top of page
logo (2).png
  • Whatsapp
  • Instagram
  • LinkedIn

Privacy Policy

Information on the processing of personal data

Effective from November 23rd, 2023 

FOREWORD
This document takes into account the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of the 27th of April 2016 (GDPR) and the Privacy Code (D. Lgs 30 June 2003 n. 196). The document has also been drafted on the basis of the Guidelines of the Privacy Supervisor (especially the Anti-Spam Guidelines issued by the Privacy Supervisor on the 4th of July 2013).

Data Controller: Valentina Cortese - P VAT 10071600968 - Lombardia 4/B street, Vizzolo Predabissi (MI) - Email info@valentinacortese.it
Site to which this privacy policy refers: https://valentinacortese.it/ (Site).
The Data Controller has not appointed a DPO (Data Protection Officer). Therefore, you can send any request for information directly to the Data Controller.

GENERAL INFORMATION
This document describes how the Data Controller processes your personal data provided on the Site.
The main processing of your personal data is described below. In particular, the legal basis of the processing is explained, whether the provision is mandatory and the consequences of not providing personal data. To best describe your rights, if necessary, we have specified whether and when a certain processing of personal data is not carried out.On the site you have the possibility to enter personal data of third parties. In this case you guarantee that you have obtained the agreement of these subjects to the insertion of these personal data. Therefore, you agree to indemnify and hold the Data Controller harmless from any liability.

Registration on the Site
The Site does not offer the possibility of registration. Therefore, the Data Controller does not process your personal data for this purpose.

Purchases on the Site
 Your personal data will be processed to allow you make purchases on the Site. In the case of placing an online purchase order, to allow the end of the purchase contract and the correct execution of the transactions related to it (and, if necessary according to the sector legislation, to comply with tax obligations). This process of personal data also includes the possibility to send communications (e.g.: order tracking and information ) through automated tools such as sms and/or WhatsApp. The legal basis of the processing is the obligation of the Data Controller to perform the contract with the data subject or to comply with legal obligations. Regardless of the above (and therefore your consent), the Data Controller may process your data for the purposes of  c.d. "soft-spam", governed by art. 130 of the Privacy Code. This means that limited to the email provided by you in the context of a purchase through the Site, the Data Controller will process the email to allow the direct offer from similar products/ services, if you do not object to such processing in the manner provided for in this notice. The legal basis for processing is the legitimate interest of the Data Controller to send this type of communication. This legitimate interest can be considered equivalent to the interested party’s interest in receiving "soft-spam" communications. The Data Controller may send emails to remind you to complete a purchase. The legal basis of this processing is the legitimate interest of the Data Controller to send this type of communication.

To respond to your requests
 Your data will be processed to respond to your requests for information. The conferment is optional, but your refusal will make it impossible for the Data Controller to answer your questions. The legal basis of the processing is the legitimate interest of the Data Controller to comply with the user’s requests. This legitimate interest is equivalent to the user’s interest in receiving a response to communications sent to the Data Controller.
 
Generic marketing
With your consent, the Data Controller may process the personal data you provide for the purpose of sending you advertising material and/or newsletters relating to its own products or those of third parties. The legal basis for this processing is your consent. The provision of personal data for this purpose is purely optional. Failure to consent to the processing of data for marketing purposes will make it impossible for you to receive advertising material related to products/services of the Data Controller and/or third parties, as well as making it impossible for the Data Controller to carry out surveys of the market, also to assess user satisfaction and to send you newsletters. These communications will be sent to the e-mail address you provided on the Site.

 Profiling
With your consent, the Data Controller may process your personal data for profiling purposes, that is to say for the analysis of your consumer choices by revealing the type and frequency of purchases you make, in order to send you advertising material and/or newsletters related to our own products or those of third parties, of your specific interest. The legal basis for this processing is your consent. The provision of data for this purpose is purely optional. Failure to consent to the processing of your personal data for profiling purposes will make it impossible for the Data Controller to process your commercial profile, by recording your choices and purchasing habits as well as sending you advertising material, related to products of the Data Controller and/or third parties, of specific interest. These communications will be sent to the email you have posted on the Site.
 
Transfer of data
The Data Controller does not transfer your personal data to third parties.
 
 Geolocation
 The Site does not implement geolocation tools of the user’s IP address.
 
 Curriculum Vitae
 It is not possible to send a curriculum vitae through the Site. Therefore, your data will not be processed for these purposes.
 
 Booking of appointments
 There are no third-party appointment booking systems with the Data Controller active on the Site. Therefore, your data will not be processed for this purpose. In any case, you can always contact the Data Controller at the contacts indicated in the epigraph.

Disclosure of personal data
Within the scope of its ordinary business, the Data Controller may communicate your personal data to certain categories of subjects. In article 2 you can find the list of subjects to which the Data Controller communicates your personal data. To facilitate the protection of your rights, article 2 may specify in certain cases when your data is not disclosed to third parties.
 The "communication" to third parties of personal data is different from the "transfer" (regulated in the previous point). In the communication, the third party to whom the data is transmitted can use it only for the specific purposes described in the relationship with the Data Controller. In the transfer, however, the third party becomes the autonomous Controller of personal data. In addition, your consent is always required to transfer your personal data to third parties.
 Notwithstanding the foregoing, it is understood that the Data Controller may still use your personal data to give correct compliance with the obligations provided by the laws in force.

 SPECIFIC PRIVACY POLICY
 
 Art. 1 Processing methods
 1.1 The processing of your personal data will mainly be carried out with the help of electronic or automated means, in accordance with the methods and with the appropriate tools to guarantee the security and confidentiality of personal data.
 1.2 The information acquired and the methods of processing will be relevant and not exceeding the type of services provided. Your data will also be managed and protected in secure and appropriate computer environments.
 1.3 No "special data" is processed through the Site. Particular data are those which may reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, health and sex life.
 1.4 No legal data is processed through the Site.
 
 Art. 2 Disclosure of personal data
 The Data Controller may communicate your personal data to certain categories of subjects. The following are the subjects to whom the Data Controller reserves the right to communicate your data:

  •  The Data Controller may disclose your personal data to all those subjects (including public authorities) who have access to personal data under legal or administrative measures.

  • Your personal data may also be communicated to all those public and/or private entities, natural and/or legal persons (legal, administrative and tax consulting firms, judicial offices, chambers of commerce, chambers and labour offices, etc.), if the disclosure is necessary or functional for the proper fulfilment of the obligations arising from the law.

  • The Data Controller uses employees and/or collaborators in any capacity. For the proper functioning of the Site, the Data Controller may communicate your personal data to these employees and/or collaborators.

  •  In its ordinary operation of the Site, the Data Controller uses companies, consultants or professionals responsible for installation, maintenance, updating and, in general, of the management of hardware and software of the Data Controller or that the latter uses for the provision of its services. Therefore, only with reference to these purposes, your data may also be processed by these parties.

  •  For the sending of its communications, the Data Controller uses external companies responsible for sending this type of communication (CRM platforms). Your personal data (in particular the email) may then be communicated to these companies.

  •  The Data Controller does not use external companies to provide customer care services.

  •  The personal data of the buyer may be communicated to post offices, couriers or freight forwarders in charge of delivering the products purchased through the Site.

The Owner reserves the right to modify the above list according to its normal operations. Therefore, you are invited to regularly access this information to check which subjects the Data Controller communicates your personal data.
 
 Art. 3 Storage of personal data
 3.1 This article describes how long the Data Controller reserves the right to store your personal data.

  •  Your personal data will be kept only for the time necessary to guarantee the correct performance of the services offered through the Site.

  •  For the purpose of executing the sales contract, the data will be kept for 10 years from the date of receipt of the purchase order. This is to allow the Data Controller to exercise his right of defence and to prove that he has correctly performed the contract.

  •  For customer care purposes, the data will be deleted once the support service is completed.

  •  For marketing purposes, personal data will be stored until the withdrawal of consent. For inactive users, personal data will be deleted after one year from the last email sent.

3.2 Subject to the provisions of article 3.1, the Data Controller may retain your personal data for the time required by specific regulations, as amended from time to time.

Art. 4 Transfer of personal data
 4.1 The Data Controller is located in a country that has an adequate level of security from the regulatory point of view. If the transfer of your personal data takes place in a country outside the EU and for which the European Commission has made an adequacy judgment, the transfer is considered safe in any case from the regulatory point of view. This article 4.1 indicates from time to time the countries in which your personal data may be transferred and where the European Commission has made a judgment of adequacy.
 

  • Your personal data may be transferred to the USA on the basis of the adequacy decision of the European Commission. With this decision, the European Commission has decided that the US offers a similar protection of personal data to that offered by the European Union.

 
4.2 Subject to the provisions of article 4.1, your data may also be transferred to non-EU countries for which the European Commission has not issued a judgment of adequacy. You are therefore invited to regularly check this article 4.2 to determine in which of these countries your data is transferred.
 4.3 In this article, the Data Controller indicates the countries in which it may specifically direct its business. This circumstance may imply the application of the law of the analogue country, together with that which governs the relationship with the user according to what is indicated in the Foreword.

  • At the user’s request, the Data Controller will apply to the processing of personal data the most favourable legislation provided for by the user’s national law.

Art. 5. Rights of the data subject
 The Data Controller informs you that you have the right to:

  •  request from the Data Controller access to your personal data and the rectification or deletion of the same or the limitation of the processing concerning you or to oppose their processing, as well as the right to data portability

  •  revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation

  •  Submit a complaint to a supervisory authority.

 The above rights may be exercised with a request addressed without formality to the contacts indicated in the Foreword.

Art. 6. Amendments and miscellaneous
 The Data Controller reserves the right to make changes to this information at any time, giving appropriate publicity to users of the Site and guaranteeing in any case an adequate and similar protection of personal data. In order to view any changes, you are invited to consult this policy regularly. In the event of substantial changes to this privacy policy, the Data Controller may also notify you by email.

bottom of page