Policy – Request service on points of sale and stores
- 19 June 2018
This is an information note also pursuant to art. 13 of Legislative Decree no. 196 of June 30, 2003, “Law regarding the protection of personal data” and art. 13 of Regulation (EU) 2016/679 “GDPR”.
The Mirage Srl information request is sent by e-mail to those who explicitly request it, filling out the form and authorizing Mirage Srl to process their personal data.
The provision of data is optional. The refusal to provide data implies the impossibility of obtaining the service requested information on points of sale and shops.
PURPOSE OF THE TREATMENT
The personal data provided by users are used for the sole purpose of sending the request to stores and stores and are not transferred to third parties.
METHODS FOR DATA PROCESSING
The collected data are processed using computer tools.
Appropriate security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
Following this website navigation, data relating to identified or identifiable individuals may be processed.The “data controller” is Mirage Srl, with registered office in Via DegliSpeziali, 161 – Blocco 32 Centergross 40050 – Funo di Argelato (Bo), VAT NO. 00659531206 –Tax Code 03768140372, email address email@example.com
Mirage Srl is Responsible for the processing asthe Data Controller pursuant to Article 29 of the Law regarding the protection of personal data.
DATA PROCESSING LOCATION
Processing connected to the web services of this site takes place at the headquarters in Via Degli Speziali, 161 – Blocco 32 Centergross 40050 – Funo di Argelato (Bo) and is only handled by technical staff of the Department in charge of processing. The data controller processes the personal data of the users by adopting the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. Processing is carried out using IT and / or telematic tools, following organizational procedures and modesstrictly related to the purposes indicated. In addition to the data controller, in some cases, staff involved in the organization may have access to personal data (administration, sales, marketing, legal, system administration) as well as external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communications agencies) which could be appointed, if necessary, as data processors by the data controller. The updated list of the data processors can always be requested to the data controller.
Personal data voluntarily provided by the data subject will be processed by the Data Controller and kept for a period of 5 years.
At the end of the fifth year, the system will send an e-mail to the data subject who, freely and according to his/her will, can express his/her consent to the continuation of processing according to the services for which he/she had previously consented.
Failure to renew the consent to the processing of data will make it impossible to continue to use the services.
RIGHTS OF THE DATA SUBJECT
The subjects to whom personal data refers have the right at any time to obtain confirmation about the existence or otherwise of such data and to be informed aboutits content and source, to verify its accuracy or request its integration or updating, or correction (article 7 of the Lawon protection of personal data).
In accordance with Regulation (EU) 2016/679, the data subject hasthe right to:
– art. 15 – obtain from the data controller confirmation as to whether or not personal data concerning him/her are being processed, and, where that is the case, access to the personal data and other specific information;
– art. 16 – obtain from the data controller without undue delay the rectification of inaccurate personal data concerning him/her;
– art. 17 – obtain from the data controller the deletion of personal data concerning him/her without undue delay;
– art. 18 – obtain the restriction ofprocessing in specific cases;
– art. 20 – receive the personal data concerning him/her in a structured, commonly used and machine-readable format;
– art. 21 – object at any time to the processing of personal data concerning him/her for marketing purposes (commercial communications sent by the data controller).
To exercise any of the rights set out above, the data subject can send an email to firstname.lastname@example.org. The data controller willacknowledgereceipt and will respond to his/her request within 30 (thirty) days. Pursuant to art. 19, the requests relating to the rights referred to in Articles 16, 17 and 18 will be transmitted by the data controller to the concerned subjects.
Right to lodge a complaint with a supervisory authority
The data subject has also the right to raise a complaint to the competent Supervisory Authority -Data Protection Supervisor – to the following Certified Electronic Mail: email@example.com
According to the same article, you have the right to request deletion, transformation into anonymous form or blocking of data processed in violation of the law, as well as to object in any case, for legitimate reasons, to their processing.
Requests should be addressed:
– by e-mail, to the email address: firstname.lastname@example.org
– or by post, to Mirage Srl, with registered office in Via DegliSpeziali, 161 – Blocco 32 Centergross 40050 – Funo di Argelato (Bo), VAT NO. 00659531206 –Tax Code 03768140372, email address email@example.com
DELETING OF SERVICE
To no longer be subscribed to the request service on points of sale and stores, you can proceed in the following ways:
Go to the following page https://www.hatyou.com/en/gdpr-en/, enter the email and request your personal data to Mirage Srl. A link will be sent via email with instructions.
Send an email to the address: firstname.lastname@example.org
In case of problems, send a report via e-mail to the address: email@example.com