Privacy Policy
Privacy Policy
As provided for in Article 13 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing Directive 95 /46/EC (General Data Protection Regulation) ("GDPR")
For purposes of this policy, the following “definitions” are set forth below.
Definitions
“Personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to physical identity , physiological, genetic, mental, economic, cultural or social nature of that natural person.
"Processing": means any operation or set of operations performed on personal data or on sets of personal data, with or without the aid of automated means, such as collection, recording, organisation, structuring, storage, l adaptation or modification, extraction, consultation, use, disclosure by transmission, diffusion or otherwise making available, comparison or interconnection, limitation, erasure or destruction.
“Data controller” means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
"Recipient": the natural or legal person, public authority, agency or other body to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of such data by those public authorities must comply with the applicable data protection rules based on the purposes of the processing.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her .
“Profiling” means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning performance at work, economic situation, health , personal preferences, interests, reliability, behaviour, location or movements of that natural person.
"EU": European Union.
"Website": www.qlhype.com.
"User": anyone who visits the Website and/or purchases the Owner's products.
Controllers
The Data Controller is Digital Fashion Srl (VAT number 12257210968), with registered office in Milan, via Via Larga, n. 8 ("Registered Office"), e-mail: hello@qlhype.com.
Place of treatment
Registered office.
Legal basis of the processing
We will process your Personal Data if:
you give us your consent; it is necessary for the performance of a contract; it is necessary to comply with a legal obligation.
Categories of personal data
We may process the following Personal Data:
Contact details : name, surname, date of birth, tax code, address, e-mail, mobile phone.
Payment instruments : for example, credit cards. Preferences : this data depends on what you visit on the Site.
Technical data : We may process some technical data, for example your IP address; this is to verify the identity of the Users and avoid fraud and abuse, if possible.
We may also partially process your Personal Data. In any case, we will not be able to respond to you without your consent.
We do not process the personal data of persons under the age of 18. If anyone under the age of 18 provides us with personal data, we will delete all personal data as soon as we have established the true identity of the user.
Purpose of the processing
We may process your Personal Data:
to respond to User requests; to execute a contract; to fulfill legal, fiscal and contractual obligations; for accounting and/or administrative needs; to send offers and commercial information; for managing our customer service; for profiling and commercial offers.
Mandatory consent
We cannot respond to any requests without your consent; without prejudice to Article 5, points V and VII, in these cases your consent is not mandatory.
Processing methods
Personal Data will be processed both with paper and electronic tools. The databases in which the Personal Data are stored meet the security requirements set by the GDPR.
Recipients of personal data
We may need to send Personal Data to the following people and/or entities:
employment consultants; accountants and auditors; lawyers; commercial agents; IT consultants; contractors and subcontractors; people or entities with whom the Data Controller has entered into contracts for the development of its business; competent authorities for inspection or verification purposes; banks; insurance companies; IT service providers (e.g. cloud platforms, hosting) couriers/carriers.
We will require all Recipients to sign specific letters of appointment in compliance with the obligations of correctness, lawfulness and transparency imposed by current legislation. Personal Data may in any case be communicated to third parties to fulfill legal obligations, to comply with orders from public authorities or in the event that the Data Controller must exercise a right in judicial or extrajudicial proceedings.
In the event that a Recipient is not based in an EU country, we will ascertain the existence of the conditions required by applicable legislation for the transfer of data to a third country or an international organization or request the necessary documents for the transfer of data pursuant to Article 46 of the GDPR.
Storage of personal data
The Personal Data will be kept for the period of time established by current legislation, in any case for the period necessary to carry out the activities indicated above ( "5. Purpose of the Processing ").
Right of access
The user has the right to access their Personal Data and to obtain confirmation from the Data Controller as to whether or not Personal Data concerning them is being processed.
Right of rectification
You have the right to obtain from the Data Controller, without unjustified delay, the rectification of inaccurate Personal Data concerning you. Without your consent or in case of incorrect or incomplete communication of your Personal Data, we may not be able to comply with legal obligations and we will not be able to respond to any questions and/or fulfill contractual obligations.
Right to be forgotten
You have the right to ask us to delete your personal data. Without your consent we will not be able to fulfill our legal obligations and we will not be able to answer any questions and/or fulfill our contractual obligations.
Right to limit processing
You have the right to ask us to restrict processing. In case of incomplete communication of Personal Data, we may not be able to comply with legal obligations and/or respond to any questions and/or fulfill contractual obligations.
Right to object to processing
You have the right to object to processing. Without your consent we will not be able to fulfill our legal obligations and answer any questions and, consequently, fulfill our contractual obligations.
Right to portability of personal data
You have the right to portability of your personal data. You have the right to receive your personal data in a structured, commonly used and machine-readable format and you have the right to transmit such data to another controller without the controller to whom the personal data was provided. obstacles.
Withdrawal of consent
You have the right to withdraw your consent. The revocation of consent does not affect the lawfulness of the processing based on consent before the revocation. Without your consent we will not be able to fulfill our legal obligations and we will not be able to answer any questions and/or fulfill our contractual obligations.
Right to lodge a complaint with a supervisory authority
You have the right to lodge a complaint with a supervisory authority (www.garanteprivacy.it) and/or to other authorities as required by current legislation.
For any questions, please write to us: customerservice@qlhype.com