PRIVACY DISCLAIMER

Link to the General Regulations for the Protection of Personal Data n. 2016/679 (GDPR)
In compliance with articles 13 (for data collected from the interested party) and 14 (for data not collected from the interested party) of EU Regulation 2016/679 (GDPR) are made available to the Users of the website https://www.saccarta.it/ the following information, which refers exclusively to the processing carried out through said Website and not through other websites that may be visited via links from this, for which it is suggested to read the relevant information provided by the respective Owners.
The purpose of the privacy policy is to provide maximum transparency regarding the information that the site collects and the purposes and methods of use.

1 – Data Controller
SACCARTA SPA with registered office in Via Casati Felice 20 – 20124 Milan (MI), Italy (the “Company”, “https://www.saccarta.it/ or the” Data Controller “), as data controller of the personal data of users of the website https://www.saccarta.it/, guarantees compliance with the regulations on the protection of personal data by providing the following information on the processing of data communicated or otherwise collected during navigation on this site , pursuant to art. 13 of Legislative Decree 196/2003 and pursuant to art. 13 and 14 of EU Regulation 2016/679 of 27 April 2016.

You can contact the Data Controller using the following contact details:

Tel: + 39 0362577502
Fax: + 39 0362564211
Email: privacy@saccarta.it
Pec: saccarta.privacy@pec.it
The person in charge of data processing is the Legal Representative Pro tempore
The System Manager is FB CONSULTING SRL

2 – Legal basis of the processing
The processing of personal data is based on the right to information, on the fulfilment of contractual or social contact obligations, or, where necessary, on consent through the free and informed compilation of the appropriate information fields in the dedicated forms.
The provision of data and therefore the consent to the collection and processing of data are optional.
The User can deny consent, and can revoke a consent already provided at any time (by clicking on the Cookie Policy link at the bottom of the page, or through the browser settings with reference to cookies). However, denying consent may make it impossible to provide some services and the browsing experience of the site may be reduced.

3 – Purpose of the processing and methods
The processing of personal data means any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data.
The personal data of the Users of the Website https://www.saccarta.it/will be processed in the ways and in the forms prescribed by the GDPR, for the performance of the Website’s own functions, with particular, but not exclusive, reference to procedures described therein for data collection, contact form, any registration process / access to the reserved area, subscription to the newsletter and the like.
The processing of the data collected by the site, in addition to the purposes connected, instrumental and necessary for the provision of the service, is aimed at the following purposes:

– Follow up on specific requests addressed to the Owner by the User through the Website and its communication tools (contact forms, information request forms on products and services and the like);

– Possible subscription to the newsletter (where provided) and the consequent sending of commercial communications and various information concerning the sector in which the Data Controller operates, with the specific consent given by the user;

– For communications of an informative nature relating to the services of the same Data Controller, following the request for information via e-mail messages or filling out the contact form and other communication tools;

– For other ancillary purposes or related to those indicated above and in any case falling within the scope of the Website’s activities, including Geo-location on the map;

– For the processing of the e-mail address, provided by the interested party in the context of the sale of a product or service, also aimed at sending, without further consent, communications for the subsequent direct sale of products or services similar to those object of the sale itself;

– For the collection of data and information in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site, to improve the online store (where provided) and the platform, as well as the performance and characteristics. None of this information is related to the natural person-User of the site, and does not allow identification in any way.
The data collected will be processed using electronic or in any case automated, IT and telematic tools, or through manual processing with logic strictly related to the purposes for which the personal data were collected and, in any case, in order to guarantee the security of the same in any case. The data is kept for the time strictly necessary to manage the purposes for which the data are collected in compliance with current regulations and legal obligations.
The processing of personal data at Via Casati Felice 20 – 20124 Milan (MI) or at the Operational Headquarters in Via Tonale, 50 Cap. 20030 Copreno di Lentate sul Seveso – (MB) – Italy will be carried out exclusively by our Data Processors, and will be provided to Third-Party Companies only upon specific request and need (see paragraph 5).
The newsletter with promotional content (if present) is, on the other hand, provided directly by the data controller, using MailUp which, processing data on behalf of the owner, is responsible for the processing. MailUp uses web beacons in order to detect the opening of a message, the clicks made on the hypertext links contained within the e-mail, from which IP address or with which type of browser the e-mail is opened, and other similar details. The User can easily object to further sending of newsletters also by clicking on the appropriate link for the withdrawal of consent, which is present in each e-mail containing the newsletter. Once the consent has been revoked, the Data Controller will send the User a message to confirm that the consent has been revoked.

4 – Collected data
This site collects user data in two ways.
4.1 – Data collected in an automated manner
While browsing the website, a series of information relating to the computer systems used by the user is normally acquired. These are for example:
– internet protocol address (IP);
– type of browser;
– name of the internet service provider (ISP);
– date and time of visit;
– web page of origin of the visitor (referral) and exit;
– possibly the number of clicks and page / s visited;
– device data.
These data are used for statistical and analytical purposes, in an exclusively aggregated form. None of this information is related to the natural person-user of the site, and does not allow identification in any way. The IP address is used exclusively for security purposes and is not crossed with any other data.

4.2 – Data provided voluntarily
The site may collect other data in case of voluntary use of services by users, such as commenting, communication (chat, contact forms, sending newsletters), purchase (cart) services. These are for example:
– name and surname;
– username;
– email address;
– physical residence address;
– Goods shipping address (where provided for shipping purposes);
– social profiles;
– geographical location.
These data are provided voluntarily by the User at the time of requesting the service, and will be used exclusively for the provision of the requested service.
Users exempt this site from any responsibility for any violations of the laws. It is up to the User to verify that they have permission to enter personal data of third parties or content protected by national and international standards.

5 – Transfer of collected data to third parties
The data collected by the site are not provided to third parties, unless it is a legitimate request from the judicial authority and only in the cases provided for by law. However, the data may be provided to third parties if this is necessary for the provision of a specific use, or for the execution of security checks or site optimization.
The user expressly consents to the transfer of data in the hypotheses indicated below.

5.1 – Third party service providers
This Website may provide some personal data to Consultants, Web Agencies and Software Houses for the execution of security checks or site optimization, to the judicial authorities in the event of a specific request, to third-party companies operating on behalf of the Data Controller ( for example shipping of samples or products) or to the MailUp platform for sending newsletters.
In the case of an e-commerce, this Website shares your personal data with the shipping company in charge of delivering the ordered goods.
To complete the payment, we provide the necessary payment information to the credit institution or payment provider that we have selected as the person responsible for the payment procedure or to the payment service provider selected during the purchase process.
These providers only have access to personal data that is necessary to carry out their duties.
The same suppliers cannot use the same data for other purposes and are also required to process personal data in accordance with this Privacy Policy and the instructions provided by the Data Controller, and in accordance with the applicable regulations on the protection of personal data.

5.2 – Business transfers
In the event that the ownership of the site or all its assets are transferred to third parties, or in the event of a merger, joint venture or reorganization, the personal data of the customers will naturally fall under the transferred assets.

5.3 – Protection of the company and other subjects
We disclose account data and other personal data only if this is expressly required by law; to enforce or apply our General Conditions of Use and Sale and other agreements; to protect our assets or rights, as well as for the safety of the company, our users or other subjects. This includes exchanging information with other companies and organizations that provide for fraud prevention or credit risk reduction.
Obviously, this does not include the sale, sharing or otherwise disclosure of personal data received from customers for commercial purposes, contrary to the commitments made in this Privacy Policy.
Your data will in no case be disclosed to third parties for marketing purposes.
Your data may be transferred to third countries outside the EU for which “assimilation to confidentiality and adequacy” rules are in force or with a specific written agreement “in derogation” and within the limits specified therein or international organizations, nor will they be saved on servers located in a third country.

6 – Place of treatment
The data collected by the site are processed at the headquarters of the Data Controller, and at the Web Hosting datacentre. The web hosting is located in the European Economic Area and acts in accordance with European standards.

7 – Data retention period
The data provided by the interested party will be kept until the express revocation by the interested party, also through action on their browser, cleaning cookies, express request by e-mail or telephone to the Data Controller (see specific paragraph) or otherwise manifested. .
The navigation data will be kept for the technical time necessary to fulfil the functions for which they were collected.

8 – Security measures
The Data Controller processes visitor / user data in a lawful and correct manner, adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
We are committed to protecting the security of your personal data when it is sent, using the Secure Sockets Layer (SSL) software, which encrypts the information you enter.
It is important that you adopt suitable protections against the unauthorized use of your site access credentials.

9 – Rights of the User / Data subject
Pursuant to the European Regulation no. 679/2016 (GDPR) and art. 7 of Legislative Decree 30 June 2003, n. 196, the User may, according to the methods and within the limits established by current legislation, exercise the following rights:
– object in whole or in part, for legitimate reasons, to the processing of personal data concerning him for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
– request confirmation of the existence of personal data concerning him (right of access);
– know its origin;
– receive intelligible communication;
– have information about the logic, methods and purposes of the processing;
– request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
– in cases of consent-based processing, receive only at cost of possible support, its data provided to the owner, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
– the right to lodge a complaint with the Supervisory Authority (Privacy Guarantor)
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524);
– as well as, more generally, to exercise all the rights that are recognized by the current provisions of the law.
These rights can be exercised in the forms and terms set out in art. 12 of the GDPR, by written communication sent to the Data Controller by e-mail to the address: privacy@saccarta.it – saccarta.privacy@pec.it
Requests should be addressed to the Data Controller or to the Data Processor.

10 – Complaints
Each interested party has the right to lodge a complaint pursuant to art. 77 and following of the GDPR to a supervisory authority, which for the Italian State is identified in the Guarantor for the protection of personal data.
The forms, methods and terms for proposing complaints are provided for and governed by the national legislation in force. The complaint is without prejudice to administrative and judicial actions, which for the Italian State can alternatively be proposed to the same Guarantor or to the competent Court.

11 – Profiling
The personal data provided through the forms are NOT subject to profiling.
Profiling allows the Data Controller to evaluate certain personal aspects of the Data Subject relating in particular to his preferences, his interests, his tastes with reference to the products sold and the activities carried out by the Data Controller, in order to allow the Data Controller to offer the Interested a more specific sales service targeted to your needs.

12 – Updates
This privacy statement is updated on 11 December 2020