Privacy Policy En

Privacy disclaimer
In compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 No. 196, Code regarding the protection of personal data) and Community law, (European Regulation for the protection of personal data No. 679/2016, GDPR) and subsequent changes, this site respects and protects the privacy of visitors and users, making every effort possible and proportionate so as not to damage users' rights.
This privacy policy applies exclusively to the online activities of this site and is valid for visitors / users of the site. It does not apply to any information collected through channels other than this website.
The purpose of the privacy policy is to provide maximum transparency regarding the information the site collects and how it uses it.

 

Legal basis of the processing
This site treats data based on consent. With the use or consultation of this site, visitors and users explicitly approve this privacy statement and consent to the processing of their personal data in relation to the methods and purposes described below, including any disclosure to third parties if necessary for the provision of a service.
The provision of data and therefore the consent to the collection and processing of data is optional, the user can deny consent, and can revoke consent already given at any time by sending an email to the following address: info@ciuriciuri.shop
However, denying consent may result in the inability to provide certain services and browsing experience on the site may be compromised.
Starting from May 25, 2018 (date of entry into force of the GDPR), this site will treat some of the data based on the legitimate interests of the data controller.

 

Data collected and purpose
Like all websites, this site also uses log files in which information collected in an automated manner during user visits is stored. The information collected can be the following:
- internet protocol address (IP);
- browser and device parameters used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- web page of the visitor's origin (referral) and exit;
- country of origin;
- possibly the number of clicks.
The collection of data and information takes place for the following purposes:
- exclusively aggregated and anonymous in order to verify the correct functioning of the site. None of this information is related to the physical person-user of the site, and does not in any way permit its identification (from 25 May 2018 this information will be treated according to the legitimate interests of the owner);
- for security purposes (anti-spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as the IP address, which could be used, in compliance with the laws in force on the subject, in order to block damage attempts to the site itself or to cause damage to other users, or in any case harmful activities or offenses. These data are never used for the identification or profiling of the user, nor crossed with other data, nor provided to third parties, but used only for the purpose of protecting the site and its users (from 25 May 2018 this information will be processed based on the legitimate interests of the owner);
- communicate the data to third parties that perform functions necessary or instrumental to the operation of the service, such as the management of comments on the site.

If the site allows the inclusion of comments, or in the case of specific services requested by the user (through the Contact section), the site automatically detects and records some personal identification data of the user, including the email address and nickname. These data are voluntarily provided by the user when the service is provided, and are treated on the basis of consent. By entering a comment or other information, the user expressly accepts the privacy policy, and in particular agrees that the contents inserted can be freely viewed also by other visitors.
The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.
The information that the users of the site will deem to make public through the services and the tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have permission to enter personal data of third parties or content protected by national and international standards.

If comments are managed through an external service, please refer to the service policies.

The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the specified activities. In any case, the personal data collected by the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law. The data, however, may be provided to third parties if this is necessary for the provision of a specific service requested by the User (eg management of comments), or for the execution of security checks or site optimization.

The website can be used to collect data and more precisely in the pages dedicated to purchases
The data will be processed according to the methods indicated on the page itself for the purposes of the sale and whether the data collected is positively and / or negatively concluded will be stored but never disclosed to third parties.


Security measures
This site treats users' data in a lawful and correct manner, taking appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of the data. Processing is carried out using IT and / or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In particular, the site management software is constantly updated and regularly scanned in order to check for viruses and dangerous codes.
In addition to the owner, in some cases, the categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT companies, communication agencies).

 

User rights
Pursuant to the European Regulation 679/2016 (GDPR) and the art. 7 of Legislative Decree 30 June 2003, n. 196 https://www.garanteprivacy.it/regolamentoue/DPIA, the User can, according to the procedures and within the limits established by the current legislation, exercise the following rights:
- object in whole or in part, for legitimate reasons, to the processing of personal data concerning him for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication;
- request confirmation of the existence of personal data concerning him (right of access);
- know the origin;
- receive an intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary to achieve the purposes for which they were collected;
- in the case of treatment based on consent, to receive at the cost of any support, its data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
- the right to submit a complaint to the supervisory authority (Privacy Guarantor - link to the Guarantor's page);
- and, more generally, to exercise all the rights that are recognized by the current legal provisions.
In the event that the data is processed on the basis of legitimate interests, the rights of the parties to the processing are guaranteed (except the right to portability that is not provided for by the rules), in particular the right to object to the processing that can be exercised by sending a request to the data controller.
Requests should be addressed to the Data Controller.

 

Data controller
The data controller under the laws in force is the site administrator, Giusy Sottile.