PRIVACY POLICY

In accordance with the provisions of Italian Legislative Decree 13 D.Lgs. 30.6.2003 n. 196 (Privacy Code) and EU Regulation UE n. 2016/679 “GDPR”

Dear Customer,
Zappieri Milano S.r.l takes all its responsibilities under data protection legislation very seriously and respects the privacy of its customers.

This policy (together with our Terms and Conditions of Use, and any other documents referred to on it) sets out how we will use any personal data which you provide through Zappieri Milano’s website – www.gruppozappieri.it

Please take Your time to read it carefully, as the following policy explains how we collect, use, disclose and transfer the personal information that You provide to us on our website or when you contact our Customer Care by telephone, or when you interact with us directly in person or over social media platforms. It also explains how we collect information through the use of cookies and related technologies when you use our website.

By visiting our website, and/or using the services offered on or through our website –www.gruppozappieri.it – you agree to the terms of this Privacy Policy as it may be amended from time to time.

1. DATA CONTROLLER AND CONTRACTING PARTIES

Zappieri Milano S.r.l., with registered office in Italy – via Senato, 34 – 20121 Milano (MI) – and Fiscal Code and Vat Number 08868280960 – REA MI2054166 (hereinafter, “Controller and/or Processor”), as Data Controller/Processor, informs you, pursuant to art. 13 Legislative Decree 30.6.2003 n. 196 (hereinafter, “Privacy Code”) and art. 13 EU Regulation n. 2016/679 (hereinafter, “GDPR”), that your data will be processed for the management, conclusion and execution of service or any transactions, or nay communication of a commercial nature and for profiling activities, via this Website (the “Purpose”).

Your personal data will be stored in a format that allows your identification for the time strictly necessary for the purpose for which it is collected, and subsequently processed, in any case, within the limits of the law. In order to ensure that Your personal data is always accurate, up-to-date, complete and relevant, please report any changes to the following e-mail address: gruppozappieri@gruppozappieri.it

Your data may be disclosed to police forces or judicial authorities, for example in the context of Website anti-fraud services, in accordance with the law and where required. Your data will also be accessible to the Data Processors, as indicated in this section, and for the specific purposes indicated herein. Your personal data may not be transferred abroad to countries outside the European Union which do not ensure adequate levels of personal protection. If this is necessary for the achievement of the purposes, we assure You that the transfer of Your personal data to countries that do not belong to the European Union and that do not ensure adequate levels of protection, will only be performed after the conclusion of specific contracts between Zappieri Milano S.r.l. and said parties, containing adequate safeguard clauses for the protection of Your personal data, in compliance with applicable law and regulations.

Zappieri Milano S.r.l may process the personal data of third parties communicated directly by its users to ZAPPIERI MILANO S.R.L. when a user intends to tell a friend about a service or product for sale on the Website. In the above cases, please obtain the consent of the person to whom the data refers before communicating it to Zappieri Milano S.r.l., and inform them of this Privacy Policy, because you will be the only one responsible for the communication of information and data relating to third parties, without being expressly requested, and for its incorrect use or use that is contrary to the law. In any case, Zappieri Milano S.r.l., within the limits of the provisions of the law, shall comply with the obligation of disclosure to the user and, where necessary, request his/her express consent upon registration in its archives of the relative personal data.

The contracting parties of this Privacy Policy are always and only:

Zappieri Milano S.r.l., as legal entity controlling data and as operator of the platform www.gruppozappieri.it and of all other activities connected and related with Zappieri Milano S.r.l. WEB services.
the user, the subscriber or the buyer of service(s) and of the related services, i.e. you and Your personal data being processed.

2. SUBJECT OF PROCESSING

When You purchase a service or an item, create an account with us, or enter into any other form of agreement with us, we will process Your personal data for that particular purpose. We may also process Your personal data if you have a query or similar that precedes Your decision to enter into an agreement with us. The purposes for which your personal data is specifically noted, on a case-by-case basis, is in the information text submitted on the page where the provision of personal data is requested.

The “Data Controller” will therefore processes all those personal data – such as name, surname, company name, address, telephone number, e-mail address, bank and payment references, etc. (hereinafter “personal data” or “data”) communicated by you at the time of the conclusion of the contract for the use of the platform / application (signed with the simple use of the website –www.gruppozappieri.it) or by filling in a contact form or by filling in the order form for purchase a product or for any other reason related with the purpose of promoting and carrying out its own services or contracts of the Data Controller itself and, for all other matters for the management – according to law – of the contract to which this information refers.

“Personal data” means the contents of Article 4 of EU Regulation no. 2016/679 (GDPR) which establishes as object of the treatment/process any information concerning an identified or identifiable person, considering identifiable the natural person who can be clearly recognized, directly or indirectly, with particular reference to an identifier which are the name, identification number, location data, an online identifier or one or more elements characteristic of its physical, physiological, genetic, psychic, economic, cultural or social identity.

3. PURPOSE OF PERSONAL DATA TREATMENT

Your personal data are therefore processed:

A) without the need to request further consent, other than what expressed by you with your voluntary filling in your data into our system or forms or any other voluntary providing of your data, (art. 24, letter a), b), c) of Privacy Code and art. 6, lett. b), e) GDPR), for the following Service Purposes:

conclude contracts for the controller’s services for the benefit of the user and user of this application/website and/or in order to conclude any other contract entered into between the parties;
fulfil the pre-contractual and contractual obligations deriving from existing relationships with the controller, such as hygiene and safety regulations, litigation management and / or the exercise of other rights of the controller, accounting or treasury management – financial services – Insurance services, etc;
fulfil the obligations provided by law, regulations and Community legislation as well as provisions issued by authorities legitimated by the law, such as – for example – compliance with anti-money laundering requirements.

B) only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following “other purposes”:

marketing, communication and public relations activities and/or for the promotion of the image of a specific project of the Data Controller/Processor – i.e Zappieri Milano S.r.l, of its associates, subsidiaries and affiliates and/or of the product and/or services of the same and/or of partner companies, by:

sending you e-mail, post and/or sms and / or by contacting you via telephone, newsletter and or other commercial communications and/or by sending you other advertising material on products or services offered by the Data Controller/Processor and/or for the detection of the degree of satisfaction on the quality of the services provided by the Data Controller/Processor;
sending you e-mail, post and/or sms and/or by contacting you via telephone, newsletter and/or other commercial communications and/or by sending you other advertising material on products or services offered by the Data Controller/Processor and/or for the detection of the degree of satisfaction on the quality of the services provided by third parties who collaborate in various capacities with the Data Controller/Processor, such as – in a descriptive and non-exhaustive way – business or marketing partner, insurance companies and/or other companies with which the owner operates on the market.

4. PERSONAL DATA WE MIGHT COLLECT ABOUT YOU

We inform you that we might collect and process all, or part of, the information that You provide by filling in any forms on our websites. This includes information directed provided to our company, or provided at the time of registering to use our website, or provided subscribing to our service, purchasing products, requesting for additional services, or when You enter a competition or any promotion sponsored by us, or when posting material or sign-up for e-mail newsletters and even when You report a problem with our website. In all those circumstances we might collect information such as, for example, name, home and/or business address, email address, telephone number, demographic information such as age and/or other information that may identify You as an individual.

We process any other data You may provide to us in connection with our services and/or our website, and information which You submit to us either via our social media sites or our website, i.e. each time You contact us we may keep a record of that correspondence, and we might keep record of Your visits, including, but not limited to, traffic data, location data, weblogs and other communication data, so please read carefully our Cookies Policy.

In any case please remember that all of this data are characterised by the fact that You have voluntarily provided them and that – according to GDPR – we will not retain Your personal data for longer than necessary for the purposes for which they are processed, i.,e. we use information for the purposes outlined in this privacy policy and You may – at any time – amend Your personal data or object to its further processing.

5. PROCESSING METHODS

The processing of your personal data is carried out by means of the operations indicated in section No. 2 of article No. 4 of the Privacy Code (GDPR) and precisely “processing” means any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, preservation, adaptation or modification, extraction, consultation, i.e. any use or communication by transmission, diffusion or any other form of making available or of treatment by comparison or interconnection, or for any operation connected with the limitation, cancellation or destruction of Data.

6. DISCLOSURE OF DATA

Without the need for express consent (pursuant to art.24 lett. a), b), d) of Privacy Code and art. 6 lett. b) and c) of GDPR), the Data Controller/Processor may communicate user data for the purposes referred to in art. 3.A) to supervisory bodies, judicial authorities or to insurance companies for the provision of insurance services, as well as to those subjects to whom communication is by law mandatory for the purposes and for the fulfilment of these purposes. These subjects will process data acquired by right, by virtue of the above obligations, in their capacity as independent Data Controllers/Processors.

7. DATA TRANSFER

Personal data are stored on the company’s servers located in Italy and/or in any case within the European Union. In any case, it is understood that the Data Controller/Processor, if necessary, will have the right to move the servers even outside the EU. In this case, the Data Controller/Processor ensures – since now – that the transfer of non-EU server will take place in accordance with the applicable legal provisions, subject to stipulation of the standard contractual clauses provided by the European Commission.

8. DURATION OF TREATMENT

The Data Controller/processor guarantees You – according to Art. 17 of GDPR – that the retention of Your personal data will take place in paper and/or electronic/IT format and for the time strictly necessary to fulfill the purposes referred in point 3, and always and anyhow in full compliance with your privacy and current regulations.

Your personal data might be subject to different retention period depending upon different purposes of analysis, development, improvement and supply of the service, such as:

for administration purpose, i.e. invoices, accounting records, tax records and transaction data will be kept for 10 years;
for direct marketing and profiling purposes we will keep your data for a maximum period equal to what foreseen by the applicable legislation (respectively equal to 24 and 12 months);
in the case of the exercise of the right to be forgotten through the request for explicit cancellation of personal data processed by the owner, we remind you that such data will be kept, in a protected form and with restricted access and only for purposes of ascertainment and repression of crimes, no more than 12 months from the date of the request and will subsequently be securely deleted, or anonymized, irreversibly;
for the same purposes, the data relating to electronic traffic, excluding the contents of communications, will be kept for a period of no more than 6 years from the date of communication, pursuant to art. 24 of the Law n. 167/2017, which implemented the EU Directive 2017/541 on anti-terrorism;
in case you do not exercise any active action (for example navigation, searches and/or any other way of using the service) on our site for a period of 24 months, you will be classified as an inactive user and your personal data will be deleted automatically.

9. LINKS TO OTHER WEBSITES

Zappieri Milano S.r.l, does not control or perform monitoring operations on partners’ websites and on their content. Zappieri Milano S.r.l cannot be held liable for the contents of these websites and the rules adopted by them with regard to Your privacy and the processing of Your personal data during Your navigation, therefore please pay attention when You connect to other websites through the links on our website and carefully read their terms of use and privacy regulations because our Website Privacy Policy does not apply to third party websites, nor Zappieri Milano S.r.l can be held any way responsible for the privacy policy applied by these websites.

If our website provides links to other websites is to facilitate the user in searching and browsing and to facilitate hypertext links on the Internet to other websites. The enabling of the links does not imply any recommendation or notification by Zappieri Milano S.r.l for accessing and browsing these websites, or any guarantee regarding their content, services or goods supplied and sold by them to Internet users.

10. FAILURE TO PROVIDE PERSONAL DATA AND ITS CONSEQUENCES

The provision of Your personal data to Zappieri Milano S.r.l might be necessary to achieve the purposes and some of this data could be indispensable to fulfil obligations pursuant to laws or regulations or the provision of other services rendered on its website – www.gruppozappieri.it – and requested by You by using the website or purchasing a product(s).

Failure to provide certain data, identified with the character (*), could make it impossible to execute the purchase contract of service/products or to correctly fulfil the legal and regulatory obligations. Failure to provide data may therefore constitute, according to the circumstances, a legitimate and justified reason for not executing the contract for the purchase of products or for the provision of services.

I.e., the provision of data for the purposes referred to in art. 3.A) is mandatory if you intend to purchase Zappieri Milano’s service(s) or product(s). In the absence of your consent will not be possible to execute the obligations referred to in the contract for the use of the service you signed and/or for the purchasing of products, of which this information is part of. Otherwise the provision of data for the purposes referred to in art. 3.B) is optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, You will not be able to receive newsletters, commercial communications and advertising material relating to the services offered by the Data Controller/Processor.

Failure to give consent as indicated in art. 3.B) or the subsequent revocation will not affect the rights acquired through the stipulation of the contract or the right to receive the services referred to in art. 3.A).

11 . SOCIAL NETWORKS

Our website provides You with social plug-ins from various social networks. If you choose to interact with us through a social network, Your activity on our website will also be made available to those social networks, such as Facebook, Instagram and Twitter.

We remind you that if You have logged in to one of these social network sites during Your visit to our website, the social network sites may add this information to Your profile, and if You are interacting with one of the social plug-ins this information will be transferred to the social network site, so if You do not want this data transfer we invite You to log out of Your social network site before entering our website.

Since we cannot prevent this data collection and social plug-in information transfer, we invite You to read carefully the privacy policies of Your social networks for detailed information about their collection and transfer of personal data, about Your rights, and about how You can achieve satisfactory privacy settings.

12. STORAGE AND SECURITY MEASURES

Our Company, as Data Controller/Processor, adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of the Personal Data provided by You, fully acknowledging the protection provisions – by design and by default – defined by legislator through EU Regulation No. 2016/679 “GDPR”.

Even if we adopt all best measures to minimise the risk of destruction or loss, even accidental, of data, unauthorised access or processing that is not permitted or does not comply with the collection purposes defined in our Privacy Policy, and since it is not possible to ensure that the measures taken for the security of the website and the transmission of data and information on the website exclude any risk of unauthorised access or data loss, we invite You to ensure that Your computer is equipped with up-to-date antivirus software for the protection of both inbound and outbound data transmission and that Your Internet service provider has adopted firewalls and anti-spam filters suitable for the security of data transmission over the web.

Sometimes Zappieri Milano S.r.l. might also employ third parties to collect personal information on its behalf. In such cases, these third parties are be subject to confidentiality and data processing agreements and will be instructed by us to comply with our Privacy Policy.

Except as otherwise provided for herein, Your personal data shall not be disclosed to third parties for purposes not permitted by law or without Your express consent.

If we have provided You with, or where You have chosen, a password that enables You to access certain parts of our website, You are responsible for ensuring this password remains confidential. We kindly ask You not to share Your password with anyone.

Although we do our best to protect your personal data, the transmission of information via Internet cannot be completely secure, for this reason we reiterate that any transmission of personal data is carried out by You at your own risk.

13. YOUR RIGHTS

We remind you that if You provide us with Your personal data, this is done on an entirely voluntary basis. If You choose not to provide the requested information, various customer benefits may not be available to You. In fact, in certain cases, only those who have submitted to us the required personal data are able to order products, use certain services and in other ways avail themselves of the activities of Zappieri Milano S.r.l and of offers available on our website.

In your capacity as an interested party, you have the rights referred to, in art. 7 Privacy Code and art. 15 GDPR, and precisely:

the rights to obtain confirmation of the existence, or not, of personal data concerning You, even if not still registered or processed, and the right to obtain their communication in intelligible form;
the rights to obtain information about a) the origin of personal data, b) the purposes and methods of the treatment, c) the logic applied in case of treatment carried out with the aid of electronic instruments, d) the identification details of the Data Controller/Processor, of the managers and of the representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR, e) the subjects or categories of subjects to whom the personal data may be communicated, or who may become aware of them in their capacity as appointed representatives, managers and/or agents;
the rights to, a) update and/or rectificate or, when there is interest, the right to obtain appropriate integration and/or modification of data; b) cancel or transform into anonymous form, or blocking of data processed in violation of the law, including data for which conservation is not necessary in relation to the purposes for which said data were collected or subsequently processed; c) certificate that the operations referred to in letters a) and b) have been brought to the attention of those to whom the data have been communicated or disseminated and this also as regards their content, except in the case in which this fulfilment occurs impossible or involves a use of means manifestly disproportionate to the protected right;
the right to object, in whole or in part: a) for legitimate reasons, to the processing of personal data that concern You, although pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator, through e-mail and / or with traditional marketing methods via telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition also only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication. Where applicable, it also has the rights referred to in articles 16-21 GDPR (rectification, oblivion, limitation of treatment, data portability, opposition), as well as the right of complaint to the Guarantor Authority.

If You wish to withdraw Your consent to receiving promotional information and offers in general, including by postal services, email, text message, telephone or any other electronic means, You may do so at any time in writing to Zappieri Milano S.r.l at gruppozappieri@gruppozappieri.it or by sending a request using our contact form. Should we have misgivings regarding Your identity, we may ask You to provide identification.

14. HOW TO EXERCISE YOUR RIGHTS

You can – at any time – exercise Your rights by:

sending a specific communication to the Data Controller/Processor via:
registered A / R addressed to the registered office of Zappieri Milano S.r.l – Zappieri Milano S.r.l. – via Senato, 34 – 20121 Milano (MI) – ITALY;
certified mail to the address: zappierimilano@pec.gruppozappieri.it
Complaints can be made in relation to the processing to the competent Authority:
Data Protection Authority, Piazza di Monte Citorio no. 121 00186 ROME, Fax: (+39) 06.69677.3785, Telephone switchboard: (+39) 06.696771, E-mail: garante@gpdp.it

15. SCOPE OF APPLICATION

This Policy applies to all users of Zappieri Milano S.r.l. services and of the Users of website www.gruppozappieri.it anywhere in the world, including users of the functionalities or other services of Zappieri Milano, with the sole exception of the cases for which any other services are subject to a specific Privacy Policy.

All those who are subject to this Policy are defined herein as “users”.

The practices described in this Policy are subject to the laws applicable in the Territory in which we operate, i.e. the activities described in this Policy are carried out in a specific state or nation only if permitted pursuant to local laws and / or international regulations, as implemented in those areas.

16. CONTROLLER/PROCESSOR, MANAGERS AND AGENTS

The Data Controller is Zappieri Milano S.r.l with registered office in via Senato, 34 – 20121 Milano (MI) – ITALY. The updated list of Data Controller/Processors and appointees is kept – and therefore available for consultation by law – at the registered office of the Data Controller/Processor.

17. JURISDICTION

This Privacy Policy is defined on the basis of the GDPR. The GDPR ensures that the processing of personal data is carried out in compliance with fundamental rights and freedoms, as well as the dignity of the data subjects, with particular reference to the right of non-disclosure and the right to protect personal data.

These Privacy Policy of Zappieri Milano S.r.l. shall be governed by and construed in accordance with the laws Italy, without resort to its conflict of law provisions. Any dispute or claim arising out of or in connection with these Privacy Policy shall be subject to the non-exclusive jurisdiction of the Italian Court of Milano.

18. AMENDMENTS AND UPDATES TO THE WEBSITE’S PRIVACY POLICY

Any changes we may make to our Privacy Policy in the future will be posted on this page and will be effective upon posting and as reflected in the “Last revised” date shown in the revised Policy. Your continued use of our website after any such changes are posted will be considered acceptance by You of such changes. Under certain circumstances, we may also elect to have such changes notified to You by e-mail or by posting a notice on the front page of our website.

Last revision on 23dr of December 2019

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.