Powered by Smartsupp
Menu
Your Cart

Privacy Policy

INFORMATION REGARDING THE PROCESSING OF PERSONAL DATA
pursuant to art. 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 concerning the protection of individuals with regard to the processing of personal data (in short "GDPR")

Dear Customers,
from 25 May 2018, the aforementioned GDPR became fully effective and applicable, a legislation that aims to make the behavior of companies more transparent with respect to the information regarding the natural persons (interested) that are used by the companies for the provision of the requested services.
In compliance with the European and Italian legislation in force, our Company ensures that the protection and the confidentiality and integrity of your personal data are guaranteed. To this end, we have adopted specific organizational and security measures with reference to the collection, use, storage and deletion of personal information that is provided to us by the interested parties… that is to say by you.
We invite you to read this brief information, containing useful information on the ways in which we process your personal data, on the reasons why we ask you to provide it to us and on how you can exercise the rights recognized by the current legislation.

1. Data Controller

The data controller is the company Salvo Miciluzzo , c.da Mendici, Strada Provinciale Ragusa-Chiaramonte Gulfi km 4,660 - 97100 Ragusa , 01426980882 , to which you can contact to exercise the rights recognized by the GDPR at the following addresses:, - E-mail : info@shopforshop.it , - PEC :. The company has designed and developed an integrated search and consultation service, with remote access (the "Service"), using a special online software platform that allows searching within the database and viewing the results (the " Software platform "), multimedia thematic dictionaries; the Service is managed and provided through the website www.shopforshop.it . (the site").

2. Data processors

To carry out some processing activities (such as the management of payment transactions with electronic methods, the management of tax obligations related to invoicing, the storage of data on servers) we use external subjects, specifically identified and appointed as Data Processors, which guarantee - in fulfillment of the contract signed by each of them with the Data Controller - that the data processing is carried out in compliance with the instructions received, ensuring the protection of the rights of the interested parties and the protection of their personal data.

3. What personal data are collected and processed?

The personal data that the Company uses are mostly common data; in particular, we directly collect and process your data strictly necessary for the execution of the contract for which they are requested / conferred and / or for the fulfillment of legal obligations (in tax matters), as well as for the provision of the Service under the terms and conditions of use established.By example, the data we process includes:

  1. name and surname, tax code, company name;
  2. personal contact details (address, telephone number, e-mail address);
  3. data relating to the payment of the service (credit or debit card number, name of the holder, expiration date and CVV code);
  4. access credentials ("user id" and "password"), of a strictly confidential nature, associated with the dedicated personal account, created in order to use the service;
  5. data whose transmission is implicit in the use of internet communication protocols (IP addresses, domain names of the computers used by Users and Users who browse the site or addresses in URI - Uniform Resource Identifier notation), acquired by IT systems and by the electronic commerce platforms responsible for the operation of the Site and the connected software platform;
  6. account information that allows the customization of the Service, in order to improve its usability by Users and Users;
  7. information relating to the use of the Service (number and duration of accesses, applications used, searches carried out).
4. Why do we process personal data?

We collect and manage your data for the exclusive purpose of allowing you to use the contracted Service by registering and creating a user account for access to the Site.
In detail, your personal data are processed exclusively for the following purposes:

  • pursuit of a legitimate interest of the Company;
  • execution of the contract for the provision of the requested service;
  • receipt of payment for the service electronically (1) ;
  • accounting registration of the service rendered / payment received and fulfillment of the related tax obligations;
  • management of customer records;
  • sending service communications;
  • carrying out statistical activities, proportionate to the purposes pursued and in compliance with the fundamental rights and interests of the Users;
  • customization and improvement of the Service, for the benefit of Users and Users.

1. NB When payment is made by credit card (or prepaid), the operation is handled by an external service provider.

5. On what basis do we carry out the treatments?

The different treatments indicated above, depending on the type of data to which they refer and the purposes to which they tend:

  1. they are necessary to execute the contract signed with the Company;
  2. they are necessary to pursue a legitimate interest of the Company (as the Data Controller);
  3. they are necessary to allow the fulfillment of the legal obligations to which the Company is subject, including those in tax matters;
  4. are based on the Customer's freely expressed prior consent.
6. Are you obliged to provide us with the personal data requested?

You are not obliged to provide your personal data; however, they are strictly necessary to execute the contract concerning the Service you request from us; therefore, where they are not supplied, the Company cannot execute the contract.
As for the data referred to in letters f) and g), it is specified that making the processing of such data available by the Company is optional and that the processing is subject to your consent; however, in case of refusal of consent to the processing, we specify - declining any responsibility in this regard - that the functionality of the Site and, therefore, the provision of the Service may be subject to some limitations.
The consent may be revoked at any time, upon simple request addressed to the Company.

7. How is your data processed?

The processing of data consists in the collection, registration, organization, consultation, processing, storage, communication, cancellation.
The processing is carried out on both computer and paper supports, as well as by electronic means (e-mail): we keep the relevant documentation (containing personal data) in digital format, by archiving in special folders on the internal company server, and in paper format, by means of archiving of documents (user license agreements relating to the Service) in folders contained in places not accessible to the public.
Furthermore, we organize the data by filling in specific registers (excel sheets), kept in digital format, in a manner that does not allow the immediate identification of the interested parties by univocal reference to them of all the information concerning them.
All personal data provided through the registration procedure and the creation of the user account for access to the Procedure Site are recorded on electronic databases installed on cloud servers managed by the Company Salvo Miciluzzo . (Data Processor) whose data centers are physically located in Europe.
We do not collect your data to carry out direct marketing activities; we carry out statistical analysis activities with exclusive reference to the data referred to in the previous par. 2, letters f) and g).
We process your data through our company computers: limited access to data remotely is allowed, exclusively to allow the management of the Service by subjects who do not operate at the central offices of the Company (but in a delocalized form), in any case through secure internet connections. Access to data through the use of mobile devices (smartphones, tablets), or computers other than company ones, or through internet connections located in public places or open to the public, is excluded.
With the exception of the categories of data letters e), f) and g) - with respect to the processing of which automatic systems / processes are used - your personal data are always processed through human intervention.
Cookie Law
A "cookie" is a small amount of data that is sent to the user's browser from a web server and which is subsequently stored on the hard drive of his computer.
The Site uses cookies to facilitate navigation on the Site, storing and sometimes keeping track of data relating to Users and Users, for the purposes strictly necessary for the operation of the system applications connected to the operation of the Site and consultation of the Works (so-called "Cookie applications "). The Site also uses the "Google Analytics" (2) code and logs for statistics. The cookies used allow, in particular the Company and the Site to:

  • access the information of the different accounts in order to offer a better personalized service (this cookie is set when the user registers and is modified during the visits of the same to the Site);
  • analyze the number of accesses to the Site, the duration of the same and the functions used (a single cookie is sent to each browser that accesses, used to quantify the repeated use of the services).

Personal data such as, for example, name, surname, e-mail address or telephone number will never be detected and stored through cookies.
Cookies can be disabled (3) but, should this choice be made, we would not be able to carry out the activities indicated above and, therefore, the Service rendered in favor of Users and Users would be affected.
For more information on cookies, you can consult the FAQ of the Guarantor for the protection of personal data.
2. Google Analytics is a web analysis service provided by Google Inc. ("Google"). Google Analytics uses the personal data collected for the purpose of tracking and examining the use of the online space on which the Site operates, collecting and analyzing anonymous information (including the IP address) on the behavior of Users and Users. The Site does not use (and does not allow third parties to use) the Google analysis tool to monitor or collect personal identification information: Google Analytics, therefore, does not associate the IP address with any other data held by Google nor does it attempt to link an IP address with the identity of a user.
3. For the deactivation or activation of cookies the following guides are available for the main browsers used: Chrome, Internet Explorer, Firefox, Safari, Android, iPhone, iPad.
View cookies

8. Who do we disclose the data to?

The data is processed exclusively by the Data Controller, by the identified and specifically appointed Data Processors and by the Company's staff who are responsible for managing the Site, the software platform and the related assistance services, expressly authorized for processing; the data is never transferred to third parties based or in any case operating in countries outside the European Union, other than Google Inc. - limited to the functionality of Google Analytics - which, however, is based in a country (USA) that It guarantees an adequate level of protection (being included in the so-called Privacyshield List https://www.privacyshield.gov/welcome).
Furthermore, the data, upon express request, within the limits and for the purposes established by law, may be communicated or otherwise made available / accessible to Public Authorities (for example, postal police, tax administration, judicial authorities).

9. How long are personal data stored?

The personal data collected as per letters a), b) and c) of the previous par. 2 are kept for the time required by law (with reference to the exact execution of the contract, also pursuant to art. 2946 of the Italian civil code), as well as for the purpose of fulfilling tax obligations; at the end of the period in question - and in any case, after 10 years from the collection from the interested parties - personal data are deleted in such a way as to ensure that they are not dispersed or disseminated, even accidentally, to third parties.
The personal data referred to in letter d) of the previous par. 2 are kept for the entire duration of the Service and for the period of 12 months following termination: then they are deleted. The personal data referred to in letters e), f) and g) of the previous par. 2 are kept for a maximum period of 26 months from their acquisition and then automatically deleted by Google Inc.

10. What are your rights?

The GDPR recognizes the interested parties, and we undertake to guarantee the respect and full, legitimate exercise of the following rights:
Right to access and obtain a copy of personal data (Article 15)
Interested parties have the right to request confirmation that we are processing any of their personal data. In this case, they will have access to their personal data and some information regarding their treatment. In some cases, they may ask the Company to provide an electronic copy of the personal data processed.
Right to rectify your personal data (Article 16)
In the event that the personal data in our possession prove to be incomplete or incorrect, the interested parties have the possibility to request the updating of such data or their correction.
Right to limitation and deletion of data (Articles 18 and 17)
In some circumstances, data subjects have the right to request a limitation of the processing of their personal data and / or the cancellation of the same. They have the right to submit this request at any time and the Company will evaluate the possibility of accepting it; it being understood that however this right must be balanced with legal rights or obligations deriving from the execution of the contract and / or from the fulfillment of legal obligations: which is why the Company may have to keep the data in question. Otherwise, the Company will immediately follow up on the request of the interested parties, also notifying the Data Processor (s) (so that he / she in turn deletes the data).
Right to portability (Article 20)
Data subjects have the right to request and receive free of charge (except for the reimbursement of expenses, for example in the case of data provided on compact discs and sent), the data in a structured and readable form by a data processor in a commonly used format (" structured format, commonly used and readable by automatic device "), as well as to transmit personal data from one Data Controller to another" without obstacles ".
Right to lodge a complaint with the Privacy Guarantor (Article 77)
If they believe that the processing of their data is carried out in violation of the provisions of the GDPR, without prejudice to the right to contact the competent civil or administrative judicial authorities, the interested parties can contact and lodge a complaint with the Guarantor Authority for the protection of personal data, as far as of its competence.

CONSENT TO THE PROCESSING OF PERSONAL DATA

Having read the information on the processing of personal data above, being aware of the type of data and methods of processing, with reference to the provision of the Service requested by me and the rights due to me, by signing this form I , signed, with exclusive reference to the categories of data referred to in par. 2, lett. f) and g) of the above information,

  • I consent to the processing, carried out through cookies, consisting in accessing and processing the information of the different accounts in order to offer a better personalized service (this cookie is set when the user registers and modified during the visits of the same to the Site);
  • I consent to the processing, carried out through cookies, consisting in accessing information for the purpose of analyzing the number of accesses to the Site, the duration of the same and the functions used (each browser that accesses is sent only one cookie, used to quantify repeated use of the services).