PRIVACY INFORMATION NOTICE
Triboo Digitale S.r.l. with registered office in Viale Sarca 336, Edificio 16, 20126 Milan, VAT no./Tax Code and listing number with the Milan Companies Register IT02387250307 (hereinafter also “Triboo”) and GGR Srl single-member private limited liability company, with registered office in Via dell’Indipendenza n. 15, 47030 San Mauro Pascoli (FC) VAT no. and listings number with the Companies Register of Forlì-Cesena IT03591680404 (hereinafter also the “Partner” and jointly with Triboo, the “Data Controllers”), as co-data controllers of the personal data of users (hereinafter the “Users”) who browse and use the services available on the website www.gianvitorossi.com (hereinafter the “Website” and the “Services”) provide below the privacy policy pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, “Regulations”, or also the “Applicable Regulations”).
This Website and the Services are reserved for individuals who are at least eighteen years of age. The Data Controllers therefore do not collect personal data relating to persons under 18 years of age. Upon requests by Users, the Data Controllers will promptly delete all personal data involuntarily collected and related to subjects under 18 years of age.
The Data Controllers strictly adhere to the right to privacy and protection of the personal data of their Users. For any information relating to this privacy statement, Users may contact the Data Controllers at any time, using the following methods:
a) For Triboo:
b) For the Partner:
c) Users can also contact
1. Purpose of the treatment
Users' personal data will be processed lawfully by Triboo pursuant to art. 6 of the Regulations for the following processing purposes:
a) contractual obligations and provision of the Services, to allow navigation of the Website or to implement the Terms of Use of the Website, which are accepted by the User during registration on the Site and/or during use of the Services and to fulfil specific User requests. The User's data collected by Triboo for the afore-mentioned purposes include: the name, surname, province of residence/domicile, telephone number, email address, and any personal information of the User that may be voluntarily published. Unless the User provides Triboo with specific and optional consent to the processing of their data for further purposes, the User's personal data will be used by Triboo for the sole purpose of ascertaining the identity of the User (also through validation of the e-mail address), thus avoiding possible scams or abuses, and contacting the User only for reasons of service (e.g. to send notifications relating to the Services). Notwithstanding the provisions elsewhere in this privacy statement, under no circumstances will Triboo make the personal data of the Users accessible to other Users and/or to third parties.
b) administrative-accounting purposes, that is to perform activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and functional activities for the fulfilment of contractual and pre-contractual obligations;
c) legal obligations, that is to fulfil obligations imposed by law, by an authority, by a regulation or by European legislation.
The provision of personal data for the purposes of processing indicated above is optional but necessary, as failure to provide the same will make it impossible for the user to browse the Website, to register with Website or to use the Services.
The personal data that are necessary for the pursuit of the processing purposes described in this paragraph 1 are indicated with an asterisk in the Website registration form.
2. Further processing purposes: marketing (sending of advertising material, direct sales and commercial communication)
With the free and optional consent of the User, some personal data of the User (i.e. the name, surname, email address) may be processed by the Partner also for marketing purposes (the sending of advertising material, direct sales and commercial communication) , or in order for the Partner to contact the User by post, e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or MMS to propose to the User the purchase of products and/or services offered by the same Partner and/or by third parties, to present offers, promotions and business opportunities.
In case of non-consent, the possibility to register on the Website will not in any way be affected.
In case of consent, the User may at any time revoke the same, submitting a request to the Partner in the manner indicated in paragraph 7
The User can also easily oppose further sending of promotional communications via e-mail by also clicking on the appropriate link for the revocation of consent, which is present in each e-mail promotional e-mail. Once the consent has been revoked, the Partner will send an e-mail to the User to confirm that the consent has been revoked. If the User intends to withdraw their consent to the sending of promotional communications by telephone, however continuing to receive promotional communications via email, or vice-versa, they should send a request to the Data Controller in the manner indicated in paragraph 7 below.
The Partner informs that, following the exercise of the right of opposition to the sending of promotional communications via e-mail, it is possible that, for technical and operational reasons (e.g. for the formation of contact lists already completed shortly before receipt by the Partner of the opposition request) the User may continue to receive some further promotional messages. Should the User continue to receive promotional messages after 24 hours has elapsed from the exercise of the right of opposition, please report the problem to the Partner, using the contact details indicated in paragraph 7 below.
3. Further processing purposes: newsletter
With the free and optional consent of the User, some personal data of the User (i.e. name, surname, address, e-mail address) may also be processed by the Partner for the purpose of sending out of the newsletter. Therefore the User will receive from the Partner a periodic newsletter that will contain information in relation to news and promotions present on the Website and/or relating to initiatives of the Partner.
In case of non-consent, the possibility to register on the Website will not in any way be affected.
In case of consent, the User may at any time revoke the same, submitted a request to the Owner in the manner indicated in paragraph 7 below.
The User can also easily oppose further sending of promotional communications by clicking on the appropriate link for the revocation of consent, which is present in each e-mail containing the newsletter. Once the consent has been revoked, the Partner will send an e-mail to the User to confirm that the consent has been revoked.
4. Further processing purposes: profiling
With the free and optional consent of the User, the personal data of the User (that is, the personal and contact data, that the information related to the services to which they have expressed their interest) [AL1] [AL2] [AL3] may be processed by the Partner also for purposes of profiling, or to reconstruct the consumer's tastes and consumption habits, identifying their consumer profile, in order to send the User commercial offers consistent with the profile identified.
In case of non-consent, the possibility to register on the Website will not in any way be affected.
In case of consent, the User may at any time revoke the same, submitting a request to the Partner in the manner indicated in paragraph 7
5. Processing methods and data retention times
The Data Controllers will process the personal data of the Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.
Users' personal data will be kept for the time strictly necessary to perform the primary purposes described in paragraph 1 above, or in any case as necessary for the protection in civil law of the interests of both Users and of Triboo.
In the cases referred to in paragraphs 2, 3 and 4 above, the personal data of Users will be kept for the time strictly necessary to accomplish the purposes described therein and, in any case, for no more than twenty-four (24) and twelve (12) months respectively[1].
6. Scope of communication and dissemination of data
The personal data of Users may be disclosed to the employees and/or collaborators of the Data Controllers in charge of managing the Website and all the services related to the provision of the Services. These subjects, who have been instructed to do so by the Data Controllers pursuant to Article 29 of the Regulations, will process the Users' data exclusively for the purposes indicated in this statement and in compliance with the provisions of the Applicable Law.
Personal data of the Users may also be disclosed to third parties who may process personal data on behalf of the Data Controllers as "External Processors", such as, by way of example, suppliers of IT and logistics services functional to the operation of the Website. and/or Services, service providers of outsourcing or cloud computing, professionals and consultants
Users have the right to obtain a list of any data controllers appointed by each Data Controller respectively, making a request to the Data Controller in the manner indicated in paragraph 7 below.
Furthermore, the personal data of Users may be disclosed by Triboo, to the extent that this is necessary and essential for the implementation of contractual obligations, to third parties who are independent data controllers, such as providers of the services payment and of logistics services necessary for delivery of goods sold through the Website. These autonomous controllers will process the User's data exclusively for the purpose of correct fulfilment of the orders relating to the Services.
7. Rights of Interested Parties
Users may exercise their rights granted by the Applicable Regulations by contacting the Data Controllers in the following ways:
a) By sending a registered letter with return receipt to the registered office of the owners
for Triboo: Viale Sarca n. 336 Edificio sedici - 20126 Milan (MI)
for the Partner: via dell’Indipendenza n. 15 – 47030 San Mauro Pascoli (FC)
b) By sending an e-mail to the address
for Triboo: triboospa@legalmail.it
for the Partner : privacy@ggr-distribution.com
c) By sending a fax to number
for Triboo: 02/647414 14
for the Partner: 0541/932912
Triboo will comply with the requests of Users relating to the processing referred to in paragraph 1, while the Partner will comply with the requests of Users relating to the processing referred to in paragraphs 2 , 3 and 4.
Pursuant to the Applicable Regulations, the Data Controllers inform Users that they have the right to obtain an indication (i) of the origin of personal data; (ii) of the purposes and methods of the processing; (iii) of the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) of the identification details of the Data Controllers and Data Processors; (v) of the subjects or categories of subjects to whom the personal data may be communicated or who may learn of it as data processors or officers.
Furthermore, Users have the right to obtain:
a) access to, updating, correction or, when relevant integration of the data;
b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed;
c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also with regard to its content, of those persons to whom the data has been communicated or disseminated, except in the case where such fulfilment proves impossible or involves the use of means manifestly disproportionate to the protected right.
Furthermore, Users have:
a) the right to withdraw consent at any time, if the processing is based on their consent;
b) (where applicable) the right to the portability of data (the right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device), the right to limit the processing of personal data and the right to its deletion ("right to be forgotten");
c) the right to oppose:
i) in whole or in part, for legitimate reasons, the processing of personal data concerning them, even if pertinent to the purpose of the collection;
ii) in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
iii) if personal data is processed for direct marketing purposes, at any time, to the processing of their data for this purpose, including profiling in so far as it is related to such direct marketing.
d) if they believe that the processing that concerns them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred ). The Italian Supervisory Authority is the Guarantor for the protection of personal data, located in Piazza di Monte Citorio n. 121, 00186 - Rome (http://www.garanteprivacy.it/).
The owners are not responsible for the updating of all links that can be viewed in this Policy, therefore whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.
[1] As required by the General Provision of the Guarantor for the protection of personal data called "'Fidelity card' and guarantees for consumers. The rules of the Guarantor for loyalty programs” of 24 February 2005.
PERSONAL DATA PROCESSING NOTICE
ART. 13 OF REGULATION (EU) 2016/679
Data subjects: Customers of points of sales
In compliance with Regulation (EU) 2016/679, hereinafter referred to as 'GDPR', 'GGR SRL UNIPERSONALE', as controller of your personal data, informs you herewith that such Regulation provides for protection of data subjects as to the processing of their personal data and that the relevant processing shall be carried out according to the principles of lawfulness, fairness, transparency and protection of your rights and confidentiality.
To achieve their purposes, the controller needs to collect some personal data, such as name and surname, fixed or mobile telephone number, and email address.
Your personal data shall be processed in compliance with the provisions of the above-mentioned Regulation and the confidentiality obligations provided for therein.
Optional purposes: subject to your freely given consent, the controller shall be allowed to process your personal data for purposes connected with market researches, statistics and promotional activities, including the shipment of advertising and promotional materials, by email, post and/or sms and/or phone, other than those necessary to ensure the execution of the contract. The legal basis for the above purposes shall be your consent.
Your personal data shall be processed in compliance with the provisions of the above-mentioned Regulation and the confidentiality obligations provided for therein as well as in compliance with the regulation "Guidelines on Marketing and against Spam - 4 July 2013" issued by the Italian Data Protection Supervisor (published on the Italian Official Gazette no. 174 of 26 July 2013).
Consequences of the objection to optional purposes: the provision of your personal data for the above purposes is optional and your objection, if any, to the processing of your personal data shall not compromise the continuation of the business relation or the correctness of the processing of personal data.
Processing method: data shall be processed using manual and/or IT and telematic means so as to ensure the safety, integrity and confidentiality of data according to the physical and logical organisational measures provided for by the regulations in force in order to minimize the risk of destruction, loss, unauthorised alteration or disclosure of, or access to, personal data, as established under art. 6 and 32 of the GDPR.
Recipients: in order to carry out some activities or support the functioning and organization of the activities, some data may be disclosed to the following categories of recipients:
Third parties: (disclosure to: natural or legal persons, public authorities, agencies or other bodies other than the data subject, the controller, the processor and any persons duly authorized to process data), including:
Processors: (natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller)
Inside the corporate organization, your personal data shall be only processed by personnel expressly authorized by the controller and bound by a confidentiality agreement, and in particular by the following categories of employees:
Dissemination: your personal data shall not be disseminated in any way.
Transfer of personal data to non-EU countries: the controller shall not employ any processors based in non-EU countries.
Storage period: the storage period of the data processed for marketing and profiling activities shall vary according to the purposes pursued by the controller, but under no circumstances shall it be longer than, respectively, 24 months and 12 months from the last contact or reply received.
Controller: pursuant to the relevant Regulation, the controller shall be 'GGR SRL UNIPERSONALE', with registered office and operational headquarters in Via dell’Indipendenza 15, 47030 San Mauro Pascoli (FC), Italy, VAT registration number 03591680404, represented by their legal representative pro tem.
You can request further information about the data supplied by sending an email to the following email address: privacy@ggr-distribution.com. Further information about the privacy policies applied by our company is available on our website www.gianvitorossi.com.
Data protection officer (DPO): pursuant to art. 37 of the GDPR, the controller has appointed as data protection officer the firm Studio Paci &C Srl (contact person: Luca Di Leo), Via Edelweiss Rodriguez Senior 13, 47924 Rimini (RN), Italy, email: dpo@studiopaciecsrl.it, tel. +39 0541 1795431.
Regulation (EU) 2016/679: Art. 15, 16, 17, 18, 19, 20, 21, 22 - Rights of the data subject
1. The data subject shall have the right to obtain the confirmation as to whether or not personal data relating to him or her do exist, even when they have not yet been recorded, as well as to be provided with such data in an intelligible form.
2. The data subject shall have the right to be informed about:
a. the origin of personal data;
b. the purposes and methods of the processing;
c. the logic involved if personal data are processed using electronic means;
d. the identification details of the controller, processors and designated representative pursuant to art. 5, par. 2;
e. the entities or categories of entities to which the personal data may be disclosed or which may acquire such data as designated representative on the territory of the Member State, processors or entities entrusted with personal data processing.
3. The data subject shall have the right to obtain:
a. the update or rectification of personal data as well as, on his or her request, to have any incomplete personal data completed;
b. the erasure, anonymization or blocking of data processed in violation of the law, including data for which storage is not necessary in relation to the purposes for which they have been collected or subsequently processed;
c. the certification that those to whom personal data have been disclosed have been informed of the execution and content of the operations under letters a) and b), except when this proves to be impossible or requires a disproportionate effort with respect to the protected right;
d. the data portability.
4. The data subject shall have the right to object, in total or in part:
a. on legitimate grounds to the processing of personal data concerning him or her, even when such data comply with the purpose for which they have been collected;
b. to the processing of personal data concerning him or her for the purposes of direct marketing, shipment of advertising material, market researches or commercial communications.
Complaint: if the relevant conditions are met, the data subject shall also have the right to lodge a complaint with the Data Protection Supervisor as supervisory authority according to the established procedures. For further information as well as for the exercise of his or her rights under the European Regulation, the data subject shall contact the controller using the above contact details.
Statement for obtaining the consent of the data subject for optional purposes
Acknowledging the receipt of the information provided by the controller pursuant to art. 13 of the GDPR, the undersigned data subject confirms to have read this personal data processing notice.
The consent relating to the optional purposes is given by filling in and signing the relevant items on the card available at the points of sale.
Below are the optional purposes for which the data subject's explicit consent is required:
Newsletters: GGR SRL Unipersonale offers you the opportunity to receive newsletters containing news, promotions, invitations to special events (previews, presentations of new collections, private sales, etc.) by email (Newsletters), phone, fax, chat, social networks or post.
Information according to your preferences: GGR SRL Unipersonale shall carry out profiling according to your preferences, purchasing habits, origin, and, if specified on the card, your shoe size (*), etc. in order to send you personalized offers. If your date of birth (*) is specified on the card, you will receive a special offer for your birthday.
