Information on data processing pursuant to articles 13 and 14 of EU Regulation 2016/679 for E-commerce
This page contains a description of site management methods with regard to the processing of the personal data of users who consult the site and customers who subscribe and obtain the corresponding account.
Pursuant to Articles 13 and 14 of EU GDPR 2016/679 and in accordance with the current national legislation, this statement is provided to those who interact with web services of Divine Design, that may be accessed via internet at www.divinedesign.eu, which corresponds to the home page of the official website of Divine Design.
Please note that the information is provided only for the website of Divine Design and not for other websites that may be consulted by the user or Customer via links.
The statement is also based on the Recommendation No. 2/2001 that the European authorities for the protection of personal data, grouped as provided for by art. 29 of Directive No. 95/46/EC, adopted on May 17, 2001 to determine some minimum requirements for the on-line collection of personal data, and, in particular, to define methods, times and nature of the information that the data controllers must give the users when they connect to Web pages, regardless of the purposes of such connection.
In accordance with the provisions of EU Regulation 2016/679 on the protection of personal data, and in particular of art. 13 thereof, Divine Design herewith provides the user / Customer with the following information.
1. DATA CONTROLLER
Following consultation of this site, data relating to identified or identifiable persons (hereinafter "user") or personal data of those who register using the online procedure ("customer") may be processed.
In both cases, the personal data collection manager and data controller for the site www.divinedesign.eu is Divine Design with headquarters in Laurentiusstr. 21, 42103 Wuppertal to whom the user or the Customer may send any request, both in writing to the aforementioned address or by email to firstname.lastname@example.org .
2. DATA PROCESSOR
Pursuant to art. 28 of EU Reg. 2016/679 and in accordance with the national legislation in force has been appointed as external data processor in their capacity as service provider for the development and maintenance of the web platform, as well as for the provision and operational management of the technological platforms used.
3. DATA PROCESSING PLACE
The processing operations relating to the web services of this site take place at the offices indicated above by the Company and are only handled by technical personnel in charge of such processing. Pursuant to Article 28 of the EU Regulation 2016/679 and in accordance with the national legislation in force, in case of need, the data connected to the newsletter service may be processed by the staff of the company in charge of maintaining the technological part of the site at the headquarters of the company itself.
No data from the web service are communicated or disseminated. Divine Design will treat the data and information received with confidentiality.
Personal information provided by users who request informative documentation such as mailing lists, newsletters, answers to questions, etc. is used for the sole purpose of providing the service or satisfying the request and is not communicated to third parties.
Personal data and information transmitted by the Customer who accesses the e-commerce reserved area may only be communicated to subjects appointed to carry out the activities necessary for the execution of the contractual obligations undertaken by Divine Design and by the Customer (eg . banks, transport and shipping companies and information management of the Website). The personnel of the Company assigned to the delivery and shipment of the Products, the personnel assigned to managing the Website and the personnel assigned to marketing activities may also become aware of the data.
4. TYPES OF PROCESSED DATA AND PURPOSE
a) Navigation data
During standard use, the computer systems and software procedures used to operate this web site acquire certain data; the transmission of such data is implicit to using Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but by its very nature, through processing and association with data held by third parties, it may allow users’ identification.
This category of data includes the IP addresses or domain names of computers used by users connecting to the website, the URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, failed, etc.) and other parameters on the operating system and the computer environment.
These data are only used to obtain anonymous statistical information about the use of the Site and to check its correct functioning; these are deleted immediately after processing. The data may be used to ascertain liability in the event of hypothetical cyber-crimes to the detriment of the Site: currently, with the exception of this case, data on web contacts is not retained for more than seven days.
b) data provided voluntarily by the User / Customer
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, in addition to any other personal data included in the messages. The data will essentially be processed for the following specific purposes:
• Requests for information on the services provided and products / solutions marketed directly by Divine Design .
• Reports of any kind, also sent through the Contact Form;
• Transmission of information and / or personal data for the purpose of defining a professional collaboration;
The personal data of the Customer who registers through the online procedure will be processed for the purposes specified here below:
• granting the Customer access to the part of the Company's Website dedicated to the online sales (not active) of its Products and consequently allow the Customer to complete all the purchase procedures, as well as allowing Divine Design to perform all various administrative, commercial, accounting and tax-related activities deriving from possible online sales and, more generally, to implement existing legal obligations on the subject;
• inform the Customer, if the latter has given appropriate and specific consent, on the products and services offered by the Company as well as any further initiatives, of commercial and non-commercial nature, by sending advertising and information material through periodic e-mails;
The Company informs that no customer profiling is carried out, nor automated decision-making procedures directed to that end are adopted.
5. OPTIONAL SUPPLY OF DATA
Except for what has been specified about navigation data, the user is free to provide personal data in the request forms or in contact forms to request the sending of newsletters, informative material and other communication.
Failure to provide such data may make it impossible to fulfil the request.
Instead, the communication of personal data by the Customer who decides to buy online (not active) becomes a contractual obligation, as it is a necessary requirement for the purchase of the products made by Divine Design. Failure to do so will prevent the Customer from making any purchase using the procedures required by this site.
6. METHODS OF PROCESSING
Personal data are processed using automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent the loss of data, illicit or incorrect use thereof and unauthorised access.
7. TRANSFER OF INFORMATION ABROAD
The personal data provided, entered through this or other websites, may be transferred to other countries by us or by our agents for the purpose of fulfilling the contractual obligations and the mandatory obligations of intra-group communication and / or franchising; this is done in full compliance with art. 44 and following of GDPR 2016/679 or for purely technical reasons related to the structure of the company Information System and / or the application of technical and organisational security measures deemed appropriate by the Data Controller (art. 32 of GDPR 2016/679).
8. RIGHTS OF DATA SUBJECTS
The subjects to whom the personal data refer have the right to obtain confirmation of the existence of such data at any time and to know their content and origin, verify their accuracy or request their integration or updating, or correction (art. 15 of EU Regulation No. 679/2016 and current national legislation).
9. RIGHT OF APPEAL
Data subjects who believe that the processing of their personal data carried out through this site is in violation of the provisions of GDPR 2016/679 have the right to lodge a complaint, as provided for by art. 77 of GDPR 2016/679, or to use the appropriate courts of law (art. 79 of GDPR 2016/679)
10. LEGAL REFERENCES
11. DATA RETENTION PERIOD
The data provided will be stored in our archives according to the following parameters:
• For any data provided voluntarily: until the service is fulfilled ("storage limitation principle", article 5 of EU Regulation 2016/679) or based on the deadlines set by the legal provisions. Periodic verification is made of the obsolescence of the data stored in relation to the purposes for which they were collected.