This Privacy Policy refers to the website https://www.daikowelding.com and to the webpages and/or third-level domains connected to it (hereinafter, the "Website”, in particular https://store.daikowelding.com (hereinafter, the "Store"), and it does not concern other websites that may be consulted by clicking links that redirect to other external websites. In accordance with the European Regulation on Data Protection [Regulation (EU) 2016/679, hereinafter also "GDPR"] and the relevant Italian legislation (hereinafter, collectively, the "Applicable Law"), this Privacy Policy is provided to the individual who interacts with the Website, consulting its pages (hereinafter, the “User” or “Users”).
With respect to cookies, please refer to the Cookie Policy. The latter is integral part of this Privacy Policy and available at the link that the User can find in the footer of the Website.
The Data Controller is the company Daiko S.r.l. with registered office in Viale Felissent 84/D, 31100 Treviso (TV), C.F. e P.IVA IT04907220265, R.E.A. n. 416562, hereinafter also "Data Controller" or only “Controller”.
For any clarification, information, exercise of the rights listed in this Privacy Policy, the User can contact the Data Controller at the following contact details: tel. +39 0422893167, e-mail:
The personal data processed through the Website are the following:
By means of the Website, the User may voluntarily provide personal data such as, for example:
The Data Controller shall process personal data in compliance with the Applicable Law, assuming that they refer to the User or to third parties (in particular, customers or potential customers) who have expressly authorised the User to provide them or whose personal data that the User was entitled to provide. With respect to these assumptions, the User undertakes to indemnify and hold harmless the Data Controller from any dispute, claim or request for compensation for damage caused by the processing of personal data that may be received from such third parties.
PURPOSES | LEGAL BASIS |
---|---|
|
The implementation of pre-contractual measures taken at the User’s request and/or the contract to which the User is a party [art. 6 (1)( b), of the GDPR]. |
|
The compliance with legal obligations to which the Data Controller is bound [Article 6(1)(c) of the GDPR]. |
Carrying out marketing/promotional activities by sending, by e-mail, promotional/marketing proposals and/or communications and, in any case, sending promotional/marketing communications concerning Daiko S.r.l. and/or the products of the latter. | The data subject’s consent to process the User’s personal data [art. 130 of Legislative Decree No. 196/2003 (so-called “Privacy Code”) - art. 6, (1)(a), of the GDPR]. |
Verifying any fraudulent or illegal use of the Store and/or the Website in general and ensure its security and functionality in the interest of the Users and the Data Controller. | The legitimate interest of the Data Controller and the Users themselves to prevent or identify any fraudulent or otherwise illegal use of the Store, and the Website in general [art. 6(1)(f) of the GDPR]. |
Carrying out research/statistical analysis on aggregate or anonymous data, without therefore being able to identify the User, to measure traffic and assess usability and interest with respect to the Store and the Website in general. | The legitimate interest of the Controller to verify the usability and appeal of the Store and of the Website in general [art. 6(1)(f) of the GDPR]. |
Ascertaining, exercising, or defending legal claims or whenever courts are acting in their judicial capacity. | The legitimate interest to ascertain, exercise, or defend legal claims or whenever the courts are acting in their judicial capacity [art. 6(1)(f) of the GDPR]. |
Personal data are processed with manual and/or paper-based and/or computer-based and/or telematic instruments and/or supports, in any case in such a way as to guarantee their security and confidentiality. To this end, the Data Controller has adopted and implements security measures, both technical and organisational, appropriate to the level of risk related to the processing of personal data carried out.
In particular, the Website functionality is provided on HTTPS encrypted connection and personal data are collected, filed, and stored on secure servers, protected by firewalls, and physically located within the European Union.
The Data Controller's hosting provider's servers, Digital Ocean LLC, are located within the European Union. Despite this circumstance, it is not possible to exclude a transfer of personal data in countries outside of the E.U. (in particular, the United States of America) considering the fact that the hosting provider's registered office is located in the American territory. The Data Controller, in accordance with art. 46, par. 2(c) of the GDPR and the indications provided by the competent Authorities, has entered into a specific agreement with the aforementioned hosting provider, the Data Processing Agreement (hereinafter, "DPA"), of which the standard contractual clauses most recently approved by the European Commission are integral part, in order to offer data subjects adequate guarantees regarding the level of protection of Users' personal data.
For more information on data transfers, including obtaining a copy of the DPA, the User can contact the Data Controller at the following e-mail addresses:
The User's personal data or provided by the User will be kept for a period not exceeding the one necessary for the pursuit of the purposes indicated above and for which they are processed.
In particular, personal data will be kept for the period necessary to provide feedbacks to any requests for information and/or clarifications received and, in any case, for a period not exceeding 10 years from the moment the user provided those personal data, in fulfilment of the legal obligations to which the Data Controller is bound. This maximum retention period may be extended, where the conditions are met, in order to allow the User to exercise and defend a right in court or whenever the Judicial Authority exercises its functions and/or at the request of the latter. In no case will the data relating to the User's credit card or other payment instrument be stored in order to facilitate further online transactions.
With regard to the processing of personal data for promotional/marketing purposes, these data will be kept for a period of maximum 24 months from the moment the User provided the consent to process his/her personal data for marketing purposes. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.
We inform the User that, as the data subject, he/she is entitled:
The Data Controller shall inform each of the recipients to whom the User’s personal data have been transmitted of any rectification, cancellation and/or restriction of processing carried out, except when this proves impossible or involves a disproportionate effort.
As data subject, the User may exercise the above-mentioned rights at any time by sending an e-mail to the following e-mail addresses: e-mail
If the User wishes to lodge a complaint, he/she may use the forms available on the website of the Italian Data Protection Authority.
This Privacy Policy may be amended and/or integrated and/or updated periodically, also as a consequence of the updating of the Applicable Law.
In this case, the Data Controller shall inform the User of any amendments and/or additions and/or updates to this Privacy Policy by publishing the updated version of the Privacy Policy on the Website.
Last update: 28.11.2022