1.WHO ARE WE?
Marco Grassi is a sole proprietorship based in Italy under number 02630270359 and the principal place of business is at Via Ghidoni, 20 Albinea (RE) – 42020, Italy. We trade as sole – proprietorship Marco Grassi supported by his Team (“we”, “us”, “our”). We own and operate this website (the “Site”). Our contact details are on the Site. Please contact us if you have any questions or feedback about this policy.
2. WHAT’S THE POINT OF THIS POLICY?
2.1 This policy tells you how we deal with your personal data. Personal data is any information relating to an identified or identifiable natural person. It does not include data where the identity has been removed (anonymous data). For the purposes of the General Data Protection Regulation ((EU) 2016/679), we are the data controller in relation to personal data collected by us. Please read on to find out about the personal data we collect, how we use and protect it, to whom we disclose it and how you can access and rectify it or request that we stop processing it.
3. WHAT PERSONAL OR OTHER DATA DO WE COLLECT AND HOW DO WE COLLECT IT?
INFORMATION YOU GIVE US
3.1 We collect and store the information which you give us: (i) through forms you fill in on the Site, such as your name, address, email address and phone number; or (ii) when communicating with us by email or in some other way. You can choose what information to give to us, but some of this information may be required to provide you with certain services or goods, for example, the billing or delivery address if you order from us. If you choose not to provide certain information, we may not be able to provide you with our goods and services. It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
INFORMATION WE COLLECT ABOUT YOU
3.2 We receive and store certain information automatically when you interact with us. Examples include connection information such as country and city, browser type and version, your operating system and platform, a unique reference number linked to the data you enter on our system, the full URL clickstream to, through and from our Site (including date and time), cookie number, activity on the Site including the pages you visited, searches you made and products purchased.
4. WHAT ABOUT COOKIES?
5. WHAT IS OUR LEGAL BASIS FOR PROCESSING PERSONAL DATA?
5.1 In line with the General Data Protection Regulation, we rely on the following legal bases/grounds to process your personal data: Performance of a contract with you: in order to provide you with the goods or services you want (which you will see as mandatory fields in any order or sign up process); Consent: where you have provided consent, for example, by agreeing that we can contact you with offers and events you might be interested in, we will process the data on the basis of that consent; and/or Legitimate interests: for the remaining data we collect, we process it in the legitimate interests of operating our business; or Legal interest: where we need to comply with a legal obligation.
5.2 We may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data.
5.3 We may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
6. HOW DO WE USE YOUR PERSONAL DATA?
6.1 We use your personal data to provide our products and services arising from any contracts entered into between you and us and to provide you with the information, products and ancillary services which you may request from us. These include send service/transactional messages, process payments and/or fulfil orders.
6.2 We use your personal data to help us communicate with you effectively should you try to contact us through the Site.
6.3 We only want to send you marketing-related communications (including by email or social media) that we feel may interest you and if you have given permission on the Site. You can change your privacy settings and preferences by contacting us via mail. You should note that it can take up to 72 hours for your preferences to take effect on our website. Please note that even if you choose not to receive marketing emails from us, you will still receive our transactional emails, such as messages related to your orders, updates on products and services you have purchased from us, or information about your account.
6.6 We may use your personal data to contact you through a touchpoint other than the one through which you originally contacted us.
6.7 We may use your personal data to ensure that content from our Site is presented in the most effective manner for you and for your device to achieve the most user-friendly navigation experience.
6.8 We may use your personal data to notify you about changes to the Site and our products and services.
6.9 We retain personal data from closed accounts in order to comply with legal obligations, enforce our terms and conditions, prevent fraud, collect any fees owed, resolve disputes, troubleshoot problems, assist with any investigations and take other actions as permitted by law.
6.10 We may access, remove, alter, store or otherwise use any personal data if we have reason to believe that it breaches our terms and conditions, or that such steps are necessary to protect us or others, or that a criminal act has been committed, or if we are required to do so by law or an appropriate authority.
CHANGE OF PURPOSE
6.11 We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.
6.12 If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
HOW LONG WILL YOU RETAIN MY PERSONAL DATA FOR?
6.13 We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
6.14 To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.
7. HOW DO WE PROTECT PERSONAL DATA?
7.1 We have put in place appropriate technical and organisational measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions, and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
7.2 Email and other electronic communications are not secure if they have not been encrypted. Your communications may pass through servers in a number of countries, including countries outside the European Economic Area (“EEA”) before they reach us. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Site; any transmission is at your own risk. We do not accept responsibility for any unauthorised access to or loss of personal data that stems from a cause beyond our control. Nor can we be held responsible for the actions or omissions of other users or third parties who may misuse your personal data which they collect from the Site.
8. TO WHOM DO WE DISCLOSE PERSONAL DATA?
8.1 Payment details including credit card numbers are supplied direct to our banking partner. We do not receive such information. To ensure your details are not being used without consent, your personal data may be supplied to relevant third parties including credit reference and fraud prevention agencies, who may keep a record of that information in line with their own privacy policies.
8.2 We may allow access to your personal data to third parties who supply us with a service. Examples include e-commerce platform providers, couriers (to enable delivery of goods), website hosts and businesses which assist us in undertaking communications or businesses which assist us in monitoring our Site such as Google Analytics for re-targeting, Facebook, Instagram, Tik Tok. We require all such third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
8.3 We may disclose personal data so far as reasonably necessary:
If we have reason to believe you have breached our terms and conditions, or that such steps are necessary to protect us or others, or that a criminal act has been committed, or if we are required to do so by law or an appropriate authority. If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions and other agreements; or to protect the rights, property, or safety of us, our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
8.4 Except as otherwise specifically included in this policy, this policy addresses only the use and disclosure of information we collect from you. If you disclose your information to third parties, whether they are other users of our Site or other websites, different rules may apply to their use or disclosure of your information.
9. WHAT ARE YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA?
9.1 You can get in touch with us at any time using the ‘contact’ link on our Site to: request the deletion or correction of personal data we hold about you; object to our use of your personal data and/or request that we restrict or stop our use of that data; and/or withdraw your consent to processing of your personal data, where we process data on the basis of consent PROVIDED THAT you are able to prove who you are with two documents of verifiable identification. This is to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
9.2 For further information about your rights under data protection laws in the European Union, see: https://ec.europa.eu/info/law/law-topic/data-protection_en.