Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA THROUGH THE WEBSITE - EU Reg. 679/2016  

Pursuant to art. 13 of Regulation (EU) 2016/679 (hereinafter also GDPR) we inform you that our company processes personal data concerning you in compliance with the principles of lawfulness, correctness and transparency. Personal data (for example: name/surname, tax code, tax data, contact details, billing address, etc.) are collected directly from the interested party via the website. Below we provide you with the required information relating to the treatment.

  • Purposes and legal bases of the processing
    •

    We indicate below the purposes for which we process your personal data, also indicating for each of these, the relevant legal bases (or conditions of lawfulness) as set out in the art. 6 of the GDPR:

    1 - TREATMENTS NOT SUBJECT TO CONSENT

    1. activities specifically functional to respond to requests for information connected to the goods and/or services which are the typical object of our company's activity, sent by the interested party either by e-mail or by completing a specific form. The legal basis of the aforementioned purpose is identified in the execution of pre-contractual measures adopted at the request of the interested party (art. 6.1 letter b, GDPR)
    2. activities connected to the execution of any contract of which you become a party if, if necessary also by means of remote information exchange, a supply agreement is reached (examples of activities are: the acquisition of information preliminary to the conclusion of the contract, the management of correspondence relationships, registration on the site to identify the counterparty and speed up online purchasing functions, etc.). The legal basis of the aforementioned purpose is identified in the contract and pre-contractual measures (art. 6.1 letter b, GDPR);
    3. activities connected to the processing and conservation of accounting records, the issuing of mandatory documents and other activities carried out in compliance with mandatory regulations or orders of the Authority . The legal basis is identified in the legal obligation (art. 6.1, letter c, GDPR);
    4. activities which, although related to the onset of the contractual relationship, are functional to the direct needs of the owner to guarantee a optimal management of relationships with customers . These activities can be identified, by way of example:
      • in the internal organization of data management activities (also through CRM systems: customer relationship management; telephone directories; internal company communications; etc.) functional to the optimal management of supplies of products and/or services;
      • in the management of credit lines and risk control (insolvencies, fraud, etc.);
      • in the management of disputes and in the possible assignment of credits;
      • in the management of financial and insurance services instrumental to the management of supplies and in the management of electronic payment instruments;
      • in the processing of data for statistical purposes

    The legal basis of the aforementioned purposes is identified in the legitimate interest of the data controller (art. 6.1, letter f, GDPR);

    TREATMENTS SUBJECT TO CONSENT

     

    • activities functional to the sending of commercial information (also in the form of a newsletter) - by e-mail, post and other communication systems - advertising, information and promotional material relating to products and/or services offered by our company. The legal basis is identified in the expression of consent by the interested party (art. 6.1, letter a, GDPR) ;
    • any other cases...

     

    We do not carry out processing with automated decision-making processes or profiling.

    With reference to the specific processing of data related to the use of cookies , it is highlighted that suitable access to the information (and the consequent right to their limitation) has been offered through a specific banner that appeared upon first contact with this site. In any case, we inform you that the specific information on cookies can be found in the section of the website www.t ezzacalzature.it

  • Data retention deadline
    •

    The personal data processed for the purposes referred to in point 1 letter a) are kept for a period of time compatible with the establishment of an efficient exchange of requests/information, as a matter of practice (except for different times required by the nature of the information requested) not exceeding 24 months from the last communication.
    The data processed for the purposes referred to in point 1 letters b), c) and d) are kept until the end of the contractual relationship and also subsequently in consideration of the mandatory deadline for keeping accounting records and the limitation period for any claims arising from the existing commercial relationships provided for by law. In the event that a dispute arises, the retention period will be extended for the entire duration of this dispute and for the 10 years following its definitive resolution (e.g. settlement agreement or final judgment).
    Data retention processed for the purposes referred to in point 2, in light of the purposes for which they were collected, will in any case cease upon simple request of the interested party. 

  • Categories of data recipients
    •

    The data collected via the website for the sole purpose of responding to requests for information are not subject to communication to third parties or dissemination, as well as the data processed for sending commercial information also in the form of a newsletter.

    Your personal data may instead be communicated to third parties, for technical and operational needs strictly connected to the other purposes indicated in point 1 and in particular to the following categories of subjects:

      • bodies, professionals, companies or other structures that in any case operate treatments connected to the fulfillment of administrative, accounting, insurance and management obligations linked to the ordinary performance of our economic activity, also for credit recovery purposes;
      • companies specialized in the management of transport for third parties and logistics, whose role is in any case functional to carrying out the delivery of the goods covered by the contract between the owner and the interested party;
      • public authorities and administrations for purposes related to the fulfillment of legal obligations or to subjects entitled to access them pursuant to provisions of law, regulations, community legislation;
      • banks, financial institutions or other subjects to whom the transfer of the aforementioned data is necessary for the performance of our company's activity in relation to the fulfillment, on our part, of the contractual obligations assumed towards you;
      • suppliers of installation, assistance and maintenance services for IT and telematic systems and systems and of all services functionally connected and necessary for the performance of the services covered by the contract.

    The same subjects will operate as independent Data Controllers or will be designated as Data Processors.

    Within our corporate organisation, subjects (typically employees) may also operate who, by virtue of our designation/authorisation, will also process your personal data. These people, upon their designation, committed themselves to confidentiality and, as well as for any designated "Managers", they also received operational instructions in order to guarantee confidentiality and security in the processing of your data.

  • Data Transfers
    •

    Personal data is transferred to countries outside the European Union.

  • Treatment methods
    •

    The processing of personal data will take place in electronic format, in any case with compliance with the precautionary measures of data security and confidentiality. With reference to the sending of newsletters, this will take place through automated logic of simultaneous sending to all members of the service, by obscuring the email addresses of third party recipients (so-called Hidden Knowledge Copy). 

    In any case, technical, IT, organisational, logistical and procedural security measures are implemented in order to prevent the loss, illicit or irrelevant use of the data and access to the same without authorisation.

  • Rights of the interested party and complaint to the Guarantor
    •

    At any time, each interested party may exercise the following rights:

    • Right to obtain access to your personal data (art. 15 GDPR): you can contact us to find out if your personal data is being processed and in this case you will have the right to obtain a copy and have information regarding the origin of the data, the categories of personal data processed, the recipients of the data, the purposes of the processing, the existence of an automated decision-making process, including profiling, the data retention period or the criteria used to determine it.
    • Right of rectification (art. 16 GDPR): obtain the correction of your inaccurate personal data or the integration of incomplete ones;
    • Right to cancellation/oblivion (art. 17 GDPR): obtain the cancellation of your personal data, in the cases provided for by law;
    • Right to limit processing (art.18 GDPR): obtain, in the cases provided for by law (in summary: disputes regarding the accuracy of the data; illicit processing with opposition of the interested party to cancellation, necessity for the interested party to exercise a right in court; opposition by the interested party during the period of verification of the prevalence of the legitimate reasons of the owner compared to yours), the limitation of the processing of your personal data;
    • Right to portability (art. 20 GDPR): in the cases provided for by law (processing carried out by automated means and based on consent or on a contract) right to receive personal data in a structured, commonly used and machine-readable format that concern you and the right to transmit such data to another data controller without impediments on our part;
    • Right to object (art. 21 GDPR): right to cease further processing of personal data for reasons related to your particular situation, unless our compelling legitimate reasons prevail, in the cases provided for by law;
    • Right to withdraw consent (art. 7.3 GDPR): right to withdraw consent at any time for cases in which the processing is based on consent. However, the revocation of consent does not affect the lawfulness of the processing based on consent before the revocation.

    To exercise the aforementioned rights you can refer to the Data Controller's contact details provided in this information and, if you wish, follow the path downloadable from the Guarantor's website at the link indicated below:https://www.garanteprivacy.it/web/guest/ home/docweb/-/docweb-display/docweb/1089924 . We also inform you of your right to lodge a complaint before the competent Personal Data Protection Authority. Also in this case you can follow the trail that can be downloaded from the Guarantor's website at the link indicated below: https://www.garanteprivacy.it/en/home/docweb/-/docweb-display/docweb/9041356 . We remind you that the complaint, pursuant to art. 77.1 GDPR, can however be promoted by the interested party to the Authority of the place where the interested party habitually resides, where he works or where the alleged violation occurred.

  • Data controller
    •

    The data controller is Paolo Tezza
     Registered office: Piazza Monza 25 Dueville (VI) e-mail: privacy@tezzacalzature.it