Privacy Policy of www.tavarte.com
Data Controller and contact details
Tavarte Srl
Via XXIV Maggio 5
33052 Cervignano del Friuli (UD), Italy
info@tavarte.com
Categories of Data collected
Among the categories of Personal Data that www.tavarte.com collects, by itself or through third parties, there are:
- cookies;
- usage data;
- first name;
- last name;
- phone number;
- email address;
- Zip/Postal code;
- address;
- city;
- country;
- gender.
Personal Data may be freely provided by the User, or, in case of Usage Data, collected automatically when using www.tavarte.com.
Users who are uncertain about which Personal Data is mandatory are welcome to contact the Data Controller.
Users are responsible for any third-party Personal Data obtained, published or shared through www.tavarte.com and confirm that they have the third party’s consent to provide the Data to the Data Controller.
Recipients of the Data
The Data may be accessible to subjects acting on behalf of the Data Controller, involved with the operation of www.tavarte.com and duly authorised (administration, sales, marketing, legal, system administration) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) appointed, if necessary, as Data Processors by the Data Controller.
Legal basis and purposes of the processing
The Data are processed for the following purposes and according to the indicated legal basis.
a) On the basis of contractual necessity, for the purpose of:
- processing orders and performing related activities (e.g. providing support to User, communicate with User with regard to the status of the order, answering his/her information requests, managing payments etc.);
- managing the delivery of the products;
- following up on specific requests of Users (such as answering to information requests sent though the section “Contact us” or by other means);
- managing digital gift cards.
b) On the basis of the legitimate interest of the Controller, and specifically:
- to analyse and enhance its services, carry on statistical analysis and/or research and development through analysis of the purchase of the product;
- to ensure security and confidentiality of its information technology systems;
- to defend a right in judiciary, out of court and administrative procedure and in relation with controversies arisen in relation to offered products;
- in the context of extraordinary operations, mergers, transfers and acquisitions etc..
Transfers of Personal Data
Data transfers may involve transferring the User’s Data to a country other than their own, including outside the European Union. In such circumstances, the transfers will be carried out in compliance with regulations on personal data, in order to ensure an adequate level of protection. Particularly, the transfers will take place subject to one of the safeguards established under the law, including an adequacy decision of the EU Commission, or by adopting Standard Contractual Clauses approved by the European Commission. More information on the safeguard in place can be requested by submitting a specific request using the contact details in this privacy policy.
Retention time
Personal Data shall be processed and stored for as long as required by the purpose they have been collected for. Once the retention period expires, Personal Data shall be deleted unless the law requires further storage or the user has consented to the processing for a longer time or to have them archived. Therefore, the right to access, the right to erasure, the right to rectification and the right to data portability cannot be enforced after expiration of the retention period.
Particularly, following the completion of the order or the expiry of a digital gift card, the Data Controller will retain Data necessary to:
- defend or assert any existing or potential claim;
- handle any complaint regarding contracts or orders concluded.
The data retention period necessary to achieve the aforementioned purposes is linked to the limitation period of a claim that in many cases is equal to 10 years. The Data Controller will retain Personal Data after such time has elapsed only when required to comply with legal obligations or in the event of disputes and extraordinary claims that reasonably require the retention of Personal Data.
The rights of Users
Users may exercise certain rights regarding their Data processed by the Data Controller.
In particular, Users have the right to do the following:
- Withdraw their consent at any time.Users have the right to withdraw consent where they have previously given their consent to the processing of their Personal Data.
- Object to processing of their Data. Users have the right to object to the processing of their Data where Personal Data is processed for the purposes of the legitimate interests pursued by the Data Controller, Users may object to such processing by providing a ground related to their particular situation to justify the objection or when they are processed for direct marketing purposes, they can object to that processing at any time without providing any justification.
- Access their Data. Users have the right to learn if Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing and obtain a copy of the Data undergoing processing.
- Verify and seek rectification. Users have the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Restrict the processing of their Data. Users have the right, under certain circumstances, to restrict the processing of their Data. In this case, the Data Controller will not process their Data for any purpose other than storing it.
- Have their Personal Data deleted or otherwise removed. Users have the right, under certain circumstances, to obtain the erasure of their Data from the Data Controller.
- Receive their Data and have it transferred to another controller. Users have the right to receive their Data in a structured, commonly used and machine readable format and, if technically feasible, to have it transmitted to another controller without any hindrance. This provision is applicable provided that the Data is processed by automated means and that the processing is based on the User’s consent, on a contract which the User is part of or on pre-contractual obligations thereof.
- Lodge a complaint. Users have the right to bring a claim before their competent data protection authority that, for Italy, is the Garante per la protezione dei dati personali.
How to exercise these rights
Any requests to exercise User rights can be directed to the Data Controller through the contact details provided in this document. These requests can be exercised free of charge and will be addressed by the Data Controller as early as possible and always within one month.
Cookies and social widgets
A cookie is a small file sent by a website and stored on the user’s browser while they use an Internet site. Cookies can be stored only for the time a particular site is used (cookies session) or for a longer period of time and independent from the session (persistent cookies). Cookies work in conjunction with the website content and normally have the function of improving the usability and browsing experience on the web (technical cookies). Some types of cookies also allow Users to know the contents displayed, the choices selected and any use of the site. This functionality also allows the Data Controller to offer the most useful and relevant advertising to every single user (profiling cookies). A website can use self-developed cookies (first-party cookies) or cookies developed by third-party companies (third-party cookies).
It is possible that Personal Data and Usage Data are collected. For instance, Usage Data may be collected for the following purposes:
Displaying content from external platforms. Interaction with external social networks and platforms.
In addition, the Data Controller uses:
- Technical Cookies: these are cookies necessary for browsing as they allow the correct use of www.tavarte.com and its full functionality. These cookies are strictly necessary for operations and their deactivation might impair browsing experience and outcome. In particular, the Data Controller uses technical cookies for the following purposes:
- for the management of dynamic web pages, for the geographical identification of users, and for the management of last access data;
- to guarantee the correct functioning of the web pages;
- for the management of data relating to the amounts and products of the orders.
- Analytical Cookies: used to collect information on the number of Users and how they visit www.tavarte.com. For example, www.tavarte.com uses the Google Analytics tool to collect information, in aggregate form, on the number of users and how they visit the site. This tool uses third-party technical cookies for its operation. Information on the processing of privacy by Google is available at the following link: http://www.google.com/analytics/learn/privacy.html. Information on the cookies used by Google Analytics, collection and use of this data are available at the following link: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage#gajs. The following link also contains information to deny consent to the use of third-party cookies by Google Analytics: https://tools.google.com/dlpage/gaoptout
- Third Party Profiling Cookies for Marketing/Retargeting: these are cookies of third-party companies that allow the collection of information on the User for subsequent communication of more specific and/or personalised promotional material. They include cookies for inserting banner advertisements on www.tavarte.com relating to third party companies or products chosen or viewed by the User, or similar or like products. These cookies can be deactivated without preventing proper navigation on www.tavarte.com, however their deactivation involves the receipt of promotional messages that may not be relevant to the User. For more information on profiling cookies currently installed in the User’s terminal, review the third party privacy information and change the preferences expressed, Users can consult the page https://www.youronlinechoices.com/it.
Disabling cookies. The User can always decide to block, delete, disable cookies or other similar technologies through the settings of their browser or device. There are many different browsers: each different browser (and in some cases even each different version of the same browser) has its own procedure for deleting cookies. Cookie preferences must be set separately for each browser used, as the features and options offered may vary. It is therefore advisable to visit the support pages of the browser for more information.
Acceptance and waiver of cookies. At the time of the User’s first access to www.tavarte.com and, in any case, until a choice is expressed, the User will be asked to provide his/her consent to the use of third-party analytical cookies and profiling cookies.
Additional information about Data collection and processing
Additional information about the User’s Personal Data
In addition to the information contained in this privacy policy, www.tavarte.com may provide the User with additional and contextual information concerning particular Services or the collection and processing of Personal Data.
Information not contained in this policy
More details concerning the collection or processing of Personal Data may be requested from the Data Controller at any time. Please see the contact information at the beginning of this document.
Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to its Users on this page and possibly within www.tavarte.com and/or – as far as technically and legally feasible – sending a notice to Users via any contact information available to the Data Controller. It is strongly recommended to check this page often, referring to the date of the last modification listed at the bottom.
Definitions and legal references
Latest update: 6th November 2019