Privacy Policy Eurostep
introduction
Welcome to our website https://eurostep.it
Eurostep S.r.l. operates in compliance with the EU Data Protection General Regulations 2016/679. Eurostep S.r.l. cares about your privacy and respects your privacy rights. At Eurostep S.r.l., we are aware of the trust you place in us and our responsibility to protect your privacy and keep your personal data secure. We collect and process your personal data with the utmost care and attention, adopting both specific technical and structural precautions to ensure their complete safety.
Below you will find the main information on treatment by Eurostep S.r.l. of your personal data related to your browsing activity on https://www.eurostep.it and the use of the services offered on the website. Eurostep S.r.l. invites you to read this Privacy Policy before sending your personal data; this privacy policy is a subject to updates and changes that will be communicated in newsletters and / or highlighted in the relevant sections of the site. Eurostep S.r.l. encourages you to periodically review this Privacy Policy.
The information is not to be considered valid for other websites that may be consulted through the links on the websites in the domain of the owner, who is not to be considered in any way responsible for the third-party websites.
The information is also based on the Recommendation n. 2/2001 which the European authorities for the protection of personal data, in the meeting of the Group established by the art. 29 of the directive n. 95/46 / CE, adopted May 17, 2001 to identify some minimum requirements for the collection of personal data online, and, in particular, the procedures, timing and nature of information which data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection,as well as what is provided for by the Directive 2002/58 / EC, as updated by Directive 2009/136 / EC, regarding Cookies and the Authority’s provision “Identifying simplified procedures for the information and the acquisition of consent for the use of cookies – 8 May 2014 (Published in the Gazzetta Ufficiale No. 126 of 3 June 2014) “and subsequent clarifications.
Personal Data (Art. 4 GDPR): any information concerning an identified or identifiable natural person (‘interested party’); an identifiable natural person can be identified, either directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online ID or one or more characteristic elements of their physical, physiological, genetic, psychological, economic, cultural or social identity; (C26, C27, C30).
Specific information: specific information could be presented on the website pages related to special services or processing of Data provided.
Cookies: for more information on the cookies used by this website, please, see the Cookies Policy at the following link https://www.eurostep.it/privacy-cookies-policy/
data controller
The processing of your personal data is carried out by Eurostep S.r.l. – Via Feltrina Sud 192, 31092 Montebelluna, Treviso, Italy, P.IVA 03896260241 as Data Controller. The processing operations connected to the web services of this site take place only at the registered office of Eurostep S.r.l. and are operated only by authorized personnel for their treatment.
For any question or requests related to your privacy and the processing of your personal data, please, contact our Customer Service or by writing to the address of Eurostep S.r.l.
The controller’s email contact is privacynospam@eurostep.it
THE DATA PROTECTION OFFICER
The DPO – Data Protection Officer is determined pursuant to articles 37 – 39 of the Reg. EU 2016/679. The DPO email contact is gdprnospam@eurostep.it .
PURPOSE AND LEGAL BASIS OF THE PROCESSING
Eurostep S.r.l. informs you that it will process the data that can be qualified as personal. The personal data that Eurostep S.r.l. treats are those that you provide us when you request a quote, complete an order, purchase goods and those we collect while you browse or when you use the services offered on the site.
The personal data processed through the website are the following and for the following purposes A:
Surfing data:
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interests, but by their very nature could allow, through processing and association with data held by third parties, to identify users. These data includes IP addresses or computer names used by users connecting to the site, URI (Uniform Resource Identifier) addresses, the method used to submit the request to the server, the file size obtained in answer, the numeric code indicating the status of the response given by the server and other parameters relating to the operating system and the user’s IT environment.
Common personal data:
to access certain site services, the provision of personal data may be required. Such personal data could be name, address, an e-mail address, telephone number.
Special categories of personal data:
Processing of the data identified by the art.9 of the Regulation n.379 / 2016, personal data that reveal the racial or ethnic origin, the political opinions, the religious or philosophical beliefs or trade union membership as well as the genetic data, biometric data for the purpose of uniquely identifying an individual, data concerning an individual’s sex life or sexual orientation will be processed only with the specific consent of the person concerned.
Cookies
For more information on cookies used by this website, please, see the following Cookies policy
The personal data you provide is processed for the following:
– conclude or execute the purchase contracts for the goods offered on the site or in the stores;
– manage your requests forwarded to our Customer Service;
– subscription to the newsletter and marketing communications;
– registration on the site and the use of services reserved for registered users;
– administrative-accounting activities in general
For the purposes application of the provisions regarding the protection of personal data, the processing performed for administrative-accounting purposes are those related to the performance of organizational, administrative, financial and accounting activities, regardless of the nature of the data processed. In particular, these objectives pursue internal organizational activities, those functional for the fulfilment of contractual and pre-contractual obligations, and information activities.
In the all this cases, the processing of your personal data is legitimate as it is necessary to execute an agreement with you or to provide you with the service that you have specifically requested.
We also conduct statistical surveys and analyses with data in aggregate form to understand how users interact and use the site, in order to improve our offer and our services.
Only with your express consent, will we process your personal data to:
B) carry out commercial communications activities;
C) for profiling activities, to allow you to elaborate your profile and to analyse consumption choices and purchasing habits and to compile statistics to improve the products and services and to allow us to send communications that may be of interest to you. The processing of personal data could relate to customer care activities, consisting in offering personalized services during sales and after-sales and courtesy services.
WHO WILL PROCESS YOUR DATA
Your personal data is processed by exclusively authorised personnel of our company.
FOR HOW LONG WE KEEP YOUR DATA
We store your personal information for a limited period of time depending on the purpose for which it was collected, at the end of which your personal data will be deleted or otherwise made anonymously irreversibly. The storage period is different depending on the purpose of the treatment. By way of example, it is specified that the retention period for GOOGLE ANALYTICS is equal to 38 months. The data collected during the purchase of goods are treated up to the conclusion of all administrative and accounting formalities, therefore they are filed in accordance with local tax regulations (ten years), while those used to send you our newsletters until you ask us to stop sending.
RECIPIENTS OR CATEGORIES OF RECIPIENTS OF THE DATA
The personal data provided will be communicated to recipients, who will process the data as managers (art. 28 of EU Reg. 2016/679) and / or as natural persons acting under the authority of the owner and the manager (art. 29 of EU Reg. 2016/679), for the purposes listed above. Specifically, the data will be communicated to companies contractually linked to Eurostep Srl, to companies related and / or controlled within the European Union and in countries outside the EU, in accordance with current laws and regulations, including through the management companies. The data may be disclosed to:
– the sales / distribution network on the territory;
– subjects that provide services for the management of the information system used by Eurostep S.r.l. and telecommunications networks (including electronic mail, CRM Data Base management and mailing lists, e-commerce platforms, APP suppliers, call centers, etc.);
– third parties to support online purchases and associated administrative-accounting activities, shipments and any returns (eg banks, insurance companies);
– firms and companies in the context of assistance and consultancy relationships;
– competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request. The subjects belonging to the above mentioned categories act as Data Processing Manager, or operate in total autonomy as separate Data Controllers. The list of managers is constantly updated and available at the Eurostep S.r.l. – Via Feltrina Sud 192, 31092 Montebelluna, Treviso, Italy, privacynospam@eurostep.it .
TRANSFER OF DATA TO THIRD COUNTRIES OR INTERNATIONAL ORGANIZATIONS AND GUARANTEES
To manage the e-commerce activities, Eurostep S.r.l. may use cloud platforms provided by third party operators as sub-processors. In this regard, we inform you that your personal data acquired on ground of this information may also be stored on servers located in the US. The US do not benefit from a decision of adequacy of the EU Commission, therefore the transfer will take place on the basis of the standard contractual clauses approved by the Commission or by virtue of other adequate mechanisms of data transfer provided for by the current legislation. For information on the guarantees concerning the transfer of data outside the EU, write to privacynospam@privacy.it .
DATA STORAGE PERIOD OR CRITERIA FOR DETERMINING SUCH PERIOD
The processing will be carried out in an automated and / or manual way, with methods and tools aimed at guaranteeing maximum security and confidentiality, by subjects specifically appointed to do so.
In compliance with the provisions of art. 5 paragraph 1 letter e) of Reg. UE 2016/679 the personal data collected to allow navigation will be stored in a form that allows identification of data subjects for the duration of the session, if you request to be contacted for an offer or to use of one of the services offered by forms or contacts on the website.
The storage of personal data provided depends on the purpose of the processing:
– navigation on this website (see the cookies policy at https://www.eurostep.it/privacy-cookies-policy/ );
– for contact request (maximum 1 year);
– for registered reserved area / login (maximum 2 years);
– data collection for personnel selection (maximum 2 years);
– receiving newsletters or promotional communications via e-mail (maximum 24 months);
– online sales (10 years).
More information about the criteria based on the conservation of your data can be requested by writing an email to privacynospam@eurostep.it
RIGHTS OF THE INTERESTED PARTIES
You have the right, at any time, to ask the Data Controller to access your personal data, to rectify it, to cancel it or limit its processing. Furthermore, you have the right to object, at any time, to the processing of your data (including automated processing, e.g.: profiling) and to the portability of your data. You can request the Data Controller to access your personal data held by Eurostep S.r.l. in a format that can be read by electronic devices and, where technically possible, to transfer your data directly to a third party indicated by you. Without prejudice to any other administrative and judicial appeal, if you believe that the processing of data concerning you has been carried out illegitimately, you can file a complaint with one of the competent control authorities for compliance with the rules on personal data protection. In Italy, the complaint can be presented to the Authority for the protection of personal data (http://www.garanteprivacy.it ).
You will be able to assert your rights as expressed by the EU Regulation 2016/679, by contacting the owner, by sending an e-mail to the address privacynospam@eurostep.it or by writing to the above-mentioned owner’s office.
You have the right, at any time, to ask the Data Controller to access to your personal data, correct or cancel it, or to limit the data processing or to oppose the processing. You have the right to data portability. You also have the right to revoke at any time any consent already given without prejudice to the lawfulness of the treatment based on the consent given prior to the revocation.
As an alternative to the automatic cancellation systems provided for e-mails only, in order to stop receiving automated direct marketing communications (e-mail, SMS, MMS, social networks) you can simply write the email to privacy@eurostep.itnospam with the subject “cancellation from automated mail “. To stop receiving direct marketing communications (operators’ calls, paper mail) you can write to privacynospam@eurostep.it with the subject “cancellation from traditional marketing“. To stop receiving any direct marketing communication it will suffice to write a mail to privacynospam@eurostep.it with the subject “marketing cancellation“. To be excluded from profiling activity, just write a mail to privacynospam@eurostep.it with the subject “no profiling“.
You have the right to lodge a complaint with a supervisory authority.
There is no automated decision-making process.
NATURE OF PROVISION AND REFUSAL
The provision of data for the purposes referred to in point A) is optional, however necessary. Any refusal to provide the necessary data with respect to point A) shall make it impossible to use the services of the data controller. The provision and consent to the processing for the purposes referred to in points B) is optional. The refusal of consent for the purposes described in points B) above, however, does not imply any negative consequence with regard to the purposes referred to in point A). The marketing activity is only possible and will be carried out only with the specific consent of the interested party. The inclusion of data in the CRM is optional and will automatically result in the visibility of the same by those who have access, i.e. the data processors and parties entitled to processing, present at points of sale in the world.
CHANGES TO THE PRIVACY STATEMENT
The Data controller reserves the right to modify, update, add or remove parts of this privacy statement at its discretion and at any time. The interested party shall periodically verify these possible changes. In order to facilitate this verification, privacy statement shall contain the date when updating took place. The use of the site, after the publication of the aforesaid changes, shall constitute acceptance of these changes.
login social
Social Login is a technology that allows the user to automatically share personal data entered in a social network with the website administrator. For instance, the user can use this technology to register on a website in no time, to participate in an online contest, to make an online purchase (etc.). On the user’s authorization, the social network will send to the website administrator the personal data required for the website registration, participation in the competition, online purchase, etc. of the user, without the latter having to manually enter the requested data. To receive the detailed information pursuant to art. 13 of the GDPR regarding the use of the personal data processed while using this technology, we invite you to visit the websites of the third party. Below you will find the references of these third parties and the link to the page where you can receive information on the data processing and, where required by the law, give or refuse your consent:
Facebook social login: https://developers.facebook.com/docs/plugins
Twitter social login: https://support.twitter.com/articles/20170519
Google account login: https://www.google.com/policies/privacy
Updated on: 21.05.2018