3D Shirt (https://sartorie-italiane.netlify.app)
- does not publish banner ads, does not use user data for advertising purposes or otherwise to profile users;
- minimizes as much as possible the collection and use of users' personal data;
- uses for specific functionalities of the site third-party services, which could collect users' data anonymously;
- consent to the use of data is provided via the dedicated banner, and in some cases via contact or account registration forms, and is revocable at any time.
Below we give you with more detailed information on the processing of your personal data.
In compliance with the obligations deriving from European legislation (General Regulation for the protection of personal data No. 2016/679, entered into force on May 25, 2018) regarding the protection of personal data, 3D Shirt respects and protects the privacy of visitors and users, making every effort possible and proportionate so as not to damage the respective rights.
On what basis we treat the data
3D Shirt treats the data mainly on the basis of the users' consent, occurs through the banner placed on the page, or through the use of the Application, which concluding behavior and constituting implicit consent, with which visitors / users consent to the processing of their personal data in relation to to the methods and purposes described below, including the possible dissemination to third parties if necessary for the provision of a service. Through the communication or service request forms further consents are collected relative to the specific purpose of the service.
The provision of data and therefore the consent to the collection and processing of data is optional, the User can deny consent, and can revoke at any time a consent already provided, through the browser settings for cookies, in the 'Management of Cookies' or by sending a request to the Owner via the 'Contact Us' link at the bottom of the page. However, denying consent may make it impossible to use certain services.
How we use the collected data
The data collected are also used for the following purposes:
- Statistics (analysis). We collect data in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site, and the use by users to make it easier and faster to consult. None of this information is related to the user of the site, and does not in any way permit its identification.
- Security. We collect data in order to protect the security of the Application (spam filters, firewalls, virus detection) and Users. The data is automatically recorded and may also include personal data that could be used, in compliance with the laws in force on the subject, in order to block attempts to damage the site or cause damage to other Users. These data are never used for identification or profiling.
- Shopping. Some data is collected in order to carry out ancillary and instrumental activities for the management of purchases. The data provided by the bank (name, address, credit card number) are always collected for the same purposes. Sensitive data can be deleted independently by the User at the end of the purchase operations.
- Ancillary activities. We communicate data to third parties (consultants, lawyers, freight forwarders) who perform functions that are necessary or instrumental to the operation of the service, and to allow third parties to carry out technical, logistical and other activities on our behalf (eg sending mail, analyzing data etc ...). These third parties have access only to the personal data that is necessary to perform their duties, they undertake not to use the data for other purposes, and are required to process personal data in accordance with current regulations.
What data we collect
3D Shirt collects data in two ways.
- Data collected automatically. Some data is collected by the software of 3D Shirt and from Google Analytics. For example, technical data such as the type of browser, internet service provider, date and time of the visit, time spent on the site, page of origin and exit. Other data is collected using cookies or similar technologies. For more information, refer to the 'Cookies Management' page. These data are used for statistical purposes and do not allow the physical identification of the User.
- Data provided voluntarily by the User. The site may collect other data in the case of voluntary use of services by users, such as communications (forms per contact) and purchases: for example, name and surname, email address, physical residence address, etc. These data are provided voluntarily by the User when requesting the service (purchase) and will be used exclusively for the provision of the requested service and processed for the time necessary for the provision of the service. Users exempt 3D Shirt from any liability regarding violations of the laws. It is up to the User to verify that they have permission to enter personal data of third parties or contents protected by national and international standards.
Where the data is processed
The data collected from the site are processed at the headquarters of the Data Controller, and at the Google Firebase data center, which is responsible for processing the data by processing the data on behalf of the owner, is located in the European Economic Area and acts in accordance with the rules European.
How long data is kept
The data is processed for the time necessary for the purposes for which it was collected, and in any case not beyond the time prescribed by law. Upon expiration, the data will be deleted or anonymized, unless there are no further purposes for their preservation.
The data collected is processed for the following periods:
- purpose of statistics and analysis: the data are treated in aggregate and therefore anonymous;
- purchases: the data are processed for the time necessary for the provision of the service, except for some data useful for future purchases, which will be kept until an explicit request for removal;
- purpose of registration on the site: the data of registered users are kept for the entire duration of the service.
To whom the data can be transferred
In carrying out our activities we may have to transfer certain data to third parties that perform specific tasks that are instrumental to those of the site, to perform security checks or to optimize the site, or to provide a specific service requested by the Users (eg . communications, shipments), or for a legitimate request by the judicial authority only in the cases provided for by the law.
In addition, other third parties who act as autonomous data controllers may become aware of the Users' data, using the data also for purposes other than those of www.SITOCLIENTE.com. Other third-party service providers that are autonomous data controllers are: Google Analytics, Google Firebase, Mailjet, Stripe.
The autonomous data controllers are bound by the European and national rules regarding the protection of personal data, and they respond personally in full autonomy.
Data transfer to Countries outside the EU
We may have to share some of the data collected with services located outside the SEE (European Economic Area) area. In particular to Google Analytics, Google Firebase, Mailjet, Stripe.
Below, a reference to the privacy policies of third party service providers used:
- Google Analytics (Google) https://policies.google.com/privacy?hl=it
- Google Firebase https://firebase.google.com/support/privacy/
- Mailjet https://www.mailjet.com/security-privacy/
- Stripe https://snipcart.com/it/privacy
The transfer is authorized based on specific decisions of the European Union and the Guarantor for the protection of personal data, in particular decision 1250/2016.
- Privacy Shield https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/eu-us-privacy-shield_en
- Information page of the Italian Guarantor: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/5306161
- Here is the site maintained by the US Department of Commerce: https://www.privacyshield.gov/welcome
Therefore, there is no need for further consent with respect to the legal basis used for collection and processing in the EEA. The companies mentioned above guarantee their compliance with the Privacy Shield.
What rights you have regarding the data we process
As interested in the treatment To the senses of the European Regulation 679/2016 (GDPR) and of the art. 7 of Legislative Decree 30 June 2003, n. 196 (https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1311248), you can exercise the following rights:
- object in whole or in part, for legitimate reasons, to the processing of personal data concerning you for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication;
- request confirmation of the existence of personal data concerning you (right of access);
- know the origin;
- receive intelligible communication;
- have information about the logic, methods and purposes of the processing;
- request the updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in violation of the law, including those no longer necessary for the pursuit of the purposes for which they were collected;
- in the case of treatment based on consent, to receive only the cost of any support, your data provided to the holder, in a structured and readable form by a data processor and in a format commonly used by an electronic device;
- submit a complaint to the Control Authority (Privacy Guarantor - link to the Guarantor page) https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524);
- nonché, più in generale, esercitare tutti i diritti che ti sono riconosciuti dalle vigenti disposizioni di legge.
Requests should be addressed to the Data Controller.
The data controller in accordance with the laws in force is Luigi De Francesco, contactable via the 'Contact Us' section, or by email firstname.lastname@example.org