Information on the processing of personal data
Pursuant to European Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016, relating to the protection of individuals with regard to the processing of personal data (in short “GDPR”) Mye Srl (hereinafter “Mye”), in person of its pro-tempore legal representative, as Data Controller of personal data collected directly from the interested party, provides you with this information pursuant to Article 13, GDPR (in short, “Information”).
In any case, the logical and physical security of the data and, in general, the confidentiality of the personal data processed will be guaranteed, putting in place all the necessary technical and organizational measures adequate to guarantee their security.
A) Identity and contact details of the Data Controller
Registered office: Via Cinque Martiri, 1
24029 Vertova (BG)
VAT number 03822880161
Operational headquarters: Via Aldo Moro, 18
24023 Clusone (BG)
Tel. 034628100 – mail: email@example.com
B) Purpose of the processing for which the personal data are intended and related legal basis
Your personal data will be processed:
without the obligation of consent in accordance with the law (Dir. CE 2009/136) for the following purposes:
(i) without obligation of consent for the following purposes:
- online account registration to the Mye application, order management, purchases, sales and product deliveries and related monitoring, customer service management, payment management, returns and merchandise exchange management, customer contact management, coupons and discounts management;
- administrative-accounting management and related obligations (issuing of invoices, preparation of payments) any protection of credit positions and defense in court;
- internal statistics, business analysis and economic management, as well as, in relation to the contact data provided in the contract, sending advertising of similar products with the right of immediate cancellation upon request;
The above treatments respond respectively to the following legal bases:
- fulfillment of a contract or pre-contractual measures, satisfaction of a request from the interested party – condition of lawfulness Article 6, letter b) of the GDPR;
- legal obligation to which the Data Controller is subject – condition of lawfulness Article 6, letter c) of the GDPR – or for the assessment, exercise or defense of a right in court;
- pursuit of a legitimate interest of the Data Controller – condition of lawfulness Article 6, letter f) GDPR – relating to the improvement of business operations and market surveys, the improvement of services provided to its customers, direct marketing and customer loyalty.
The provision of data, marked in the form with (*), for the purposes referred to in the previous section (i) is mandatory and the lack of data and / or any express refusal to process will make it impossible for the Data Controller to give execution of the contract or pre-contractual measures, the fulfillment of the obligation with eventual non-fulfillment and responsibility of the interested party also to sanctions contemplated by the legal system.
(ii) with your consent (article 7, GDPR), for the following purposes:
- various types of marketing activities, including the promotion of products and services, the sending of newsletters and commercial communications via e-mail, invitations and coupons;
- profiling activities of various types, including the analysis of behavior for promotional purposes, the creation of lists for promotional purposes, commercial communication and sending newsletters, the development of profiles for the provision of targeted and customized services for the needs of the customer.
The provision of data for the purposes referred to in the previous section (ii) is optional, with the consequence that you may decide not to provide your consent, or to revoke it at any time. For these treatments, automated processes are used through the use of software which in any case provide for human decision-making aimed at avoiding unwanted consequences for the data subject, always limited to the receipt of communications from the Data Controller.
C) Categories of recipients of personal data
For the purposes referred to in the previous paragraph, the personal data you provide may be communicated or made accessible:
- to employees and collaborators of the Data Controller, in their capacity as authorized data processing personnel (or so-called “persons in charge of processing”);
- to third parties who carry out outsourced activities on behalf of the Data Controller, in their capacity as Data Processors, including:
- third-party cookie managers, service providers for the management of the information system and telecommunications networks and the company in charge of managing e-commerce, service providers for the management of the archiving of paper and / or computerized documentation, service providers for the management of commercial communication activities;
- banks and credit and insurance institutions for carrying out economic (payments / collections) and insurance activities.
- to judicial or supervisory authorities, administrations, public bodies and organizations (national and foreign);
The complete and updated list of data processors is available by written request to firstname.lastname@example.org
D) Storage and transfer of personal data abroad
The management and storage of personal data takes place in the cloud and on servers located within the European Union owned and / or in the availability of the Data Controller and / or third-party companies in charge, duly appointed as Data Processors.
Your personal data will not be disseminated.
E) Retention period of personal data
The personal data collected for the purposes indicated in the previous paragraph (B) will be processed and stored for the entire duration of the session and, in some cases, kept for the time necessary to fulfill these purposes and in any case for a period not exceeding 10 months.
After this retention period, the data will be destroyed or made anonymous.
F) Exercisable rights
In accordance with the provisions of Chapter III, Section I, GDPR, you can exercise the rights indicated therein by simply sending a request via e-mail to the address of the Owner email@example.com and in particular:
In compliance with the provisions of Chapter III, Section I, GDPR, you can exercise the rights indicated therein and in particular:
- Right of access – Obtain confirmation as to whether or not personal data concerning you are being processed and, in this case, receive information relating, in particular, to: purposes of the processing, categories of personal data processed and retention period, recipients to which these can be communicated (article 15, GDPR),
- Right of rectification – Obtain, without undue delay, the correction of inaccurate personal data concerning you and the integration of incomplete personal data (Article 16, GDPR),
- Right to cancellation – Obtain, without undue delay, the cancellation of personal data concerning you, in the cases provided for by the GDPR (article 17, GDPR),
- Right of limitation – Obtain the limitation of processing, in the cases provided for by the GDPR (article 18, GDPR)
- Right to portability – Receive personal data concerning you in a structured format, commonly used and readable by an automatic device, as well as obtain that the same are transmitted to another holder without impediments, in the cases provided for by the GDPR (article 20, GDPR)
- Right to object – To object to the processing of personal data concerning you, unless there are legitimate reasons for the Data Controller to continue processing (Article 21, GDPR)
- Right to lodge a complaint with the supervisory authority – Propose a complaint to the Guarantor Authority for the protection of personal data, Piazza di Montecitorio n. 121, 00186, Rome (RM).
COPYRIGHT AND IMAGE EXPLOITATION
The author of the publication (the registered user) is solely responsible for the images and texts he uses and must have full rights to do so. By uploading a text, a graphic file or an image file, you implicitly confirm that you own it and have received the authorization to use it from the legitimate owner, relieving Mye Srl from any liability.
You can exercise these rights by simply sending a request by e-mail to the address of the owner firstname.lastname@example.org