The Store S.N.C. by Lorenzo and Nicola Togni, as the Data Controller, pursuant to European Regulation No. 2016-679 of April 27, 2016, and subsequent amendments (hereinafter collectively referred to as the "Regulation"), places great importance on the protection of personal data and the privacy of the User.
This Policy aims to inform the User about the methods of collecting, using, and sharing the personal data provided to us through our website https://thestoresnc.com/it/.
To ensure a high level of protection, in accordance with applicable Regulation, this Policy may be updated. We therefore invite the User to regularly consult this page. We will inform the User via email in the event of substantial changes. Substantial changes are considered to be any modifications relating to the main features of personal data processing.
If any clause of this Policy is declared invalid or contrary to the Regulation, it will be considered unwritten but will not invalidate the other clauses of the Policy.
1. Definitions
The User is informed that the following terms or expressions, whenever they begin with a capital letter in the body of this Policy (including citations and the preamble), whether used in the singular or plural, masculine or feminine, will have the meanings attributed to them below:
"Data" means all information relating to an identified or identifiable natural person as defined in Article 4.1 of the GDPR.
"Policy" refers to this personal data protection policy.
"Regulation" refers to the set of European Regulation No. 2016-679 of April 27, 2016, and subsequent amendments.
"Data Controller" refers to the natural or legal person, public authority, service, or other body that, alone or jointly with others, determines the purposes and means of processing as defined in Article 4.7 of the GDPR.
"GDPR" refers to the General Data Protection Regulation 2016/679 of April 27, 2016.
"Site" refers to our website https://thestoresnc.com/it/.
"Data Processor" refers to the natural or legal person, public authority, service, or other body that processes personal data on behalf of the Data Controller as defined in Article 4.8 of the GDPR.
"User" refers to the users of our Site.
2. What Data Do We Collect?
We may collect the following Data directly from the User: identification data, transactional data, access data, and browsing data. It is also possible that we may passively collect the User's Data indirectly, as we are likely to use tracking tools such as browser cookies and other similar technologies on our Site https://thestoresnc.com/it/ and in the communications we send to the User. For more information, please refer to the Cookie Policy.
3. Why Do We Collect Your Data?
The legal basis that allows us to process the User's personal data depends on the purpose for which it is processed. We collect and process the User's Data for the following purposes: where necessary for the performance of a contract with the User, where necessary to comply with a legal obligation, when the User has expressly consented to the processing of their personal Data, where necessary to ensure our legitimate interests, and where necessary in the context of a public interest.
4. Who Are the Recipients of the Data?
**Internal Recipients**
The User's Data may be processed by our internal employees.
**Third Parties**
In the course of our business, and for external processing needs, the User's Data may be communicated to subcontractors, service providers, or other third parties. PrestaShop operates within the European Union, PayPal and Klaviyo operate outside the EU.
**Legal Disclosure**
Finally, we may also disclose the User's Data to comply with any legal mandate, law, or legal proceeding, including governmental and regulatory requests. We may disclose information if we believe that it is necessary or appropriate to protect the rights, property, or safety of The Store S.N.C. by Lorenzo and Nicola Togni, its customers, or other stakeholders. Such disclosure includes the exchange of information with other companies and organizations for fraud and counterfeiting protection purposes.
5. How Do We Protect the Data?
We have implemented technical and organizational security measures to ensure the security, integrity, and confidentiality of the User's Data.
6. What Are the User's Rights Regarding the Processing of Their Data?
In accordance with the provisions of the Regulation, the User has the right to access and rectify their Data. They also have the right to define directives regarding the fate of their Data in the event of death. In addition, subject to the conditions provided by the GDPR for exercising such rights, the User has the following rights: the right to deletion of their Data, the right to restriction of processing of their Data, the right to object for legitimate reasons to the processing of their Data pursuant to Article 21 of the GDPR, and the right to data portability of the Data provided.
When the processing of Data is based on the User's consent, the User can revoke it at any time. However, the User acknowledges that processing carried out prior to the revocation of consent remains valid. Pursuant to Article 12.6 of the GDPR, to exercise these rights, we reserve the right to ask the User for proof of their identity. We inform that the Data used to prove identity will be deleted once we have responded to the request. The User can exercise these rights by sending an email to info@thestoresnc.com or a letter to the following address: Via Don Fadini, 2903, 24059 Urgnano (BG) Italy.