Privacy policy

Owner and data controller

Ottica Diecidecimi di Franca Bochicchio & C. s.a.s. Piazzale Baracca 8 20123 Milano

Owner’s contact email: ottica10decimi@gmail.com

Types of Data Collected

Among the types of Personal Data this Application collects, either independently or through third parties, are: Cookies; Usage Data.
 
Full details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or by specific explanatory texts displayed before the Data collection.
 
Personal Data may be freely provided by the User or, in the case of Usage Data, automatically collected during the use of this Application.
Unless otherwise specified, all Data requested by this Application are mandatory and failure to provide them may result in the inability of this Application to provide its services. In cases where this Application expressly indicates that some Data are not mandatory, Users are free not to provide them, without this having any consequence on the availability of the Service.
 
 
Users who are not sure which Personal Data are mandatory are invited to contact the Data Controller.
 
Any use of Cookies – or other tracking tools – by this Application or by the owners of third party services used by this Application is for the purpose of providing the Service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy, if available.
 
The User is responsible for the Personal Data of third parties obtained, published or shared through this Application and confirms that they have the consent of the third party to provide the Data to the Data Controller.

How and where the Data are processed

Treatment mode

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of the Data.
 
The processing of the Data takes place through the use of computers and/or computer tools, according to organizational procedures and methods strictly related to the indicated purposes. In addition to the Data Controller, in some cases, some types of appointees, involved in the management of this Application (administration, commercial, marketing, legal, system administration) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of these subjects can be requested from the Controller at any time.

Legal basis for the processing

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of the Data.
 
The Controller may process Users’ Personal Data if any of the following occurs:
  • Users have given their consent for one or more specific purposes. Note: Under some legislation, the Data Controller may be allowed to process Personal Data until the User objects to such processing (“opt-out”), without having to rely on consent or another of the following legal bases. This, however, does not apply if the processing of Personal Data is subject to European data protection law;
  • the provision of the Data is necessary for the performance of a contract with the User and/or for any pre-contractual obligations;
  • the processing is necessary to comply with a legal obligation to which the Data Controller is subject;
  • the processing is related to a task of public interest or the exercise of public authority vested in the Data Controller;
  • processing is necessary for the purposes of legitimate interests pursued by the Controller or a third party.

In any case, the Data Controller will be happy to help clarify the specific legal basis that applies to the processing, and in particular whether the provision of Personal Data is a legal or contractual requirement, or a necessary requirement to enter into a contract.

Location

The Data are processed at the Owner’s operational headquarters and at any other location where the parties involved in the processing are located.
 
Depending on the User’s location, data transfers may involve the transfer of User Data to a country other than their own. To learn more about the processing location of such transferred Data, Users may consult the section containing details on the processing of Personal Data.
 
Users also have the right to know the legal basis for the transfer of Data to a country outside the European Union or to any international organization under international public law or established by two or more countries, such as the UN, and the security measures taken by the Data Controller to safeguard their Data.
 
Should such a transfer occur, Users may obtain more information by consulting the relevant sections of this document or inquire with the Data Controller using the information provided in the contact section.

Storage time

Personal Data will be processed and stored for the time required by the purpose for which it was collected.
 
Therefore:
  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the full performance of that contract.
  • Personal Data collected for purposes of legitimate interest of the Data Controller will be retained as long as necessary to fulfill those purposes. Users can find specific information about the legitimate interests pursued by the Controller in the relevant sections of this document or by contacting the Controller.
The Controller may be authorized to retain Personal Data for a longer period if the User has given consent to such processing, provided that such consent is not withdrawn. In addition, the Controller may be obliged to retain Personal Data for a longer period if this is required for the fulfillment of a legal obligation or by order of an authority.
 
Once the retention period has expired, the Personal Data will be deleted. Therefore, the right of access, the right to erasure, the right to rectification, and the right to data portability cannot be exercised after the retention period has expired.

The purposes of processing

User Data is collected to enable the Data Controller to provide its Service, fulfill its legal obligations, respond to requests for enforcement, protect its rights and interests (or those of its Users or third parties), detect any malicious or fraudulent activities, as well as for the following purposes: Analytics.
 
For specific information on the Personal Data used for each purpose, the User may refer to the “Detailed Information on the Processing of Personal Data” section.

Detailed information on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Analysis

The services contained in this section allow the Owner to monitor and analyze web traffic and may be used to track Users’ behavior.

Google Analytics (Google Inc.)

Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Data collected to track and examine the use of this Application, to compile reports on its activities and to share them with other Google services.
 
Google may use the Data collected to contextualize and personalize ads in its advertising network.
 
Personal Data Processed: Cookies; Usage Data.
 
Place of processing: United States – Privacy InformationOpt Out.

Users’ Rights

Users may exercise certain rights related to their Data processed by the Data Controller.
 
In particular, Users have the right to do the following:
  • Revoke their consent at any time. You have the right to withdraw your consent if you have previously given your consent to the processing of your Personal Data.
  • object to the processing of their data. Users have the right to object to the processing of their data if the processing is carried out on a legal basis other than consent. Further details are provided in the dedicated section below.
  • Access to their own data. Users have the right to know whether Data is being processed by the Data Controller, to obtain information about certain aspects of the processing, and to obtain a copy of the Data being processed.
  • Verify and request rectification. Users have the right to verify the accuracy of their Data and to request that it be updated or rectified.
  • Limit the processing of their Data. Users have the right, under certain circumstances, to limit the processing of their Data. In this case, the Data Controller will not process their Data for any purpose other than its preservation.
  • To have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to have their Data deleted by the Data Controller.
  • To receive their Data and transfer it to another Data Controller. You have the right to receive your Data in a structured, commonly used, machine-readable format and, if technically feasible, to transfer it to another data controller without hindrance. This provision applies provided that the Data are processed by automated means and that the processing is based on the User’s consent, a contract to which the User is a party, or pre-contractual obligations.
     
  • Filing a Complaint. The User has the right to file a complaint with the competent data protection authority.

Information on the right to refuse processing

Where Personal Data are processed for a public interest, for the exercise of an official authority vested in the Data Controller, or for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing by providing a reason relating to their particular situation to justify the objection.
 
Users should know that, however, if their Personal Data are processed for direct marketing purposes, they may object to such processing at any time without providing any justification. To find out whether the Data Controller processes Personal Data for direct marketing purposes, Users may refer to the relevant sections of this document.

How to exercise these rights

Any requests to exercise the User’s rights may be addressed to the Controller through the contact details provided in this document. Such requests may be exercised free of charge and will be processed by the Controller as soon as possible and always within one month.

More information about Data collection and processing

Legal Actions

The User’s Personal Data may be used for legal purposes by the Data Controller in court or in steps that may lead to legal action arising from the misuse of this Application or related Services.
 
The User declares that he/she is aware that the Owner may be required to disclose Personal Data at the request of public authorities.

Cookie policy

This Application uses trackers. To learn more, the User can consult the Cookie Policy.

Additional information about the User’s Personal Data

In addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual disclosures regarding particular Services or the collection and processing of Personal Data upon request.

System logs and maintenance

For operation and maintenance needs, this Application and any third-party services may collect files that record interaction with this Application (system logs) and use other Personal Data (such as IP address) for this purpose.

Information not contained in this policy

More details about the collection or processing of Personal Data can be requested from the Controller at any time. Please see the contact information at the beginning of this document.

How “Do Not Track” requests are handled.

This Application does not support “Do Not Track” requests.
 
To determine whether the third-party services you use honor “Do Not Track” requests, please read their privacy policies.

Changes to this privacy policy

The Owner reserves the right to make changes to this privacy policy at any time by notifying Users on this page and possibly within this Application and/or – to the extent technically and legally feasible – by sending a notification to Users via any contact information available to the Owner. It is strongly recommended that you check this page often, referring to the date of the last change shown at the bottom.
 
If the changes relate to processing activities carried out on the basis of the User’s consent, the Controller will collect a new consent from the User, where required.

——————————————————————————————————————–

Definitions and legal references

Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information-including a personal identification number- permits the identification or identifiability of a natural person.

Utilization data

Information automatically collected through this Application (or third party services used in this Application), which may include: the IP addresses or domain names of the computers used by Users using this Application, addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response given by the server (successful, error, etc. ), the country of origin, telephone number, fax number, fax number, telephone number, telephone number, etc. ), the country of origin, the characteristics of the browser and operating system used by the User, the various temporal details of the visit (e.g., the time spent on each page of the application) and details about the path followed within the application, with particular reference to the sequence of pages visited, and other parameters related to the device’s operating system and/or the User’s computer environment.

User

The individual using this Application who, except where otherwise specified, coincides with the Data Subject.

Interested party

The natural person to whom the Personal Data refers.

Processor (or Data Processor)

The natural or legal person, public authority, agency or other body that processes Personal Data on behalf of the Data Controller, as described in this policy.

Data Controller (or Owner)

The natural or legal person, public authority, service or other body that, individually or jointly with others, determines the purposes and means of the processing of Personal Data, including security measures relating to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

This Application

The means by which the User’s Personal Data are collected and processed.

Service

The service provided by this Application as described in the relevant terms (if available) and on this site/application.

European Union (or EU)

Unless otherwise stated, all references to the European Union in this document include all current member states of the European Union and the European Economic Area.

Cookie

Cookies are trackers that consist of small sets of data stored in the User’s browser..

Tracker

Tracker means any technology-such as cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting-that enables tracking of users, such as by accessing or storing information on the user’s device.

Legal Information

This Privacy Policy has been prepared based on the provisions of various legislation, including Articles 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).
 
This privacy policy refers exclusively to this Application, unless otherwise specified within this document