliance with data protection by design and by default principles. Furthermore, we have implemented appropriate technical and organizational measures to ensure that, by default, only the personal data necessary to allow the user to best express their opinion on the product they intend to review is processed, while also guaranteeing to third parties (potential customers and users) the satisfaction of their legitimate interest in its veracity.
HOW DO WE PROTECT YOUR DATA?
We protect your data with appropriate technical and organizational measures.
HOW DO WE PROTECT YOUR DATA?
To protect your data, we take appropriate measures in compliance with applicable law, including asking our service providers to use suitable measures to keep your information confidential and secure. Depending on the state of the art, implementation costs, and the nature of the data to be protected, we implement technical and organizational measures aimed at preventing risks of destruction, loss, alteration, unauthorized disclosure of or access to your data.
DO WE SHARE YOUR DATA?
We will only share your data when required by law, or when you have expressly allowed us to, or to offer you the services you have requested.
WHEN DO WE SHARE YOUR DATA?
We share your data with others only in the cases indicated below. If it is necessary for the pursuit of the purposes set out in this policy, we may communicate the data to the recipients indicated below.
- Suppliers: we may outsource certain services to trusted third parties to provide us with functionalities and services, such as the provision of ICT services for website and email management, or shipping, or online payment services, or banks.
- Companies, professionals and consultants: we may share your data with professionals and consultants such as insurance companies, lawyers, accountants.
- In particular, with regard to the website https://anididesign.it/, this is hosted by Shopify International Limited 2nd Floor, 1-2 Victoria Buildings, Haddington Road, Dublin 4, D04 Xn32 Ireland, which processes the data as data processor.
- Public and governmental authorities: when required by law, or when it is necessary to protect our rights, we may share data with the competent authorities.
DO WE DISSEMINATE YOUR DATA?
Disseminating data means making it available to an indeterminate number of people. We disseminate data when we publish it on our website.
We only disseminate data related to reviews. If you freely decide to provide one through the form on the website, the name or pseudonym you indicated (nickname) and the opinion you expressed will be disseminated, including all information attributable to you that you deem appropriate to share. The email address we ask you to enter to ensure the veracity of the review, however, will not be published or otherwise disseminated.
STAY IN CONTROL!
We encourage you to maintain control over your data: Please keep your data accurate and up-to-date.
WHAT SHOULD YOU DO?
We want to remind you that it is your responsibility to ensure, to the best of your knowledge, that the data you provide us is accurate, complete, and up-to-date. Furthermore, if you share data of other people with us, it is your precise responsibility to process that data according to legal norms. For example, it will be your task to inform the people whose data you provide us about the content of this policy and obtain their consent if the law requires it.
WHAT ARE YOUR RIGHTS?
We provide you with access to your data. You can control your data by asking us to update, modify, or, if the law allows, delete it. We encourage you to regularly check your data. You can always contact us if you want to:
- access or review, modify or delete the data you have provided us (if we are no longer permitted or obliged to retain it);
- object to certain processing activities;
- withdraw the consent given (only for processing based on your consent)
- receive a copy of your data (in a readable and commonly used format);
- ask us to limit the use of your data (if applicable) and any other information regarding the protection of your data
- our contact details are:
- Postal mail: Letizia Moretti, Via Bacchilide 37 (06134) Perugia (PG)
- Online via e-mail: info@anidi.it
RIGHT TO OBJECT
You can always object to processing for marketing purposes, and we will act on your request. You can also object to profiling or processing based on legitimate interest. In the latter case, we will act on your request by evaluating whether our legitimate interest overrides your interests or fundamental rights and freedoms. We do our best to respond to requests in a timely manner and free of charge, unless doing so would require disproportionate effort. In some cases, we may ask you to verify your identity before processing your request. If you are not satisfied with the response received, you can file a complaint with the competent supervisory authority in your country (for Italy: Garante per la protezione dei dati personali).
WHEN WILL THIS POLICY BE UPDATED?
Over time, processing activities may evolve and change, and the policy reflecting them may be amended.
This policy may be subject to changes over time. The most recent version of the policy available on the website reflects the processing of personal data and information we carry out.
