SARTOBIKES S.R.L., with registered office in via Arno n. 65-67 in PIANIGA (VE) (“SARTO”), is a company that, create, design and sell bikes, also through its website.
In carrying out its activities, SARTO processes personal data in compliance with the applicable laws and contractual provisions, using methods based on principles of correctness, lawfulness and transparency, protecting the privacy of the data subject and his / her rights.
Through this document, SARTO, in its quality of data controller of the processing of personal data (hereinafter "Controller"), intends to provide the information pursuant to art. 13 and following of EU Regulation 679/2016 (hereinafter "GDPR"), with reference to the processing of personal data of users (hereinafter, "User/Users") of the website https://www.sartobikes.com (hereafter, “Website").
Navigation data:the computer systems and software procedures used to operate this Website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subject, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the Website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data are used for the correct functioning of the Website and are not stored on the Server.
Data provided voluntarily by the User filling in the form “Contact” or “Guarantees”: using the service "Contact" or “Guarantees”, involves the processing of User data, required in the appropriate section of the Website, for the sole purpose of offering the services and reply to the request or fulfill the related administrative obligations. The data being processed are: name, surname, e-mail.
Data provided voluntarily by the User for receiving promotional communications related to the Services: in the event that the data Subject signs up for the newsletter service or expresses his consent for the receipt of commercial communications by the Data Controller, the data will be processed for sending such communications by e-mail or ordinary mail, to the addresses provided by the Data Subject. The data being processed are: name, surname, e-mail, address and phone number.
Cookies: for the process of data through cookies, please take a loon to the relevant policy.
User’s data collected are processed by the Controller for:
Functioning of the site: to pursue a legitimate interest of the Controller, consisting in ensuring the safety of the Website and the information exchanged therein, that is the capacity of such Website to resist, at a given level of security, to unforeseen events or acts illicit or malicious that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted and the security of the related services offered or made accessible. The legal basis for processing is art. 6, par. 1 lett. f) of GDPR.
Use the services/reply to “contact” or “guarantees” form: to use the services offered through the Website and/or reply to the request submitted through the form “Contact” or “Guarantees”. The legal basis for processing is art. 6, par. 1, lett. b) of GDPR, being the processing necessary the execution of the contract of which the data subject is a party;
Sending of commercialpromotional communications, invitations to events/workshop of the controller: if the data subject has expressed his explicit consent, to receive promotional communications of the activity of the Controller, including surveys, invitations to training courses and events.
For the purposes referred to in art. 2) herein above personal data will be processed for the period strictly necessary for the pursuit of the aforementioned objectives and also subsequently, for the fulfillment of legal obligations and/or for defensive purposes.
The data provided for commercial communications activities, opinion polls and market research will be stored until the request by the data subject to interrupt such activity or for 2 years.
The processing will be carried out both on paper and electronically, with the help of modern computer systems and manual procedures, only by persons expressly appointed for this purpose. The processing will take place with logic and through forms of organization of data strictly related to the obligations, tasks or purposes mentioned above. The Data Controller uses technical and organizational measures to protect the data in his possession from manipulation, loss, destruction and against access by unauthorized persons. Security measures are constantly improved on the basis of technological development.
Providing that the data referred to in point 1) let. a) is mandatory for the functioning of the Website. Providing the data referred to in point 1, lett. b) is optional. In case of refusal, however, it would not be possible to reply to the user request.
Provided the data referred to in point 1, lett. c) is optional. The User can withdraw his consent at any time and without indicating the reasons. The easiest way to do this is to click on the "Unsubscribe" link, which is available in every newsletter or communication received. The User can alternatively send a communication to the Controller at info@sartoantonio.com.
The User's personal data will be processed by parties authorized to perform these tasks, duly appointed as data processors or in charge of processing, equipped with security measures to guarantee the confidentiality of the data subjects to which the data refer and to avoid undue access to third parties or unauthorized personnel. If necessary, the data collected may be communicated, within the limits strictly relevant to the obligations, tasks or purposes referred to in point 2, to public or private subjects (insurers, auditing and certification companies, etc.) or competent Authorities for the purpose of prevention, detection or repression of crimes, with the observance of the rules that regulate the matter. No data will be disseminated.
The updated list of all Data Processors is available at SARTO’s office and may be requested at the following e-mail address info@sartoantonio.com. Such list may be updated from time to time.
User's data, stored in electronic form, is stored on a server located in the European Union.
Users have the right to know their rights, essentially consisting of the right to receive from the other contractual party information about the existence of the processing of their personal data, as well as access to their data, to obtain rectification, integration, update, erasure or block. Furthermore, the User will also have the right to obtain a copy of his data, limitation of processing and/or to oppose to their processing, as well as the right to data portability and to submit a complaint with the competent control Authorities at the conditions and within the limits indicated in art. 13 of the GDPR.
Each data subject has the right to the following pursuant to articles 15 and following of the GDPR:
Right to be informed;
Right of access by the data subject;
Right to rectification;
Right to erasure (‘right to be forgotten’);
Right to restriction of processing;
Right to data portability;
Right to object.
The data subject can therefore know what personal data are hold by the Controller, their origin and how they are used, request the updating, correction or integration and, in the cases provided for by the provisions in force, the cancellation, the limitation of treatment or oppose to their treatment. Each data subject may, if he wishes, request to receive a copy of the personal data held by the Data Controller in a format readable by electronic devices and, where technically possible, the Data Controller may transfer the data directly to a third party indicated by the data subject.
If the user considers that the processing of his/her personal data has been carried out illegitimately, he/she can file a complaint with one of the competent control Authorities for compliance with the rules on the protection of personal data. In Italy, the complaint can be filed to Garante per la Protezione dei Dati Personali (http://www.garanteprivacy.it/).
To exercise the aforementioned rights, Users can send a communication to the FOLLOWING email address info@sartoantonio.com, indicating the subject "Privacy - exercise of rights”.
This Privacy Policy was published on 18th October 2018. Any updates will always be published on this page.
Web design & development:
àtrio
Contents:
3parentesi
Subscribe to the newsletter and stay updated on the latest news.