We hereby provide you the necessary information regarding the processing of the personal data provided by you, in particular regarding the purposes and methods of processing your personal data, as well as the scope of communication and dissemination of the same data, the nature of the data in our possession, their provision and the period of storage.
This document is intended to accurately describe the methods of management of processing of your personal data collected during the navigation of the Site or when using the services offered by the latter. The information is not to be considered valid for other websites that may be consulted through links on the website of the Data Controller, which is not to be considered in any way responsible for the websites of third parties.
The Data Controller
The Data Controller of the data collected through this Site is the company Renner Italia S.p.A., with registered office in via Ronchi Inferiore, 34, 40061 Minerbio (BO), Vat no. 024333001209 (hereinafter “Renner”): the Data Controller autonomously decides on the purposes and methods of processing, as well as on the security procedures to be applied in order to guarantee confidentiality, integrity and availability of data.
Subject of the processing
The Data Controller processes personal, identifying and non-sensitive data (in particular name, surname, email, telephone number – hereinafter, “personal data” or even “data”) provided by you during the registration on the reserved area, for the request of information.
The Data Controller may also process navigation data, which are personal data whose transmission is implicit in the use of Internet communication protocols (such as IP addresses, browser type, operating system, domain name and website addresses from which access or exit has been made, information on the pages visited by users within the Site, access time, stay on the single page, internal path analysis and other parameters relating to the user’s operating system and computer environment), acquired by the computer systems and software procedures in charge of the functioning of the Data Controller’s Website.
Method and storage of your Personal Data
The processing of your personal data is carried out by means of the operations indicated in art. 4 par. 2 GDPR and in compliance with the principles of lawfulness, fairness and transparency and the other principles indicated in art. 5 GDPR.
Personal Data will be processed and stored for the time necessary to pursue the processing purposes for which they were collected.
- Personal Data, collected for the registration of your customer account on the reserved area, to reply to your requests for information and to allow you to correctly navigate the Site, will be kept for as long as necessary to fulfil these purposes.
- Personal Data collected for purposes related to Renner’s legitimate interest will be stored until such interest is satisfied.
Personal Data will be deleted at the end of the storage period. Therefore, at the end of this period the right of access, deletion, rectification and right of portability of the Data may no longer be exercised.
Management and storage of Personal Data will take place on servers located within the European Union owned by the Data Controller and/or third-party companies appointed and duly appointed as Data Processors. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of servers to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller ensures from now on that the transfer will take place in compliance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and/or by adopting the standard contractual clauses provided by the European Commission.
Purpose of the processing and legal basis of the processing
The personal data voluntarily provided will be processed for the following purposes:
- For navigation on the Site
- For registration on the reserved area of the Site
- To answer your requests for information
- To fulfil the obligations provided for by the Law, by a Regulation, by Community legislation or by an order of the Authority
- To prevent or detect fraudulent activity or harmful abuses for the website
- To exercise the rights of the Data Controller, for example the right of defence in court
For the purposes provided in items 1 to 6, the data processing is necessary i) to allow the correct navigation on the Website; ii) to execute pre-contractual measures adopted on request of the user; iii) to fulfil a legal obligation to which the Data Controller is subject and, finally, iv) to pursue the legitimate interest of the Data Controller such as the right of defence in court and to prevent or discover fraudulent activities or harmful abuses for the Website.
The processing of your data will in no way be subject to profiling and/or automated decisions.
Optional or mandatory nature of data provision and consequences of missed data provision
Apart from what has been specified for navigation data, you are free to provide your personal data.
The provision of personal data for the purposes provided in items 1 to 6 is optional, but necessary to use the services asked the Data Controller and to improve the specific functions. Missed data provision may make it impossible to obtain what has been requested or to use the services of the Data Controller.
Subjects or categories of subjects to whom your personal data may be communicated
Your personal data will be communicated to third parties only with your express consent, except in cases where communication is mandatory by law or is necessary for purposes provided for by law for which the consent of the person concerned is not required; in such cases, the data may be made available to third parties who will process them independently and solely for the aforementioned purposes (e.g., in case of a request made by the police or the judiciary or other competent bodies or to execute obligations arising from the contract concluded with you). Your data will not be disclosed in any way.
Persons who may process your personal data
Renner may use third parties to process your personal data for certain activities. The third parties who carry out these operations have been suitably selected and are experienced, capable and reliable and offer an adequate guarantee of full compliance with current regulations regarding data processing, including the data security profile.
These third parties will be appointed “Data Processors” for this purpose and will carry out their activities according to the instructions given by Renner and under its control. We periodically check that Data Processors have punctually carried out the tasks entrusted to them and that they continue to provide adequate guarantees of full compliance with the regulations regarding the protection of personal data. The updated list of Data Processors may always be requested to the Data Controller. Your data will then be processed by our Appointees in charge of individual services.
However, Renner cannot guarantee its users that the security measures adopted for the security of the Site, the transmission of data and the information on the Site will limit or exclude any risk of unauthorized access or loss of data by your devices: we recommend that you ensure that your computer is equipped with appropriate software for the protection of data transmission on the net, both incoming and outgoing (such as updated antivirus systems) and that your Internet service provider has adopted appropriate measures for the security of data transmission on the net (such as firewalls and spam filters).
Links to other websites
Our Site may contain links to other websites that may not have any connection to us.
The rights of the interested parties
Acting as interested party, you may exercise the rights set forth in Articles 15 to 22 GDPR, in particular the right to access, rectify or delete the data, to ask for the limitation or to oppose the processing, as well as the right to data portability.
Interested parties who consider that the processing of their personal data carried out through this website or its services is in violation of the GDPR regulations have the right to lodge a complaint to the Guarantor Authority, or to take appropriate legal action.
In case of violation of the personal data of the interested party, taking into account the provisions of art. 34 GDPR, the Data Controller will notify the interested party of the violation.
Contacts to exercise the rights of the interested party
You may exercise your rights under current legislation by sending a registered letter with return receipt to the Data Controller at its registered office or by accessing the page of Renner Italia’s website dedicated to privacy: https://www.renneritalia.com/en/trattamento-dati/
This Site and the Data Controller’s Services are not intended for people under 16 years and the Data Controller does not intentionally collect personal information referring to minors. In case of information on minors would be involuntarily recorded, the Data Controller will delete it in a timely manner, on request of the users.
Social plugins and social networks
Our web pages may contain social networks’ plug-ins (e.g. Facebook, Linkedin, Instagram, etc.). If you access one of our web pages equipped with such a plug-in, your Internet browser connects directly to the social network servers and the plug-in is displayed on your screen thanks to your browser connection. If interested users of a social network visit our web pages while logged into his social account, their personal data may be associated with their social account. Even if they use the plug-in functions, their information will be associated with their social account. Further information, about the collection and use of data by social networks in general, as well as about the rights and available methods to protect the privacy of the interested party in this context, can be found on the social networks’ pages of the account, regarding data protection. If the interested party does not wish to associate his visit to our web pages with his social account, he should log off from the social network before visiting them.
Personal data are collected for the following purposes and using the following services: Interaction with social networks or other external platforms. These services allow interactions with social networks, or other external platforms. The interactions and information acquired are in any case subject to the privacy settings of the user relating to each social network. If a service for interaction with social networks is installed, it is possible that, even if users do not use the service, it may collect traffic data relating to the pages where it is installed.
Last update July, 4 2019