Privacy Policy
Pursuant to art. 13 of Legislative Decree 20 June 2003 No. 196 – Privacy Code, and Art. No. 13 of European Regulation No. 679/2016, this Policy only applies to data collected through www.officinaparfum.it. Any subsequent updates to this Policy will be published on the website.
Data Controller
The Data Controller is Officina srl, with registered offices in Parma, Borgo XX 15, VAT No. 02579810348.
Types of data collected and Processing of personal data
Any personal data supplied or collected will be processed according to the principles of fairness, lawfulness, transparency, and confidentiality under applicable laws.
The Data Controller will adopt all necessary security measures to avoid any unauthorised access, dissemination, change or deletion of personal data.
Data will be processed through IT or telecommunication tools, for the purposes indicated below, following organizational procedures and methodologies strictly related to the purposes indicated. In addition to the Controller, data may be accessed by other categories of employees involved in the management of our website (secretarial, sales, marketing, legal and site administration staff) and by third parties (such as third party service suppliers, hosting providers, IT companies, communications agencies), who may also be appointed Data Processors by the Data Controller. The updated list of any appointed Data Processor may be requested to the Data Controller at any time.
Personal data collected on this website, directly or through third parties, includes the following: Cookies, Usage data, E-mail and Name, VAT number, type of business, tax code, date of birth, contact form, registration / access to the reserved area, newsletter subscription, product and service purchases and associated “Cart”, similar activities.
Other data collected may be indicated in other sections of this Privacy Policy, or by means of text screens appearing as the collection takes place. Personal data may be entered by the User or collected automatically by the website during browsing.
Non-disclosure of some Personal Data may result in this website not being able to offer its services. Users are responsible for any Third Party personal data published or shared through this website, for which they claim the right to communicate or disseminate, thus freeing the Controller from any liability to third parties.
1) Data supplied by users
Sending e-mails, optionally, explicitly and voluntarily, through the contact form or addresses supplied on the website, results in the sender’s address, and any other personal information contained in the mail, being collected in order to reply to the message. Further summary information will be progressively reported or visualised on any website sections offering particular on-demand services.
2) Location of data processing
Data will be processed at the offices of the Data Controller. For further information please contact the Data Controller. Personal data may be transferred to a different country from the one where the user is located. Please note that additional information is provided in the “Further information on data processing” section.
3) Timing of data processing
As provided by Art. 5, para 1, letter e) of the GDPR, data is retained for the time strictly necessary for their processing relating to user requests or to the purposes described in this policy.
In particular:
- Data collected for purposes related to the execution of a contract between Controller and User will be retained until the full contract completion.
- Data collected for purposes related to the lawful interest of the Controller will be retained until such interest is satisfied.
- Data collected on the basis of user consent could be retained until such consent is revoked.
- Indicatively, data may be retained for: tax/administration duties, legal obligations related to product guarantees, contractual obligations resulting from additional post-sales services.
Data may be retained by the Controller for longer periods under legal obligations or orders. Users may request to stop their data Processing or delete their data at any time.
4) Purposes of data processing
User data is collected to enable the website to supply services, and also for the following purposes: Contacting users, managing the address book , sending e-mail, registering /accessing the reserved area, newsletter subscription, interacting with outside platforms, commenting on contents, Statistics, marketing and remarketing. In particular:
- to satisfy any specific user request sent to the Controller through the website and its communication tools (contact form, information request forms and similar);
- to register for the newsletter and receive industry information;
- to communicate and inform on services supplied by the Controller, following requests for more information through e-mail, or contact form, or other means of communication;
- for any other accessory or connected communication within the activities carried out through the website.
The categories of Personal Data used for each of these purposes are indicated in specific sections of this document. The categories of Personal Data used for each of these purposes are indicated in specific sections of this document. Among other things, data will be processed for specific purposes, as shown in the examples below:
- for contract-related purposes: mostly to execute any contract agreed upon;
- for contacting users regarding the contract and its management;
- for queries regarding legal guarantees, product compliance, assistance, or requests to withdraw, manage or terminate the contract.
5) Cookie
This website uses cookies. Cookies are small text files used by websites to increase the effectiveness of the user experience. Cookies are used to personalise content and ads, supply social media functionality and analyse traffic. They supply information on the way customers use our website to our partners who analyse web data, ads and social media, and they could combine these with other information supplied by users or collected through the services enjoyed by users. Cookie policy
Further information on Personal Data processing
Data are collected for the following purposes and using the following services:
Contacting users
1) Mailing List o Newsletter
When users register for the mailing list of newsletter, their e-mail address is automatically entered in a list of contacts who can be sent e-mail messages with information and marketing messages related to this website. Users’ e-mail addresses may also be added to the list after registering, or following a purchase. Personal data collected: E-mail, Name and Surname.
2) Contact form
By entering their details on the contact form, users consent to their data being used to reply to information requests, or prepare quotes or any purpose indicated on the form title. Personal data collected: E-mail, Name and Surname.
3) Managing addresses and sending e-mails
These services allow us to manage a data base of e-mail addresses, telephone contacts or contacts of any other type, in order to communicate with users. These services may also allow the collection of data on the day and time the messages are viewed by users, user interaction and clicking data on links inserted in the messages. These services are managed by the tools developed on the website supplied by the Joomla! Platform, which complies with the Privacy Shield programme. Location of data processing: USA – Privacy Policy
Tag management
This service aids the central management of the tags or scripts on our website. User data moves through and is retained by this service.
1) Google Tag Manager (Google LLC)
Google Tag manager is a tag management service supplied by Google LLC. Personal data collected: Cookies and usage data. Location of data processing: USA - Privacy Policy
Browsing and hosting data
The IT systems and software procedures that make our website work will acquire some personal information whose transmission is implicit in the use of Internet communications processes.
However, the Data Controller has no access to such data, not even for consultation purposes.
Data are held on the server of the web host, who can only supply them upon written request by the Public Prosecution, to ascertain potential liabilities in the event of cyber crimes against our website.
This instance aside, currently the server logs are kept by OVH SAS, place of data processing: France – Privacy Policy.
These data are not collected to be linked to identifiable users, but by their own nature they may enable user identification through processing and association with third party data. This category includes IP addresses or domain names of computers connecting to the website, URI (Uniform Resource Identifier) addresses of requested resources, time of the request, method of request to server, size of the response file, numeric code indicating the type of server response (success, error, etc.) and other parameters on users’ operating system and IT environment. Data is backed up on both OVH servers and
Google Drive ( Google LLC): Policy Privacy
Security
This site is SSL certified and uses HTTPS protocols to enhance the security of personal data as it is entered. This protocol ensures that all transactions and data transmissions through the website are secure and content cannot be read or manipulated in any way.
Statistics
The services detailed here enable the Data Controller to monitor and analyse traffic data and track user behaviour.
1)Google Analytics (Google LLC)
Security This site is SSL certified and uses HTTPS protocols to enhance the security of personal data as it is entered. This protocol ensures that all transactions and data transmissions through the website are secure and content cannot be read or manipulated in any way.
Statistics The services detailed here enable the Data Controller to monitor and analyse traffic data and track user behaviour. - Privacy Policy
2) Facebook Ads (Facebook Inc)
Facebook Ads is a statistics service supplied by Facebook Inc., linking data from Facebook Ads to actions performed on the website. Personal data collected: Cookies and usage data. Location of data processing: USA - Privacy Policy
Interaction with Social Networks
These services enable interaction with social networks or other third party websites directly from our website. Interactions and data collected on our website are always subject to the privacy preferences set by users on their social networks. Our website uses AddThis for its social plug-ins. The service is supplied by Oracle LLC. Location of data processing: USA – Privacy Policy
Registration and authentication
Registration and authentication enable the user to be identified by the relevant application and access the dedicated services. Registration and authentication services may require the assistance of third parties. In this case, the application may access data held by the third party used for registration and identification.
1) Direct Registration
Users register directly on our website, filling the form and supplying their personal data.
2) Facebook Connect (Facebook Inc.)
Facebook Connect is a service supplied by Facebook Inc. facilitating and integrating our website’s links to the social network. Personal data collected: various types as specified in the Privacy Policy. Location of data processing:
USA – Privacy Policy
3) Instagram Connect (Facebook Inc.)
Instagram Connect is a service supplied by Facebook Inc. facilitating and integrating our website’s links to the social network. Personal data collected: various types as specified in the Privacy Policy. Location of data processing: USA – Privacy Policy
Remarketing
These services enable our website and its partner sites to communicate, optimize and supply ads based on the customer’s previous usage of the site. This activity is based on tracking data and cookies, whose data are sent to remarketing partners.
1) Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a Remarketing and Behavioural Targeting service provided by Facebook, Inc. which links the activity of our website with Facebook’s advertising network. Personal data collected: Cookies and usage data. Location of data processing: USA – Privacy Policy
Further information on Data Processing
1) Court proceedings
The Controller may use Customers’ Personal Data to prepare its own defence in the event of court proceedings or to assist in the preparation of such proceedings, or to defend against users abusing these or connected services. Users confirm they are aware that Public Authorities may require the Data Controller to disclose their personal data.
2) Specific Privacy information
Upon request, our website can supply additional Privacy Policy information in real time regarding specific services, or personal data collection and processing.
3) System log and maintenance
Our website could collect system logs, which are logs that record interactions and may contain Personal Data, such as users’ IP address, to fulfil site functioning and maintenance requirements.
4) Further Privacy information
Further information on Personal Data processing may be requested to the Data Controller via contact forms at any time.
5) Nature of processed data and consequences of refusing consent
The collection of customers’ browsing data, for the purposes detailed above, depends on the level of privacy set by users on their browser. In some instances, disabling settings may prevent browsing on this website. Some modules of our website require browsing data and/or use technical cookies in order to work correctly. The use of some personal data is necessary for the very structure of our website and its procedures. For example:
- sending messages through web contact forms or registering for our newsletter requires some minimum level of data, such as USERNAME and/or name/surname and/or e-mail address and/or other user identification data;
- registering and accessing the reserved area on our website requires USERNAME and PASSWORD, and other data linked to e-commerce transactions such as name/surname/title, delivery address for the goods/services purchased, tax code/VAT number and similar, as explained in the specific purchasing forms. Transactions cannot be completed without these. Any request for optional data will be provided alongside a tick box for consent. All other data is optional and depends on the kind of data the user wants to enter on our website.
6) Exercise of the rights of the data subject
At any time, pursuant to Art. 7 of Legislative Decree 196/03 (Privacy Code) and Art. 15 to 22 of European Regulations No. 679/2016, the data subject has the right to obtain confirmation of any personal data, even if not yet recorded, and their communication in intelligible form, to know the content and origin of the data and to check its accuracy. The data subjects have the right to revoke consent at any time, and may ask the Data Controller to access their personal data, receive them and transmit them to another Data Controller (so-called Data Portability), to update data, limit their processing, rectify data and delete any data whose processing does not comply with applicable laws. The data subject has the right to oppose to the processing of personal data and to the processing for the purposes of marketing, direct sales and market research.
Data subjects can e-mail their requests to the following address: This email address is being protected from spambots. You need JavaScript enabled to view it.
7) Complaints
Pursuant to Art. 77 of the GDPR, users may always complain or file a claim to the relevant Data Protection authority.
8) Changes to this Privacy Policy
The Data Controller reserves the right to alter this Privacy Policy at any time, informing users on this web page. We recommend regularly checking this page and referring to the ‘last updated’ date indicated at the bottom of the page. In the event that any change to this Privacy Policy is not acceptable, users should stop using the website and they may ask the Data Controller to remove their personal data. Notwithstanding any specific exception, this Privacy Policy will apply to all personal data collected until such time. Information on this Privacy Policy. The Data Controller is responsible for this privacy policy.
Privacy Policy last updated June 2018