INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA
Pursuant to and for the effects of Art. 13 of the New European Regulation 2016/279 concerning the protection of individuals with regard to the processing of personal data (GENERAL DATA PROTECTION REGULATION – GDPR)
As required by the General Regulations on the Protection of Personal Data of the European Union (GDPR 2016/679, Article 13), before proceeding with the processing, the interested party (user of the website www. Goosetech.com ) is informed that the personal data collected through the site are processed by the Company through IT and / or telematics tools, for the purposes indicated in this statement.
To this end, the Data Subject is submitted to the Privacy Notice prepared by Gossetech s.r.l.. (hereinafter also GOOSETECH or “the Company” or “the Data Controller”), creator and promoter of the activities available on the website www.Goosetech.com .
The Data Controller of personal data is Goosetech s.r.l. , with registered office in Via Senato 20, 20100 , Milano (MI) , e-mail store@Goosetech.com .
For further information regarding the rights of the interested party, please consider the Paragraph entitled “Rights of the interested parties” of this statement.
The personal data processed is collected directly by Goosetech srl. Or by third parties expressly authorized by the latter, or communicated by the Company to such third parties for the pursuit of the purposes described below.
Legal basis and purpose of the processing
Personal data provided by the user when browsing the website www.Goosetech.com they are processed by the Data Controller in accordance with the current regulations on the protection of personal data.
The legal basis of the processing is identified in the provision of its services by the Company, in the management and facilitation of the website, as well as in the establishment, execution and possible termination of the on-line sales contract concluded between the parties and in the obligations to the same contract connected and / or directly and / or indirectly deriving from it.
The processing of personal data by Goosetech.com is aimed at the pursuit of the following purposes:
1)SUBSCRIPTION TO GOOSETEC.COMNEWSLETTER : in the event that the user decides to subscribe to the ” GOOSETECH.COM Newsletter “, only following a possible and specific consent, the personal data will be processed by the Data Controller for the sending of commercial or promotional communications, relative updates, for example, to the latest trends, new arrivals, exclusive offers, special events and promotions. To unsubscribe from the newsletter, simply send an unsubscribe email at store@Goosetech.com .
2)REGISTRATION ON GOOSETECH.COM.COM: in the event that the user decides to register at the Goosetech.com site , only following a possible specific consent, the personal data will be processed by the Data Controller for the purpose of registration on Goosetech.com . In particular, in the face of the conferment of your name, surname, e-mail address and the setting of an access password, these will be processed to create a personal account, to speed up the purchase process, to allow the user to view the status of orders and receive updates on purchases made, change personal settings and update the account, view the history of returns and requests for change of goods .
3 ) ONLINE SHOPPING ACTIVITIES: the personal data provided will be used for the establishment, management, execution and / or conclusion of the online sales contract. The data provided will be processed by the Data Controller for the purpose of managing the purchase order with reference, for example, to the activity of payment, shipping, taking charge of any returns, for customer assistance, for the execution of the purposes administrative – accounting related to the management of the order, for the fulfilment of obligations under current legislation. In case of payment by credit card, the fundamental information for the execution of the transaction (credit / debit card number, expiration date, security code) will be processed by Stripe or PayPal, possibly, by companies in charge of the anti-fraud control through an encrypted protocol and without any third parties being able to access it in any way. This information will never be displayed or stored by the seller ( Goosetech s.r.l. ).
5) PROFILING OF THE PHYSICAL PERSON: only following a possible and explicit consent, the personal data provided may be processed by the Data Controller for profiling activities, i.e. analysis of preferences aimed at creating content and personalized offers.
Nature of treatment
In relation to purposes referred to in point 1) of the previous paragraph, the provision of personal data and consent to their processing is optional. Failure to provide consent implies the impossibility for GOOSETECH.COM to allow registration to the “GOOSETECH.COM Newsletter “, sending commercial or promotional communications, updates concerning, for example, latest trends, new arrivals, exclusive offers, special events and promotions.
If the user decides to proceed to the newsletter subscription through the section of the site solely dedicated to this activity, the provision of personal data and consent to their treatment is mandatory.
Failure to provide consent implies the impossibility for GOOSETECH.COM to allow registration to the “GOOSETECH.COM Newsletter “, sending commercial or promotional communications, updates concerning, for example, latest trends, new arrivals, exclusive offers, special events and promotions.
In relation to purposes referred to in point 2) of the previous paragraph, the provision of personal data and consent to their processing is mandatory. Failure to provide consent will make it impossible for GOOSETECH.COM to register with Goosetech.com , create a personal account, speed up the purchase process, view the status of orders and receive updates on purchases made, the possibility for the user to change personal settings and update the account, to view the returns history and the goods exchange requests.
In relation to purposes referred to in point 3) of the previous paragraph, the provision of personal data and consent to their processing is optional.
In relation to purposes referred to in point 4) of the previous paragraph, the provision of personal data and consent to their processing is mandatory. Failure to provide the consent will make it impossible for GOOSETECH.COM to proceed with the establishment, management, execution and / or conclusion of the on-line sales contract, therefore the impossibility to perform, by way of example, the activities linked to the payment , the shipment, the taking charge of any returns, customer support activities, the execution of administrative and accounting purposes related to the management of the order, and the fulfilment of obligations under current legislation.
In relation to purposes referred to in point 5) of the previous paragraph, the provision of personal data and consent to their processing is optional.
Failure to provide consent will make it impossible for GOOSETECH.COM to perform profiling activities , or to analyse preferences for creating personalized contents and offers.
Personal data processed
The personal data processed by the Owner are those provided by the user when browsing the website www. Goosetech.com, on the occasion of any registration / adhesion to the services / programs made available to GOOSETECH.COM and / or the possible purchase of products made available to GOOSETECH.COM, such as, by way of example: name, surname and e-mail address , in addition to the data necessary for the provision of the online sales service such as, for example, those functional to the execution of the payment and shipment / exchange of the products purchased.
Methods of Processing and Storage of Data
The processing of personal data is performed by the Owner in compliance with the provisions of the current legislation on Privacy. The Data Controller processes personal data using IT and / or telematics tools and with organizational and logical procedures strictly related to the pursuit of the purposes indicated in this statement, as well as adopting the appropriate security measures to prevent access, disclosure, unauthorized modification or destruction of personal data, their loss and their illicit and incorrect use. However, the Company cannot guarantee its users that the measures taken for site security and the transmission of data and information on the site are capable of limiting or excluding any risk of unauthorized access or loss of data by devices pertaining to the user. For this reason, it is suggested to users of the site to make sure that their computer is equipped with appropriate software to protect the transmission of data (for example, updated antivirus) and that its Internet Provider has adopted appropriate measures for the security of transmission of data on the network. The Company also undertakes to process the data according to the principles of correctness, lawfulness and transparency, to collect them to the extent necessary and exact for processing and to allow their use only by personnel for the authorized purpose. The management and storage of personal data acquired will take place in archives or on servers located within the European Union owned by the Owner and / or by third-part, companies appointed External Responsible for processing and, in any case, currently located in Italy.
In relation to the different purposes for which they are collected, personal data will be kept for the time strictly necessary to achieve them and, in any case, in accordance with the relevant regulations in force.
In any case, the Company will take care to avoid the use of data indefinitely by proceeding, on a regular basis, to verify appropriately the effective permanence of the interest of the subject to which they refer.
Recipients and Managers of the treatment
The data collected will not be disseminated in any way, but will be treated within the limits and for the purposes described by the employees of the Company on the basis of adequate operating instructions (for example, administrative, commercial, marketing, legal, system administrators, etc. .). Some data processing may also be performed by third parties, appointed External Responsible for Processing, of which the Data Controller relies on or could be used in the management of the contractual relationship, the provision of services offered and organizational needs of its activities. In particular, the data could be communicated to:
- to)subjects, public and private, that can access the data by virtue of the provision of law, regulation or community legislation, within the limits set by these rules;
- b)subjects who need access to data for purposes related to the contractual relationship between the parties, within the limits strictly necessary for the performance of auxiliary tasks (such as, for example, banks and lenders, technical service providers, hosting providers, IT companies , communication agencies, postal couriers and shipping companies);
- c)consultants, within the limits necessary for carrying out their professional duties.
The updated list of External Managers and persons authorized to process the data is kept at the Data Controller’s registered office and is available to the interested party, following a request by e-mail to store@Goosetech.com .
Data transfer abroad
The management and storage of personal data will be carried out on servers of the Owner and / or third-part companies duly appointed as External Data Processors located within the European Union.
Personal data may be transferred abroad, in accordance with the provisions of current legislation, even in countries outside the European Union. The transfer to countries outside the EU, in addition to cases in which this is guaranteed by Commission Decisions of Adequacy, is carried out in such a way as to provide appropriate and appropriate guarantees pursuant to art. 46 or 47 or 49 of the Rules.
As an interested party, the user may exercise, at any time, the rights provided for in articles 15, 16, 17, 18, 20 and 21 of the GDPR which, in particular, confer the right to:
- to)obtain from the Data Controller, pursuant to Article 15, the confirmation that personal data is being processed and, in this case, obtain access to the data and information such as: (i) the purposes of the treatment; (ii) the categories of personal data; (iii) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients located in Third Countries or International Organizations; (iv) when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
- b)obtain from the Data Controller, pursuant to Article 16, the correction of inaccurate personal data concerning him without undue delay; taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration;
- c)obtain from the Data Controller, pursuant to Article 17, the deletion of personal data concerning him without undue delay. The Owner has the obligation to cancel, without undue delay, personal data if there is one of the reasons indicated in paragraph 1 of
d) obtain from the Data Controller, pursuant to Art. 18, the limitation of treatment when one of the hypotheses governed by paragraph 1 of Article 18 occurs;
is) obtain from the Data Controller, pursuant to Article 20, the portability of the data or receive in a structured format, commonly used and readable by an automatic device, the personal data concerning him provided to a Data Controller. The Data Subject also has the right to transmit such data to another Data Controller without impediments by the first Data Controller to whom it has provided them, if the conditions indicated in Article 20 paragraph 1 are met. Finally, the Data Subject has the right to obtain the direct transmission of personal data from one Data Controller to another, if technically feasible;
f) object, in whole or in part, pursuant to Article 21, to the processing of personal data concerning him.
To exercise their rights, the user can send their requests to [ store@Goosetech.com ].
It should also be noted that the Data Subject has the right to revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given prior to the revocation, without prejudice to the consequences indicated above regarding a refusal to provide such personal data. The Data Subject also has the right to lodge a complaint with a Control Authority.
You can make requests regarding the exercise of these rights by contacting the Data Controller at the e-mail address store@Goosetech.com .
Goosetech s.r.l. . undertakes to respond to the requests of the interested party within one month, except in cases of particular complexity, for which it may take up to a maximum of three months. In any case, the Data Controller will provide the interested party with the reason for waiting within one month of the request. The outcome of the request will be provided in writing or in electronic format. In case of request for rectification, cancellation and limitation of processing, the Data Controller undertakes to communicate the results of the requests received by the Data Subject to each of the recipients of his data, unless this proves impossible or involves a disproportionate effort.
The Company specifies that a contribution may be requested from the Interested Party if the applications are manifestly unfounded, excessive or repetitive; in this regard, the Data Controller will provide a register to track the requests for intervention.
Changes to this information