The Data Controller is the company Daiko S.r.l. with registered office in Viale Felissent 84/D, 31100 Treviso (TV), C.F. e P.IVA IT04907220265, R.E.A. n. 416562, hereinafter also "Data Controller" or only “Controller”.
The personal data processed through the Website are the following:
By means of the Website, the User may voluntarily provide personal data such as, for example:
The Data Controller shall process personal data in compliance with the Applicable Law, assuming that they refer to the User or to third parties (in particular, customers or potential customers) who have expressly authorised the User to provide them or whose personal data that the User was entitled to provide. With respect to these assumptions, the User undertakes to indemnify and hold harmless the Data Controller from any dispute, claim or request for compensation for damage caused by the processing of personal data that may be received from such third parties.
||The implementation of pre-contractual measures taken at the User’s request and/or the contract to which the User is a party [art. 6 (1)( b), of the GDPR].|
||The compliance with legal obligations to which the Data Controller is bound [Article 6(1)(c) of the GDPR].|
|Carrying out marketing/promotional activities by sending, by e-mail, promotional/marketing proposals and/or communications and, in any case, sending promotional/marketing communications concerning Daiko S.r.l. and/or the products of the latter.||The data subject’s consent to process the User’s personal data [art. 130 of Legislative Decree No. 196/2003 (so-called “Privacy Code”) - art. 6, (1)(a), of the GDPR].|
|Verifying any fraudulent or illegal use of the Store and/or the Website in general and ensure its security and functionality in the interest of the Users and the Data Controller.||The legitimate interest of the Data Controller and the Users themselves to prevent or identify any fraudulent or otherwise illegal use of the Store, and the Website in general [art. 6(1)(f) of the GDPR].|
|Carrying out research/statistical analysis on aggregate or anonymous data, without therefore being able to identify the User, to measure traffic and assess usability and interest with respect to the Store and the Website in general.||The legitimate interest of the Controller to verify the usability and appeal of the Store and of the Website in general [art. 6(1)(f) of the GDPR].|
|Ascertaining, exercising, or defending legal claims or whenever courts are acting in their judicial capacity.||The legitimate interest to ascertain, exercise, or defend legal claims or whenever the courts are acting in their judicial capacity [art. 6(1)(f) of the GDPR].|
Personal data are processed with manual and/or paper-based and/or computer-based and/or telematic instruments and/or supports, in any case in such a way as to guarantee their security and confidentiality. To this end, the Data Controller has adopted and implements security measures, both technical and organisational, appropriate to the level of risk related to the processing of personal data carried out.
In particular, the Website functionality is provided on HTTPS encrypted connection and personal data are collected, filed, and stored on secure servers, protected by firewalls, and physically located within the European Union.
The Data Controller's hosting provider's servers, Digital Ocean LLC, are located within the European Union. Despite this circumstance, it is not possible to exclude a transfer of personal data in countries outside of the E.U. (in particular, the United States of America) considering the fact that the hosting provider's registered office is located in the American territory. The Data Controller, in accordance with art. 46, par. 2(c) of the GDPR and the indications provided by the competent Authorities, has entered into a specific agreement with the aforementioned hosting provider, the Data Processing Agreement (hereinafter, "DPA"), of which the standard contractual clauses most recently approved by the European Commission are integral part, in order to offer data subjects adequate guarantees regarding the level of protection of Users' personal data.
The User's personal data or provided by the User will be kept for a period not exceeding the one necessary for the pursuit of the purposes indicated above and for which they are processed.
In particular, personal data will be kept for the period necessary to provide feedbacks to any requests for information and/or clarifications received and, in any case, for a period not exceeding 10 years from the moment the user provided those personal data, in fulfilment of the legal obligations to which the Data Controller is bound. This maximum retention period may be extended, where the conditions are met, in order to allow the User to exercise and defend a right in court or whenever the Judicial Authority exercises its functions and/or at the request of the latter. In no case will the data relating to the User's credit card or other payment instrument be stored in order to facilitate further online transactions.
With regard to the processing of personal data for promotional/marketing purposes, these data will be kept for a period of maximum 24 months from the moment the User provided the consent to process his/her personal data for marketing purposes. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
We inform the User that, as the data subject, he/she is entitled:
The Data Controller shall inform each of the recipients to whom the User’s personal data have been transmitted of any rectification, cancellation and/or restriction of processing carried out, except when this proves impossible or involves a disproportionate effort.
If the User wishes to lodge a complaint, he/she may use the forms available on the website of the Italian Data Protection Authority.
Last update: 28.11.2022