PRIVACY POLICY – Art. 13 EU Regulation 679/2016

We inform you that EU Regulation 679/2016 (hereinafter “RGPD”) provides for the protection of individuals with regard to the processing of personal data. This constitutes the information provided to interested parties pursuant to art. 13 GDPR.

1. Identity and contact details of the Data Controller
2. Contact details of the Data Protection Officer (“DPO”)
3. Purpose and legal basis of the processing
4. Recipients of personal data
5. Data retention period
6. Rights of the interested party
7. Communication and provision of data

Identity and contact details of the Data Controller

The Data Controller is FLORENCE WHAT ELSE, in the person of the owner MARTINA GUADAGNO domiciled at the registered office in Via Volterrana, 161 – 50026 S. Casciano in Val di Pesa (FI), email: martina@florencewhatelse.it (hereinafter “company”).

Contact details of the Data Protection Officer (“DPO”)

The DPO designated by the company, who will represent the contact point for the interested parties, can be reached through the following contact channels:

e-mail: privacy@florencewhatelse.it
post office: Florence What Else – Via Volterrana, 161 – 50026 S. Casciano in Val di Pesa (FI)

Purpose and legal basis of the processing

With your consent, which is optional, the company uses your personal data for marketing purposes, that is to say to send you promotional, commercial or advertising newsletters on the promotional and commercial initiatives of the Company, its sales and assistance network and its partners. , for direct sales, market research and surveys for the detection of satisfaction, as well as to carry out statistical analyzes with autonomous data, organized in aggregate form.

Marketing activities are carried out by e-mail, telephone calls via operator, text messages, MMS and traditional mail, including the sending of invitations to events organized by the Company. In any case, you can at any time indicate the contact method you prefer among those listed above and you can oppose the receipt of promotional communications, personalized or not, through all or only some of the communication channels indicated above. Providing your personal data for the marketing purposes indicated above is optional and any refusal will not allow you to receive our commercial communications.

The company processes your personal data with and without the aid of electronic tools, based on logic and procedures consistent with the purposes indicated below and in compliance with the GDPR, including confidentiality and security profiles. The Company processes your personal data on the basis of your consent.

Recipients of personal data

As part of the aforementioned purposes, your data may be disclosed to:

1. to the FLORENCE WHAT ELSE company;
2. to companies and professional operators who provide electronic data processing and consultancy services for software and IT as well as management of information services relating to the foregoing;
3. to companies and professional bodies used for statistical survey services and / or market research and / or surveys on the degree of customer satisfaction;
4. to professional advertising, marketing and mailing agencies in Italy, always in relation to commercial initiatives related to the sector to which they belong.

For the subjects indicated in nos. 2), 3) and 4) only the category of recipients is indicated, as it is subject to frequent updates and revisions. Therefore, interested parties may request the updated list of recipients by contacting the Data Controller through the channels indicated in art. 1 of this information.

We provide these subjects only with the data necessary to perform the agreed services and they act as data controllers, on the basis of the instructions received from the Company.

Your personal data are accessible to our duly authorized personnel based on criteria of necessity and are communicated to third parties when the communication is required by applicable laws and regulations with respect to legitimate third party recipients of communications.

Data retention period

Personal data will be kept for the period of time strictly necessary to pursue the specific purposes of the processing for which the user has given his consent and, specifically:

• for the purposes indicated in letter a) of art. 3 for the time necessary for the fulfillment of contractual obligations and, in any case, no later than 10 years from the time of collection of your data for the fulfillment of regulatory obligations and, in any case, no later than the deadlines set by law for the prescription of rights;
• for the purposes indicated in letter b) (or for direct and indirect marketing and market research purposes) of art. 3 for 24 (twenty-four) months from the time of consent to treatment.

Rights of the interested party

The user may, at any time, exercise the rights indicated below.

• Access to personal data: obtain confirmation or not that data concerning you is being processed and, in this case, access to the following information: the purposes, the categories of data, the recipients, the retention period, the right to lodge a complaint with a supervisory authority, the right to request the correction or cancellation or limitation of the processing or opposition to the processing itself as well as the existence of an automated decision-making process;
• Request for rectification or cancellation of the same or limitation of the treatments that concern him; “limitation” means the marking of stored data with the aim of limiting their processing in the future;
• Opposition to processing: oppose for reasons related to your particular situation to the processing of data for the performance of a task of public interest or for the pursuit of a legitimate interest of the Data Controller;
• Data portability: in the case of automated processing carried out on the basis of consent or in execution of a contract, to receive the data concerning him in a structured format, commonly used and readable by an automatic device; in particular, the data will be provided to you by the Data Controller in .xml format, or similar;
• Revocation of consent to processing for marketing purposes, both direct and indirect, market research and profiling; the exercise of this right does not in any way prejudice the lawfulness of the treatments carried out before the revocation;
• Submit a complaint pursuant to art. 77 RGPD to the competent supervisory authority based on your habitual residence, place of work or place of violation of your rights; for Italy, the Guarantor for the protection of personal data is competent, which can be contacted via the contact details listed on the website: http://www.garanteprivacy.it.

The aforementioned rights may be exercised by sending a specific request to the Data Controller through the contact channels indicated in art. 1 of this information.

Requests relating to the exercise of the user’s rights will be processed without undue delay and, in any case, within one month of the request; only in cases of particular complexity and in the number of requests, this deadline may be extended by a further 2 (two) months.

Communication and provision of data

The provision of data by the user is mandatory as it is necessary for the provision of the requested service. Therefore, any refusal by the user to provide the data may result in the failure to provide the service, to the extent that such data.