PRIVACY POLICY

Information on the processing of personal data pursuant to art. 13 EU Regulation 679/2016 "GDPR"

This information describes how personal data collected during browsing and use of the services made available through the ottodame.it website and integrates any further information relating to the processing of data provided to our customers on the various occasions of interaction.

Data Controller

The Data Controller is H. EICH SRL, with registered office in via G. Amendola 9/11, 50058 Signa (FI) Italy, e-mail address privacy@ottodame.com.

Type of data

a. Browsing data

While browsing the website, some data may be acquired through cookies or other tracking technologies. This category of data could include the IP addresses or domain names of the devices used, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given to the server (successful, error, etc.) and other parameters relating to the User's operating system and IT environment. To find out more details on the type of cookies or other tracking tools used, the purposes and the data retention time, please refer to the Cookie Policy..

b. Personal and contact data

c. Shipping information

d. Payment and billing information

To use our services, we will ask you to provide us with your personal data (name, surname, date of birth) and contact details (telephone, e-mail address). We will also collect your shipping address, data related to invoicing (tax code/VAT number, any company you belong to), data relating to the payment methods chosen and the orders placed. The procedure for filling out the registration form can be bypassed by social login. This is an alternative filling procedure that allows you to enter data automatically by transferring information directly from your Facebook, Google, or Twitter profile.

e. Purchase data: products purchased and total amount

f. Behavioral data related to the use of the website

The navigation path within the website (including information on the pages visited, product and service views, product preferences, clicks on links, page loading and response times, browsing duration) is monitored (Clickstream analysis) to analyze the main activities of users.

Provision of data

The mandatory or optional nature of the provision is specified from time to time – with reference to the individual information requested – by affixing a special symbol (*) to the mandatory information. Any refusal to communicate the data marked as mandatory makes it impossible for the Data Controller to perform the contract or provide the available services. The provision of additional data is, however, optional.

Retention period

The personal data necessary to manage orders and purchases will be stored for the entire duration of the pre-contractual and contractual relationship and, subsequently, for the period established by tax and accounting obligations. Customer care data are stored for the time necessary to resolve the issues raised. Data processed for marketing purposes will be stored for 24 months, while data used for profiling purposes will be stored for 12 months. The consents expressed will be considered in force until a specific request for revocation is received.

Processing methods

The processing of personal data is carried out by the Data Controller using both paper and electronic or telematic methods, using personnel specifically authorized to process and trained in the protection of personal data. Technical and organisational measures are adopted to minimise the risks of destruction or loss - even accidental - of data, unauthorised access or processing that is not permitted or does not comply with the purposes for which it was collected.

Communication of personal data

The User's personal data will not be disclosed to unspecified subjects; however, they may be shared with:

  • our affiliates and business partners who act under our direction and control as data processors. This is to ensure that customers enjoy the same services in each of our shops. These subjects will process personal data only in relation to the functions entrusted to them;
  • suppliers, legal and natural persons, who provide outsourced services of a technical and organizational nature, such as IT services, communication services, e-mail marketing services, logistics services, accounting and legal consultancy,. etc. They operate as duly appointed data controllers or data processors, in full compliance with the current legislation indicated above; they are provided only with the information necessary for the performance of their functions;
  • digital platforms (Meta, Google) which, as part of our marketing campaigns, limit themselves to processing data on our behalf and guarantee their confidentiality, including by means of special encryption systems (hashing);
  • online payment providers available at checkout (e.g., PayPal, ScalaPay, Amazon Pay, etc.) or payment intermediaries, as parties of payments made on our e-commerce. These parties will process the data as data controllers;
  • subjects who have the right to access them by virtue of legal provisions,, within the limits and for the purposes set out in these regulations;
  • banks, credit institutions, debt collection companies and insurance agencies.

The complete and updated list of data processors or subjects involved in various capacities is available on request.

Transfer of personal data

Any transfer of personal data to non-EU countries that is necessary to fulfil the existing contract with the User or to guarantee the services offered (e.g. in the case of suppliers based in third countries) is carried out in accordance with art. 44 et seq. of the GDPR, preparing specific tools that guarantee adequate guarantees of protection of personal data.

ights of the data subject

At any time, pursuant to art. 15 et seq. GDPR, the User may exercise the following rights:

  • obtain confirmation as to whether processing is underway and access personal data;
  • obtain information about the origin of the data, the purposes of the processing, the categories of personal data, the recipients, or categories of recipients to whom the personal data have been or will be disclosed, the retention period or the criteria used to determine it;
  • request the rectification, limitation of processing and deletion of data, provided that the deletion is compatible with the legal obligations of tax and accounting retention to which the Data Controller is bound;
  • object to the processing;
  • request data portability, where possible;
  • withdraw consent, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

The exercise of rights may take place by sending a request to the e-mail address privacy@ottodame.com or to the address of the Data Controller's registered office.

Please note that the data subject may also lodge a complaint with the Data Protection Authority or take legal action.

Updates and changes

In the future, the Data Controller may amend or simply update, in whole or in part, this Privacy Policy, also in consideration of changes in the laws or regulations governing this matter and protecting the rights of the data subject. Changes and updates to the Privacy Policy will be binding as soon as they are published online. We therefore invite the User to regularly access this section to check the publication of the most recent and updated Privacy Policy.

H.Eich srl via G. Amendola 9/11 50058 Signa (FI) Italia - P.IVA IT05319320486 - REA 537670 - Copyright © 2020 - Protocollo SIAE N °: 1585