PRIVACY POLICY

Dear User, this Information Notice on the processing of personal data (hereinafter also called “Information Notice”) is issued pursuant to article 13 of the EU Regulation 679/2016 (General Data Protection Regulation – hereinafter also called “GDPR”).

The Information Notice describes in detail the methods and purposes for which your personal data will be processed during the navigation of the Web Site (hereinafter also called “Web Site”) and the fruition of the different functions and services made available inside it.

DATA CONTROLLER

The Data Controller of your personal data is Riso Scotti S.p.A. (hereinafter also called “Data Controller”), in the person of its Legal Representative at the administrative seat of the company. You can contact the Data Controller in case of questions, requests or clarifications concerning this Information Notice – or the processing of your personal data in general – by e-mail to the following address: privacy@risoscotti.it, by recorded delivery letter to the following address: Riso Scotti SPA via Angelo Scotti 2, 27100 Pavia (PV), or by phone calling the number: 03825081

CATEGORIES OF PERSONAL DATA PROCESSED

While you navigate the Web Site and use the relevant functions/services, the Data Controller processes the following categories of personal data:

  1. Information and data concerning the navigation of the Web Site (by way of example, but not limited to, information on the pages and sections of the Web Site you navigated, your activities on the Web Site, the time you spent on each page and section of the Web Site, etc.);
  2. Information and data concerning the devices you used to navigate the Web Site and to employ its functions and services (by way of example, but not limited to, IP address, browser employed, type of device employed, data concerning your geographical position – only provided that you have agreed such processing beforehand -, information coming from cookies or similar tools released by the pages of the Web Site);
  3. In case you should decide to register – or are already registered – to the reserved area of the Web Site (hereinafter also called “Reserved Area”), the personal data required to create your account, as well as the other data that can be introduced in the Reserved Area (name, surname, invoicing and delivery address, possible VAT Number) and information on the activities you carried out in the Web Site once logged-in (for example, fruition of services reserved to the registered users), or in the Reserved Area;
  4. In case you should decide to make a commercial transaction on the e-commerce web site called “E-Shop”, personal data and information on the transaction (by way of example, but not limited to, identification data, contact data, delivery address in case of possible shipments, payment data, invoicing data in case such option is selected);
  5. Your e-mail address specified while making the commercial transaction on the Web Site, to send communications (“newsletters”) on novelties, promotions and offers for the products or services subject of the transaction, or similar products and services;
  6. In case you should decide to contact the Data Controller by filling in the relevant form in the section “Contact Us” of the Web Site (or sending communications to the Data Controller’s contacts present on the Web Site), the personal data and the information required to send the contact request and to process your communication (name, surname, e-mail address for acknowledgment, as well as the content of the information or requests you sent);
  7. In case you should decide to receive commercial communications by the Data Controller (for example, Newsletters), upon providing express consents, your contact details (by way of example, but not limited to, e-mail address);
  8. In case you should decide to take part to surveys, market researches and more generally to statistic surveys proposed by the Data Controller or third parties, upon provision of your express consent, your contact details (by way of example, but not limited to, e-mail address) and the information/preferences emerged from the surveys carried out;
  9. In case you should take part to communicational initiatives or prize contests promoted by the Data Controller through the Web Site, the identification data (by way of example, but not limited to, name and surname), contact details (by way of example, but not limited to, e-mail address, telephone number) and delivery details (by way of example, but not limited to, physical address) needed to allow your participation and the possible management of the winning/selection stage;
  10. In case you should have recourse to the possibility of interaction among the Web Site contents and your Social Network profiles (for example, the “like” or “tweet” buttons), the data and information of such profiles will be processed, too.

The personal data of categories 1) and 2) are collected automatically by the Data Controller while you navigate the Web Site. The personal data belonging to the other categories are provided directly and willingly by you.

PERSONAL DATA PROVISION

The provision of personal data is optional, but in case of some personal data it’s compulsory (that is, it’s needed for the data whose fields are marked with an asterisk or in another way as compulsory) so that Riso Scotti Spa can meet the user’s requirements within the functionalities of the Web Site. The non-provision, partial or wrong provision of the personal data marked with an asterisk, being necessary for the execution of the service required, makes such execution impossible; while the non-provision, partial or wrong provision of the optional personal sata hasn’t got any consequence.

LEGAL BASIS AND PURPOSES OF THE PROCESSING

The data are processed only for the purposes for which they have been collected, as described below:

  1. Allowing the navigation of the Web Site, the access to its pages and sections, the employment of its functions and services (inclusive of interactions with Social Networks profiles). Legal basis: article 6(i)(b) of the GDPR;
  2. Allowing your registration in the Reserved Area and the employment of the services offered to the registered users. Legal basis: article 6(i)(b) of the GDPR;
  3. Allowing the execution and finalization of commercial transactions in the special areas of the Web Site, and as a consequence the managing of any stage of the transaction (payment acceptance, possible shipment of products or provision of services). Legal basis: article 6(i)(b) of the GDPR;
  4. In case transactions are made on the Web Site, allowing the Data Controller to regularly keep the accounts and meet the relevant accounting, fiscal and administrative obligations (by way of example, but not limited to, pursuant to article 2220 of the Civil Code). Processing needed to meet the legal obligations the Data Controller is subject to (article 6(i)(c) of the GDPR);
  5. Acknowledging your contact or information requests through interaction with the section “Contact Us” of the Web Site (or through the transmission of communications to the Data Controller’s contacts present in the Web Site). Legal basis: article 6(i)(b) of the GDPR;
  6. Receiving commercial communications by the Data Controller;
  7. Allowing your participation to surveys, market researches and more generally to statistic surveys proposed by the Data Controller or third parties. Processing implemented upon consent by the Data Subject (article 6(i)(a) of the GDPR).
  8. Allowing the Data Controller to acknowledge requests by administrative, jurisdictional or public security authorities (by way of example, but not limited to, pursuant to article 210 of the Civil Code and 248 of the Criminal Code). Processing needed in order to meet the legal obligations the Data Controller is subject to (article 6(i)(c) of the GDPR).
  9. Allowing the Data Controller to establish, exercise or defend legal claims, whether in court proceedings or out-of-the-court procedures, or anyway within disputes or litigations (set up by you, the Data Controller, third parties or judicial or administrative authorities). Processing needed in order to pursue the Data Controller’s legitimate interest (article 6(i)(f) of the GDPR).
  10. Evaluating your navigation experience on the Web Site in order to update and improve it according to the information emerged, with the purpose of providing a better navigation experience. Processing needed in order to pursue the Data Controller’s legitimate interest (article 6(i)(f) of the GDPR).
  11. Allowing the Data Controller – or third parties appointed by it – to check the correct navigation of the Web Site by users and/or the correctness of the transactions carried out, so that the Data Controller can protect itself from frauds and malicious or culpable conducts adopted by the users of the Web Site. Processing needed in order to pursue the Data Controller’s legitimate interest (article 6(i)(f) of the GDPR).
  12. Once the transaction on the Web site is concluded, sending you commercial communications and information on novelties, promotions and offers on products or services subject of the transaction – or similar products and services – allowing the Data Controller to keep you informed and updated on the novelties concerning its products and services. Processing needed in order to pursue the Data Controller’s legitimate interest (article 6(i)(f) of the GDPR).