Mesdames/Gentlemen,
The data that you supply to us and that you guarantee to be accurate and up to date, will be processed by us for the purposes set out below. In the event that changes therein occur, please notify us immediately as failure to do so will result in us continuing to use the data you provided us. As laid down by the European regulations for the protection of personal data (Regulation EU 679/2016: General Data Protection Regulation), we provide you with the information below
- Data Controller and Data Protection Officer.
The Data Controller, or the decision-maker for the purposes, means and security of personal data, is the company Fratelli Pisa s.r.l. with registered office in Milan – Postal Code 20121, 9 via Montenapoleone, corner of via P.Verri Tel. 02762081, Certified Electronic Mail: f.llipisa@legalmail.it, e-mail: compliance@pisa1940.com.
The Data Protection Officer, otherwise referred to by the acronym DPO, monitors compliance with the applicable regulations concerning the protection of personal data and co-ordinates with the supervisory authority a (Authority for the Protection of Personal Data).
The Data Protection Officer can be contacted:
- via e-mail at the address: dpo@pisa1940.com.
- by traditional paper-based post at the registered office of the company;
- in person at the registered office by appointment;
- Purposes and legal grounds for processing.
Personal data you may provide to us which is gathered in the provision of services requested by you, will be processed for the purposes and in terms of the legal basis set out below:
PURPOSES
(Why we process your data)
|
LEGAL Basis
(The legal provisions on which we base processing.)
|
Consequences in the event of refusal to submit to processing
(What happens if you refuse to provide personal data and/or refuse permission for processing)
|
Communication of information at your request
|
Art. 6(1)(b) – execution of pre-contractual measures requested by you
|
Without the information your request cannot be responded to.
|
Fulfilling of a sales contract and/or for repair and/or storage to which you are party, including any delivery of goods.
|
Art. 6(1)(b) GDPR – contract to which you are party.
|
Without the information, it might not be possible to implement the contract.
|
Fulfilling legal obligations in respect of accounting and tax matters relating to the abovementioned contract.
|
Art. 6(1)(c) GDPR – legal obligation to which the Data Controller is subject.
|
Without the information, it will not be possible to implement the contract.
|
To allow us to keep you informed on our future initiatives of interest to you through transmitting communications, also periodically, by telematic means including e-mail (e.g., newsletters).
|
Art. 6(1)(f) GDPR[1] – Legitimate interest of the Data Controller of communicating information to interested persons of its activities in which they have shown an interest.
|
You are informed that you may, at any time, exercise your right to object via the “unsubscribe” function, or by making a request to the Data Controller at the abovementioned e-mail addresses. In this case, exercising the right to object will prevent new communications being sent.
|
To allow us to keep you informed on our future initiatives of interest to you by traditional means (e.g., magazines).
|
Art. 6 (f) GDPR – Legitimate interest of the Data Controller of communicating information to interested persons of its activities in which they have shown an interest.
|
You are informed that you may, at any time, exercise your right to object via the “unsubscribe” function, or by making a request to the Data Controller at the abovementioned e-mail addresses. In this case, exercising the right to object will prevent new communications being sent.
|
Carry out pre-sale and/or after sale surveys.
|
Art. 6(1)(f) – legitimate interest of the company in improving its own services.
|
You are informed that you may, at any time, exercise your right to object via the “unsubscribe” function, or by making a request to the Data Controller at the abovementioned e-mail addresses. In this case, exercising the right to object will prevent new communications being sent.
|
Send commercial information about novelties in the sector, promotions, events, exhibitions exclusively of our company.
|
Art. 6(1)(a) GDPR – consent.
|
In the event consent is refused, we shall not process your personal data. It is understood that consent can be withdrawn at any time after it has been given.
|
Communication of the data to watchmaking firms.
|
Art. 6(1)(a) GDPR – consent.
|
Without consent, we shall not pass on data to watchmaking firms, which may result in limitations on the guarantees. Where consent has been given, it can be withdrawn freely and voluntarily at any time.
|
Delivery of goods by couriers.
|
Art. 6(1)(a) GDPR – consent.
|
Without consent we cannot arrange for the dispatch of goods, and they must be collected from the store. Where consent has been given, it can be withdrawn freely and voluntarily at any time.
|
- Recipients and categories of data processed.
Personal data provided by you, or data acquired during the provision of services, shall be processed exclusively by personnel especially authorised thereto or specially designated data processors; further information can be requested from the data controller.
Besides persons legally entitled thereto, your personal data can only be transmitted to those persons authorised by you, particularly the data categories and recipients who may be the following:
PURPOSE
|
category OF DATA
|
RECIPIENTS
|
Money-laundering legislation (Legislative Decree 231/2007) applicable only to cash payments.
|
Invoicing data.
Identity documents.
|
Credit institutes
Public Authorities
|
To allow sending of goods as requested.
|
Delivery data and references.
|
Carriers/Couriers
|
Activation of guarantees, contractual obligations.
|
Sales data, identificatory data, contact details.
|
Watchmaking firms
|
- Transfer abroad
Your personal data are not transferred outside of the European Union, except to Swiss watchmakers where you have authorised communication of your personal data for the reasons mentioned above.
- Retention period for personal data and applicable criteria
Personal data subject to processing are collected in documents the retention of which is established commensurate with the purpose of the processing: (i) for the purposes of legislative compliance for the minimum obligatory period of the provisions (e.g. taxation); (ii) for contractual and pre-contractual purposes for the general period of rules of prescription of rights regarding any claims or requests which may be made (ten years); (iii) for purposes of communication (e.g. newsletters) for a period of five years from the last date of interaction.
- Rights of interested parties.
You have the right to obtain from us, in circumstances provided for, access to your personal data and the correction or deletion thereof or of restricting the processing that concerns you or to object to processing (Articles 15 et seqq of the Regulation) The relevant application is made on written request, after identification through a document establishing identity, at the abovementioned contact points.
- Right to submit a complaint
If you consider that the processing your personal data by us infringes the provisions of Regulation, you have the right to submit a complaint to the Authority, as provided for in Art. 77 of the Regulation itself, or to approach a competent court (Art. 79 of the Regulation).
- Further information
More extensive information, our privacy policy, and the information sheet are available on our website at the address: www.pisaorologeria.com; further and more extensive information on the legislation relating to protection of personal data are available at the address www.garanteprivacy.it.
- Collaboration
The protection of data which concerns you and compliance with the principles contemplated by the legislation, with particular reference to the transparency principle, are values of primary importance for us, we would be grateful if you would help us by notifying to us any lack of clarity in this document or refer any suggested improvements to us via the controller as mentioned above.
CONSENT
The undersigned, declares having been made aware of the information sheet for the processing of personal data issued by the company Fratelli Pisa S.r.l. as regards Articles 13 and 14 of European Regulation 679/2016 and, therefore gives consent to the processing of data relating to him/her, for the purposes of processing indicated above, by apposing a tick in the “CONSENT ” box.
It IS understood that without a clear indication of having given consent, such consent will be deemed not have been granted, and the personal data will not be processed.
PURPOSES OF PROCESSING
|
|
|
To inform you of new developments in the sector, events, products, and services organised by ourselves or our partners.
|
☐ AGREE
|
☐ DO NOT AGREE
|
To communicate your personal details to the Swiss watchmakers’ firms, of contact information to consent to receive direct communications and/or information and/or invitations to events from them.
|
☐ AGREE
|
☐ DO NOT AGREE
|
For the delivery of goods acquired/prepared at a place different from the store, by means of trusted carrier. Consequently, your consent to provide the controller with a copy of an identification document which will be transmitted to the carrier as being necessary both for identifying the recipient and for dealing with any customs and/or airport formalities, without which, delivery must take place at the store.
|
☐ AGREE
|
☐ DO NOT AGREE
|
[1] Research of this section of the GDPR indicates that the correct reference should be Art. 6(1)(f). All sections have been amended similarly.