Informativa Privacy

Sipec Spa
via Kuliscioff 16/18 - Milan (MI) PIVA 04441130152 CF 04441130152
INFORMATION PURSUANT TO ART. 13 OF EUROPEAN REGULATION N. 2016/679 (GENERAL DATA PROTECTION REGULATION — GDPR)
Sipec Spa's Privacy Policy complies with the most recent regulations regarding the protection of personal data (GDPR) and is constantly updated. For this reason, we invite you to visit this page regularly.
Sipec has always been sensitive to the security of its users/customers data. On this page we describe all the precautions and precautions we use to protect your personal data, indicating: What data we storeHow we protect personal dataHow we use the data, with whom it will be shared and for what purposesHow it is possible to modify or delete the data
This site and any services offered through the site are reserved for individuals who have reached the age of eighteen. The Data Controller therefore does not collect personal data relating to individuals under 18 years of age. At the request of the interested parties, the Data Controller will promptly delete all personal data unintentionally collected and relating to individuals under 18 years of age.
What data do we store
What data is stored and used when browsing the handle-bags.com siteWe do not record any personal data (directly identifying the interested party) relating to browsing the site before logging in. Through the form
When registering on the site, it is possible to access the reserved area of the site only after accreditation by our staff. After logging in, we will be able to provide all the information necessary for the use of the service. Authentication to the site is therefore essential to be able to make purchases.
What data is stored and used after accessing the reserved area of the site, as customersOnce the credentials for accessing the site have been activated, in addition to general business data, such as company name and address, financial and organizational information relating to the company will also be requested. This information is used to provide the service and to carry out market analysis. Some of this information, such as financial data, is provided to us by third-party companies that specialize in Credit Information. The credentials to access the site are confidential and personal, not shareable with third parties.
What data is stored and used for statistical analysis of site navigation? We use Google Analytics, a service provided by Google Inc., in order to statistically analyze user behavior on the site. Google uses cookies, small text files that allow the analysis of the behavior of the website. The information retrieved from these cookies is stored on Google's servers. It is possible to prevent Google from storing cookies on your computer, through the settings of your web browser. For more information on cookies, please refer to the Extended Cookie Policy, available hither.
Use of cookiesIn order to create a useful and correct experience when you visit our website, some features of the site collect information stored in cookies. In most cases, these cookies will be deleted when you close your browser. Other cookies remain stored to allow us to recognize the user, making it easier to access the requested functionality. It is possible to set the browser so that for each cookie set you receive a notification and there is the possibility to accept or refuse the storage of a specific cookie. If you decide to refuse certain cookies on our website, that part of the site may malfunction. For more information on cookies, please refer to the Extended Cookie Policy, available hither.
How we protect personal data
The personal data provided by users through registration on the site or through other methods of requesting to use the service are collected and managed with the utmost care by the Sipec staff, who are always updated on the regulations for the protection of personal data. The data is collected on servers protected with appropriate security measures. This ensures that these are not accessible by unauthorized employees or external parties. The site is protected with the use of an SSL certificate (https). SSL technology is used to encrypt the information on the servers, making it impossible to recover this data from other people who are not authorized to access it.
The management and storage of personal data will take place on servers located within the European Union. The data will not be transferred outside the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers to Italy and/or the European Union and/or non-EU countries. In this case, the Data Controller hereby ensures that the transfer of non-EU data will take place in accordance with the applicable legal provisions - and, in particular, in accordance with articles 45 (Transfer based on an appropriateness decision) and 46 (Transfer subject to adequate guarantees) of the GDPR - stipulating, if necessary, agreements that guarantee an adequate level of protection and/or adopting the standard contractual clauses provided by the European Commission.
The personal data you provide will be processed by the Data Controller on paper, computer or electronically.
How we use data (purpose of processing and legal basis), with whom it will be shared and for what purposes
For no reason do we sell or rent User Data to third parties.
Your personal data is processed in accordance with the provisions of art. 6 letter 1 letter b) of the GDPR for the following purposes: to process and process your requests received from the website, via email or through other online and offline contacts. The legal basis consists of art. 6, paragraph 1, letter b) of the GDPR, i.e. the processing is necessary for the execution of a contract to which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same; to carry out surveys and market surveys, by telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or MMS, send emails or communications on the market or in any case not strictly related to the Service (see point c.) or to present offers, promotions and commercial opportunities from Sipec or third-party companies. The legal basis consists of art. 6, paragraph 1, letter a) of the GDPR, or the provision by the interested party of consent to the processing of their personal data for one or more specific purposes. For this reason, the Data Controller asks the interested party to provide a specific free and optional consent, to pursue this processing purpose; to fulfill the pre-contractual and contractual obligations deriving from the execution of the service requested by you, including the sending of service emails and related to the use of the Sipec Service including (i) notifications relating to orders (order confirmation, drafts, shipping notice, etc.) information on products and catalogs (new products, product specifications, product reports, product recalls, price lists, samples, price changes, etc.) (iii) information on services (Logistics, closures, strikes, slowdowns, new services offered such as personalization, delivery times, etc.). The legal basis consists of art. 6, paragraph 1, letter b) of the GDPR, i.e. the processing is necessary for the execution of a contract to which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same; to fulfill the obligations established by law, a regulation, community legislation or an order from the Authority. The legal basis consists of art. 6, paragraph 1, letter c) of the GDPR, as the processing is necessary to fulfill a legal obligation to which the Data Controller is subject; to exercise the rights of the Data Controller, for example the right of defense in court. The legal basis consists of art. 6, paragraph 1, letter e) of the GDPR, i.e. the processing is necessary for the pursuit of the legitimate interest of the Data Controller.
The personal data that are necessary for the pursuit of the processing purposes described in this paragraph 3 are indicated with an asterisk in the site form.
The processing of your personal data is carried out by means of the following operations: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data.
With the exception of optional processing, the provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide them will make it impossible for the interested party to browse the sipec.com site, register and use the services offered by the Data Controller through the site.
If consent is required to pursue one or more of the purposes described above, the consent must be considered free and optional and the failure to provide it will not affect the possibility for the interested party to send requests to the Data Controller, register and/or use the services offered by the Data Controller through the site.
The interested party can also easily object to further sending of communications via email or newsletter even by clicking on the appropriate link for revoking consent, present in each such e-mail sent by the Data Controller, and which will take him to a page where he can unsubscribe. If the interested party intends to revoke their consent to the sending of promotional communications by telephone, while continuing to receive promotional communications via email or newsletter, or vice versa, please send a request to the Data Controller to the contacts indicated in the following paragraph 4. The Data Controller informs that, following the exercise of the right to object to the sending of communications by email or newsletter, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before receiving from part of the owner of the request for opposition) the interested party continues to receive some additional messages. If the interested party should continue to receive messages after 24 hours have elapsed from exercising the right to object, please report the problem to the Data Controller, using the contacts indicated in paragraph 4 below.
Your data may be made accessible for the purposes mentioned above: to employees and collaborators of the Data Controller, in their capacity as subjects designated to external parties for accounting, tax and payment management purposes, to suppliers, technicians responsible for hardware and software assistance, who carry out outsourcing activities on behalf of the Data Controller and consulting firms whose collaboration the Data Controller makes use of.
Data storage methods Regarding point 3.a, the personal data provided will be kept for the time necessary to process the request. In the face of the request (if it is negative), the data will in any case be kept for no longer than 10 years, without carrying out direct operations. Regarding point 3.b, the personal data provided will be kept for the time necessary to carry out the indicated purposes and until the request for cancellation sent by the interested party. Regarding point 3.c, the data will be kept for the entire duration of the contract and for the 10 years following the end of the contract for accounting and tax purposes, according to current legislation. point 3.d/e, the data will be kept for as long as necessary, according to current legislation.
How can you change or delete data
In your capacity as interested parties, you have the rights referred to in art. 15 GDPR and specifically the rights to:
obtain confirmation of the existence or not of personal data concerning you; obtain the indication: a) of the origin of the personal data; b) of the purposes and methods of the processing; c) of the logic applied in the case of processing carried out with the aid of electronic tools; d) of the identification details of the owner, the managers and the designated representative pursuant to art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom personal data may be communicated or who may become aware of them as designated representative in the territory of the State, of managers or agents; obtain: a) the updating, the correction or, when you have an interest, the integration of the data; b) the cancellation, the transformation into anonymous form or the blocking of data processed in violation of the law, including those whose conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also with regard to the their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment proves impossible or involves the use of means that are clearly disproportionate to the protected right; to object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if relevant to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or communication commercial. Where applicable, you also have the rights referred to in articles 16-21 GDPR (Right to rectification, right to be forgotten, right to restrict processing, right to portability of contractual and raw browsing data, right of opposition), as well as the right to lodge a complaint with a supervisory authority (in the member state where you usually reside, in the one in which you work or in the one in which the alleged violation occurred). The Italian Supervisory Authority is the Guarantor for the protection of personal data, with headquarters in Piazza Venezia n. 11, 00187 — Rome (http://www.garanteprivacy.it/).
You can exercise your rights at any time by sending an email, a fax or a registered letter with return receipt to the address of the Data Controller ( privacy@sipec.com) The Data Controller is Sipec Spa, Address: via Anna Kuliscioff 16/18, 20152, Milan (MI), Italy Tel. 024839111fax. 0248391150PIVA/CF 04441130152PEC sipec@legalmail.it
The Data Controller has not identified the figure of the Data Protection Officer (DPO or DPO), as he is not subject to the designation obligation provided for by art. 37 of the Regulation.