We at Roberto Coin highly value our Customers’ privacy and use our best efforts to ensure that their personal data are processed in compliance with fundamental rights and freedoms and with the individual’s dignity, with particular reference to privacy, personal identity and the right to personal data protection.
The Data Controller for the processing of the Customers’ personal data collected through the Website is Roberto Coin S.p.A., with registered office in in Viale Trieste 13, 36100, Vicenza, registered with the Companies Register of Vicenza, registered number 02193150246, REA number VI-213190, with a fully paid-in share capital of Euro 1,500,000.00 (hereinafter “Roberto Coin”).
The Data We Collect Online
The communication of personal data to Roberto Coin, according to the different methods with which they are collected on the Website, could be essential to achieve the purposes pursued (notices, requests for information, purchase of Products from the online catalogue). The mandatory or optional nature of the supply of data is specified from time to time – with reference to the information requested – in the forms used for the collection of data, and the mandatory information shall be marked with an asterisk (*). If a Customer refuses to communicate the data indicated as mandatory, it will be impossible to achieve the main purpose for which the specific data is being collected: such refusal could, for instance, prevent the purchase of the selected Product from being completed or other services available on the Website from being provided (such as assistance, contacts with Customer Service, the sending of e-mails, the use of specific functions of the Website, etc.). Communicating additional data, other than the ones marked as mandatory, is, on the other hand, optional, and a refusal to provide such information shall not have any consequences on the achievement of the main purpose served by the data collection (for example, the use of the Website or the purchase of a Product on sale). On each subsequent visit to the Website, a registered Customer will be able to access its Purchase Orders or personal information by following a specific link on the Website’s homepage (section “Log in”), after having entered its e-mail address and password.
Information Automatically Collected
How We Use Customer Information
The data provided by Customers to Roberto Coin shall be processed for specific, explicit and legitimate reasons only. The information shall be mainly processed through IT systems or electronic devices and shall be performed for the purposes indicated below:
a) Registering with the Website
b) Managing Purchase Orders
c) Managing requests for information
d) Sending information and promotional communications, advertising material, etc.
In respect of the aforementioned purposes, the processing of personal data shall take place through computer and electronic systems in a way that is strictly related to the purposes indicated and, in any case, so as to ensure the security and privacy of the data.
Data may also be processed on behalf of Roberto Coin – with the same methods and criteria mentioned above – by third parties who provide data processing services or carry out activities that are necessary or incidental to the performance of the services and operations requested. Such third parties shall be designated, from time to time, as the Data Processors on behalf of Roberto Coin.
In a few cases, as set forth in the Personal Data Protection Code, personal data shall be processed only when the relevant Customer expressly agrees to it, as for example for the setting-up of a user profile based on the preferences and purchases made, in order to enable Roberto Coin to subsequently send each Customer information that is tailored to its interests.
The law has, however, provided for a number of cases in which the processing of personal data does not require consent: for example, we wish to inform our Customers that Roberto Coin may process their personal information without their prior consent when this is necessary in order to comply with law provisions or to fulfil contractual obligations (for instance, in the event of purchase of Products or request for specific services through the Website).
Furthermore, pursuant to Article 130 (4) of the Personal Data Protection Code (which authorises the processing of personal information for the purpose of sending e-mail advertisements of products and services similar to the ones previously purchased, unless consent for this use is expressly denied by the user), Roberto Coin may use the personal data made available by Customers upon a previous purchase or visit to the Website for the purpose of sending advertisements of products and services, unless the Customer expressly denies its consent in this regard.
Personal Customer information shall not be shared with third parties without the Customer’s express consent, unless such disclosure is required by law or in order to satisfy a specific request made by the Customer or to complete an online purchase; all cases in which the interested party’s consent is not required. In these cases, the Customer’s information may be made available to third parties, which shall process them autonomously and solely for the same purposes (for instance, to respond to a request made by a law enforcement agency or judicial authority or any other authority having jurisdiction, or also for the purpose of fulfilling the obligations arising out of the agreement executed, such as the need to share the personal data in order to allow the payment of the products purchased).
Data Processors and Persons in Charge of the Processing
Pursuant to Article 29 of the Personal Data Protection Code Roberto Coin may designate the following Data Processors:
- carriers and transport companies processing the data needed to arrange and carry out the shipment, delivery, and return of the Products purchased on the Website;
- experts processing the data needed to manage and operate the applications and web servers; to carry out, manage and monitor the Purchase Orders related to the Products sold on the Website; to update and improve the operations of the Website, and to provide other services required for the management of the Website;
- experts processing the data needed to provide call center and customer care services to our Customers and Website users;
- providers of warranty services on the Products purchased on the Website.
Our Customers’ personal data may also be accessed by all the employees of Roberto Coin involved in the activities of sale, delivery management, returns, complaints, and warranty services carried out as a result of the use of the Website, as well as by the employees of the IT and administration departments.
We kindly invite our Customers and Website users to read this section regularly in order to be updated on any changes made to the list of the above-mentioned Data Processors.
Rectification / Deletion of our Customers’ and Website Users’ Personal Data
Should your personal data (such as telephone number, address, etc.) change, or should you no longer intend to use the Website or our services, you may update, rectify, delete or deactivate your personal data. Registered users may make changes to their data upon access to the “Personal Area” of the Website.
Security of the Personal Data Provided
Roberto Coin shall take suitable security measures aimed at preventing the unauthorised disclosure, alteration, destruction or loss, whether accidental or otherwise, of any personal data in its possession, as well as processing operations that are unlawful or non-compliant with the purposes for which the data were collected, in accordance with the Personal Data Protection Code provisions (please see Article 33 et seq. and “Annex B – Technical Specifications Concerning Minimum Security Measures”). However, Roberto Coin does not make any warranties to its Customers as to the fact that the security measures taken to protect the Website and the transmission of the data contained therein will prevent any risks connected to the unauthorised access to personal data through the Customers’ devices: therefore, we recommend our Customers to make sure that their computers are equipped with suitable software capable of securing the transmission and reception of data over the Internet (such as an antivirus software) and that the Internet providers used by our Customers has adopted suitable security measures to secure the data transmission networks (such as, for example, firewalls and antispam filtering).
You shall have the right to obtain confirmation at any time by Roberto Coin as to which of your personal data have been collected and processed through the Website and to obtain communication of such data in an intelligible form.
Furthermore, you shall have the right to be informed by Roberto Coin of the source of the personal data, of the purposes and methods of the processing. You shall have the right to obtain the identification data of the persons processing your personal data and the names of the Data Processors as well as the names of the persons or categories of persons to whom or which your personal data may be communicated.
Furthermore, you may exercise at any time the rights provided in Article 7 of the Personal Data Protection Code, among which the right to obtain:
- copy of your personal data that have been processed, as well as the update, rectification and supplement of such data;
- deletion, anonymisation or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
as well as the right to object, in whole or in part:
- for legitimate reasons, to the processing of your personal data, even though they may be relevant to the purpose of the collection;
- to the processing of personal data, when it is carried out for the purpose of sending advertising or promotional material or for carrying out market surveys.
If you wish to obtain information as to how your personal data are processed by Roberto Coin or to obtain the updated list of the Data Processors processing your personal data or if you intend to exercise any of your rights pursuant to Article 7 of the Personal Data Protection Code, as listed in the above-mentioned paragraph, we kindly invite you to write us an e-mail to email@example.com or to contact our Customer Service at +39 0444 202 250
STATEMENT ACCORDING TO ART. 13 OF PERSONAL DATA PROTECTION CODE
According to section 13 of Italian Legislative Decree No. 196 of 30 June 2003, Personal Data Protection Code (hereafter referred to as Privacy Code), ROBERTO COIN S.p.A. (hereafter referred to simply as “Roberto Coin”), with registered office at viale Trieste no. 13, in Vicenza, Italy, (registered at the company registry of Vicenza under number 02193150246, REA Register No. 26090 company’s capital EUR 1.500.000,00 fully paid-up capital), herewith informs that personal data disclosed in the “Curriculum” section has the sole purpose of company’s own personnel search and selection.
Controller of data processing is Roberto Coin S.p.A.
It is herewith specified, that Roberto Coin does not request any sensitive data for filling out and submitting applications. We herewith remind you, that sensitive data are such that can reveal racial and ethnic origins; religious, philosophical or other kind of beliefs; political opinions, party or union affiliation, or affiliation with associations or organizations of religious, philosophical, political or union nature, as well as personal data that can reveal state of health and sexual life.
Therefore, visitors to the site are kindly requested to abstain from disclosing any sensitive data
in the curricula vitae they submit.
However, if sensitive data was spontaneously communicated by visitors to the site, Roberto Coin herewith informs that, according to art. 26 of the Privacy Code, sensitive data can only be processed with data subject’s written authorization, and without specific authorization by the Guarantor, considering the general authorization issued by the Guarantor (according to art. 40 of the Privacy Code) which is renewed yearly.
Therefore, in case sensitive data was included spontaneously in the curriculum, Roberto Coin will proceed to delete curriculum from its own database unless written consent for data processing of disclosed sensitive data by data subject arrives within 30 days of submitting curriculum.
For such purpose, the data subject must display the specific statement of the “Curriculum”/”Careers” section, enclosing the following footnote, stating: “ I herewith consent to the processing of my data – (signature)” and send the written consent to Roberto Coin S.p.A, viale Trieste 13, 36100 Vicenza, Italy, by registered mail with return receipt. No data processing will take place between the date the curriculum containing sensitive data is submitted and the date the written consent is received, or rather during the 30 days after submitting the curriculum, however, the usual safety measures shall be applied for the protection of the received data.
Data processing will take place at Roberto Coin S.p.A., viale Trieste 13, 36100 Vicenza, Italy, and will be processed by specially assigned Roberto Coin staff, or by people in charge of occasional maintenance operations, with use of electronic procedures, within the modalities and limits necessary to fulfilling abovementioned purpose. Data will be kept in paper and/or electronic archives, in order to locate it. Data will be kept only for the time necessary to the purpose of personnel search and selection, and however, not beyond 6 months. After this if not specifically requested by the subject the data will be destroyed.
Data Controller is Roberto Coin S.p.A.
Roberto Coin will not disclose collected personal data to third parties.
Disclosure of personal data is voluntary, however, failure to disclose such data will make it impossible to assess submitted curricula in the process of personnel selection, making it impossible for Roberto Coin to take such applications into consideration.
Data subjects have the right, under art. 7 of the Privacy Code, and in particular the right to request access to own personal data; to request rectification, updating and deleting of own data, where incomplete, faulty or collected unlawfully; as well as the right to object to processing of data, for legitimate reasons, addressing such requests to Roberto Coin S.p.A., viale Trieste 13, 36100 Vicenza, Italy, or to the company’s e-mail: firstname.lastname@example.org
* * *
Following are art. 7 and 13 of the Privacy Code, to complete the Statement (Legislative Decree 196/03):
Art. 7 -(Right to Access Personal Data and Other Rights)
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain
a) updating, rectification or, where interested therein, integration of the data;
b) deletion, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disclosed, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication survey
Art. 13 - (Information to Data Subjects)
1. The data subject as well as any entity from whom or which personal data are collected shall be preliminarily informed, either orally or in writing, as to:
a) the purposes and modalities of the processing for which the data are intended;
b) the compulsory or voluntary nature of providing the requested data;
c) the consequences if (s)he fails to reply;
d)the entities or categories of entity to whom or which the data may be communicated or who/which may get to know the data in their capacity as data processors or persons in charge of the processing, and the purpose of disclosure of said data;
e) the rights as per Art. 7;
f) the identification data concerning the data controller and, where designated, the data controller’s representative in the State’s territory pursuant to Art. 5 and the data processor. If several data processors have been designated by the data controller, at least one among them shall be referred to and either the site on the communications network or the mechanisms for easily accessing the updated list of data processors shall be specified. If a data processor has been designated to provide answers to data subjects in case the rights as per Art. 7 are exercised; such data processor shall be referred to.
2. The information as per paragraph 1 shall also contain the items referred to in specific provisions of this Code and may fail to include certain items if the latter are already known to the entity providing the data or their knowledge may specifically impair supervisory or control activities carried out by public bodies for purposes related to defence or State security, or else for the prevention, suppression or detection of offences.
3. The Guarantor may issue a provision to set out simplified information arrangements as regards, in particular, telephone services providing assistance and information to the public.
4. Whenever personal data is not collected from the subject, information as per paragraph 1, also including the categories of processed data, shall be provided to the data subject at the time of recording such data or, if its communication is envisaged, no later than when the data is first communicated.
5. Paragraph 4 shall not apply
a) if the data is processed in compliance with an obligation imposed by a law, regulations or Community legislation.
b) if data is processed either for carrying out investigations by defense counsel as per Act no. 397 of 07.12.2000 or to establish or defend a legal claim, provided that data is processed exclusively for said purposes and for no longer than is necessary for that purpose;
c) if the provision of information to the data subject involves an effort that is declared by the Guarantor to be manifestly disproportionate compared with the right to be protected, in which case the Guarantor shall lay down suitable measures, if any, or if it proves impossible in the opinion of the Guarantor.