_PNG.png){kind=small}
PRIVACY POLICY
INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLES. 13 AND 14 OF REGULATION 679/2016 (“GDPR”)
Your privacy is extremely important and please read this policy carefully.
In fact, we wish to inform you in a complete and transparent way about the processing that the companies identified in paragraph 1 below may carry out on the personal data concerning you provided and/or collected by us.
1. HOW ARE MY DATA RESTORED?
We collect your data as a result of sharing your data with us. This may, for example, be information entered into our contact form.
Other data is recorded by our IT systems automatically or after the user has consented to their recording during a visit to the website. This data mainly includes technical information (for example, your web browser, operating system or the time the site was accessed). This information is automatically recorded when you access this website.
FOR WHAT PURPOSES DO WE USE YOUR DATA?
Part of the information is generated to ensure error-free provision of the website. Other data may be used to analyze your usage patterns.
WHAT ARE YOUR RIGHTS IN RELATION TO YOUR INFORMATION?
You have the right to receive information about the source, recipients and purposes of your stored personal data at any time without having to pay any compensation for such disclosures. You also have the right to request rectification or deletion of your data. If you have consented to data processing, you have the possibility to revoke this consent at any time, which will affect all future data processing. Furthermore, you have the right to lodge a complaint with the competent supervisory authority.
Please do not hesitate to contact us at any time if you have any questions about this or any other data protection issue.
ANALYSIS TOOLS AND TOOLS PROVIDED BY THIRD PARTIES
There is a possibility that your browsing patterns are statistically analyzed when you visit this website. Such analyzes are mainly performed with what we call analysis programs.
For detailed information about these analysis programs, please see our Data Protection Declaration below.
2. TOOLS WE USE
This site uses TWIPLA, a simple website analytics service that measures traffic on our website and collects general information from site visitors. We create statistics to improve the experience of visitors to our website. We never use cookies for this purpose. As a website operator who uses TWIPLA to carry out range measurement, depending on the level of data protection we have activated, we may process information about the device used by the user and its characteristics, information about the technical characteristics of the visit to the website, the number of pages visited and the statistically relevant behavior of visitors to our website. The technology does not use the data collected to identify individual visitors or to match the data to additional information about an individual user. Depending on the location from which you access our website, TWIPLA may not collect information about the device used by you due to our technical settings.
DATA PROCESSING
We have entered into a Data Processing Agreement (DPA) with the aforementioned provider. This is a contract under data privacy laws that ensures we process the personal data of visitors to our website only on our instructions and in accordance with the GDPR.
3. GENERAL AND MANDATORY INFORMATION
Data protection
The operators of this website and its pages take the protection of your personal data very seriously. We therefore treat your personal data as confidential information and in accordance with the legal provisions on data protection and this Data Protection Declaration.
Each time you use this website, a variety of personal information will be collected. Personal data includes data that can be used to personally identify you. This data protection declaration explains what data we collect and what purposes we use it for. It also explains how and for what purpose the information is collected.
We inform you that data transmission via the Internet (e.g. via e-mail and SMS communications) may be subject to security gaps. It is not possible to completely protect data from third-party access.
Information about the data controller (called "data controller" in the GDPR)
The data controller on this website is: Elion Begaj, Via Benelux 5a Figline e Incisa Valdarno (FI)
The data controller is the natural or legal person who, alone or jointly with others, decides on the purposes and means of processing personal data (e.g. names, email addresses, etc.).
STORAGE PERIOD
Unless a more specific retention period is specified in this privacy policy, your personal data will remain with us until the purpose for which it was collected no longer applies. If you make a justified request for deletion or withdraw your consent to data processing, your data will be deleted, unless there are other legally permitted reasons for the retention of your personal data (e.g. tax retention periods or commercial); in the latter case, the cancellation will take place after such reasons cease to be valid.
General information on the legal basis for data processing on this website
If you have consented to data processing, we process your personal data on the basis of Article 6 (1) (a) of the GDPR or Article 9 (2) (a) of the GDPR, if special categories of data are processed pursuant to Article 9(1) of the GDPR. In case of explicit consent to the transfer of personal data to third countries, data processing is also based on Article 49 (1) (a) of the GDPR.
If you have consented to the storage of cookies or access to information on your end device (e.g. via device fingerprinting), data processing is additionally based on § 25 (1) TTDSG.Consent can be revoked at any time. If your data is necessary for the fulfillment of a contract or for the implementation of pre-contractual measures, we process your data on the basis of Article 6 (1) (b) of the GDPR. Furthermore, if your data is necessary for the fulfillment of a legal obligation, we process it on the basis of Article 6 (1) (c) of the GDPR. Furthermore, data processing may be carried out on the basis of our legitimate interest in accordance with Article 6 (1) (f) GDPR. Information on the relevant legal basis in each individual case is provided in the following paragraphs of this privacy policy.
Revocation of consent to data processing
A wide range of data processing operations is only possible with your explicit consent. You can also revoke any consent you have already given us at any time. This does not affect the lawfulness of any data collection that occurred before the revocation. Right to object to data collection in particular cases; right to object to direct advertising (art. 21 GDPR)
IN THE EVENT WHERE DATA IS PROCESSED ON THE BASIS OF ARTICLE 6, PARAGRAPH 1, LETTERS E) OR F) OF THE GDPR, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA FOR REASONS ARISING FROM YOUR PARTICULAR SITUATION . THIS ALSO APPLIES TO ANY PROFILING BASED ON THESE PROVISIONS. TO DETERMINE THE LEGAL BASIS ON WHICH THE DATA PROCESSING IS BASED, PLEASE CONSULT THIS DATA PROTECTION POLICY. IF YOU OBJECT, WE WILL NO LONGER PROCESS THE PERSONAL DATA IN QUESTION, UNLESS WE ARE ABLE TO DEMONSTRATE COMPULSORY GROUNDS FOR THE DATA PROCESSING, WHICH OVERRIDE YOUR INTERESTS, RIGHTS AND FREEDOMS OR IF THE PURPOSE OF THE PROCESSING IS THE AFFIRMATION , THE EXERCISE OR DEFENSE OF LEGAL RIGHTS (OPPOSITION PURSUANT TO ART. 21 PAR. 1 GDPR).IF YOUR PERSONAL DATA ARE PROCESSED FOR DIRECT MARKETING PURPOSES, YOU HAVE THE RIGHT TO OBJECT AT ANY TIME TO THE PROCESSING OF YOUR PERSONAL DATA CONCERNED FOR THE PURPOSES OF SUCH ADVERTISING. THIS ALSO APPLIES TO PROFILING TO THE EXTENT IT IS RELATED TO SUCH DIRECT ADVERTISING. IF YOU OBJECT, YOUR PERSONAL DATA WILL NO LONGER BE USED FOR DIRECT MARKETING PURPOSES (OPPOSITION PURSUANT TO ART. 21 PAR. 2 GDPR).
Right to lodge a complaint with the competent supervisory authority
In the event of violations of the GDPR, data subjects have the right to lodge a complaint with a supervisory authority, in particular in the Member State in which they have their habitual domicile, place of work or place where the alleged violation occurred. . The right to lodge a complaint is in effect regardless of any other administrative or judicial process available as a legal remedy.
Right to data portability
You have the right to request that the data that we process automatically on the basis of your consent or for the fulfillment of a contract be delivered to you or to a third party in a commonly used, machine-readable format. In the event that you request the direct transfer of data to another data controller, this will only happen if technically feasible.
Information, rectification and deletion of data. Within the scope of the applicable legal provisions, you have the right at any time to request information about your stored personal data, their origin and recipients, as well as the purpose of the processing of your data. You may also have the right to rectify or delete your data. If you have any questions about this topic or other questions about personal data, please contact us at any time.
Right to request limitation of processing
You have the right to request the imposition of restrictions on the processing of your personal data. To this end, you can contact us at any time. The right to request the limitation of processing applies in the following cases:
If you dispute the accuracy of the data we store about you, we will usually need some time to verify this claim. During the period in which this investigation is ongoing, you have the right to request the restriction of the processing of your personal data.
If the processing of your personal data was/is conducted unlawfully, you have the possibility to request the limitation of the processing of your data instead of requesting the deletion of such data. If we no longer need your personal data and you need it to exercise, defend or assert legal claims, you have the right to request the restriction of the processing of your personal data instead of its deletion. If you have raised an objection pursuant to Article 21(1) GDPR, your rights and our rights will have to be weighed against each other. Until it has been determined whose interests prevail, you have the right to request a restriction of the processing of your personal data. If you have restricted the processing of your personal data, these data – with the exception of their storage – may only be processed with your consent or for asserting, exercising or defending legal claims or for
protect the rights of other natural or legal persons or for important reasons of public interest cited by the European Union or an EU Member State.
SSL and/or TLS encryption
For security reasons and to protect the transmission of confidential content, such as purchase orders or requests that you send to us as the website operator, this website uses an SSL or TLS encryption program. You can recognize an encrypted connection by checking whether the address line of your browser changes from "http://" to "https://" and also by the appearance of the lock icon in the browser line.
If SSL or TLS encryption is activated, the data you transmit to us cannot be read by third parties.
Encrypted payment transactions on this website
If you have an obligation to share your payment information with us (e.g. your account number if you give us the authority to debit your bank account) after entering into a fee-based contract with us, this information is necessary to process payments. Payment transactions using the most common payment methods (Visa/MasterCard, bank account debit) are processed exclusively via SSL or TLS encrypted connections. You can recognize an encrypted connection by checking whether the address line of your browser changes from "http://" to "https://" and also by the appearance of the lock icon in the browser line. If your communication with us is encrypted, third parties will not be able to read the payment information you share with us.
4. REGISTRATION OF DATA ON THIS WEBSITE COOKIES
Our websites and pages use what the industry calls "cookies". Cookies are small text files that do not cause any harm to your device. They are stored temporarily for the duration of a session (session cookies) or are stored permanently on the user's device (permanent cookies). Session cookies are automatically deleted once your visit ends.
Permanent cookies remain stored on your device until you actively delete them or they are automatically deleted by your web browser.
In some cases, third-party cookies may be stored on your device once you access our site (third-party cookies). These cookies allow you or us to benefit from certain services offered by third parties (for example, cookies for processing payment services). Cookies have a variety of functions. Many cookies are technically indispensable, since some website functions would not work without cookies (for example, the shopping cart function or displaying videos). The purpose of other cookies may be the analysis of user behavior or the display of promotional messages. Cookies necessary for the execution of electronic communication transactions or for the provision of certain functions that you wish to use (e.g. to the shopping cart function) or those necessary for the optimization (necessary cookies) of the website (e.g. cookies that provide measurable information about the web audience), are stored on the basis of Article 6 (1) letter f) of the GDPR, unless a different legal basis is mentioned. The website operator has a legitimate interest in the storage of cookies necessary to ensure the technically error-free and optimized provision of the operator's services. If the user's consent to the storage of cookies and similar recognition technologies has been requested, the processing takes place exclusively on the basis of the consent obtained (art. 6 par. 1 letter a GDPR and § 25 par. 1 TTDSG); This consent can be revoked at any time. The user has the possibility to set their browser in such a way as to be notified every time cookies are inserted and to allow the acceptance of cookies only in specific cases. You can also exclude the acceptance of cookies in certain cases or in general or activate the delete function for the automatic deletion of cookies when closing the browser. If cookies are deactivated, the functions of this website may be limited. In case third-party cookies are used or if cookies are used for analytical purposes, we will inform you separately in relation to this Data Protection Policy and, if applicable, ask for your consent.
5. PROVIDERS OF E-COMMERCE AND PAYMENT SERVICES
We collect, process and use personal customer and contract data for the establishment, provision of contents and modification of our contractual relationships. Data with personal references to the use of this website (usage data) will only be collected, processed and used if this is necessary to enable the user to use our services or necessary for billing purposes. The legal basis for these processes is Art. 6(1)(b) GDPR. The collected customer data is deleted upon completion of the order or termination of the business relationship and upon expiration of any storage periods required by law. This does not affect any storage periods required by law. Transfer of data in the event of closing contracts for online shops, retailers and shipment of goods.
Whenever you order goods from us, we will share your personal data with the transport company in charge of delivery and with the payment service in charge of managing the payment transactions. Only the data that these respective service providers need to fulfill their obligations will be shared. The legal basis for this sharing is Article 6, paragraph 1, letter b) of the GDPR, which allows the processing of data for the fulfillment of contractual or pre-contractual obligations.
If you give us your consent in accordance with Article 6 (1) (a) of the GDPR, we will share your e-mail address with the transport company responsible for the delivery, so that it can inform you via e- email regarding the shipping status of your order. The user has the possibility to withdraw his consent at any time.
PAYMENT SERVICES
THEWe integrate payment services from third-party companies on our website. When you make a purchase from us, your payment data (e.g. name, payment amount, bank details, credit card number) are processed by the payment service provider for the purpose of payment processing . The respective contractual and data protection provisions of the respective providers apply to these transactions. The use of payment service providers is based on Article 6 (1) (b) GDPR (contract execution) and in the interest of a smooth, convenient and secure payment transaction (Article 6 (1) , letter f) of the GDPR). To the extent that your consent is required for certain actions, Article 6, paragraph 1, letter a) of the GDPR is the legal basis for data processing; Consent can be revoked at any time for the future.
Within the scope of this website we use the following payment services / payment service providers:
PAYPAL
The provider of this payment service is PayPal (Europe) S.à.r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 Luxembourg (hereinafter "PayPal").
Data transmission to the USA is based on the Standard Contractual Clauses (SCCs) of the European Commission. Details can be found here: Agreement for the use of PayPal online card payment services - PayPal IT
Details can be found in PayPal's privacy policy: Agreement for the use of PayPal online card payment services - PayPal IT
APPLE PAY
The payment service provider is Apple Inc, Infinite Loop, Cupertino, CA 95014, USA. Apple's privacy policy is available at: Apple Privacy Policy - Apple
GOOGLE PAY
The provider is Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland. Google's privacy policy can be found here:
https://policies.google.com/privacy.
MATERIAL CARD
The provider of this payment service is Mastercard Europe SA, Chaussée de Tervuren 198A, B-1410 Waterloo, Belgium (hereinafter"MasterCard").
Mastercard can transfer data to its parent company in the United States. Data transfer to the United States is based on Mastercard's Binding Corporate Rules. Details are available on their site.
VISA
The provider of this payment service is Visa Europe Services Inc, London Branch, 1 Sheldon Square, London W2 6TT, United Kingdom (hereinafter "VISA").
Great Britain is considered a safe non-EU country when it comes to data protection legislation. This means that the level of data protection in Great Britain is equivalent to the level of data protection in the European Union.
VISA may transfer data to its parent company in the United States. Data transfer to the United States is based on the Standard Contractual Clauses of the European Commission.
