Edition n. 1 of 13/12/2020 Gori Gioielli di Giuliano Gori s.a.s., in the person of the l.r.p.t., VAT number 09595501009 registered in the Register of Companies of Rome at the REA number 1174448, with registered office in via Tuscolana 976 00174 ROME, email address: [email protected] as Data Controller regarding the collection and use of your personal data, provides you with the following information provided in compliance with Articles. 13 and 14 of EU Regulation 679/2016 (hereinafter "Regulation"), to users (hereinafter: "Users" or "User") of the site www.gorigioielli.com (hereinafter: "Site") owned by Gori Gioielli di Giuliano Gori s.a.s., Data Controller of personal data (hereinafter: "Owner"), and has the purpose of describing the management methods of the Site with reference to the processing of personal data, as well as to allow Users of the Site to know the purposes and methods of processing personal data by the Data Controller in case of their provision.
By "processing" of personal data, we mean any operation or set of operations performed on personal data (collection, registration, organization, structuring, storage, adaptation, modification, extraction, consultation, use, communication by transmission, dissemination, comparison, interconnection, limitation, cancellation and destruction).
2. Purpose of the Processing
The processing of personal data provided by Users through the use of the Site, subject to consent, will be aimed at:
- marketing activities and sending promotional campaigns by SMS and / or e-mail messages;
- subscription to the newsletter through inclusion in a mailing list.
- e-commerce activities
3. Legal basis
The processing of personal data for the purposes referred to in the previous points finds its legal basis in the consent expressed by you pursuant to Article 6 (a) of the Regulation ([...] the interested party has expressed consent to the processing of their personal data for one or more specific purposes). The provision of data for the purposes referred to in nos. 1, 2, 3, is optional but any refusal by the User will make it impossible for the Data Controller to follow up on requests or provide the services indicated above. Your consent may be expressed in a granular manner for each purpose indicated. For this reason, the data will be collected exclusively for the purposes for which you have given your consent.
4. Nature of the data processed
For the purposes indicated, only personal and common data will be processed, such as but not limited to: name, surname, e-mail address, etc. These data will be requested:
- at the time of registration of the user;
- when filling out the contact form for requests for quotes or information;
- when registering the email address within the newsletter.
5. Processing methods
The processing will take place according to the principles of lawfulness and correctness and in order to protect confidentiality through the preparation of adequate technical organizational measures, in order to avoid unauthorized or unlawful processing or accidental loss / destruction / damage related to the same data. In particular, your personal data will be:
- used according to current regulations and in a transparent manner;
- collected only for valid reasons clearly explained;
- used within the limits of the purpose for which they are collected;
- kept accurately and up-to-date;
- stored securely;
- kept only for the period necessary for the purposes mentioned above.
The Data Controller ensures that personal data are processed in full compliance with the Regulation, using manual, computerized or telematic systems. The processing may also be carried out through automated tools designed to store, manage and transmit the data. The data collected and processed will be protected with physical and logical methods such as to minimize the risks of unauthorized access, dissemination, loss and destruction of data, pursuant to articles 25 and 32 of the Regulation.
6. Place of processing and Transfer Outside the EU
7. Categories of recipients of the data or who may become aware of the same, also as Data Processors or Authorized to process
The data may be communicated to subjects who collaborate or use the services of the Data Controller, with the sole intent of providing the services requested by the User. The Data Controller, in providing data, aimed at providing the services requested by the User, has ensured that these subjects have appropriate requirements and adopt appropriate security measures for the protection of the same. In particular, the data provided by the User may be shared by the Data Controller with the following third parties exclusively to provide the services requested by the User or comply with other regulatory obligations: In addition, the same data may be known by the persons appointed as Data Processors and Authorized to process for the purposes set out above, such as suppliers, consultants, employees.
8. Navigation Data
The computer systems and technical and software procedures underlying the operation of the Site acquire, during their normal operation, some personal data whose transmission is implicit in the mechanisms of access and operation and protocols in use on the Internet. Each time the User connects to the Site and each time he calls up or requests content, access data are stored in our systems, in the form of tabular or linear data files. This category of data includes, for example, IP addresses, domain names of computers used by users who connect to the Site, the request by the User's browser, in the form of addresses in URI (Uniform Resource Identifier) notation, the date and time of the request to the server, the method used to submit the request to the server, the amount of data transmitted, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and the User's computer environment. These data may be used by the Data Controller for the sole purpose of obtaining anonymous statistical information on the use of the Site in order to identify the pages preferred by Users and therefore provide increasingly adequate content and to check its correct functioning. At the request of the Authority, the data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site or its Users.
The modules and cookies used by this site, whether internal or third-party, are hereinafter referred to as services and distinguished between technical (essential and not deactivable) and marketing (accessory and deactivated).
9.1 Cookies and Technical and Essential Site Forms | Not Deactivable
Your personal data will be processed within the website, through the use of services, according to the following purposes, which are essential for the operation of the same, namely:
Viewing content from external platforms
Google Font (Google)
Place of processing: USA
Widget Google Maps (Google Inc.)
Youtube Video Widget (Google)
Purchase and sale of goods or services (e-commerce functionality)
Checkout Form (This Application)
Traffic optimization and distribution
Registration and authentication
Direct Recording (This Application)
Contacting the User
Contact form (This Application)
Mailing List or Newsletter (This Application)
9.2 Cookies and Site Forms for marketing purposes | Deactivable
Your personal data may be processed within the website for marketing purposes, subject to your consent, through the following services listed below according to their purposes:
Resume Submission Form (This Application)
Address management and sending of email messages
Holawaka (Medula Srl)
Google Analytics with anonymized IP (Google Inc.)
Google AdWords Conversion Tracking (Google Inc.)
Facebook Ads Conversion Tracking (Facebook, Inc.)
Google Analytics (Google)
Interaction with external social networks and platforms
Like button and Facebook social widgets (Facebook, Inc.)
Remarketing and Behavioral Targeting
Facebook Remarketing (Facebook, Inc.)
Facebook Custom Audience (Facebook, Inc.)
AdWords Remarketing (Google)
Access to the Facebook account (This Application)
10. Retention times and Right to Withdraw Consent
The processing of data will last no longer than is necessary to meet the purposes for which they were collected. Pursuant to Article 7 paragraph 3 of the Regulation, the interested party has the right to obtain at any time the revocation of consent to the processing and request the cancellation of their personal data, by sending communication to the Data Controller at the box indicated at the beginning of the information. Following the request for cancellation by the User, all personal data of the same will be deleted, without prejudice to the further conservation provided for by regulatory obligations. The aforementioned retention periods may be extended for any legal protection needs in court.
11. Rights of the interested party
Pursuant to EU Reg. 16/679 you are given the opportunity to exercise specific rights, in particular: right of access to personal data (art. 15), right to rectification of personal data (art. 16), right to erasure of personal data (art. 17), right to limitation of processing (art. 18), right to portability of personal data (art. 20), right to object to processing (art. 21). The exercise of the aforementioned rights is free of charge and can be exercised through the relative forms that can be requested by e-mail or by racc. a / r to be sent to the addresses indicated below.
12. Complaint to the Supervisory Authority
You are also granted the right to lodge a complaint with the Privacy Authority to complain about a violation of the regulations on the protection of personal data and request a verification of the Authority itself through the forms on the website www.garanteprivacy.it.
To receive information or exercise the rights provided, you can contact the Data Controller, Gori Gioielli di Giuliano Gori s.a.s., at the email address: [email protected] or by registered letter with return receipt to be sent to the address via Tuscolana 976 00174 ROME.