Privacy Policy

Informativa per il trattamento di dati personali.

Personal data processing policy

Dear Visitor, following the consultation of this website data relevant to identified or identifiable natural persons can be processed.

 

With reference to this processing, and also pursuant to articles 13 and 14 of the European General Data Protection Regulation (Regulation EU 2016/679 – GDPR), to Legislative Decree no. 193/2003 and to Legislative Decree no. 101/2018, the following information are expressed, whose validity is not extended to possible other external websites consulted by the user through links present on this website.

 

By continuing to browse, and by adhering to the service features contained in the various sections of the website (subscription to our newsletter, filling out the shop registration form, filling out of the checkout form at the moment of purchase, filling out of the form to request information), it is accepted that these general information on processing are known, as well as potential specific information on processing with different and specific purposes, and the user expresses their own approval for the processing.

 

Please note that the consent is only valid if it origintes from an adult or a minor older than 14 years old (art. 8, clauses 1 and 2 of GDPR, and Legislative Decree no. 101/2018). 

 

Data controller

 

The Data Controller is  Cooperativa Sociale QUID (hereinafter QUID), based in Via della Consortia, 10/D – 37127 Verona represented by the Legal Representative, mail segreteria@progettoquid.it tel +39 045 83416860, fax +39 045 8532196, VAT number 04179470234.

 

Types of processed data

 

Pursuant to the purposes shown below, the following categories of data will be subject to processing:

 

Data provided through shop and purchase check out registration forms

 

Identification data: name, surname, address, gender and date of birth;

Contact data: telephone number, e-mail address;

Data concerning to the interest for a product or servide offered by QUID.

Browsing Data

 

IT systems and software procedures in charge of the functioning of this website obtain, during their normal activity, some personal data whose transmission is implicit in the use of Internet communication protocols. These are information that are not collected to be associated to identified interested users, but by their own nature may be, through elaborations and associations with data owned by third parties, allow the identification of users. This type of data includes, for example, IP addresses or domain names of computers or other devices used by users while connecting to the website, addresses in URI (Uniform Resource Identifier) marking of requested resources, the time of the request, the used method to submit the request to the server, the size of the obtained file, the numerical code showing the status of the server reply (successful, error, etc.) and other parameters concerning the operative system and the IT environment of the user.

 

Cookies 

 

Please see the relative informative section at the following link: INSERIRE LINK

 

Data directly provided by the user

 

The optional, explicit and voluntary act of sending an e-mail message to the e-mail addressed shown on this website implies the subsequent acquisition of the sender’s address, necessary to answer to their requests, as well as other possible personal data present in the mail. Specific summary reports are also contained or displayed in the website sections designated for particular services by demand and, if needed, can undergo the consent of the interested user (for example, for the newsletter subscription).

 

Processing purposes and facultative bestowing of data

 

Apart from what has been specified regarding browsing data and technical cookies, users are free to bestow their personal data through the use of specific forms or questionnaires present on the website to subscibe to the newsletter, to the shop and to checkout at the moment of purchase, to request informative material or other communications and, in general, for the purposes reported in the relative and specific reports.

 

The lack of bestowal can entail the impossibility to obtain what was requested.

 

The company is committed to treat data complying with the principle of “minimization”, that is obtaining and processing data limited to what is necessary for the following purposes

 

  1. a) Data concerning the purchase checkout form are processed to complete the administrative and logistical activities connected to the supplying of the purchased goods (contract execution);

 

  1. b) Data concerning the shop registration form are processed to DATO MANCANTE.

The bestowal of these data is optional and does not preclude in any way the possibility to purchase our products and the browsing inside the website;

 

  1. c) Data concerning the subscription to the newsletter are processed to DATO MANCANTE.

The bestowal of these data is optional and does not preclude in any way the possibility to purchase our products and the browsing inside the website;

 

  1. d) direct marketing by QUID: to receive communications, newsletters, informative material, to measure the degree of satisfaction, promotional, commercial and advertising material or regarding events and initiatives, market researches or other sample research and direct selling, via automatized media, electronic mail, SMS (Short Message Service) or of other types, as well as via telephone calls through phone operators and ordinary post. In order to measure and eventually improve the results of communications, the Owner uses newsletter and promotional communications mailing services with reports. Thanks to reports the Owner will get to know, for example: the number of readers, of openings, of unique “clicks” and of clicks; devices and operative systems used to read the communication; the detailed activities of each single user; the detail of sent, of delivered and undelivered, of forwarded e-mails; reports are used to measure and eventually improve the results of communications;

 

  1. e) profiling actions by QUID: in order to improve the offer of products/services, to allow the elboration of its profile and to analyze the habits and consumer behaviour, to improve the commercial offer and the available services. These analyses consiste also of an electronic elaboration (per geographical area, activity or profesion, age, etc.) of the Customer’s data to identify its preferences, behaviours and interests concerning used products and services.

 

Please also note that:

 

relating to the purposes referred to in point a), the processing may be carried out even without your consent because it is necessary to execute the contractual measures you requested (art. 6.1 lett. b) of the Regulation); 

relating to the purposes referred to in points b), c), d), e), f), and g), the processing will be carried out subject to the acquisition of your consent (art. 6.1 lett. a) of the Regulation). 

 

The bestowing of data for the purposes referred to in point a) is optional but necessary.

The potential lack of bestowal in relation to this purpose can entail the impossibility to supply what was requested.

 

The bestowal and the consent to the processing for the purposes referred to in points b), c), d), e), f), e g) is optional and the potential refusal does not entail any negative consequence regarding purposes referred to in point a)

 

Data Management

 

Our Company, as data controller, and each one of the potential external Managers appointed in accordance with art. 28 of the Regulation, will manage and archive with automatized and/or hardcopy tools the personal data collected though the use of the website and of its various features activated by demand, for the time strictly necessary to obtain the purposes they were collected for or voluntarily bestowed by the user.

 

Specific safety measures, as provided for by art. 32 of the Regulation (EU) 2016/679, are observed in order to prevent data loss, illecit or incorrect uses and unauthorized accesses.

 

Data are managed only by personnel authorized by the data controller; if necessary, personal data connected to newsletter services can be managed by the personnel of the society/consultant that handle the technical maintenance of the website, MailChimp appointed as the external data processor in accordance with art. 28 of Regulation 679.

 

Hosting and data archiving is carried out on platforms located inside the European Union.

 

In no case whatsoever data will be subjected to diffusion.

 

Personal data transfer

 

Your data will not be transferred to third Countries outside the European Union.

 

Subject categories

 

Your personal data may be communicated, strictly connected with the aforementioned purposes, to the following subjects or subject categories:

 

  1. a) business partners contractually tied to QUID for their marketing and/or profiling purposes, upon acquisition of your consent;

 

  1. b) subjects supplying services for the management of the information system used by QUID and of the telecommunication network (therein included web mail)

 

  1. c) subjects that manage the logistic and transportation services used by QUID to deliver the purchased goods;

 

  1. d) company consultants;

 

  1. e) studies or companies in the course of assistance and consultation partnerships;

 

  1. f) call centers for customer care;

 

  1. g) competent authorities for the fulfilment of legal obligations.

 

Please note that subjects referred to in point a) will manage your data as Data Controllers. Relating to the subject categories referred to in points b), c), d), e), f), and g), on the other hand, the Data Controller commits to rely exclusively on subjects giving adequate guarantees regarding data protection and will provide for their designation as Data Processors ex art. 28 of the Regulation.

 

The list of Data Processor is available at the company’s hedquarters and can be examined upon prior request to the Data Controller. Moreover, your data will be processed, exclusively for the aforementioned purposes, by the employed personnel and/or collaborators of the company, specifically authorized and instructed by the Data Controller in accordance with art. 29 of the Regulation.

 

Your personal data will not be subjected to diffusion, save in case of a request due to a legal rule or legislation or EU regulation.

 

Time of conservation

 

Category: Identification data – Contact data – Data concerning purchase contract/services

 

Conservation: 10 years starting from the moment of data acquisition.

 

Regulation: art. 5.1 lett. e) Reg. EU 2016/679 – art. 2946 civil code on ordinary limitation – art. 43 of Italian Presidential Decree 600/73.

 

User rights

 

At any given moment, in accordance with articles from 15 to 22 of the GDPR you will be able to exercise your right to:

 

  1. a) demand access to personal data ex art. 15 of the GDPR; 

 

  1. b) obtain the adjustment of incorrect personal data ex art. 16 of the GDPR; 

 

  1. c) obtain the cancellation of data in case and to the extent whereof in art. 17 of the GDPR;

 

  1. d) obtain the limitation of the procesing in the assumptions provided for in art. 18 of the GDPR;

 

  1. e) revoke at any given moment the consent ex art. 13 comma 2 letter c) of the GDPR;

 

  1. f) submit a complaint to the Supervising Authority according to the procedures to be found on the website garanteprivacy.it;

 

you can also object the processing of processed data for a legitimate interest of the owner ex art. 21 of the GDPR.

 

Exercise of rights

 

At any given moment you can exercise your rights by means of a written request sent to the e-mail address privacy@progettoquid.it or by accessing the form that can be found at the address www.progettoquid.it / (LINK CORRETTO?) or by writing to the ordinary post address of QUID based in Via della Consortia, 10/D – 37127 Verona; our privacy office will examine your complaint and will work together with you to solve the problem.

Should you think your personal data have not been managed in an appropriate way according to the law, you can contact the Italian Data Protection Authority following the instructions that can be found on the website www.garanteprivacy.it.