Privacy and Cookie Policy
INFORMATION ON THE PROCESSING OF PERSONAL DATA
WHY THIS INFORMATION
Pursuant to Regulation (EU) 2016/679 (hereinafter 'Regulation'), this page describes the methods of processing personal data of users of the following websites:
1. www.antoninisrl.com
This information does not concern other sites, pages or online services that can be accessed via hyperlinks possibly published on the Site but referring to external resources.
JOINT DATA CONTROLLERS
The Joint Data Controllers are:
Antonini Srl - Via Medaglie Oro della Resistenza, 2 - 50053 Empoli (FI) - VAT No. 05483610480 - Tel. 0571 93221 - Email: com@antoninisrl.com - Contact: Fosco Antonini
hereinafter also referred to simply as “Joint Controllers”.
PURPOSES OF PROCESSING AND LEGAL BASIS
Purpose of the processing
The data is processed for the following purposes:
1. strictly connected and necessary to registration, services and/or any Apps developed or made available by the Joint Controllers, to the use of related information services, to the management of contact or information requests, for the execution of purchases of products and services offered through the Joint Controllers’ Sites;
2. related to the management of the User's requests and sending of feedback which may include the transmission of promotional material; for the completion of the purchase order of products and services offered, including aspects related to credit card payments, shipment management, the possible exercise of the right of withdrawal provided for distance purchases, updating on the availability of temporarily unavailable products and services;
3. related to the fulfillment of obligations provided by community and national laws, to protect public order, to ascertain and prosecute crimes;
4. direct marketing, i.e., sending advertising material, direct sales, carrying out market research or commercial communication of products and/or services offered by the Joint Controllers; this activity may also concern products and services of the Joint Controllers and be performed through the sending of advertising/information/promotional material and/or invitations to participate in initiatives, events, and offers aimed at rewarding users, carried out with “traditional” methods (for example, paper mail and/or calls by an operator), or through “automated” contact systems (for example, SMS, telephone calls without operator intervention, email, fax, interactive applications);
Legal basis
The provision of data for the purposes referred to in points 1), 2) and 3), connected to a pre-contractual and/or contractual phase or functional to a user request or provided by a specific regulatory provision, is mandatory and, in the absence of such, it will not be possible to receive information and access any requested services. Regarding point 4) of this information on the processing of personal data, the user's consent to data processing is instead free, optional and always revocable without consequences on the usability of products and services except the impossibility for the Joint Controllers to keep updated the User on new initiatives or on particular promotions or advantages possibly available.
TYPES OF DATA PROCESSED
Browsing dataThe Joint Controllers inform that the personal data you provide and acquired at the same time as the request for information and/or contact, registration to the Sites and use of services via smartphone or any other tool used to access the Internet, as well as the data necessary for the provision of such services, including browsing data and data used for the possible purchase of the products and services offered by the Joint Controllers but also only the so-called data of “navigation” of the Site by Users, will be processed in compliance with the applicable legislation.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interests, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes 'IP addresses' or domain names of computers used by users connecting to the Sites, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters related to the user's operating system and computer environment.
This data is used only to obtain anonymous statistical information on the use of the Site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site: save this eventuality, at present the data on web contacts do not persist for more than a few days.
The Joint Controllers collect, store and process your personal data for the purpose of providing the products and services offered on the Site, or for legal obligations. With regard to certain specific Services, Products, Promotions, etc., the Joint Controllers may also process your data for commercial purposes. In such cases, a specific, separate, optional and always revocable consent will be requested with the methods and contact details indicated.
The optional, explicit and voluntary sending of electronic mail to the addresses indicated in the appropriate section of the Website, as well as the compilation of questionnaires (e.g., form), communication via chat, push notification via APP, social networks, call centers, etc., entails the subsequent acquisition of some of your personal data, including those collected through the use of Apps and related services, necessary to respond to requests.
We also inform you that when using mobile devices to access digital content and services offered directly by the Joint Controllers or by our Partners, your data may be transferred to such device managers or connectivity providers beyond our control. We also point out that you might access Sites or connect to areas where you could be enabled to publish information using blogs or message boards, communicate with others, review products and offers, publish comments or content. Before interacting with these areas, please read the General Conditions of Use carefully and the Privacy Policy of these social platforms, considering that in certain circumstances, the information published can be seen, read, collected, and used by other users over the Internet.
In the pages of the Joint Controllers' site where data is collected (e.g., data collection form for the provision of certain services or for participation in specific initiatives) specific information will be published and, where necessary, specific consent will be requested.
MODALITIES, LOGIC OF PROCESSING, STORAGE TIME AND SECURITY MEASURES
Processing is also carried out with the aid of electronic or otherwise automated means and is carried out by the Joint Controllers and/or by third parties that the Joint Controllers can use to store, manage and transmit the data. The processing of data will be carried out with logic of organization and processing of your personal data, also related to the logs originated by access and use of services made available via the web, of the products and services used related to the purposes above mentioned and, in any case, in order to guarantee the security and confidentiality of the data. The personal data processed will be kept for the times necessary to achieve the purposes indicated or as provided by the applicable regulations (e.g., fiscal).
Regarding data security, in the sections of the website prepared for particular services, where personal data is requested from the User navigator, the data is encrypted through a security technology called Secure Sockets Layer, abbreviated to SSL. The SSL technology encrypts the information before it is exchanged via the Internet between the User's computer and the central systems of the Joint Controllers, making it incomprehensible to unauthorized parties and thus guaranteeing the confidentiality of the information transmitted; moreover, transactions made using electronic payment instruments are carried out directly using the Payment Service Provider (PSP) platform and the Joint Controllers retain only the minimum set of information necessary to manage any disputes. With reference to aspects of the protection of personal data, the User is invited, according to Article 33 of the GDPR to report to the Joint Controllers any circumstances or events from which a potential “personal data breach (data breach)” may arise to allow an immediate evaluation and the adoption of any actions aimed at countering such event by sending a communication to the Joint Controllers at the contacts indicated. The measures adopted by the Joint Controllers do not exempt the User from paying the necessary attention to the use, where required, of adequately complex passwords/PINs, which should be updated periodically, especially if the user fears they have been violated / known by third parties, as well as to keep them carefully and make them inaccessible to third parties, in order to avoid improper and unauthorized use.
Currently, the Joint Controllers use the “Aruba Business Server” service, of the company Aruba Spa, based in Arezzo (Italy).
AREAS OF COMMUNICATION AND TRANSFER OF DATA.
For the pursuit of the above-mentioned purposes, the Joint Controllers may communicate and process, in Italy and abroad, the personal data of users to third parties with whom we have relationships, where these third parties provide services at our request. We will provide these third parties only with the information necessary to perform the requested services taking all measures to protect your personal data.
Data may be transferred outside the European Economic Area if this is necessary for the management of your contractual relationship. In this case, the recipients of the data will be imposed protection and security obligations equivalent to those guaranteed by the Joint Controllers. In the case of the use of services offered directly by Partners, we will provide only the data strictly necessary for their execution. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and, where required, the guarantees applicable to data transfers to third countries will be applied.
We may also disclose personal data to our commercial service providers, for marketing reasons, for this purpose appointed external data processing managers. In addition, personal data may be communicated to the competent public subjects and authorities for compliance with regulatory obligations or for the ascertainment of responsibility in case of computer crimes against the Site as well as communicated to, or allocated at, third parties (as independent data controllers or, in the case of electronic communication service providers, as autonomous data controllers), which provide computer and telematic services (e.g., hosting, website management and development services) and which the Joint Controllers use for the performance of tasks and activities of a technical and organizational nature instrumental to the functioning of the website.
Subjects belonging to the categories above operate as separate Data Controllers or as Managers appointed by the Joint Controllers.
Personal data may also be known by the employees/consultants of the Joint Controllers who are specially trained and appointed as Data Processors.
The categories of recipients to whom the data can be communicated are available by contacting the Joint Controllers at the addresses indicated.
RIGHTS OF THE DATA SUBJECTS
You may exercise at any time the rights recognized by the law, including the right:
- to access your personal data, obtaining evidence of the purposes pursued by the Joint Controllers, the categories of data involved, the recipients to whom the data can be communicated, the applicable storage period, the existence of automated decision-making processes;
- to obtain without delay the correction of any inaccurate personal data concerning you;
- to obtain, in the foreseen cases, the deletion of your data;
- to obtain the limitation of processing or to oppose it, when possible;
- to request the portability of the data you have provided to the Joint Controllers, i.e., to receive them in a structured format, commonly used and readable by automatic device, also to transmit this data to another controller, within the limits and with the constraints provided by Article 20 of the GDPR;
Furthermore, you can lodge a complaint with the Data Protection Authority pursuant to Article 77 of the GDPR.
For the processing referred to in point 4) of the purposes, the User can always revoke consent and exercise the right to object to direct marketing (in “traditional” and “automated” form). Opposition, in the absence of any indication to the contrary, will be referred to both traditional and automated communications.
The rights listed above can be exercised at the request of the Interested Party using the contact details of the Joint Controllers.
RIGHT TO COMPLAIN
Data subjects who believe that the processing of personal data referred to them carried out through this Site occurs in violation of the provisions of the Regulation have the right to lodge a complaint with the Guarantor, as provided for by Article 77 of the Regulation itself, or to take appropriate legal action (Article 79 of the Regulation).
COOKIES AND OTHER TRACKING SYSTEMS
WHAT ARE COOKIES
Cookies are small text strings that the sites visited by the User send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same User. During the navigation on a site, the User can receive on his terminal also cookies that are sent from different sites or web servers (so-called 'third parties'), on which some elements (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that the same is visiting.
Cookies, usually present in users' browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentications, session monitoring, storage of information on specific configurations concerning users who access the server, etc.
TYPES OF COOKIES
TECHNICAL COOKIESTechnical cookies are those used for the sole purpose of 'carrying out the transmission of a communication on an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such service' (see Art. 122, paragraph 1, of the Code). They are not used for further purposes and are normally installed directly by the website owner or operator.
- navigation or session cookies, which allow the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas);
- analytics cookies, similar to technical cookies when used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site;
- functionality cookies, which allow the user to navigate according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided to the same.
The prior consent of users is not required for the installation of such cookies, while the obligation to provide the information remains unchanged (see the Privacy Guarantor's FAQ).
Profiling cookies are aimed at creating user profiles and are used in order to send advertising messages in line with the preferences shown by the same part of browsing the net.
PUBLISHERS AND “THIRD PARTIES”Another element to consider, for the correct definition of the matter in question, is the subjective one. That is, it is necessary to take into account the different subject that installs cookies on the User's terminal, depending on whether it is the same operator of the site that the User is visiting (which can be briefly referred to as 'publisher') or a different site that installs cookies through the first (so-called 'third parties'). It is important to always have this distinction clear in order to correctly identify their respective roles and responsibilities, with reference to the release of the information and the acquisition of user consent online.
COOKIES USED BY THE JOINT CONTROLLERSThe Joint Controllers use cookies for various purposes, in order to offer you a fast and safe digital experience, for example, allowing you to keep the connection to the protected area active while browsing through the pages of the Site. The cookies stored on your terminal cannot be used to recall any of the data from your hard disk, transmit computer viruses or identify and use your e-mail address. Each cookie is unique in relation to the browser and device you use to access the Websites or use the App of the Joint Controllers. Generally, the purpose of cookies is to improve the functioning of the website and the User's experience in using it, although cookies can be used to send advertising messages (as specified below).
List of cookies in use, storage time and privacy policy of third parties.
Google Analytics (for marketing and re-marketing): 14 months Policy
Metricool (for marketing): 14 months; Privacy Policy
Facebook (for marketing and re-marketing): 90 days; Privacy Policy
Clarity (for marketing): 12 months; Privacy Policy
Internal Technical: 24 months; Refer to this policy
Cookie Management
The user can manage their cookie preferences through the features present in common browsers that allow you to delete/remove cookies (all or some) or change the browser settings itself to block the sending of cookies or limit it to specific sites (compared to others). Therefore, it is possible to deny the use of cookies, following the disabling procedure provided by your browser. Below are the methods proposed by the main browsers: Microsoft Windows Explorer, Mozilla Firefox, Google Chrome, Apple Safari, Google Analytics by downloading a specific browser plug-in. For information on the cookies stored on your terminal and to disable them individually, please refer to the link:http://www.youronlinechoices.com/it/le-tue-scelte
Other options for managing cookies by acting directly from the browser
Block third-party cookiesThird-party cookies are generally not essential for browsing, so you can refuse them by default, through special functions of your browser.
Activate the Do Not Track optionThe Do Not Track option is present in most of the latest generation browsers. Websites designed to respect this option, when activated, should automatically stop collecting some of your browsing data. As mentioned, however, not all websites are set to respect this option (discretionary).
Activate the 'incognito browsing' modeThrough this function, you can browse without leaving a trace in the browser of the navigation data. The sites will not remember you, the pages you visit will not be stored in the history and the new cookies will be deleted. The incognito browsing function does not guarantee anonymity on the Internet, because it serves only to not maintain the navigation data in the browser, while your navigation data will continue to be available to website managers and connectivity providers.
Delete cookies directlyThere are special functions to do this in all browsers. Remember, however, that new cookies are downloaded at every Internet connection, so the deletion operation should be performed periodically. If desired, some browsers offer automated systems for the periodic deletion of cookies.