Social Follow
shopping_cart My Cart (0)
person_outline My account
compare_arrows
Compare (0)
favorite_border
Wishlist (0)

Privacy policy

INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA PURSUANT TO REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 APRIL 2016 (GDPR) - EFFECTIVE FROM 08/02/2022

INTRODUCTION

This information notice has been drafted in compliance with the provisions of the GDPR and the Privacy Code (Legislative Decree 30 June 2003 No. 196). The document has also been prepared considering the Guidelines provided by the Data Protection Authority, particularly those concerning the prevention of spam published on July 4, 2013.

Data Controller: Grandi Liutai Italiani, located at Via XX Settembre 18, 26100, Cremona, Italy. VAT and Tax Code: IT01729930196, REA: CR-197214, Tel: 353 3289861 Website: https://www.grandiliutai.com/

The Data Controller has not appointed a Data Protection Officer (DPO). Therefore, for any information request, you may contact the Data Controller directly.

GENERAL INFORMATION

This document outlines how the Data Controller processes the personal data provided through the Website. Below, the main processing activities are described, specifying the legal basis, whether the provision of data is mandatory, and the consequences of failure to provide it. Where necessary, it is also specified if and when certain data processing operations are not performed.

On the Website, it is possible to enter personal data of third parties. In such cases, the user guarantees that they have obtained the necessary consent to enter such data. The user also undertakes to indemnify and hold the Data Controller harmless from any liability arising from the transmission of such information.

REGISTRATION ON THE WEBSITE

The information provided during registration is used to allow access to the reserved area and to use the online services offered by the Data Controller. The legal basis for this processing is the need to perform pre-contractual measures requested by the user. The provision of data is optional, but refusal will prevent registration on the Website.

PURCHASES ON THE WEBSITE

Personal data provided by the user are processed to manage purchases on the Website, including the finalization of the purchase contract and compliance with tax obligations, if required by applicable regulations. The legal basis for this processing is either contractual or legal obligation.

Regardless of user consent, the Data Controller may process the provided email address for "soft-spam" purposes, in accordance with Article 130 of the Privacy Code. This means that, unless objected to, the email will be used to send promotional communications related to similar products or services. The processing is based on the legitimate interest of the Data Controller in communicating such offers.

The Data Controller may also send emails reminding users to complete a started purchase. This processing is also based on the legitimate interest of the Data Controller in providing such reminders.

RESPONDING TO REQUESTS

Data are processed to respond to user inquiries. The provision of data is optional, but failure to provide it will prevent the Data Controller from responding. The legal basis for this processing is the legitimate interest of the Data Controller in responding to received requests.

GENERAL MARKETING

With the user’s consent, the Data Controller may use personal data to send advertising materials or newsletters related to its products or third-party products. The legal basis for this processing is the user's consent, which is optional. Failure to consent will prevent the sending of marketing communications and market research surveys.

PROFILING

With the user’s consent, personal data may be used to analyze purchasing habits and send personalized communications based on interests. The legal basis for this processing is the user's consent. Refusal will prevent the receipt of personalized communications.

DATA DISCLOSURE

The Data Controller does not sell or transfer users’ personal data to third parties.

GEOLOCATION

When accessing the Website, users may receive a notification allowing or denying the location of their device. This setting can be changed at any time. The legal basis for this processing is the legitimate interest of the Data Controller in providing location-based services.

DISCLOSURE OF PERSONAL DATA

Personal data may be disclosed to the following categories of entities:

  • Public authorities entitled to access the data for regulatory reasons;

  • Public or private entities providing legal, administrative, or tax advisory services;

  • Employees and collaborators of the Data Controller;

  • IT service providers for Website management;

  • CRM platforms for sending communications;

  • Customer care service providers.

DATA RETENTION

  • Data is retained for as long as necessary to provide the requested services.

  • For marketing purposes, data is retained until consent is revoked.

  • For customer support, data is deleted after service completion.

  • Sales contract data is retained for 10 years to comply with legal obligations.

DATA TRANSFER

The Data Controller is located within the European Union, and data processing is carried out in compliance with the GDPR. If data is transferred to non-EU countries, the Data Controller will adopt adequate measures, including Standard Contractual Clauses.

DATA SUBJECT RIGHTS

Users have the right to:

  • Access their data and request rectification or deletion;

  • Restrict or oppose processing;

  • Withdraw consent at any time;

  • Lodge a complaint with a supervisory authority.

To exercise these rights, users may contact the Data Controller at the provided contact details.

CHANGES AND UPDATES

The Data Controller reserves the right to modify this information notice at any time. Updates will be made available on the Website, and in case of significant changes, they may be communicated via email.