Privacy policy

Premise
This page describes how to manage this site with reference to the processing of personal data of users who consult it and who use the related services offered by the same, in compliance with art. 13 Legislative Decree 30/6/2003 n. 196 and of the art. 13 EU Regulation no. 2016/679 (for brevity of the Regulation).
This information can be consulted by selecting the appropriate link at the bottom of all the pages of the site. The processing of personal data means any operation or set of operations carried out with or without the aid of automated processes and applied to personal data, such as the collection, registration, organization, structuring, storage, adaptation or the modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, pseudonymisation, cancellation or destruction.
Users wishing to send data via the site are advised to carefully read the content of this privacy policy before providing their personal data.

General informations
The consultation of the site can take place as a simple visitor or as a registered user. To proceed with registration, the user must complete the registration procedure referred to in the conditions of use available on the site. The registration procedure on the site necessarily involves the insertion of the user's personal data, which will be processed in compliance with and in compliance with this privacy policy and the regulations referred to therein.
In particular, the data processing will be carried out in compliance with the principles of lawfulness, correctness, transparency, accuracy, integrity and confidentiality pursuant to article 5 of the Regulation, guaranteeing the protection of the user's rights provided for by articles. 12-22 of the same Regulation.
In case of disagreement by the user with respect to the content of this privacy policy, the user is invited not to proceed with the procedure for registering his data on this site.

Owner and manager of the treatment
The Data Controller is ATELIER FIL À FIL SRLS - Via Garibaldi 74, 44121 - Ferrara (FE) - VAT number 01950940385
The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.
The Data Controller and Data Processor are responsible for adopting decisions regarding the purposes and methods of data processing, as well as the appropriate technical and organizational measures to adopt pursuant to Article 32 of the Regulation, to ensure that the processing of the data is carried out in accordance with the provisions of the latter.
Purpose of the treatment
User data is collected and used exclusively for the purposes summarized below:

  1. account creation and activation on the site;
  2. conclude contracts for the Controller's services;
  3. operation and access to the services provided by the Data Controller and reserved for the registered user;
  4. registration on the site for the use of the related services;
  5. sending to the e-mail address provided by the user of discount coupons or promotions that can be used when sending the purchase order for the selected products;
  6. sending, via the e-mail address provided by the user, the answers to the questions and / or requests for clarifications made by the user himself, about any products marketed and the services offered by the site;
  7. processing of statistics in anonymous form

Only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Marketing Purposes:

  • send you via e-mail, post and / or sms and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and survey of the degree of satisfaction with the quality of services;
  • send you commercial and / or promotional communications from third parties (for example, business partners, insurance companies, etc.) via e-mail, post and / or sms and / or telephone contacts.

Types of data processed
The Data Controller collects, manages and stores the identification, personal and sensitive data of the User, who, by freely providing his data, declares his will to become a Registered User following the completion of the registration process provided for on the site.

User data
The identification and personal data of the user are collected exclusively for the purposes described above. The processing of data in addition to having as its object personal data (by way of example only name, surname, e-mail address), may also include sensitive data.

Sensitive data
When registering, the user can provide data of a sensitive nature such as information suitable for revealing his racial and ethnic origin.

  • Data provided voluntarily by the user electronically
  • The data that the user spontaneously communicates to the Data Controller using the e-mail address info@atelierfilafil.it, will be processed in compliance with the principles of correctness, lawfulness, transparency and adequacy to which the treatment must be conformed, in order to guarantee the protection of privacy and user rights.

These data are used for the sole purpose of carrying out the service and / or performance requested by the user and may be disclosed to third parties only if this is strictly necessary for the execution of the user's request.

Data communication
The user's personal data may be communicated to specific subjects, appointed by the Data Controller to supply services that are instrumental or necessary for the execution of the obligations connected with registering on the site and purchasing online, within the limits and in accordance with the instructions given.
In particular, the data may be disclosed to:

  1. persons, companies or professional firms, which provide - by way of example - assistance, consultancy or collaboration to the Data Controller in accounting, administrative, legal, tax and financial matters;
  2. third parties (couriers, shippers) in charge of packaging, shipping and / or delivery of the products ordered by the registered user;
  3. all those subjects (including public authorities) who have access to personal data by virtue of regulatory or administrative measures.

Processing methods
The user's data will be stored both on computer media and, where necessary, on paper supports in compliance with the provisions contained in the Regulations: they will be processed through registration, consultation, communication, storage, cancellation, rectification, updating operations, carried out mainly with the aid of electronic tools, ensuring the use of adequate measures to guarantee the security of the data processed and the confidentiality of the same.
Following periodic checks, the Data Controller will verify the strict relevance and non-excess of the data
collected with respect to the obligations and purposes of the processing.
The user will be held responsible for the accuracy of the data; it is therefore up to the user to verify the correctness of the data concerning him and, if necessary, to rectify, update or, in any case, modify the data during the processing.
The user's data are stored and processed for the time necessary to perform the services requested by the user in compliance with the purposes listed above in this information, in compliance with civil, fiscal and tax obligations.
In the event of cancellation of the user's account disabling, the user's data will be kept only for the time necessary and required to fulfill specific legal obligations on the conservation of accounting and tax documentation.

User rights
The subjects to whom the personal and identification data processed refer enjoy the rights provided for by the Regulations which are summarized below:

  • ask the Data Controller for access to personal data concerning him;
  • obtain the indication of the origin of the data, of the purposes of the processing, of the logic applied in case of processing carried out with the aid of electronic instruments, of the identification details of the owner, of the data processors and of the designated representative;
  • obtain the indication of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representatives in the territory of the state, managers or agents;
  • obtain the updating, rectification or, when interested, the integration of data;
  • the cancellation, transformation into anonymous form or pseudonymisation or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed;
  • lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority on garanteprivacy.it;

object in whole or in part for legitimate reasons to the processing of data concerning him, even if pertinent to the purpose of the collection.

  • by registered letter to ATELIER FIL À FIL SRLS - Via Garibaldi 74, 44121 - Ferrara (FE);
  • by e-mail at info@atelierfilafil.it

Security measures
The Data Controller adopts adequate security measures, in compliance with the provisions of the Regulation, in order to minimize the risks of destruction or loss - even accidental - of data, unauthorized access or processing that is not permitted or does not comply with the purposes of collection indicated in this Privacy Policy.

Data Breach
In the event of a computer accident involving the violation of the data processed, the Data Controller, pursuant to Article 33 of the Regulation, is responsible for communicating and notifying the fact to the Guarantor within 72 hours from the moment in which he became aware of it and at his address of e-mail following the instructions available on the site https://web.garanteprivacy.it/rgt/NotificaTelematica.php