Privacy

Privacy Policy

Information pursuant to art. 13 of European Regulation 679/2016 and consent

Pursuant to Article 13 of European Regulation (EU) 2016/679 (hereinafter GDPR), and in relation to the personal data that Due Srl will acquire, we inform you of the following:

Data Controller and Data Protection Officer

The data controller is Due srl  based in  Cesena, Via Cairoli n. 61. The Data Controller can be contacted via  email to the address  millenovesetto@gmail.com  Due Srl has not appointed a data protection officer.

Purpose of data processing

Personal data is processed by Due Srl  in order to:

  • allow registration on the Site and to access the services reserved for registered users as well as for the administrative and legal obligations connected to it
  • send communications containing information, including commercial and promotional information, relating to other Applications for which he is the Data Controller or Joint Data Controller;
  • in the case of online purchases to allow the conclusion of the sales contract and the correct execution of the operations connected to the  same contract.

Legal basis for processing

Due Srl processes your personal data lawfully, where the processing:

  • is necessary for user registration on the site  www.mille968.it owned by Due Srl;
  • is necessary in order to allow the user to purchase goods online.

Consequences of failure to communicate personal data

With regard to personal data relating to the performance of the contract to which you are a party or relating to the fulfillment of a regulatory obligation (for example, obligations related to accounting and tax records), failure to communicate personal data prevents the completion of the contractual relationship itself.

Data retention

Your personal data, processed for the purposes indicated above, will be retained for the duration of the contract and, subsequently, for the time in which Due Srl  is subject to retention obligations  for tax purposes or for other purposes provided for by law or regulation.

Data communication

Your personal data may be communicated to:

1. consultants and accountants or other legal professionals who provide services functional to the purposes indicated above;

2. banking and insurance institutions that provide services functional to the purposes indicated above;

3. entities that process data in compliance with specific legal obligations;

4. Judicial or administrative authorities, for the fulfillment of legal obligations.

Profiling and Dissemination of Data

Your personal data will not be disclosed or subjected to any fully automated decision-making process, including profiling.

Rights of the interested party

The rights granted to you by the GDPR include:

  • ask the Two  Srl access to your personal data and related information; the rectification of inaccurate data or the completion of incomplete data; the erasure of your personal data (if one of the conditions set forth in Article 17, paragraph 1 of the GDPR applies and in compliance with the exceptions set forth in paragraph 3 of the same article); the restriction of the processing of your personal data (if one of the conditions set forth in Article 18, paragraph 1 of the GDPR applies);
  • request and obtain from Due Srl – in cases where the legal basis for the processing is the contract or consent, and the processing is carried out by automated means – your personal data in a structured and machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to data portability);
  • object at any time to the processing of your personal data in the event of particular situations concerning you;
  • Withdraw your consent at any time, limited to cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (e.g., date and place of birth or place of residence) or particular categories of data (e.g., data revealing your racial origin, political opinions, religious beliefs, health, or sex life). Processing based on consent and carried out prior to its withdrawal remains lawful;
  • lodge a complaint with a supervisory authority (Italian Data Protection Authority – www.garanteprivacy.it).