SPEDIZIONI GRATUITE IN ITALIA

Privacy Policy of www.chevalfirenze.com

This Web Site collects some Personal Data of its Users.

INFORMATION ON THE PROCESSING OF PERSONAL DATA pursuant to and for the effects of the Art. 13 of the New European Regulation 2016/679 relating to protection of natural persons with regard to the processing of personal data (GENERAL DATA PROTECTION REGULATION – GDPR).

Such as richiesto dal Regolamento Generale sulla Protezione dei Dati Personali of the European Union (GDPR 2016/679, Article 13), before proceeding to processing, the interested party (user of the website www.chevalfirenze.com) is informed that the personal data collected through the site are the subject of treatment by the Company by means of IT tools and / or telematics, for the purposes indicated in this statement.

For all our services, the owner of the data, or the company responsible for your privacy, is SERE.BAGS Srl, Via Tevere 100/102 – 50019 Sesto Fiorentino (FI) – ITALY P.I.06892830487, owner of the brand Cheval Firenze.

Information on treatment: Personal data object of treatment are collected directly by Cheval Firenze or by third parties expressly authorized by it, or communicated by the Company to such third parties for the pursuit of the purposes of described below

Legal basis and purpose of the processing: Personal data conferred by the user when browsing the website www.chevalfirenze.com are processed by the Data Controller in accordance with the laws in force regulations regarding the protection of personal data. The legal basis of the treatment is identified in the provision of its services by the Company, in the management and facilitation of the website, as well as in the establishment, execution and possible termination of the online sales contract concluded between the parties and in the obligations to the same related contract and / or by directly and / or indirectly arising. Data processing Personal data from Cheval Firenze is aimed at pursuing the following purposes:

1)REGISTRATION TO THE CHEVALFIRENZE.COM NEWSLETTER: in the event that the user decides to subscribe to the “CHEVAL FIRENZE Newsletter”, only after a possible and specific consent, the personal data will be processed by the Data Controller to send commercial or promotional communications, relative updates, for example, to latest trends, new arrivals, exclusive offers, special events and promotions. To unsubscribe from the newsletter, simply click on the appropriate unsubscribe link at the bottom of the emails received or by writing to the address newsletter@chevalfirenze.com.

2) REGISTRATION ON CHEVALFIRENZE.COM: if the user decides to register on the chevalfirenze.com site, only after a any and specific consent, personal data will be processed by the Owner of the Treatment for the purposes of registration on chevalfirenze.com. In particular, given the conferment of your name, surname, email address, mobile phone, tax code and setting an access password, these will be processed for the creation of a personal account, per speed up the purchase process, to allow the user to view order status and receive updates on purchases made, change your personal settings and update your account, save them favorite items in the Wishlist and to offer the possibility of joining in a next time, if the user wishes.

3) ONLINE SHOPPING ACTIVITIES: personal data provided will be used for the purposes of establishment, management, execution and / or conclusion of the online sales contract. The data provided will be processed by the Data Controller for the purpose of managing the purchase order with reference, by way of example, to payment activity, shipping, taking charge of any returns, for customer assistance, for execution of the administrative – accounting purposes related to the management of the order, for the fulfillment of obligations under current legislation. In case of credit or debit card payment, the basic information for the execution of the transaction (credit / debit card number, date of deadline, security code) will be processed by Stripe SEPA Direct Debit, Stripe Bancontact, Stripe SOFORT, Stripe Giropay, Stripe EPS, Stripe iDeal, Stripe P24, Stripe Alipay, Stripe Multibanco or possibly, by companies in charge of anti-fraud control using an encrypted protocol and without third parties having access to them in any way. such information however, they will never be viewed or stored by the seller (Cheval Firenze).

4) PROFILE OF THE PHYSICAL PERSON: only later to any and explicit consent, the personal data provided may be processed by the Data Controller for profiling activities, or of analysis of preferences aimed at creating content and offers customized.

In relation to the purposes referred to in punto 1) of the previous paragraph, the conferment of the personal data and consent to their processing is optional. Any failure to grant consent implies the impossibility for Cheval Firenze to allow registration to the “Newsletter of CHEVALFIRENZE”, the sending of commercial or promotional communications, related updates, for example, to latest trends, new arrivals, exclusive offers, special events and promotions. If the user decides to proceed with the registration to the newsletter through the section of the site dedicated solely to this activity, the provision of personal data and consent to their processing is required. Any failure to provide consent will make it impossible for CHEVAL FIRENZE to allow the registration to the “Newsletter of CHEVAL FIRENZE “, the sending of commercial or promotional communications, of updates, for example, to the latest trends, new arrivals, offers exclusive, special events and promotions.

In relation to the purposes referred to in punto 2) of the previous paragraph, the conferment of the personal data and consent to their processing is mandatory. Any failure to grant consent implies the impossibility for CHEVAL FIRENZE of allow the registration on chevalfirenze.com, the creation of the account staff, speeding up the purchasing process, display order status and receipt of purchase updates made, the possibility for the user to change personal settings and update the account, to view the history of returns and requests for exchange of goods, to save the favorite items in the Wishlist.

In relation to the purposes referred to in punto 3) of the previous paragraph, the conferment of the personal data and consent to their processing is mandatory. Any failure to grant consent implies the impossibility for CHEVAL FIRENZE of proceed with the establishment, management, execution and / or conclusion of the contract online sales, therefore the impossibility to execute, by way of title exemplified, the activities related to payment, shipping, taking in load of any returns, customer support activities, execution of the administrative – accounting purposes related to the management of the order, e to fulfill obligations under current legislation.

In relation to the purposes referred to in punto 4) of the previous paragraph, the conferment of the personal data and consent to their processing is optional. Any failure to grant consent implies the impossibility for CHEVAL FIRENZE of carry out profiling activities, or to carry out analyzes of the preferences aimed at creating personalized content and offers.

Personal data processed: Personal data subject of processing by the Owner are those provided by the user in browsing on the website www.chevalfirenze.com, in occasion of the eventual registration / adhesion to the services / programs put available to CHEVAL FIRENZE and / or the possible purchase of products made at arrangement of CHEVAL FIRENZE, as, by way of example: name, surname and email address, tax code in addition to the data necessary for the provision of online sales service such as, for example, those functional to the execution of the payment and the shipping / change of the purchased products.

Data processing and storage methods: Data processing personal data is performed by the Owner in accordance with the provisions by current legislation on Privacy. The Owner makes the processing of personal data using IT and / or telematic tools e with organizational and logical methods strictly related to the pursuit of the purposes indicated in this statement, as well as adopting the measures security measures in order to prevent access, disclosure, un authorized modification or destruction of personal data, their loss and their unlawful and incorrect use. However, the Company cannot guarantee to its users that the measures taken for the security of the site and transmission of data and information on the site are able to limit or exclude any risk of unauthorized access or loss of data data from devices belonging to the user. For this reason, it is suggested that users of the site make sure that their computer is equipped with software suitable for the protection of data transmission over the network (eg updated antivirus) and that your Internet Provider has adopted suitable measures for the security of data transmission on the network. the present Company also undertakes to process the data according to the principles of correctness, lawfulness and transparency, to collect them to the extent necessary and accurate for the treatment and to allow its use only by personnel for the purpose authorized. The management and storage of acquired personal data will take place in archives or on servers located within the European Union of ownership of the Data Controller and / or third-party companies appointed External Data Processors of treatment and, however, currently located in Italy. In relation to different purposes for which they are collected, personal data will be stored for the time strictly necessary for the achievement of the same and, in each case, in accordance with the regulations in force on the subject. In each In this case, the Company will take care to avoid using the data indefinitely proceeding, periodically, to adequately verify the actual remain of the interest of the subject to which they refer.

Recipients and Data Processors: Data not collected will be in any way disseminated, but will be treated within the limits and for the purposes described by the Company’s employees on the basis of adequate operating instructions (for example, administrative, commercial, marketing, legal, system administrators, etc.). Some data processing they may also be carried out by third parties, appointed as Managers External of the Treatment, of which the Owner uses or could make use in the management of the contractual relationship, of the provision of services offered and for organizational needs of its business. In particular, the data could be communicated to:

a) subjects, public and private, that can access the data by virtue of the provision of law, regulation or legislation, within the limits set by these rules;b) subjects that need to access data for purposes related to the relationship contractual agreement between the parties, within the limits strictly necessary for the performance of auxiliary tasks (such as, for example, banks and institutions of credit, technical service providers, hosting providers, IT companies, communications agencies, mail carriers and shipping companies);c) consultants, within the limit necessary for the performance of their professional duties.

The list updated by the External Managers and the subjects authorized to process it is kept at the headquarters of the Data Controller and is available of the interested party, upon request to be made by e-mail at info@chevalfirenze.com.

Data transfer abroad: the management and the retention of personal data will take place on the owner’s and / or company servers third parties duly appointed as External Data Processors located within the European Union. Personal data may be transferred abroad, in accordance with the provisions of current legislation, also in Countries outside the European Union. Transfer to non-EU countries in addition to the cases in which this is guaranteed by the Adequacy Decisions of the Commission, is carried out so as to provide appropriate and appropriate Warranties pursuant to articles 46 or 47 or 49 of the Regulation.

Rights of the interested parties: As an interested party, the user can exercise, at any time, the rights provided for in articles 15, 16, 17, 18, 20 and 21 of the GDPR which confer, in particular, the faculty of:

a) obtain from the Data Controller, pursuant to of Article 15, the confirmation that treatment of one’s own is in progress personal data and, in this case, obtain access to the data itself and to information such as: (i) the purposes of the processing; (ii) the categories of data personal; (iii) the recipients or categories of recipients to whom the data personal data have been or will be communicated, in particular if it is recipients located in Third Countries or International Organizations; (iv) when possible, the period of retention of personal data provided or, if it is not possible, the criteria used to determine this period; b) obtain from the Data Controller, pursuant to of Article 16, the correction of inaccurate personal data concerning him without undue delay; taking into account the purposes of the processing, the data subject has the right to obtain the integration of personal data incomplete, even providing a supplementary statement; c) obtain from the Data Controller, pursuant to of Article 17, the deletion of personal data concerning him without unjustified delay. The owner has the obligation to cancel, without unjustified delay, personal data if one of the indicated reasons exists by paragraph 1 of Article 17; d) obtain from Data Controller, pursuant to Art. 18, the limitation of the treatment when one of the hypotheses governed by paragraph 1 of Article 18 occurs; e)obtain from the Data Controller, pursuant to of Article 20, the portability of data ie receiving in a format structured, commonly used and readable by an automatic device, personal data concerning you provided to a Data Controller. The interested party has also the right to transmit such data to another Data Controller of unimpeded processing by the first owner to whom it was provided, if the conditions indicated in Article 20 paragraph 1 are met. Finally, the interested party has the right to obtain direct data transmission personal data from one Data Controller to the other, if technically feasible; f) object, in whole or in part, pursuant to Article 21, to processing of personal data concerning him.

For information the exercise of their rights the user can transmit his own requests to info@chevalfirenze.com. Please note, furthermore, that the interested party has the right to revoke the consent in any moment without jeopardizing the lawfulness of consent-based treatment lent before revocation, without prejudice to the consequences indicated above about a refusal to provide such personal data. The interested party has also the right to lodge a complaint with a Supervisory Authority. can he make requests regarding the exercise of these rights by contacting the address: info@chevalfirenze.com .

Cheval Firenze undertakes to respond to the requests of the interested party by term of one month, except for the particularly complex cases for which it could take a maximum of three months. In any case, the Data Controller will give evidence to the interested party of the reason for waiting within a month from the request. The outcome of the request will be provided in writing or in a format electronic. In the event of a request for correction, cancellation as well treatment limitation, the Data Controller undertakes to communicate the results of requests received by the interested party a each of the recipients of your data, unless this proves impossible or involves a disproportionate effort. The specific company that can be requested to the interested party a possible contribution if the questions are found manifestly unfounded, excessive or repetitive; in this regard the Owner of the Treatment will be equipped with a register to track the requests of intervention.

Changes to this information: The owner of the treatment reserves the right to make changes to this Privacy Policy at any time by giving users publicity on the site www.chevalfirenze.com. Please therefore check this page often. taking as reference the date of last modification indicated at the end of the document. In the event of failure to accept the changes made to the this Privacy Policy, the interested party can request to the Owner of processing of personal data. Unless otherwise specified, the previous Privacy Policy will continue to apply to the data personal up to that point collected.

Privacy Policy updated on 03/20/2019.