HOGAN 品牌现已推出官方微信
HOGAN 品牌现已推出官方微信 (HOGANOFFICIAL),
全新奢潮运动鞋 精品推荐,时尚穿搭法则以及精品店信息,
尽在这里。立刻扫描下方 二维码,即可关注HOGAN官方微信。
PERSONAL DATA PROCESSING POLICY IN ACCORDANCE WITH ART. 13 OF EU REGULATION 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 APRIL 2016 ("GENERAL DATA PROTECTION REGULATION")
1. INTRODUCTION: THE ROLE OF TOD’S SPA AND ITALIANTOUCH SRL IN PROCESSING PERSONAL DATA COLLECTED THROUGH THE STORE
2. IDENTITY AND CONTACT DETAILS OF ITALIANTOUCH AS INDEPENDENT CONTROLLER AND CO-CONTROLLER
3. DATA PROCESSING BY ITALIANTOUCH FOR THE PURPOSES OF REGISTRATION WITH AND ACCESS TO THE STORE AND FOR THE CONCLUSION OF A PURCHASE CONTRACT THROUGH THE STORE
4. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR PURPOSES RELATED TO FULFILLING THE PURCHASE CONTRACT
5. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR SUPPORT/CUSTOMER CARE PURPOSES
6. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR THE PURPOSES OF FRAUD PREVENTION IN CREDIT CARD PAYMENTS
7. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR ADMINISTRATIVE/ACCOUNTING AND TAX PURPOSES
8. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH TO ALLOW USERS TO EXERCISE THEIR RIGHTS
9. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR THE PURPOSES OF ESTABLISHING, EXERCISING OR DEFENDING A RIGHT
10. CATEGORIES OF SUBJECTS TO WHOM ITALIANTOUCH COMMUNICATES USERS’ PERSONAL DATA (RECIPIENTS)
11. TRANSFERS TO THIRD-PARTY COUNTRIES
12. RIGHT TO OBJECT
13. RIGHT TO ACCESS
14. RIGHT TO RECTIFICATION
15. RIGHT TO ERASURE
16. RIGHT TO RESTRICTION OF PROCESSING
17. RIGHT TO DATA PORTABILITY
18. TIME FRAMES AND METHODS FOR RESPONDING TO A DATA SUBJECT’S EXERCISE OF RIGHTS
19. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
1. INTRODUCTION: THE ROLE OF TOD’S SPA AND ITALIANTOUCH SRL IN PROCESSING PERSONAL DATA COLLECTED THROUGH THE STORE
The following information is intended for all individuals who visit and interact with this e-commerce site of the company TOD’S s.p.a. ("TOD’S"), the web store ("Store"), from which you can purchase products online [Hogan]. The Store is managed on behalf of TOD’S by Italian Touch s.r.l., ("ITALIANTOUCH"), which sells private label products [Hogan] marketed on the Store.
ITALIANTOUCH is responsible for the management of sales and transactions carried out in the context of the TOD’S Store (for example: order management, product sales and deliveries, returns and warranty management and other necessary activities for the sale of products through the Store). In order to access restricted services, including the purchase of products, you must register on the Site.
TOD’S and ITALIANTOUCH will process the personal data you provide upon registration and to conclude any contracts for the online purchase of products as co-controllers (singularly "Co-controller" and collectively "Co-controllers") or as independent controllers (singularly "Independent Controller" and collectively "Independent Controllers") in accordance with the provisions of EU regulation 679/2016 (the "Regulation") and Italian Legislative Decree 196 of 30 June 2003, (the "Privacy Code").
In particular:
- TOD’S and ITALIANTOUCH will process your personal data as Co-controllers in order to manage access to the services of the Store and facilitate the purchase of products online, as well as to allow your registration with the Store and conclude any purchase contracts through the Store;
- As an Independent Controller, ITALIANTOUCH will process your personal data in order to carry out the purchase contract and fulfil all legal obligations, including those related in terms of taxes and administration, as well as for other purposes connected to the same contract, as described in this policy;
- As an Independent Controller, TOD’S will process your personal data for marketing and/or profiling purposes, but only with your prior, free and explicit consent.
The processing carried out by TOD’S as an Independent Controller and as Co-Controller are described in TOD’S Privacy Policy, to which reference should be entirely made.
This privacy policy is therefore provided only in reference to the processing operations carried out by ITALIANTOUCH as an Independent Controller and/or Co-controller.
2. IDENTITY AND CONTACT DETAILS OF ITALIANTOUCH AS INDEPENDENT CONTROLLER AND CO-CONTROLLER
ITALIAN TOUCH S.R.L., a sole shareholder company with registered offices at Corso Umberto I, no. 171, Civitanova Marche (MC), a subsidiary of the Diego Della Valle e C. S.r.l. Group, telephone number +39 02-89623211, email address privacy@italiantouch.com is the Independent Controller of the processing of the data you provided when you registered with the Store and at the conclusion of an online purchase contract for a product, for the purposes of sections 4, 5, 6, 7, 8 and 9 of this policy.
ITALIANTOUCH is also the Co-Controller of the data, along with TOD’S s.p.a., with registered office at Via Filippo della Valle 1, S. Elpidio a Mare (FM), telephone number 0734-8661, email address dataprivacyofficer@todsgroup.com, for the purposes of section 3 of this policy.
Additional Information
It should be noted that as Co-controllers, ITALIANTOUCH and TOD’S have stipulated a special agreement by which they have defined their respective responsibilities in relation to compliance with the obligations arising from the Regulation and the Privacy Code; you can request adequate information on the main content of the agreement by contacting each Co-controller through the above references. It is understood that, regardless of the agreement, you can in any case exercise the rights you have been recognised in the Regulation (and the Privacy Code) against each Co-controller (and thus against ITALIANTOUCH as well as against TOD’S), in relation to the processing that each carries out.
3. DATA PROCESSING BY ITALIANTOUCH FOR THE PURPOSES OF REGISTRATION WITH AND ACCESS TO THE STORE AND FOR THE CONCLUSION OF A PURCHASE CONTRACT THROUGH THE STORE
As Co-controller, ITALIANTOUCH will process your personal data:
- to allow registration with the Store and use of the services reserved to registered users, including the ability to purchase online through the Store;
- to allow the conclusion of a purchase contract through the Store.
The legal basis for this processing is the fulfilment of the contract or, where appropriate, the implementation of pre-contractual measures taken at the request of the data subject (art. 6.1. b) of the Regulation).
For this purpose, ITALIANTOUCH will process your data for the time necessary to perform the individual processing activities (i.e.: the registration data will be processed until the termination of your account, also considering the technical time necessary for that purpose; the data necessary for the conclusion of a purchase contract until delivery of the goods or, in the case of non-delivery, until the termination of the contract), it being understood that thereafter, ITALIANTOUCH may store data for the purposes and within the maximum conservation periods referred to in sections 5, 6, 7, 8 and 9 of this policy and/or in the cases foreseen by the Regulation and/or the law.
Additional Information
More specifically, within the context of this objective, ITALIANTOUCH will process your personal data, inter alia, to:
- allow you to access the Store, also as a non-logged-in user, and to browse the Store;
- allow you to register on the Site by creating an account, and take advantage of services reserved to registered users, including the ability to purchase via the Store in particular;
- allow you to enter and browse the Store as a logged-in user;
- maintain and manage your account;
- store data and information in your account including, but not limited to, personal data, your past orders and returns, your preferred billing and/or shipping addresses;
- allow you to put products in your cart and conclude a purchase contract through the Store.
The provision of data for the purposes in question is optional: there is no legal or contractual obligation to communicate such data; however, their processing is required for allowing access to the Store and/or browsing the Store and/or logging on to the Store and/or the provision of account management and maintenance and/or the conclusion of a purchase contract through the Store; if such data is not provided, the user will not be able to access and/or browse the Store and/or register with the Store and take advantage of services reserved to registered users and/or conclude a purchase contract through the Store.
4. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR PURPOSES RELATED TO FULFILLING THE PURCHASE CONTRACT
As Independent Controller, ITALIANTOUCH will process your personal data:
- to implement ITALIANTOUCH’s obligations arising from the purchase contract concluded through the Store, for example, but not limited to, the delivery of products sold; and
- to allow it to fulfil its obligations arising from the purchase contract concluded through the Store, such as, but not limited to, payment, including online, of the purchased products.
The legal basis for this processing is the fulfilment of the contract (article. 6.1. b) of the Regulation.
For this purpose, ITALIANTOUCH will process your data for the time strictly necessary to perform the individual processing activities (i.e.: the data necessary for the fulfilment of a purchase contract until delivery of the goods or, in the case of non-delivery, until the termination of the contract), it being understood that thereafter, ITALIANTOUCH may store data for the purposes and within the maximum conservation periods referred to in sections 5, 6, 7, 8 and 9 of this policy and/or in the cases established by the Regulation and/or the law.
Additional Information
The provision of data for the purpose in question is optional: there is no legal or contractual obligation to communicate such data; it is, however, a prerequisite for the conclusion of a purchase contract through the Store, and failure to provide such data will therefore make it impossible for the user to conclude such a contract and therefore make a purchase through the Store.
5. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR SUPPORT/CUSTOMER CARE PURPOSES
As Independent Contractor, ITALIANTOUCH will process your data for general support and customer care activities as well as to provide answers to requests for information from users which are related to complaints, reports and disputes.
The legal basis for this processing is the implementation of pre-contractual measures taken at the request of the data subject (art. 6.1. b, last paragraph of the Regulation) or, depending on the case, the legitimate interest of ITALIANTOUCH (art. 6.1. f) of the Regulation.
ITALIANTOUCH has a legitimate interest in responding to requests for information and/or reports and/or disputes and/or complaints from Store users (which, incidentally, ITALIANTOUCH is required to respond to according to the rules of the Consumer Code). This legitimate interest of ITALIANTOUCH also coincides with the legitimate interest of the Store users who make requests and/or reports and/or disputes and/or claims, who must reasonably expect that their personal data will be used by ITALIANTOUCH within their relationship in order to send them a response.
The above-mentioned legitimate interest of ITALIANTOUCH can be considered as overriding the fundamental rights and freedoms of the data subject, also in consideration of these reasonable expectations and the relationship between the data subject and ITALIANTOUCH, as well as in consideration of the nature of the data processed and the coinciding interests of those concerned.
Regardless, you have the right to oppose the processing of your personal data for the purposes in question (i.e. support and customer care) in any moment, for reasons related to your personal situation.
To exercise this right, you can contact ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
If this right to oppose the processing of your data for the purposes of support/customer care is exercised, ITALIANTOUCH shall no longer process your personal data for such purposes, unless the Independent Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
The provision of personal data for the purpose in question is optional: there is no legal and/or contractual obligation to communicate such data; however, given the purpose of the processing, failure to provide such data and/or the exercise of the right to object may make it impossible to reply to users’ requests and/or reports and/or complaints and/or disputes of the users, considering that answering these requests involves the processing of personal data.
ITALIANTOUCH will process your data for this purpose only for the time necessary to perform the required tasks, and more specifically, for the time needed to provide the information requested by the user or to respond to complaints and/or reports and/or disputes presented by the user.
6. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR THE PURPOSES OF FRAUD PREVENTION IN CREDIT CARD PAYMENTS
As Independent Controller, ITALIANTOUCH will process the Store users’ personal information in order to manage and possibly block the payment transactions for fraudulent orders when payment for the purchases made through the Store is carried out with a credit card.
The legal basis for this processing is the legitimate interest of ITALIANTOUCH (art. 6.1.f) of the Regulation).
In any case, you have the right to oppose the processing of your personal data for the purpose in question (i.e. prevention of fraud with payments made by credit card) in any moment, for reasons related to your personal situation.
To exercise this right, users can contact ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
ITALIANTOUCH will process the personal data of users for 24 months from their collection for the purpose in question.
Additional Information
With regard to the legitimate interest of ITALIANTOUCH, users are informed of the following:
- ITALIANTOUCH has a legitimate interest to perform activities for the purpose of fraud prevention when online payment is made by credit card in order to protect its business interests, including the objective of respecting the parameters defined by international circuits in relation to the number of fraudulent payment attempts detected on e-commerce sites. This legitimate interest of ITALIANTOUCH coincides with the legitimate interests of the Store’s users as potential victims of fraud, which like the community as a whole, in turn, has a legitimate interest in ensuring that fraudulent activities are discouraged and identified when they occur; users can therefore conclude that, in the context of their relations with ITALIANTOUCH, they can reasonably expect their data to be processed for the purposes of preventing fraud also for their personal protection and safeguards.
- the provision of data for the purpose in question (i.e. the prevention of fraud with credit cards) is optional: there is no legal or contractual obligation to provide such data for such purposes;
- ITALIANTOUCH also uses data initially gathered for different purposes (more specifically, to allow the conclusion of the purchase contract and its implementation) for the above purpose, whose further processing for the purpose of prevention of fraud with credit cards is permitted insofar as it is based on the legitimate interest of ITALIANTOUCH, considering the compatibility of the purposes in question with the purpose for which the data was originally collected;
- failure to provide the personal data for the purpose in question or opposition to the use of such data for such purposes does not create any consequences for the user’s ability to register with the Store and/or make purchases.
- if the right to object is exercised, ITALIANTOUCH shall no longer process users’ personal data for such purpose, unless the Independent Controller demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
7. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR ADMINISTRATIVE/ACCOUNTING AND TAX PURPOSES
As Independent Controller, ITALIANTOUCH will process users’ data in order to carry out obligations of an administrative and/or accounting and/or tax nature, related to the provision of the Store’s services and/or purchase contracts concluded with the Store, such as, by way of example, the keeping of records and the issuance of sales invoices.
The legal basis for this processing is ITALIANTOUCH’s fulfilment of the legal obligations to which it is subject (art. 6.1.c) of the Regulation).
The provision of data for the purpose in question is mandatory, as its processing is necessary to allow ITALIANTOUCH to comply with the statutory obligations to which it is held. Any refusal to provide data for this purpose will make it impossible for the user to use the Store’s services and, in particular, to conclude a purchase contract through the Store.
ITALIANTOUCH will process users’ data for this purpose until the expiry of the legal terms envisaged for performing each administrative-accounting and tax obligation and/or for the conservation periods laid down by law for the conservation of the relative documentation.
8. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH TO ALLOW USERS TO EXERCISE THEIR RIGHTS
As Independent Controller, ITALIANTOUCH will process users’ data in order to:
- provide feedback to requests for exercising the right of withdrawal and/or requests for exercising the legal guarantee of conformity and/or other rights arising from the purchase contract concluded on the Site and/or provided for by law with respect to such contract and/or in relation to the provision of the Site’s Services;
- carry out all activities that become necessary as a result of the exercise of such rights and, where appropriate, the relative refunds;
- receive and give feedback to requests for exercising rights relating to the protection of personal data envisaged by the Regulation and perform all consequent tasks.
The legal basis for this processing is ITALIANTOUCH’s fulfilment of the legal obligations to which it is subject (art. 6.1.c) of the Regulation).
Additional Information
The provision of data for the purpose in question is mandatory, as its processing is necessary in order to allow ITALIANTOUCH to comply with statutory obligations as well as to allow users to exercise the rights that the law or contract attribute to them. The refusal to confer data for this purpose will make it impossible for the user to exercise such rights.
ITALIANTOUCH will process the data for this purpose until the expiry of the legal terms established for the exercise of the right (terms of prescription and/or forfeiture) or, if such rights are exercised, for the time required to manage and close the case. If the rights provided for by the Regulation are exercised, the data will be processed up to the issuance of a declaration by the controller stating it has fulfilled the request or up to the fulfilment of the same, depending on which of the two events occurs last.
9. DATA PROCESSING CARRIED OUT BY ITALIANTOUCH FOR THE PURPOSES OF ESTABLISHING, EXERCISING OR DEFENDING A RIGHT
As Independent Controller, ITALIANTOUCH will process users’ data for the establishment, exercise or defence of a right in all competent forums.
The legal basis for this processing is the controller’s legitimate interest (art. 6.1.f) of the Regulation).
The controller has a legitimate interest to seek remedies to ensure compliance with its contractual rights or demonstrate that it has fulfilled the obligations with the data subject arising from the contract or imposed upon the controller by law. This legitimate interest has its grounds in a constitutionally protected right to defence. It can therefore be considered as overriding the fundamental rights and freedoms of the data subject, thanks also to the reasonable expectations of the same.
Regardless, users have the right to oppose the processing of their personal data for the purposes in question (i.e. defence of a right/for legal purposes) in any moment, for reasons related to their personal situation.
To exercise this right, users can contact ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
Users should note, in particular, that ITALIANTOUCH will retain and possibly utilise data:
a) as evidence of its fulfilment of the purchase contract and/or performance of Store services and/or to initiate or respond to actions relating to such contract and/or performance before any administrative and/or judicial authorities and/or to protect its rights in the preparatory stages of a trial and/or process; the data will be kept for this purpose for ten years after the product’s delivery and/or service provision, including the registration service (in this case the data will be kept for ten years from the account’s closure) or after the contract’s resolution if the product is not delivered;
b) as evidence that it has allowed the exercise of the rights specified in the Regulation and/or by law (i.e. right of withdrawal; legal safeguard) and/or the purchase contract and to have carried out the legal and/or contractual provisions (i.e. refund if the right of withdrawal is exercised);
c) as evidence of having provided feedback relating to users’ complaints and/or reports and/or disputes;
d) if the rights provided for in the Regulation are exercised, the data will be kept for five years from the controller’s declaration of having provided feedback to the data subject’s request or from such feedback, if provided subsequently;
e) if the rights provided for in the purchase contract or by law are exercised, the data will be kept for ten years starting from the closure of the case or when the action establishing such closure is carried out (i.e.: refund in the case of withdrawal, delivery of the replacement product in the case of legal warranty); closure of the case is intended as the last correspondence relating to the exercise of the rights in question;
f) in the case of complaints and/or reports and/or disputes, the data will be kept for three years after the closure of the case, intended as the last related correspondence.
It should also be noted that:
- the provision of data for this purpose is optional: there is no legal obligation or contract requiring that the data subject provide data for this purpose;
- data initially collected for another purpose is also used for the purposes in question, whose further processing is allowed because it is based on the controller’s legitimate interests, considering the compatibility of this purpose with the original purpose of the collection, also considering the fact that, insofar as the processing is necessary for the establishment, exercise and defence of a right, the controller is also exempted from the obligation to erase them per a direct provision of the Regulation;
- in fact, in the case of exercising the right to oppose, the controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the fundamental interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
10. CATEGORIES OF SUBJECTS TO WHOM ITALIANTOUCH COMMUNICATES USERS’ PERSONAL DATA (RECIPIENTS)
The personal data provided by users may be disclosed by ITALIANTOUCH to the categories of recipients listed below.
The subjects to whom ITALIANTOUCH communicates data act as external processors designated by ITALIANTOUCH through special contracts ("Data Managers") or persons authorised to process personal data under the direct authority of ITALIANTOUCH ("Processor"), or in the case of third parties the Data Manager makes use of, acting as "Sub-managers" within the meaning of art. 28.4 of the Regulation, except in cases where the recipient is acting as an independent controller, for example Payment Service Providers or couriers.
Additional Information
ITALIANTOUCH can communicate users’ personal data to the following categories of recipients:
- companies of the group which ITALIANTOUCH belongs to and/or TOD’S group and/or employees and/or collaborators of ITALIANTOUCH in order to carry out administrative, accounting, computing and logistics activities;
- any appointed companies, consultants or professionals for the installation, maintenance, upgrading and, in general, management of hardware and software of ITALIANTOUCH, including providers of cloud computing, and the third parties they make use of;
- companies engaged in logistic support and/or warehouse and/or packaging and/or shipping and delivery or collection activities of products purchased on the Store and the third parties they make use of;
- Payment Service Providers and/or acquirers and/or banks in order to enable the payment of purchases made on the Store or their refund where appropriate, and the third parties they make use of;
- all those subjects (including public authorities) with access to the data under legislative or administrative provisions;
- all those public and/or private subjects, natural and/or legal persons (legal advice, administrative and tax offices), if such communication is necessary or appropriate for the proper fulfilment of contractual obligations assumed in connection with the Site’s Services, including the purchase contract, as well as the obligations under the law, i.e. in the case of establishment, exercise or defence of a right.
The list of recipients is available at the registered office of ITALIANTOUCH.
11. TRANSFERS TO THIRD-PARTY COUNTRIES
Users’ personal data is transferred from ITALIANTOUCH to the following third-party countries: U.S.A.
The transfer takes place based on the European Commission’s suitability assessment and the resulting authorisation measures of the Guarantor for the Protection of Personal Data, and on the basis of contractual clauses between the Controller and Manager of the processing.
Additional Information
Data transfer to the U.S.A. takes place on the basis of the "Implementing Decision (EU) 2016/2295 of the Commission of 12 July 2016 (pursuant to Directive 95/46/EC of the European Parliament and of the Council) on the suitability of the protection provided by the regime of the EU-USA shield" [notified under document number C(2016)4176] and the consequent "Authorisation to transfer data abroad through the agreement named "E.U. – U.S.A. Privacy-Shield" issued by the Guarantor for the Protection of Personal Data on 27.10.2016, as all the recipients of the data have offices in the U.S.A. which subscribe to the Privacy Shield; in addition, in some cases the contracts with these recipients also include standard clauses relating to "Commission Decision of 5 February 2010 on standard contractual clauses for the transfer of personal data to data managers established in third countries under Directive 95/46/EC of the European Parliament and of the Council" [notified under document number C(2010)/87/EU] and therefore on the basis of the resulting "Authorisation to transfer to third countries through standard contractual clauses referred to in Commission Decision 2010/87/EU if the recipient is established in a third country" issued by the Guarantor for the Protection of Personal Data with the provisions of 27 May 2010 and 15 November 2012.
12. RIGHT TO OBJECT
The data subject has the right to object at any time, for reasons relating to his or her particular situation, to the processing of his or her personal data carried out for the purposes of sections 5, 6 and 9 of this policy and having the legitimate interests of the data controller as a legal basis.
The data subject can exercise the right to object by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
In the case of exercising the right to object, the controller shall no longer process the personal data unless it demonstrates compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
13. RIGHT TO ACCESS
The data subject shall have the right to obtain confirmation from the controller (and therefore from ITALIANTOUCH) as to whether or not personal data concerning him or her is being processed; if affirmative, the subject has the right to access the personal data and the following information.
The data subject can exercise the right to access by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
If the right to access is exercised, users can obtain access to their personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data concerned;
c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third-party countries or international organisations;
d) where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
e) the existence of the right to request rectification or erasure of personal data from the controller or restrict the processing of personal data concerning the data subject or to object to such processing;
f) the right to lodge a complaint with a supervisory authority;
g) where the personal data is not collected from the data subject, any available information as to its source;
h) the existence of an automated decision-making process, including profiling, which creates legal effects regarding the data subject or similarly and significantly affects the subject, and at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject;
Where personal data is transferred to a third-party country or to an international organisation, the data subject shall have the right to be informed of the existence of appropriate safeguards relating to such transfer, pursuant to Article 46 of the Regulation.
The controller shall provide a copy of the personal data undergoing processing. For any further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs. Where the data subject makes the request by electronic means, and unless otherwise requested by the data subject, the information shall be provided in a commonly used electronic form.
14. RIGHT TO RECTIFICATION
The data subject shall have the right to obtain, without undue delay, the rectification of inaccurate personal data concerning him or her from the controller (and therefore from ITALIANTOUCH). Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
The data subject can exercise the right to rectification by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
15. RIGHT TO ERASURE
The data subject shall have the right to obtain the erasure of personal data concerning him or her from the controller (and therefore from ITALIANTOUCH) without undue delay, and the controller must erase such personal data without undue delay where one of the following grounds applies:
a) the personal data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
b) the data subject opposes the processing based on the legitimate interests of the controller for reasons related to its particular situation (and, therefore, in the case of opposition to the processing for the purposes referred to in sections 5, 6, and 9 of this policy);
c) the personal data is processed unlawfully;
d) the personal data must be erased to comply with a legal obligation provided by Union or Member State law to which the controller is subject;
The data subject can exercise the right to erasure by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
Where the controller has made the personal data public and is obliged to erase the same, the controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform controllers which are processing the personal data that the data subject has requested the erasure by such controllers of any links to or copy or replication of such personal data.
The right to erasure shall not apply to the extent that processing is necessary:
a) for exercising the right of freedom of expression and information;
b) for compliance with a legal obligation by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of public powers;
c) for reasons of public interest relating to the field of public health;
d) for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes insofar as the right to erasure is likely to render the achievement of the objectives of such processing impossible or seriously impair it;
e) for the establishment, exercise or defence of legal claims.
16. RIGHT TO RESTRICTION OF PROCESSING
The data subject shall have the right to obtain the restriction of processing from the controller (and therefore from ITALIANTOUCH) where one of the following applies:
- the accuracy of the personal data is contested by the data subject for a period of time enabling the controller to verify the accuracy of such personal data;
- the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of its use instead;
- the controller no longer needs the personal data for the purposes of the processing, but it is required by the data subject for the establishment, exercise or defence of legal claims;
- the data subject is opposed to the processing when such processing is based on the legitimate interests of the controller for reasons related to its particular situation (and, therefore, in the case of opposition to the processing of data for the purposes referred to in sections 6, 7 and 10 of this policy), pending verification regarding the possible prevalence of the controller’s legitimate reasons for the processing with respect to those of the data subject.
The data subject can exercise the right to restriction of processing by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
Where the processing has been restricted, such personal data shall, with the exception of conservation, only be processed with the data subject’s consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of significant public interest of the Union or a Member State.
A data subject who has obtained restriction of processing shall be informed by the controller before the restriction of processing is lifted.
17. RIGHT TO DATA PORTABILITY
The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and have the right to transmit such data to another controller without hindrance from the controller to which the personal data have been provided, where:
a) the processing is based on the consent of the data subject or a contract;
b) the processing is carried out by automated means.
The data subject can therefore exercise the right in question in relation to the purposes referred to in the following sections of this privacy policy: 3 and 4.
The data subject can exercise the right to data portability by contacting ITALIANTOUCH at the following contacts:
ITALIANTOUCH S.r.l,
Via Solari, 37/C
Milano (Italy)
Tel. +39 02 89623211
Fax. +39 02 89623482
eMail: privacy@italiantouch.com
Additional Information
In exercising his or her right to data portability, the data subject shall have the right to have the personal data transmitted directly from one controller to another, where technically feasible.
The exercise of the right to data portability is without prejudice to the right to erasure.
The right to data portability shall not adversely affect the rights and freedoms of others.
18. TIME FRAMES AND METHODS FOR RESPONDING TO A DATA SUBJECT’S EXERCISE OF RIGHTS
The controller provides the data subject with information regarding the actions taken in relation to a request for the exercise of the rights conferred by Articles 15 to 22 of the Regulation (i.e. right to access, right to rectification, right to erasure, right to restriction of processing, right to data portability, right to object) and referred to in sections 12, 13, 14, 15, 16 and 17 of this policy ("Rights of the Data Subject"), without undue delay, and in any event within one month of receipt of the request. That period may be extended by two further months where necessary, taking into account the complexity and number of requests. The controller shall inform the data subject of any such extension within one month of receipt of the request, together with the reasons for the delay. Where the data subject makes the request by electronic means, the information shall be provided by electronic means where possible, unless otherwise requested by the data subject.
Additional Information
If the controller does not take action on the request of the data subject, the controller shall inform the data subject without delay, and at the latest within one month of receipt of the request, of the reasons for not taking action and on the possibility of lodging a complaint with a supervisory authority and seeking a judicial remedy.
Communications in response to the exercise of the Rights of the Data Subject and the actions taken are free. Where requests from a data subject are manifestly unfounded or excessive, in particular because of their repetitive character, the controller may either:
a) charge a reasonable fee, taking into account the administrative costs of providing the communications or taking the action requested;
b) refuse to act on the request.
Where the controller has reasonable doubts concerning the identity of the natural person making the request regarding the Rights of the Data Subject, the controller may request the provision of additional information necessary to confirm the identity of the data subject.
19. RIGHT TO LODGE A COMPLAINT WITH A SUPERVISORY AUTHORITY
Without prejudice to any other administrative or judicial remedy, every data subject shall have the right to lodge a complaint with a supervisory authority, in particular in the Member State of his or her habitual residence, place of work or place of the alleged infringement if the data subject considers that the processing of personal data relating to him or her infringes the Regulation. The supervisory authority with which the complaint has been lodged shall inform the complainant on the progress and the outcome of the complaint, including the possibility of a judicial remedy.
