Privacy Policy
Pursuant to Art. 13 of the European Regulation 2016/679 ("GDPR"), Legislative Decree 196/2003 ("Privacy Code"), and the California Consumer Privacy Act (“CCPA”), as amended by the California Privacy Rights Act (“CPRA”) (collectively, “Applicable Data Privacy Laws”), Gianvito Rossi S.r.l. (the "Company", "GVR", “we”, or “us”) provides this Privacy Policy in order to communicate to its customers and, more generally, to the users of the site www.gianvitorossi.com (the "Site") its policy regarding the protection of personal data.
The information in the Privacy Policy is relevant:
A) when accessing the Site for browsing, using the services (including e-commerce) (hereinafter, for brevity, also referred to as "Online");
B) on the occasion of visits and/or purchases at Gianvito Rossi's physical stores (hereinafter also referred to as 'Retail' for brevity).
GVR processes Personal Information (also called “Personal Data”) in compliance with the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, minimization, accuracy, integrity and confidentiality and with the provisions of Applicable Privacy Laws. This Privacy Policy is applicable when visiting our physical stores, when accessing the Site for browsing and when using the services provided on the Site (including e-commerce).
You may access specific topics in this Privacy Policy by clicking on the relevant links below:
- Information We Collect
- Sources of Personal Information
- Use of Your Information
- Disclosure of Your Information
- Children’s Privacy
- Your Choices and Rights
- Security and Retention
- Linked Third-Party Site
- International Transfers
- Modifications to this Privacy Policy
- Contact Us
- INFORMATION WE COLLECT
This Section describes the categories of Personal Information that we may collect for the purposes described in this Privacy Policy. Personal Information generally refers to any information that can be linked to an identified or identifiable person. The term Personal Information also covers certain categories of “Sensitive” or “Special” Personal Information that often receive additional protections and/or are subject to additional restrictions under applicable laws. However, we do not collect Sensitive or Special Personal Information as those terms are defined under applicable laws.
Information We Collect from You
When you use the Site, several types of information may be collected from you, including (1) Device Information; and (2) Personal Information.
Device Information
We may automatically collect Device Information regarding use of or access to the Site, such as:
- The type of device you use to access the Site;
- The date and time you access the Site;
- The type of web browser you use to access the Site;
- The sections within the Site that you access;
- The Internet Protocol (“IP”) address (a number that is automatically assigned to a computer when the Internet is used);
- The user language;
- The operating system;
- The screen resolution; and
- The connection type that you use to access the Site.
In addition, we may collect location information through the use of technology when you use our Site, such as data associated with your IP address or other online or device identifier. If you do not want us to collect and use this information, you may be able to disable the location features on your device. Check your device manufacturer settings for information on how to do so.
This information (collectively, “Device Information”) does not, by itself, personally identify users. We use this Device Information to monitor the effectiveness of the Site, to help personalize your experience, and to consider potential improvements to the Site. Device Information may be collected through cookies or similar technologies. For more detailed information on cookies, please refer to our Cookies Policy. [link]
Personal Information
Access to and/or use of some parts of our Site may require disclosure of certain Personal Information as further described below. The categories and specific types of Personal Information that GVR may collect about you include:
- Direct identifiers and contact information, including your name, address, phone number, or email address, business contact information, or other similar identifiers.
- Demographic information, including date of birth, gender, age, and location.
- Account registration information, such as your email address and password and user profile data provided when you create or update your account.
- Payment or banking information, including credit card number, name on credit card, expiration date, security code, C.F. number, VAT number, and billing address.
- Commercial information, such as your purchase history, services you have requested, and products you have viewed and/or placed on your wish list or in your shopping cart.
The provision of the Personal Information listed above is voluntary. In certain instances, you will not be able to fully access our Site without the requested Personal Information.
- SOURCES OF PERSONAL INFORMATION
We collect your Personal Information in the following ways, pursuant to applicable law:
- Directly From You, when you use our Site, register for an account or create a profile, contact us, respond to a survey, sign up to receive emails, text messages, and/or postal mailings, or fill out the Client Card.
- Through Our Use of Cookies and Other Automatic Data Collection Technologies, when you visit our Site, open or click on emails we send you, or interact with our advertisements. We or third parties we work with automatically collect certain information using technologies such as cookies, web beacons, clear GIF, pixels, internet tags, web server logs, and other data collection tools. For more information, please see our Cookies Policy. [link]
- Other Sources, including data analytics providers or publicly available sources.
- USE OF YOUR INFORMATION
We use your Personal Information above for the following business purposes (“Processing Purposes”) associated with our general business operations.
-
- For everyday business purposes, such as account management, contract administration, website management, corporate governance, and legal and regulatory reporting obligations. The legal basis for this use of your Personal Information is our legitimate interests in managing our business operations, satisfying our legal obligations, and performing our contract with you.
- To assist you in using and accessing our Site as you requested. This means that we may use your Personal Information to respond to your questions, operate the Site, perform our obligations to you, and perform other actions based on your consent. The legal basis for this use of your Personal Information is our legitimate interests in operating our Site, performing our contract with you, and your consent.
- To respond and address feedback you provide us or if you contact us for support. The legal basis for this use of your Personal Information is our legitimate interests in addressing your questions and feedback, performing our contract with you, and your consent.
- For marketing and promotional purposes to show you advertisements for products and/or services tailored to your interests on social media and other websites, to send you marketing communications that promote GVR products, programs or services and/or those of our partners (with your consent, where required), and to determine the types of marketing communications to send. The legal basis for this use of your Personal Information is our legitimate interests in marketing our products, and your consent.
- For profiling activities aimed at analyzing your preferences and purchasing choices in order to offer products and services in line with these preferences and send invitations to customized events and initiatives, although these activities do not produce legally significant effects concerning the data subject. The legal basis for this use of your Personal Information is our legitimate interests in marketing our products, and your consent.
- To analyze your needs and help improve, develop, troubleshoot and evaluate the Site, to resolve problems with the Site, and to develop new products and services. The legal basis for this use of your Personal Information is our legitimate interests in managing our Site and in improving our products and services.
- To comply with laws and regulations and legal processes. The legal basis for this use of your Personal Information is satisfying our legal obligations.
- To monitor compliance with our policies, procedures and applicable terms of service, for fraud prevention, to detect and address illegal activities and/or to protect GVR and its employees, users and property. The legal basis for this use of your Personal Information is our legitimate interests in monitoring compliance, preventing fraud and illegal activities, and protecting the safety of individuals and property.
Use of Your Sensitive Personal Information
We do not collect or use Sensitive Personal Information.
- DISCLOSURE OF YOUR INFORMATION
In addition to the specific situations discussed elsewhere in this Privacy Policy, we disclose, and may have disclosed in the preceding 12 months, the Personal Information listed above in the following situations, as permitted by applicable law:
Service Providers/Suppliers:
- GVR may disclose your Personal Information or make it accessible to certain companies engaged to perform services on our behalf (“Service Providers”). Service Providers’ access to data is strictly limited to the purpose of providing such services to GVR. These Service Providers are processors and/or sub-processors under the GDPR and other laws.
Legal Obligations and to Authorities:
- We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also disclose your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the shipment of products to or the provision of services by a third-party intermediary.
Fraud Prevention and Compliance with Policies
- We may disclose your Personal Information if disclosure is reasonably necessary to monitor compliance with our policies and applicable terms of service, to detect, prevent, or otherwise address fraud, security or technical issues, or to protect against the rights, property or safety of GVR, our customers, our users or the public, as required or permitted by law.
Affiliates and Acquisitions:
- We may disclose information to our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also disclose information with that company, including at the negotiation stage.
Social Media Platforms and Networks:
- Our Site may feature plugins, widgets, or and other tools made available by third parties that may result in information being collected or disclosed between us and the third party. For example, if you use Facebook’s “Like” feature, Facebook may register the fact that you “liked” a product and may post that information on Facebook. However, social media platforms’ use of your information is not governed by this Privacy Policy.
De-identified or Aggregate Information:
- We may also disclose and use anonymized, aggregated reporting and statistics about users of our Service for the purpose of internal reporting or reporting to our corporate affiliate or other third parties (including clients), and for our marketing and promotion purposes.
Other Disclosures with Your Consent:
- We may also disclose your information for any other purposes disclosed to you with your consent.
Since we do not collect Sensitive Personal Information, we also do not, and have not in the preceding 12 months, disclosed your Sensitive Personal Information. We have no actual knowledge that we have sold or shared (as those terms are defined under California law) the Personal Information of consumers under 16 years of age in the last 12 months.
Legal Basis of Processing
We process your information for the purposes described in this Privacy Policy, based on the following legal grounds, in addition to the legal bases specifically described above:
- With Your Consent: In certain instances, we ask for your consent to process your Personal Information for specific purposes. Provision of your consent is voluntary, and you have the right to withdraw your consent at any time.
- When Pursuing Legitimate Interests: We process your Personal Information for our legitimate interests and those of third parties, while applying appropriate safeguards that protect your privacy, and as further described in this Privacy Policy (and we use such data in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals).
- To Perform a Contract with You: We will process your Personal Information when processing of your Personal Information is necessary for the execution or performance of a contract with you.
- When We Have Legal Obligations: We will process your Personal Information when we have a legal obligation to do so, for example, if we are responding to a legal process or an enforceable government request, including law enforcement.
In some cases, your provision of Personal Information may be required by a statutory or contractual obligation.
- CHILDREN’S PRIVACY
Our Site is not intended for or directed to children under the age of 13. GVR does not knowingly collect Personal Information from children under the age of 13 (or other relevant age of majority) without first obtaining parental consent in accordance with applicable laws. Users under the age of 13 should not submit any Personal Information to us. If we become aware that a child under the age of 13 has provided us with Personal Information, we will delete the information from our records. GVR does not knowingly sell the Personal Information of minors less than 16 years of age. If you believe we have collected Personal Information from your child in error or have questions or concerns about our practices relating to children, please notify us using the details in the “Contact Us” section below. We will take prompt steps to remove the Personal Information from our systems.
- YOUR CHOICES AND RIGHTS
Depending on where you live, you may have certain rights with respect to your Personal Information. Your rights will vary depending on where you are located. Specifically, you may have the following rights:
- Correction (Rectification): You have the right to request that we correct or supplement any inaccurate or incomplete Personal Information we process about you. Depending on the purposes of the processing, you may have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
- Deletion (Right to be Forgotten): You have the right to request that we delete your Personal Information. If required by law, we will grant your request to delete information. When we delete Personal Information it will be removed from our active database, but it may remain in archives where it is not practical or possible to delete it. In addition, we may keep your Personal Information as needed to comply with our legal obligations, resolve disputes, and/or enforce any of our agreements.
- Access: You have the right to request access to the Personal Information we hold about you, along with other information such as the purposes of the processing, the recipients or categories of recipients to whom the Personal Information has been or will be disclosed, the sources of the Personal Information, retention, and transfers of Personal Information.
- Data Portability: In certain circumstances, you have the right to request that we provide the Personal Information which you provided to us in a structured, commonly used and machine-readable format; and you have the right to transmit such Personal Information to another entity.
- Consent Withdrawal: Where our processing is based on your consent, you have the right to withdraw such consent at any time; however, you may not be able to use the Site or feature for which you are withdrawing your consent. Withdrawing your consent will not affect the lawfulness of the processing we conducted prior to your withdrawal.
- Opt-Out of the “Sale” or “Sharing” of Personal Information: Subject to certain exceptions, California residents have the right to opt-out of the "sale"/”sharing” of their Personal Information. Making Personal Information (such as online/device identifiers, browsing activity, or geolocation) available to social media platforms and ad networks to deliver interest-based ads to you may be a “sharing” under California law (in this context “sharing” means cross contextual behavioral advertising). To opt-out of the “sharing” of your Personal Information as just described, please use our Cookies Preference Center to adjust your cookies settings. To opt-out of the “sale” of Personal Information, please Contact Us.
- Restriction of Processing: You have the right to request that we restrict the processing of your Personal Information in certain cases. Where applicable, the respective Personal Information will be marked accordingly and may only be processed by us for certain purposes.
- Objection to Processing: In certain circumstances, you have the right to object to our processing of your Personal Information.
- Automated Processing: Under certain circumstances, you have the right to object to a significant decision based solely on automated processing (i.e., without human intervention) unless that decision is required or authorized by law.
- Right of Non-Discrimination/Retaliation: We do not discriminate against individuals who exercise any of their rights described in this Privacy Policy, nor do we retaliate against individuals who exercise these rights.
- Right to Opt Out of Our Use of Your Sensitive Personal Information (in certain instances and if permissible under applicable law): We do not currently use or disclose Sensitive Personal Information.
- Commercially Recognized Opt-Out Signal (Global Privacy Control, Do Not Track): GVR generally recognizes commercially recognized opt-out preference signals (e.g., Global Privacy Control, Do Not Track). Recognition of this signal applies only to the specific device and/or browser that communicates the signal and does not apply to other devices/browsers you use to access our Site.
- Promotional Emails: You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in emails that you receive. If you decide not to receive promotional emails, we may still send you service-related communications.
- Promotional Mailings: If at any time you do not want to receive offers and/or circulars from us, you can remove yourself from our mailing lists by emailing us (our contact information is below) with “NO SNAIL MAIL” in the subject line, along with your name, address and zip code. Please note that our mailings are prepared in advance of their being sent. Although we will remove your name from our mailing list after receiving your request, you may still receive mailings from us that had been initiated prior to your name being removed.
- Promotional Text Messages: If you receive a text message from us that contains promotional information you can opt-out of receiving future text messages by replying “STOP.”
Please note that many of the above rights are subject to exceptions and limitations. Your rights and our responses will vary based on the circumstances of the request. If you choose to assert any of these rights under applicable laws, we will respond within the time period prescribed by applicable law. In some cases, we may limit or deny your requests to access or delete your information. This may occur because the law permits or requires us to do so, or if we are unable to adequately verify your identity. If we are not able to provide the requested information or make the change you requested, you will be provided with the reasons for such decisions. Under local law, you may be entitled to lodge a complaint with your local data-protection authority. GVR may require use of your Personal Information to provide access to the Site. Therefore, when you exercise your deletion right, in particular, you may lose access to certain aspects of the Site that require your Personal Information.
If you are located in the State of California in the United States, a person authorized to act on your behalf may make a verifiable request related to your Personal Information. If you designate an authorized person to submit requests to exercise certain privacy rights on your behalf, we will require verification that you provided the authorized agent permission to make a request on your behalf. After you make your request, we will use the information we have about you to verify your identity (and if applicable, your authorized agent’s identity). Our verification process may include a request for additional information to confirm your identity or your authorized agent’s identity (such as your name, email address and date of birth) or to obtain proof that you have given your authorized agent permission to act on your behalf. If our verification process is successful, we will respond to your request within the time and in the manner required by applicable law. If we cannot validate the identity of you and/or your authorized agent or obtain proof that you have given your authorized agent permission to act on your behalf, we will attempt to contact you to inform you.
In any circumstances, your request must: (i) provide sufficient information that allows us to reasonably verify that you are the person about whom we collected Personal Information or an authorized representative of that person; and (ii) describe the request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We will only use Personal Information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request.
Your rights and our responses will vary based on your state or country of residency. Please note that you may be located in a jurisdiction where we are not obligated to fulfill a request. In such a case, your request may not be fulfilled. However, to the extent permitted by applicable law, we may reject requests that are unreasonably repetitive, unduly burdensome, risk the privacy of others, or would be very impractical to honor.
To submit a request to exercise any such rights (if they apply to you), please use the contact information provided in the “Contact Us” section of this Privacy Policy. GVR provides two mechanisms that allow you to submit requests to exercise these rights. You can submit such requests by (1) emailing us at privacy@gianvitorossi.com; or (2) calling our toll-free number at [TBD].
- SECURITY AND RETENTION
GVR adopts appropriate and preventive security measures, as well as technical, logistical and organizational measures with the aim of preventing damage, loss, including accidental loss, alteration, improper and unauthorized use of the processed data. However, we cannot guarantee the security of any information that is disclosed online.
How long we retain your Personal Information depends on the context in which, and purposes for which, we collected it. We generally retain Personal Information for as long as necessary for achieving the purposes for which it was collected or processed, unless a different retention period is required by applicable law.
- LINKED THIRD-PARTY SITES
We may provide links to other third-party websites through the Site solely as a convenience to you. However, such linking does not mean, and should not be interpreted to mean, that GVR endorses, is affiliated with or makes any representations concerning such third-party websites. GVR neither reviews, controls, nor is responsible for these third-party sites or any content therein. By using such links, you will leave the Site. Please note that any Personal Information that you provide to such third parties will be governed by their privacy policies, and we have no control over or responsibility for their privacy practices. If you decide to access any of the third-party sites linked to the Site, you do so entirely at your own risk. GVR shall not be liable for any consequences arising from use of any third-party websites to which the Site links. We encourage you to review the privacy policies of any third-party website or application for details about what information is collected and how it is used and/or disclosed prior to providing any Personal Information.
- INTERNATIONAL TRANSFERS
GVR is based in Italy and serves consumers throughout the world. Please be aware that your Personal Information may be transferred to, and be processed in, countries other than the country in which you are a resident. These countries may have data protection laws that are different from the laws of your country and that are not considered to provide an equivalent level of privacy protection to that provided by the laws of your home country. In such circumstances, GVR will take appropriate steps to provide an adequate level of data protection within the meaning of applicable data protection law, including by implementing the EU Standard Contractual Clauses and the UK Addendum to the EU Standard Contractual Clauses, where required. You can request a copy of the appropriate safeguards referenced in this section by contacting us as stated in the “Contact Us” section of this Privacy Policy.
- MODIFICATIONS TO THIS PRIVACY POLICY
From time to time, we may update and post revisions to this Privacy Policy. Any changes will be effective immediately upon the posting of the revised Privacy Policy. We encourage you to review this page periodically for the latest information on our privacy practices. This Privacy Policy was updated as of the effective date listed above.
- CONTACT US
Data controller
Gianvito Rossi S.r.l.
Via dell'Indipendenza 15, 47030 San Mauro Pascoli (FC)
Telephone contact details: +39 0541 935600
E-mail contact details: privacy@gianvitorossi.com
DATE OF LAST UPDATE: 17 JULY 2023