to consult the Cookies Policy click here
The address of our website is: https://www.marluc.it.
- This section contains information relating to the management methods of Marluc.it with reference to the processing of data of Marluc.it users
- The information is provided only for Marluc.it and not for other websites that may be consulted by the user through links contained therein.
II. Data processing
1 – Data Controller
- The owner of the Data Processing is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes or means of the processing of personal data. It also deals with security profiles.
- With regard to this website, the data controller is: Maria Gelido and for any clarification or exercise of rights, the user can contact her at the following e-mail address: firstname.lastname@example.org
2 – Responsible for data processing
- The data controller is the natural or legal person, public authority, service or other body which processes personal data on behalf of the Data Controller
- Pursuant to art. 28 of Regulation (EU) no. 2016/679, upon the appointment of the data owner, the person in charge of processing the Marluc.it site is: Maria Gelido, who can be contacted at email@example.com
3 – Place of Data Processing
- The processing of data generated by the use of Marluc.it takes place at via Roma, 6 Treviolo (BG).
- In case of need, the data connected to the newsletter service can be processed by the person in charge of the treatment or by subjects appointed by him for this purpose, at the relevant office.
4 – Duration of the Treatment
Except as reported below for navigation data, specific indications about the data retention period are contained in the information pursuant to Article 13 of the GDPR.
NAVIGATION DATA – COOKIES
1. In the event of a visit and consultation of this Site, Marluc.it generally collects navigation data through cookies or other tracking technologies. The technological platform through which the Site is made available to the user automatically records some browsing data – the transmission of which is implicit in the use of Internet communication protocols – such as, for example, the name of the access provider to Internet network, Site of origin, pages visited, date and duration of the visit, etc. This information allows access to the Marluc.it site as well as the use of some services and can be used anonymously and aggregated for statistical purposes and to verify the correct functioning of the Marluc.it site. Marluc uses them to facilitate access to online services, authenticate the user if it is a previously registered user, store the items placed in the shopping cart, study the habits and consumption choices of users in order to make the products and initiatives that best meet the tastes and needs of its customers.
2. The navigation data are kept for no more than 7 days, and are deleted immediately after their aggregation (with the exception of specific needs in the context of legal proceedings)
1 – Type of cookies
2. A cookie consists of a reduced set of data transferred to the user’s browser from a web server and can only be read by the server that made the transfer. It is not executable code and does not transmit viruses.
3. Cookies do not record any personal information and any identifiable data will not be stored. If you wish, you can prevent the saving of some or all cookies. However, in this case, the use of the site and the services offered could be compromised. To proceed without changing the options relating to cookies, simply continue browsing.
The following are the types of cookies that the site uses:
2 – Technical Cookies
1. There are numerous technologies used to store information on the user’s computer, which are then collected by the sites. Among these, the best known and used is that of HTML cookies. They are used for navigation and to facilitate the access and use of the site by the user. They are necessary for the transmission of communications on the electronic network or for the supplier to provide the service requested by the customer.
2. The settings to manage or disable cookies may vary depending on the internet browser used. In any case, the user can manage or request the general deactivation or cancellation of cookies by modifying the settings of his internet browser. This deactivation may slow down or prevent access to some parts of the site.
3. The use of technical cookies allows the safe and efficient use of the site.
4. The cookies that are inserted in the browser and retransmitted through Google Analytics or through the blogger statistics service or similar, are technical only if used for the purpose of optimizing the site directly by the owner of the site, who can collect information in aggregate form on the number of users and how they visit the site. Under these conditions, the same rules apply to analytics cookies, in terms of information and consent, provided for technical cookies.
5. From the point of view of duration, temporary session cookies can be distinguished which are automatically deleted at the end of the browsing session and are used to identify the user and therefore avoid logging in to each page visited. Permanent cookies, on the other hand, remain active on the device until they expire or are deleted by the user.
6. Session cookies may be installed in order to allow access and stay in the reserved area of the portal as an authenticated user.
7. They are not stored permanently, but only for the duration of the navigation until the browser is closed and disappear when the browser is closed. Their use is strictly limited to the transmission of session identifiers consisting of random numbers generated by the server necessary to allow safe and efficient exploration of the site.
3 – Third party cookies
1. In relation to the origin, the cookies sent to the browser directly from the site being visited are distinguished from those of third parties sent to the device by other third party sites.
2. Permanent cookies are often third party cookies.
3. Most third-party cookies consist of tracking cookies used to identify online behavior, understand interests and then customize advertising proposals for users.
4. Third-party analytical cookies may be installed. They are sent from the domains of the aforementioned third parties external to the site.
5. Third-party analytical cookies are used to detect information on user behavior on Marluc.it. The survey takes place anonymously, in order to monitor performance and improve the usability of the site. The IP addresses of users browsing the MArluc.it site are anonymized. The third-party profiling cookies are used to create profiles relating to users, in order to propose advertising messages in line with the choices made by the users themselves.
6. The use of these cookies is governed by the rules established by the third parties themselves, therefore, users are invited to read the privacy policies and information on third-party sites to manage or disable cookies.
4 – Profiling cookies
1. Profiling cookies are those that create profiles relating to the user and are used in order to send advertising messages in line with the preferences expressed by the user himself while surfing the net.
2. When these types of cookies are used, the user must give explicit consent.
3. Article 22 of Regulation (EU) 2016/679 and art. 122 of the Code regarding data protection.
IV. DATA PROCESSED
1 – Data processed
Like all websites, this site also makes use of log files in which information collected in an automated manner is stored during user visits. The information collected could be the following:
• internet protocol address (IP);
• type of browser and parameters of the device used to connect to the site;
• name of the internet service provider (ISP);
• date and time of visit;
• web page of origin of the visitor (referral) and exit;
• possibly the number of clicks.
2 – Data processing methods
1. The above information is processed in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons.
2. For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may also include personal data such as the IP address, which could be used, in compliance with applicable laws, in order to block attempts to damage to the site itself or to cause damage to other users, or in any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users. This information will be processed based on the legitimate interests of the Data Controller.
4. The information that the users of the site will deem to make public through the services and tools made available, are provided voluntarily and knowingly, exempting this site from any responsibility for any violations of the laws. It is up to the user to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.
5. The user’s personal data are processed by computer and telematic methods, mainly by electronic and automated means and, limited to particular operations, by paper support.
6. In compliance with the GDPR and applicable laws, specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
3 – Nature of the Contribution
With the exception of navigation data (collected automatically by the system), the provision of data by the user for the purposes indicated above is optional. Failure to provide data will have no consequence on your ability to access the features offered by the Store Site, except for the impossibility of proceeding with the purchase of products and / or sending requests for information and / or proceeding with ‘Subscribe to the newsletter.
4 – Purpose of data processing
PURPOSE OF THE TREATMENT
The data collected by this site during its operation are used for the following purposes:
1. Operational management of navigation on the Site;
2. Site security management;
3. Data request for marketing and / or advertising purposes by sending newsletters;
4. Data request for account activation;
5. Statistical processing;
6. Fulfillment of legal and regulatory obligations;
7. Exercise of rights in court;
8. Customer care;
9. Management of sales and transactions carried out in the context of the Site;
10. Management of orders, sale and delivery of products;
11. Management of returns and guarantees and other activities necessary for the sale of products through the Store Site;
12. Sending of the Marluc newsletter upon registration of users.
STORAGE OF DATA
Data retention will be carried out for the period strictly necessary to achieve the purposes indicated above and in any case not exceeding 2 years.
The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to reach indicated.
LEGAL BASIS OF THE PURPOSES
The legal basis for these purposes is:
• for the purposes referred to in points 1,2,3,4,5,8 it is the legitimate interest of the Data Controller
• for the purposes referred to in point 6.7 it is a legal obligation
• for the purposes referred to in point 9,10,11,12 it is the fulfillment of a contract of which the interested party is a party
5 – Data provided by the user
1. As indicated above, the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s e-mail address necessary to respond to requests.
2. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.
PERSONAL DATA PROVIDED VOLUNTARILY BY THE USER
Marluc collects and processes the personal data that the user voluntarily provides when interacting with the features and services of the Site, for example in the event of requests for information. In the sections of the Site where the user’s personal data are collected, specific information is published in accordance with Article 13 of the GDPR and applicable laws.
6 – Subjects involved in the treatment
1. The user’s personal data are processed by employees and collaborators of the Data Controller as subjects authorized for processing in accordance with the provisions of the GDPR.
2. The data may be brought to the attention of third parties such as professionals, consultants and more generally third parties who cooperate with Marluc for the pursuit of the aforementioned purposes, or third parties who have been entrusted with outsourcing activities.
3. In any case, Marluc undertakes to provide such third parties only with the data necessary for the performance of the functions and activities entrusted to them; also undertakes to do everything possible to ensure that third parties use the data received only for the purposes indicated by Marluc and in compliance with the applicable legislation on the processing of personal data.
4. The user’s personal data may be brought to the attention of third-party companies also in the event of a merger or spin-off, in the case of acquisitions, sale of a company or business unit or other corporate transactions of an extraordinary nature.
5. The user’s personal data may also be brought to the attention of legitimate recipients pursuant to the law or regulations, for example in the event of requests from the competent public authorities and judicial authorities or, more generally, in the scope of legal proceedings, as well as to protect and defend the Store Site and the rights of Marluc.
6. These subjects will process the data as independent data controllers or data processors as appropriate.
7. The updated list of all data recipients can be requested from the data controllers at the e-mail address firstname.lastname@example.org or by writing a letter to the addresses listed below.
7 – Support in configuring your browser
1. The user can manage cookies also through the settings of his browser. However, deleting the cookies from the browser could remove the preferences set for the store site.
2. For further information and support, you can also visit the specific help page of the web browser you are using:
• Internet Explorer
8 – Social Network Plugin
2. The collection and use of the information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer:
V. USER RIGHTS
1. Article 13, paragraph 2 of Regulation (EU) 2016/679 lists the user’s rights.
2. The Marluc.it site therefore intends to inform the user about the existence of these rights
3. One of the main rights that emerges for the interested party, reading the regulation, is to be informed; this right is general in scope and mainly concerns communications from the owner on various occasions, for example:
• In specific cases following a personal data breach. (Article 34)
• If the right of access provided for in Article 15 is exercised.
• If there is an automated decision, explaining its logic and consequences. (Article 22)
In all these situations, the data controller is obliged to disclose information on the processing of their data to the interested parties, but not only: the information must be provided in a clear, concise and understandable way even by those who do not chew the privacy topic, as the regulation says, intelligible.
But in addition to this right, implicitly recognized by several laws, there are others that help build the protection of the data subject regarding the protection of personal data.
Let’s see them one by one in their precious content:
a) Conditions for consent, Article 7
1. If the processing is based on consent, the data controller must be able to demonstrate that the data subject has given his consent to the processing of his personal data.
2. The interested party has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the treatment based on consent before the withdrawal.
Before giving his consent, the interested party is informed of this. Consent is withdrawn as easily as it is granted.
b) Right of access, Article 15
Based on this art. the interested party may request access to their personal data and in particular: I. purpose of the processing, II. categories of data, III. recipients to whom the data have been or will be communicated, IV. data retention period.
c) Right of rectification, Article 16
According to art. 16 the possibility of rectifying inaccurate data provided. It consists in giving the interested party the possibility to modify their data if they are inaccurate.
d) Right of cancellation, article 17
The art. 17 deals with the right to cancel data, transform it into anonymous form or block data processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected or subsequently processed.
e) Right to limitation of processing, article 18
The interested party has the right to obtain from the data controller the limitation of the processing when the data are inaccurate, the processing is unlawful.
f) Obligation to notify in case of rectification or cancellation of personal data or limitation of processing, Article 19
Right to obtain certification that the updating, rectification, integration, cancellation, blocking, transformation operations have been brought to the attention, also with regard to their content, to those to whom the data have been communicated or disseminated, except in the case in which this fulfillment proves impossible or involves a manifestly disproportionate use of means compared to the protected right.
g) Right to portability, Article 20
According to art. 20 of the GDPR, the right to data portability is guaranteed. This is a new feature of the GDPR. Provides that in the event that a processing is based on a contract or on consent, in the event of a request, their personal data are provided to the data subject in a structured and readable format by an automatic device (json, xml, csv). This right applies only to data provided spontaneously and not to those inserted or derived.
h) Right to Opposition, Article 21
The possibility of opposing the processing for legitimate reasons must be guaranteed when the legal basis is the legitimate interest or the execution of a task of public interest.
4. Requests can be addressed to the data controller, without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data, or by sending an email to email@example.com
5. In case of violation of the law, the user has the right to lodge a complaint with the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the processing in the Italian State.
VI. TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION
1. Transfers of personal data to countries outside the European Economic Area (EEA, i.e. EU + Norway, Liechtenstein, Iceland) or to an international organization are permitted provided that the suitability of the third country or organization is recognized by decision of the European Commission (Article 45 of EU Regulation 2016/679).
2. The data will not be transferred for any reason outside the country or the European Union, as Marluc is based in Italy and employs professionals and consultants based exclusively in Italy.
VII. LINKS TO THIRD PARTY SITES AND SERVICES
2. Marluc therefore invites users to pay attention in adhering to the services offered by third parties and to read the information provided by the third party regarding the processing of personal data carried out by the same, in relation to which Marluc cannot carry out any checks, nor be held responsible.
VIII. DATA SECURITY PROVIDED
1. This Site processes user data in a lawful and correct manner, adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data. The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
2. In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators and accountants) or external subjects (such as suppliers) may have access to the data. technical services of third parties, postal couriers, hosting providers, IT companies, communication agencies and consultancy and / or accounting agencies)
IX. CHANGES TO THIS DOCUMENT
4. In the case of significant changes or updates, these will be reported with specific notifications to users
5. Previous versions of this document will still be available on this page.
6. This document was updated on 20/02/2021 to comply with the relevant regulatory provisions, and in particular with Regulation (EU) 2016/679
Last updated: 20/02/2021