PRIVACY POLICY

This Privacy Policy has been drawn up pursuant to Article 13 of Regulation (EU) 2016/679 and applies exclusively to all Data collected via the Website www.sit-in.it. This Privacy Policy is subject to updates that will be duly published on the Website. This Privacy Policy and the Cookie Policy form the basis on which the Personal Data of the Data Subject will be processed.

 

Data Controller

The Data Controller of the Data collected via this Website is Radici Pietro Industries & Brands S.p.A., with registered offices in Cazzano Sant’Andrea (BG), 24026, Via Cavalier Pietro Radici no. 19, VAT no. 00217360163, email: gdpr@radici.it.

 

Personal Data

Personal data is understood to be any information relating to an identified or identifiable natural person (Data Subject). An identifiable natural person is one who can be identified either directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical identity of said person. 

 

Categories of Personal Data processed 

The Personal Data processed by this Website either independently or through third parties are Common Data such as: Cookies, Usage Data, first name, last name, email address, telephone number and Fiscal Data useful for the delivery of the purchased Product. 

 

Methods of Processing of Personal Data

The Personal Data provided or acquired will be processed in accordance with the principles of correctness, lawfulness, transparency and protection of confidentiality pursuant to current regulations. The Controller processes the Personal Data of the Users adopting the appropriate security measures designed to prevent unauthorised access, disclosure, modification or destruction of Personal Data. Processing is carried out using computer and/or telematic tools, with organisational methods and approaches that are strictly related to the purposes indicated.

 

Purpose of the Processing of Personal Data and Legal Basis 

Personal Data may be collected autonomously by the Controller or through third parties. In this case, the computer systems and software procedures used for the functioning of this Website acquire certain Personal Data belonging to Users of a technical-digital nature (e.g. IP address, type of browser used, operating system, domain name and addresses of websites that the User accessed from or exited to, etc.), the transmission of which is inherent to the normal functioning of the Internet. Said Data may be processed solely to gather anonymous statistical information regarding the use of the website and in order to monitor its correct functioning and are cancelled immediately after being processed.

The Data that the Data Subject chooses to voluntarily provide will be processed in accordance with the conditions of lawfulness pursuant to Article 6 GDPR and will be processed to enable the Website to provide its services, as well as for the Purposes indicated below, and will be held for the time necessary for the fulfilment of the aforementioned Purposes.

The purposes of processing are as follows:

 

a) Information and pre-contractual requirements

The Data will be processed to allow return contact or to follow up on specific requests made to the Data Controller by the Data Subject for communications of an informative nature, for interest in purchasing the Data Controller’s Products, to request free catalogues and Product samples, to request a quotation for custom-made Products and/or for any requests for collaboration, via email or the dedicated forms provided on the Website as well as other communication tools such as telephone or WhatsApp Business instant messaging.

Legal basis: this processing is optional and based on the consent of the Data Subject. However, the provision of the Data is necessary for the pursuit of the stated purpose.

Data storage period: until revocation of consent by the Data Subject.

 

b) Processing required in the context of a contract

The Data will be processed in order to fulfil the obligations arising from the contract entered into between the Data Subject and the Data Controller for the sale of Products on the Website, to contact the Data Subject in relation to the Contract and for the management of the same, for the management of requests for legal guarantees, assistance, requests for withdrawal, management and termination of the Contract.

Legal basis: this processing is necessary for the fulfilment of the contract to which the Data Subject is party, for the carrying out of pre-contractual measures or in order to comply with a legal obligation to which the Data Controller is subject.

Data storage period: 10 (ten) years or in accordance with legal requirements.

 

c) Fulfilment of any obligations pursuant to current laws

The Data will be processed to fulfil any obligation contemplated and provided for by current laws, regulations, relative rules, business practices and tax/fiscal requirements, including for the purposes provided for by anti-money laundering regulations Italian Legislative Decree 231/2007 as amended.

Legal basis: this processing is necessary in order to comply with a legal obligation to which the Data Controller is subject.

Data storage period: 10 (ten) years or in accordance with legal requirements.

 

d) Soft spam

The Data will be processed to allow the Data Controller to send commercial and promotional communications by email to the Data Subject concerning Products and/or Services similar to the Products/Services being sold without the need for the express and prior consent of the Data Subject, as provided for by Article 130, paragraph 4, of the Italian Privacy Code as amended by Italian Legislative Decree no. 101 of 2018, and provided that the Data Subject does not exercise their right to object.

Legal basis this processing is based on the legitimate interest of the Data Controller pursuant to Article 6, letter F and Recital no. 47 of the GDPR.

Data storage period: until such time as the Data Subject objects.

 

e) Direct marketing

The Data will be processed for the direct sale of Products/Services, market research, sending of communications and promotional, commercial and advertising material or material concerning initiatives and events, via newsletter, email, SMS, WhatsApp, Chat, Direct Messaging via social media, social networks or via phone calls, traditional mail or other informative material.

Legal basis: this processing is based on the consent freely granted by the Data Subject pursuant to Art. 6, para. 1, letter A of the GDPR.

Data storage period: until revocation of consent by the Data Subject.

 

f) Statistics

The Data will be processed to carry out statistical analysis of aggregated and anonymous data to analyse the behaviour of the Data Subject in order to improve the products and services provided by the Data Controller and to meet the Data Subject’s expectations.

Legal basis: this processing is based on the consent freely granted by the Data Subject.

Data storage period: until revocation of consent by the Data Subject.

 

g) Profiling

The Data will be processed for the analysis and evaluation of interests, habits and consumer choices, including the creation of profiles in order to allow the sending of personalised information and promotional material regarding the Services/Products offered by the Data Controller. 

Legal basis: this processing is based on the consent freely granted by the Data Subject pursuant to Art. 6, para. 1, letter A of the GDPR.

Data storage period: until revocation of consent by the Data Subject.

 

Disclosure of Data

In addition to the Data Controller, in some cases access to the Data may be granted to:

a) categories of specially trained employees involved in the organisation of the website (administrative, sales, marketing and legal personnel, system administrators). 

b) external parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Controller pursuant to Article 28 GDPR. The updated list of Data Processors, if appointed, can be requested from the Data Controller at any time. 

c) public or private entities that can access the Data in compliance with legal obligations. 

d) subjects performing ancillary and instrumental tasks related to the Controller’s activity.

 

Period of processing

As expressly provided for in Art. 5, para. 1, letter e) of the GDPR, the Data are held for the time necessary for the Processing of the same in relation to the performance of the service requested by the Data Subject, or as required by the Purposes described above in this document.

At the end of said period, the Personal Data will be deleted, and at that point, the rights to access, erasure, rectification and portability of the Data can no longer be exercised.

 

Cookies

This website uses Cookies. Cookies are small text files that can be used by websites to provide the Data Subject with a more efficient experience and to personalise content and advertising, provide social networking features and analyse traffic. Cookie Policy

 

Place of Processing and Transfer of Data Abroad 

The Data are processed at the operational headquarters of the Data Controller. For further information, please contact the Data Controller. The Data may be processed by natural persons and/or legal entities acting on behalf of the Controller and under specific contractual obligations and based in either EU or non-EU Member States. In the event that the Data is transferred outside the EEA, the Controller shall take all appropriate contractual measures to ensure the adequate protection of the Data.

 

Exercising of the Data Subject’s rights

The data subject has the right to exercise the rights provided for in Articles 7, 15-22 of Regulation (EU) 2016/679. In particular, they have the right to revoke their consent at any time and, upon simple request to the Data Controller, may request access to their Personal Data, receive the Personal Data provided to the Data Controller and, where possible, transmit said Data to another Data Controller without hindrance (portability), obtain the updating, restriction of processing and/or rectification of the Data and the erasure of any Data processed in breach of applicable regulations. They have the right, for legitimate reasons, to object to the Processing of Personal Data concerning them and to the Processing of Personal Data for the purpose of sending advertising material, of direct sales and for carrying out market research. They also have the right to lodge a complaint with the Data Protection Authority or to take legal action. The Data Subject may exercise their rights by contacting the Data Controller by email at gdpr@radici.it.


 

Tools used for the Processing of Personal Data

 

CONTACT FORM 

By entering their Data into the contact form, Data Subjects consent for their use to reply to requests for information, or for any purpose indicated on the heading of the form. Personal Data collected via the contact form: Email Address, Name and Surname, Telephone Number.

 

OTHER CONTACT TOOLS

 

WhatsApp Business 

WhatsApp Business is an instant messaging service provided by WhatsApp Ireland Limited. For information on the methods of processing, please refer to the WhatsApp Business Data Processing Terms available via the following link: https://www.whatsapp.com/legal/business-data-processing-terms/. The Data Subject’s data will be processed through WhatsApp Business services in accordance with the terms published by WhatsApp in the document “WhatsApp Business Terms of Service” at the following link: https://www.whatsapp.com/legal/business-terms/. Personal data collected: telephone number, email, usage data, cookies. Place of Processing: Ireland- Privacy Policy

 

EMAIL ADDRESS MANAGEMENT 

These services make it possible to manage a database of email contacts, telephone contacts or any other type of contact used for communication with the Data Subjects. These services may also allow the collection of Data regarding the date and time at which messages are viewed by the Data Subjects, and likewise the User’s interaction with said messages, such as information on clicks on the links included in the messages.

 

Newsletter

By signing up for the newsletter, the Data Subject’s email address is automatically added to a list of contacts to which email messages containing information, including information of a commercial and promotional nature, regarding this Website, may be sent. The Data Subject’s email address may also be added to this list as a result of registering on this site or after having made a purchase. The Data Subject may choose to unsubscribe from the newsletter at any time by clicking on a specific button to be found within the email. After clicking on the unsubscribe button, the Data Subject’s Data will be immediately erased from the “email marketing” software. Personal Data collected: email and name. This website uses the newsletter service provided by: 

 

ActiveCampaign (Active Campaign LLC) 

ActiveCampaign, LLC (“ActiveCampaign”) provides a newsletter platform that allows Data Controllers to communicate with their customers, understand how they interact with said communications and other content, and tailor marketing to their customers’ interests. The Data Subject may choose to unsubscribe from the newsletter at any time by clicking on a specific button to be found within the email. After clicking on the unsubscribe button, your Data will be immediately erased from the software. Personal Data collected: Email and Name. Place of Processing: USA - Privacy Policy

 

SECURITY MEASURES ADOPTED

In order to secure the moment in which Personal Data are entered, this Website has an SSL certificate and uses the HTTPS protocol. With the use of this protocol, transactions and data transmitted on websites take place under maximum security and the content of any communications is not read or manipulated in any way by third parties.

 

REGISTRATION WITH THE WEBSITE

Through the registration service, the Data Subject permits the Website to identify them and grant them access to dedicated services.

 

Simple Direct Registration

The Data Subject registers directly on the Website by filling in the Form and providing their Data.

 

STATISTICS 

The statistics services only allow the Data Controller to monitor and analyse the traffic data and are used to track the Data Subject’s behaviour. This website uses the following services:

 

1. Google Analytics (Google Ireland Limited)

Google Analytics is an analysis service provided by Google Ireland Limited. Google utilises Personal Data collected in order to track and examine the use of this Website, to compile reports and share them with the other services developed by Google. Google may use Personal Data to contextualise and personalise advertisements from its own advertising network. Google may also transfer this information to third parties when permitted to do so by law, or when these third parties process the information on behalf of Google. The IP address anonymisation function is active on this site. The IP address transmitted by your browser for purposes related to Google Analytics will not be merged with other data already held by Google. 

The following link https://tools.google.com/dlpage/gaoptout?hl=it provides access to the browser plug-in for deactivating Google Analytics made available by Google. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

2. Facebook Pixel conversion monitoring (Meta Platforms, Inc.)

Facebook conversion monitoring (Facebook Pixel) is a statistics service supplied by Facebook. Facebook Pixel monitors conversions that can be attributed to Facebook advertising. Personal Data collected: Cookies, Usage data. Place of Processing: Ireland - Privacy Policy. 

 

3. Active Campaign (Active Campaign LLC)

ActiveCampaign also provides a statistics service that allows the Data Controller to monitor the conversions of its customers, to understand how they interact with communications and other content, the interest shown by Users towards the Site itself and consequently towards the quality of the content. Personal Data collected: Cookies, Usage data. Place of Processing: USA - Privacy Policy

 

INTERACTION WITH SOCIAL NETWORKS 

These services allow interaction with social networks directly from the pages of this Website. The interactions and information acquired by this Website are in any case subject to the Data Subject’s privacy settings relative to each social network. In the event that a social-network-interaction service is installed, it is possible that said service may collect traffic data related to the pages on which it is installed, even if Users do not use the service. 

 

1. Facebook (Meta Platforms, Inc.)

Facebook buttons are interaction services with the social network Facebook, provided by Meta Platforms, Inc. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

2. Instagram (Meta Platforms, Inc.)

Instagram buttons are interaction services with the social network Instagram, provided by Meta Platforms, Inc. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

3. LinkedIn (LinkedIn Ireland Unlimited Company)

LinkedIn buttons are services for interaction with the LinkedIn social network, provided by LinkedIn Corporation. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

4. Twitter (Twitter International Company)

Twitter buttons are interaction services with the social network Twitter, provided by Twitter, Inc. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

5. Pinterest (Pinterest Europe Ltd)

Pinterest buttons are interaction services with the social network Pinterest, provided by Pinterest, Inc. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

6. WhatsApp (WhatsApp Ireland Limited)

WhatsApp buttons are communication interaction services provided by WhatsApp Ireland Limited. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland- Privacy Policy

 

REMARKETING AND RETARGETING 

These services enable this Website to communicate, optimise and publish advertisements based on the previous use of this Website by the Data Subject. This activity is carried out through the tracking of Usage Data and the use of Cookies. This website uses the following services:

 

1. Facebook Remarketing (Meta Platforms, Inc.)

Facebook Remarketing is a Remarketing and Behavioural Targeting service provided by Facebook, which links the activity of this Website with the Facebook advertising network. This website makes use of the Facebook Pixel tool in order to measure conversions. With Facebook Pixel, understanding can be gained regarding the actions people perform on the website. The Data collected may be used to:

- ensure that advertisements are shown to the right people.

- create target audience groups for advertisements.

- take advantage of the additional advertising tools of the platform used for advertising.

The information collected is anonymous to the operators of this Website and cannot be used to identify an individual Data Subject. However, the information is saved and analysed by Facebook, which may link the action back to an individual profile and use this information for internal Facebook advertising purposes, as outlined in Facebook’s privacy policy. This will allow Facebook to show advertisements both on Facebook and on third-party websites. The Site Owner has no control over how these data are used. For more information on how users can protect their privacy, please refer to Facebook’s Privacy Policy.

 

2. Google ADS 

Google ADS is a service provided by Google Ireland Limited that links this Website to Google’s advertising network. This website makes use of the Remarketing function of Google Analytics combined with the possibility to adapt to various Google ADS devices. This functionality makes it possible to link target groups for promotional campaigns created by the Marketing function of Google Analytics with the adaptability to various Google ADS devices. This makes it possible to display advertisements based on the personal interests of the Data Subject, identified through an analysis of the Data Subject’s behaviour on the internet, whether via a mobile device or on other devices. It is possible to permanently disable the targeting and remarketing functions by disabling the “personalised advertising” function in the Google account. To do so, simply follow this link: https://www.google.com/settings/ads/onweb/ Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

CONTENT ON EXTERNAL PLATFORMS 

This service makes it possible to display content hosted on external platforms, directly from the pages of this Website, and to interact with said content.
In the event that a service of this type is installed, it is possible that said service may collect traffic data related to the pages on which it is installed, even if Users do not use the service.

This Website uses 

 

1. Vimeo (Vimeo Inc.)

Vimeo is a video content viewing service operated by Vimeo Inc. which allows this Application to integrate this type of content into its pages. Personal Data collected: Cookies and Usage Data. Place of Processing: USA - Privacy Policy

 

2. YouTube (Google Ireland Limited)

YouTube is a video content viewing service operated by Google, which allows this Website to integrate this type of content into its pages. Personal Data collected: Cookies and Usage Data. Place of Processing: Ireland - Privacy Policy

 

3. Google Fonts 

Google Fonts is a font display service provided by Google Ireland Limited that allows this Website to integrate this type of content into its pages. Personal Data collected: Usage Data, various types of Data as specified by the privacy policy of the service. Place of Processing: Ireland - Privacy Policy 

 

PAYMENT MANAGEMENT 

Payment management services enable this Website to process payments made by credit card, bank transfer or other systems. The Data used for payments are acquired directly by the manager of the payment service requested, without said Data being processed in any way by this Website. Some of these services may also allow the sending of programmed messages to the Data Subjects, such as email messages containing invoices or notifications regarding payments. This website uses the following services:

 

1. Klarna (Klarna Bank AB)

Klarna is a service that enables deferred digital payment and money transfer via the Internet. This service is provided by Klarna Bank AB. Personal Data collected: Various types of Data as specified by the privacy policy of the service. Place of Processing: Sweden - Privacy Policy

 

2. PayPal (PayPal Europe S.à.r.l. et Cie, S.C.A Inc.)

PayPal is a payment service provided by PayPal Europe S.à.r.l. et Cie, S.C.A Inc., which enables the Data Subject to make online payments using their PayPal credentials. Personal Data collected: Cookies and various types of Data as specified by the privacy policy of the service. Place of Processing: Luxembourg - Privacy Policy

 

3. Stripe (Stripe Payments Europe Ltd.)

Stripe is a payment service provided by Stripe Payments Europe, Ltd., which enables the Data Subject to make donations or payments online using their Stripe credentials. Personal Data collected: Various types of Data as specified by the privacy policy of the service. Place of Processing: USA - Privacy Policy

 

4. Nexi (Nexi S.p.A.)

This Website uses payment services provided by Nexi S.p.A. Personal data collected: various types of Data according to the provisions specified in the service’s privacy policy. Place of Processing: Italy - Privacy Policy

 

Changes to this privacy policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by publishing them for Users on this page. It is therefore important that you regularly consult this page, taking into account the date of the latest update shown below. If you do not accept the changes made to this Privacy Policy, you must cease using this Website and may ask the Data Controller to remove your Personal Data. Unless otherwise specified, the previous Privacy Policy shall continue to apply to Personal Data collected up to that point. The Owner is not responsible for updating all the links displayed in this Privacy Policy, therefore in the event of a link not working and/or being updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by that link.

 

Privacy Policy updated as of September 2022