Information on the processing of personal data (Art. 13 of European Regulation 679/2016 - GDPR)
1. WHO IS THE DATA CONTROLLER?
The company Fathers Italia srl, C.F. / P. IVA 16792941003 in the person of the legal representative p.t. domiciled for the office at the registered office located in Rome at Via Crescenzio No. 9 CAP 00193, registered at the CCIAA of Rome REA RM1677022 pec: firstname.lastname@example.org (for brevity hereinafter referred to only as "the Company", as owner of the domain https://www.fatherswatches.it/ , as well as the domains and sub- domains linked to it (for brevity hereinafter referred to only as "the Site"), issues this notice, pursuant to Article 13 of the GDPR, in its capacity as the Data Controller.
Contact details in brief
Name: Fathers Italia srl , VAT No.: 16792941003
Registered office: Rome at Via Crescenzio No. 9
Email address: email@example.com
Pec address: firstname.lastname@example.org
2. WHAT ACTIVITY DOES THE DATA CONTROLLER CARRY OUT?
The Data Controller through the site carries out the business of electronic commerce in the field of watchmaking.
3. WHAT DATA DOES THE DATA CONTROLLER COLLECT?
The Data Controller mainly collects data provided directly by the data subject, which is necessary for the conclusion of the contract for the purchase of products through the Site. In particular, the following personal data may be requested, including but not limited to: first name, last name, mail address, social security number, delivery address, landline and mobile phone number, and information on means of payment. Personal data for sending commercial communications, mailing lists or newsletters may also be requested, subject to consent: first name, last name, e-mail address. The Site collects browsing data (IP addresses, URIs) related to the user. This data is collected by the Owner in an anonymous form and for statistical purposes only.
4. WHAT ARE THE PURPOSES OF THE TREATMENTS CARRIED OUT?
The data controller collects personal data for the following purposes:
(a) Validly conclude the contract by which the Customer makes purchases through the Site;
(b)To enable the Holder to perform the same contract and, in particular, the services it is obligated to perform under the same as specified in the General Conditions of Contract;
(c) Send the newsletter and/or other informative communications to the Client;
(d) Collection of data for statistical and/or marketing and/or profiling activities including by means of cookies;
e) Eventuale esercizio del diritto di difesa in giudizio e/o in tutte le sedi competenti.
5. WHAT ARE THE LEGAL BASES OF THE TREATMENTS CARRIED OUT?
The lawfulness of the processing carried out, in accordance with Article 6 GDPR are as follows:
Primarily, users' personal data are processed as they are necessary to finalize the contract between the Customers - Interested Parties and the Controller thus enabling the Controller to perform its services accurately. The Customer's request for information also falls under the same legal basis.
In such cases, the legal basis is precisely the execution of a contract to which the data subject is a party (art. 6 lett b GDPR) and in this case, pursuant to art. 13 par. 2 lett. e) of the GDPR, the data subjects are made aware that the communication of personal data is necessary for the conclusion of the contract and that, in the absence thereof, the finalization of orders through the Site cannot proceed.
Some of the personal data provided by the data subject are processed because of legal and tax obligations incumbent on the company (Art. 6 lett. e GDPR).
Personal data may also be processed on the basis of the consent of the data subject, when their processing pursues the purposes that presuppose it for example for sending the newsletter or for installing certain non-technical cookies. In such cases, the consent of the data subject, which can be revoked at any time, is always required under Art. 6 lett. a GDPR.
6. HOW IS PERSONAL DATA PROCESSED?
Data subjects' personal data are processed in such a way as to: "Ensure adequate security of personal data, including protection, by appropriate technical and organizational measures, from unauthorized or unlawful
processing and accidental loss, destruction or damage ("integrity and confidentiality")" (Art. 5 letter f GDPR).
Data are collected primarily by electronic means, and subsequent processing may involve storage, consultation, communication, archiving, and any other operations necessary for the above purposes.
All operations concerning personal data are carried out in compliance with the principles of the EU Regulation 679/2016, as well as with the regulations set forth in D. Lgs. 101/2018 and D. Lgs. 196/2003. In particular, appropriate technical measures are in place on the Site through the use of secure and encrypted connections (security certificate issued by Let's Encrypt Authority and HTTPS protocol).
Personal data collected on the Site are processed by ensuring a level of security appropriate to the risk, in accordance with the principles of privacy by design and privacy by default under Article 25 of the GDPR, ensuring the confidentiality, integrity and availability of the data to the data subject.
7. WHO ARE THE RECIPIENTS OF THE PROCESSED DATA?
Personal data collected by the Owner, in addition to the Owner itself, may also be processed by different parties. In particular, personal data collected on the Site may be processed by:
a) Appointees of the Owner and/or authorized by the Owner: are those individuals instructed by the Owner who have specific authorization to process certain data for in the manner and within the limits defined by the Owner;
b) Processors ex art. 28 GDPR: third parties who carry out processing on behalf of the Controller. The relationship between the Data Controller and any Processors is governed by specific contractual regulations. The identification of the Processors is made only after verification of sufficient guarantees to put in place the appropriate technical and organizational measures.
(c) Entities and/or generically entities that perform ancillary and instrumental tasks with respect to the Holder's business (e.g., payment data processors);
d) Public or private parties who, in compliance with legal obligations, can access the data;
8. WHERE IS THE TREATMENT CARRIED OUT?
Processing is carried out at the Holder's registered office and/or at the Holder's operational offices. When expressly indicated: one or more processing operations may be carried out at third parties designated as data processors.
9. HOW LONG IS PERSONAL DATA KEPT FOR?
Personal data necessary for the completion of the contract and access to the service offered by the Holder, including tax data, are processed and stored for two years from the confirmation of the purchase corresponding to the deadline for any warranty activation. Personal data released through the data subject's consent are processed until the data subject withdraws his or her consent.
10. AUTOMATED DATA PROCESSING
10.1 Servizio newsletter Mailchimp: the Holder's newsletter/mailing list service is provided, subject to the express consent of the data subject, through the third-party tool "Mailchimp" to which the contact data (first name, last name, email) necessary to carry out this service are therefore communicated. This processing takes place in the USA at the company.
The mailing service is carried out under the following conditions: https://mailchimp.com/it/legal/terms/
10.2 Google Analytics 4: collects, through session and persistent cookies, aggregate data such as the number of users and the way they use the Site. The service is provided by the company Google Ireland Ltd for the sole purpose of statistical monitoring of users' activities on the Site. The monitoring is done using anonymized IP address, without storing personal data. This processing takes place in Ireland.
Specific information can be acquired at the sites:
In addition, the user can disable the action of Google Analytics through the following link:
10.3 Google ADS: service provided by Google Ireland Ltd that places the Site within the Google advertising network. The use of this service, by means of cookies, allows to show you advertisements based on your personal interests, identified by tracking your behavior on the network. These features can be permanently disabled by disabling the "personalized advertising" feature in your Google account. To do so, simply follow the link: https://www.google.com/settings/ads/onweb/This treatment takes place in Ireland.
You can disable listings through the following links:
10.5 Vimeovideo upload and playback service provided by Vimeo.com, INC. Through the Vuid cookie, Vimeo associates an ID with a user for the duration of two years. More information at: https://vimeo.com/cookie_policy.
11. WHAT ARE THE RIGHTS OF DATA SUBJECTS?
Pursuant to European Regulation 679/2016 (GDPR) Articles 15-22, the following rights are
guaranteed to data subjects:
12. HOW CAN THE DATA SUBJECT EXERCISE HIS/HER RIGHTS?
A data subject may exercise the above rights by contacting the owner directly at
The data subject also has the right to lodge a complaint with the "Garante per la protezione dei dati personali", following the directions published on the Authority's website: www.garanteprivacy.italternatively, the data subject may lodge a complaint with another competent European Privacy Authority located in the place of the data subject's habitual residence or domicile in Europe, following the appropriate procedures;
14. AMENDMENTS TO THIS POLICY
The Data Controller reserves the right to modify this information on the processing of personal data, in order to comply with legal obligations, by publishing it on this page and/or possibly communicating the changes made to the interested parties.
Last updated: 12/21/2022