Privacy Policy

Dear Visitor,

Following consultation of this website, data relating to identified or identifiable natural persons may be processed.

With reference to such data processing, the following information is provided, also pursuant to art. 13 of the European General Data Protection Regulation (EU Regulation 2016/679), whose validity is not extended to any other external websites consulted by the user through links on this website.

By continuing browsing, and by adhering to the service proposals contained in the various parts of the website (e.g. filling in forms to request information), this general processing information is deemed to have been acquired, as well as any specific information related to processing for different and specific purposes, and the user explicitly consents to such processing

Contact data

The controller in accordance with the General Data Protection Regulation, other data protection laws valid in the Member States of the European Union and other provisions relating to data provision is:

sunglass industry s.r.l.
via Leonardo da Vinci, 12
Bolzano
Italy

Email: info[at]sunglass-industry.com

 

Types of data processed

The personal data collected, either independently or through third parties, is the following: Browsing and usage data, and other data provided voluntarily by the user such as name, surname, telephone number and email address.

Legal basis of processing

The legal basis for processing the data processed through this website is:

  • performance of a contract or pre-contractual measures;
  • consent of the data subject for one or more specific purposes;
  • fulfilment of a legal obligation;
  • legitimate interest of the controller (e.g. for defence of a right in court).

Processing purposes of the data collected

User data is collected to enable the controller to provide its services, as well as for the following purposes: Statistics, access to accounts on third party services and to contact the user.
To obtain further detailed information on the processing purposes and on the personal data actually pertinent to each purpose, the User may refer to the corresponding sections of this document.

Processing methods

Our company, as data controller, and each of the external data processors that the data controller may make recourse to, will manage and store the personal data collected through the use of the website and its various functionalities that may be activated at the user's request, using automated and/or paper tools, for the period of time strictly necessary to achieve the purposes for which it was collected or voluntarily communicated by the user.
Specific security measures, as provided for by art. 32 of Regulation (EU) 2016/679, are observed to prevent data loss, illicit or incorrect use and unauthorised access.
The data is managed only by personnel authorised by the data controller. In addition to the controller, where necessary, the personal data related to the request for information could be processed by the controller's personnel or by the system administrator.
The data may be communicated to third parties such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies and administrative, fiscal, legal and IT consultants, for the purposes of providing the requested service, for the protection of the rights of the controller as well as for the fulfilment of legal obligations.
The updated list of external processors that will process the data in the name and on behalf of the controller may always be requested from the data controller.

The data will not be transferred to countries outside the European Union.
Under no circumstances will the data be disseminated.
There will be NO personal profiling of the user on the data.

Usage and browsing data

IT systems and software procedures used for the functioning of this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This is information that is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes, for example, IP addresses or domain names of the computers and other tools used by users who connect to the website, the addresses in Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the user's operating system and computer environment.

This data is only used to obtain anonymous statistical information on the use of the website and to check its correct functioning and is deleted immediately after processing. 

Contact forms: purpose of data processing and optional nature of data provision.
In addition to that specified for browsing data, users are free to provide their personal data through the use of special forms on the website to request informative material or other communications to be sent and, more generally, for the purposes set out in the corresponding and specific policies. Failure to provide such data may make it impossible to obtain that requested.

Details on the processing of personal data: By filling in the contact form with their data, users consent to its use to respond to requests for information, for quotes or of any other kind indicated in the header of the form.
personal data collected: surname, email, name, telephone number and various types of data.
This data is stored within the scope of the statutory retention obligations.
All consents may be withdrawn at any time, independently of each other.
A withdrawal means that from that moment onwards, the controller will no longer process your personal data for the above purposes and that the related rights, advantages, etc. can no longer be claimed. You may exercise your right of withdrawal by contacting the e-mail address provided in the contact data section.
Users are responsible for the personal data of third parties obtained, published or shared through this website and guarantee that they have the right to communicate or disseminate it, releasing the controller from any liability towards third parties.

Visitor statistics with Matomo

In order to continuously improve and statistically evaluate our website, we use the web analytics platform Matomo. This is used to record traffic and analyse the behaviour of website visitors in order to identify potential pitfalls such as pages not found or problems with search engine indexing, as well as to determine which content is most popular. This allows us to improve the overall usability of our website. Once the data is processed (e.g. the number of visitors reaching a page not found), Matomo generates reports that allow us to take action, such as changing the layout of the pages or publishing new content.

With Matomo we process the following personal data:

  • Anonymized IP address (shortened by 2 bytes)
  • Date and time of the page request
  • Title of the page viewed (Page Title)
  • URL of the displayed page (Page URL)
  • Referrer (URL of the page that was displayed before the current page)
  • Time in the local time zone
  • Files that were clicked and downloaded
  • Clicked external links
  • Creation time of the pages
    • User's location: country, region, city, approximate longitude and latitude
    • Main language of the browser
    • User agent of the browser
    • Used device and display resolution
    • Custom dimensions

Integration of YouTube clips

We have integrated YouTube clips on our websites. The clips are saved on www.youtube.com and can be played directly from our website. The clips have all been integrated in “extended data protection mode”. Accordingly, no data about you as user are transferred to YouTube if you do not play the clips. The data listed in paragraph 2 are not transferred until you play the clips. We have no influence on this data transfer.

On visiting the website, YouTube is informed that you have accessed the corresponding subpage of our website. In addition, the data named in the “Web server log files” section of this statement are transferred. This happens regardless of whether you are logged on via a YouTube user account or whether no user account exists. If you are logged on to Google, your data are allocated directly to your account. If you do not want to be allocated with your profile on YouTube, you must log out before clicking the button. YouTube saves your data as a usage profile for the purposes of advertising, market research and/or appropriate design of its website. Evaluation of this kind applies particularly when providing appropriate advertising (even for users that have not logged on) and when informing other users about your activities on our website. You are entitled to object to the generation of these user profiles, but to do so, you must contact YouTube.

More information about the purpose and scope of data collection and processing by YouTube is provided in the relevant privacy policy, where you can also find more information about your rights and how you can adjust the settings to protect your privacy: https://policies.google.com/privacy. Google also processes your personal data in the USA and subscribes to the EU-US Privacy Shield: https://www.privacyshield.gov/EU-US-Framework.

Links to social media websites

Our website offers you links to our corporate pages on the social networks Google+ and LinkedIn. We use links to protect your data. Each website is shown just as a icon that contains a link to the corresponding website. Clicking on the icon forwards you to the respective services of the providers. Your data are not sent to the respective services until this point in time. If you do not click on the icon, there will not be any exchange at all between you and the above social networks.
Please refer to the terms of use of the corresponding providers for information about how the social networks collect and use your data.

Online applications

Processing your application entails collecting, storing and using your personal data. Your personal data are used only for handling your application. Your personal data are forwarded only to the departments responsible for the specific application process and are not sent to other companies or third parties.

Retention period for applications:
We store the data in your application for the duration of the application process. After the end of the application process, we erase the data of your online application depending on the legal situation prevailing at the respective location in so far as your application was unsuccessful. This does not apply if erasing the data is proscribed by any statutory regulations.
If you are included in our applicants pool, we store your data until you withdraw your consent. If your application is successful, your application data will be transferred to your personnel file in compliance with legal permissibility. The legal basis for processing your application data is given by EU-GDPR, art. 6, para. 1, 1(a), and EU-GDPR, art. 6, para. 1, 1(b).

Rights of data subjects

Users may exercise certain rights with reference to the data processed by the controller.

In particular, Users have the right to:

  • withdraw consent at any time. Users may revoke consent to the processing of their personal data previously expressed, without prejudice to the validity of the processing carried out up to that moment. Please note that the controller may continue to retain and use certain personal information about you for the pursuit of its legitimate business interests.
  • object to the processing of their data. Users may object to the processing of their data when this takes place on a legal basis other than consent.
  • access their data. Users have the right to obtain information on the data processed by the controller, on certain processing aspects and to receive a copy of the data processed.
  • verify and request rectification. Users may verify the accuracy of their data and request that it be updated or corrected.
  • obtain restriction of processing. When certain conditions are met, users may request restriction of processing of their data. In this case, the controller will not process the data for any other purpose than its retention.
  • obtain deletion or removal of their Personal data. When certain conditions are met, users may request the deletion of their data by the controller.
  • receive their data or have it transferred to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, where technically feasible, to obtain its transfer without hindrance to another controller. This provision is applicable when the data is processed by automated tools and the processing is based on the user’s consent, on a contract to which the user is a party or on the related contractual measures.
  • lodge a complaint. users may also take legal action or lodge a complaint with the supervisory authority:
    Personal Data Protection Authority, Piazza di Monte Citorio 121, 00186 – Rome, Italy, Fax: (+39) 06.69677.3785, telephone: (+39) 06.696771, E-mail: garante[at]gpdp.it

 

How to exercise your rights

To exercise the user's rights, Users may address a request to the contact details of the controller indicated in this document. Requests are filed free of charge and processed by the controller as soon as possible, in any case within one month. Further processing information

Controller’s rights court defense

The user's personal data may be used by the controller in court or in the preparatory stages to its possible establishment for the defence against abuse in the use of this application or related services by the user.

Specific policies

At the user's request, in addition to the information contained in this privacy policy, this application may provide the User with additional and contextual policies regarding specific services, or the collection and processing of personal data.

Changes to this privacy policy

The data controller reserves the right to make changes to this privacy policy at any time by informing users on this page and, if technically and legally feasible, by sending a notification to users through one of the contact details in the controller's possession. Therefore, please consult this page regularly, referring to the last modification date indicated at the bottom.
If the changes involve processing whose legal basis is consent, the controller will again acquire the user's consent, if necessary.

Definitions and legal references

  • Personal data (or Data): Personal data is any information which, directly or indirectly, even in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.
  • Usage data: This is information collected automatically by this application (also by third-party applications integrated in this Application), including: IP addresses or domain names of the computers used by the user that connects to this application, the addresses in URI (Uniform Resource Identifier)notation, the time of the request, the method used to transmit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various time connotations of the visit (for example, the time spent on each page) and the details of the itinerary followed within the application, with particular reference to the sequence of pages consulted and to the parameters relating to the user's operating system and IT environment. 
  • User: The individual who uses this application which, unless otherwise specified, coincides with the data subject. 
  • Data Subject: The natural person to whom the personal data refers. 
  • Data Processor (or Processor): The natural or legal person, public administration and any other body that processes personal data on behalf of the controller, as set out in this privacy policy. 
  • Data controller (or controller): The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of processing of personal data and the tools adopted, including the security measures relating to the operation and use of this application. The data controller, unless otherwise specified, is the owner of this application.
  • Service: As defined in the corresponding terms (if any) on this website.
  • European Union (or EU): Unless otherwise specified, any reference in this document to the European Union shall be deemed to extend to all current member states of the European Union and the European Economic Area. 
  • Cookie: Small portion of data stored inside the user's device.

Legal references

Unless otherwise specified, this privacy policy applies exclusively to this website.

Last update: 1 December 2020