Privacy Policy - Orologeria Bastiani

Rolex Section – Privacy Policy
While navigating on the Rolex section of our website, you may interact with an embedded website from www.rolex.com. In such case, Terms of Use, Privacy Notice and Cookies Policy of www.rolex.com are solely applicable.

Rolex Section – Cookie Policy
While navigating on the Rolex section of our website, you may interact with an embedded website from www.rolex.com. In such case, Terms of Use, Privacy Notice and Cookies Policy of www.rolex.com are solely applicable.

Information pursuant to EU Regulation 2016/679 (“GDPR”)

WHO WE ARE: THE “DATA CONTROLLER”

The “data controller” for the processing is: P. BASTIANI S.R.L. unipersonale
Via San Nicolò no. 19
34121 TRIESTE (TS)
REA: TS- 132031
VAT no.: 01199130327
Tax code: 01199130327
info@pbastiani.it

Share capital: €200,000.00 of which €125,000.00 paid

The contact details are: phone 040-7600148 email: amministrazione@pbastiani.it

Rolex Section

While navigating on the Rolex section of our website, you may interact with an embedded website from www.rolex.com. In such case, Privacy Notice and Cookies Policy of www.rolex.com are sole applicable.

TYPE OF DATA PROCESSED AND PURPOSE OF PROCESSING

Navigation data

The computer systems and software procedures used for the operation of this site acquire some personal data whose transmission is implicit in the use of Internet communication protocols.

This category of data includes IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and IT environment.

This data, which is necessary for the use of web services, is also processed in order to:

-obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);

-check the correct functioning of the services offered.

The navigation data does not persist for more than seven days and is deleted immediately after its aggregation (except for any need for the investigation of crimes by the Judicial Authority).

Data provided by the user

The optional and voluntary sending of messages to the contact addresses, as well as the filling-in and forwarding of the forms present on the site, entails the acquisition of the contact details of the sender, which are necessary to provide a response, as well as all the personal data included in the communications.

Specific information is published on the pages of the website prepared for the provision of certain services, with a request for any consent to processing.

Data acquired through Social Media

If the user connects to a company social media page through a social media login (i.e. the account of a social network in which they are registered), the data that is published by the user in that social network can be acquired by the company, also according to the privacy settings set by the user (e.g. information contained in the message/post to respond to requests for information or assistance, images, or information taken from the published profile). Specific information on the processing of data carried out by social media platforms are made available by them (e.g. https://www.facebook.com/privacy/explanation).

SOCIAL NETWORKS

This site can use so-called social plug-ins. Social plug-ins are special tools that allow for the incorporation of the social network functionality directly into the website (e.g. the Facebook “like” function).
All social plug-ins on the site are marked by the respective logo owned by the social network platform (e.g. Facebook, Google, Twitter, LinkedIn).
When you visit a page of our site and interact with the plug-in (e.g. by clicking the “Like” button) or decide to leave a comment, the corresponding information is transmitted by the browser directly to the social network platform and stored by it. For information on the purposes, type and methods of collection, processing, use and storage of personal data by the social network platform, as well as how to exercise your rights, please consult the privacy policy adopted by the individual social network

Facebook: Policy: https://www.facebook.com/policies/cookies/

Twitter: Policy: https://support.twitter.com/articles/20170514

LinkedIn: Policy: https://www.linkedin.com/legal/cookie-policy

Pinterest: Policy: https://policy.pinterest.com/en/privacy-policy

COOKIES

Please refer to the cookies policy.

LEGAL BASIS FOR DATA PROCESSING

The company may process the aforementioned personal data even without specific consent, except as required for the completion of specific forms, as the legal basis of lawfulness of the processing derives from the execution of pre-contractual measures adopted at the data subject’s request (e.g. request for information by email), as well as for the pursuit of the legitimate interest of the company to promote and achieve its statutory purposes.

The provision of data for the aforementioned purposes is free and optional; however, any refusal implies the impossibility for the company to follow up on the aforementioned purpose.

DATA PROCESSING METHODS

The data are entered into an electronic database and/or stored in paper archives.

The data are not subject to an automated decision-making process, nor is profiling of any kind carried out.

DATA RECIPIENTS

The personal data may become known by the collaborators and employees of the company, as parties authorised to process and specially trained.

The data may be communicated to external parties (e.g. companies that manage web platforms, related companies, external consultants, subcontractors, etc.) for the purposes outlined above, if there is a need for their involvement. The same subjects will operate as independent Data Controllers, or will be designated as Data Processors.

DATA RETENTION PERIOD

The company will keep the data for the time strictly necessary to achieve the purposes specified above and also to respond to any need for access and recovery of data. After 24 months from the acquisition (7 days for navigation data), if there is no further need for contact or retention obligations, the data will be deleted.

RIGHTS OF THE DATA SUBJECT

Recognised rights include those of:

requesting access to personal data and information relating to them; the correction of inaccurate data or the integration of incomplete data; the deletion of personal data (in the event of one of the conditions indicated in Article 17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same Article); the limitation of the processing of personal data (in the event of one of the hypotheses indicated in Article 18, paragraph 1 of the GDPR);
requesting and obtaining – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – personal data in a structured and machine-readable format, also in order to communicate such data to another data controller (the so-called right to portability of personal data);
objecting at any time to the processing of personal data in the case of special situations that concern the data subject;
withdrawing consent at any time, limited to cases where the processing is based on consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories of data (for example data revealing health status or sexual orientation). However, processing based on consent, and carried out before withdrawal thereof, remains lawful;

With reference to the purposes indicated above, the data subject has the right to proceed, at any time, to the request for cessation of processing and the sending of email communications by the company, with a request to be submitted to the contacts indicated above.

RIGHT TO LODGE A COMPLAINT

If the data subject believes that there is a breach in the processing of their personal data, they can lodge a complaint with the Supervisory Authority of the place where they habitually reside or work, or where the alleged breach occurred. In Italy, you can lodge a complaint with the Data Protection Authority.

Privacy disclosure pursuant to EU Regulation 2016/679 (“GDPR”)

WHY AM I SEEING THIS NOTICE?

This information will allow you to understand in detail how the personal data you provide us with through the completion of the form to take advantage of the services offered by Orologeria Bastiani will be processed.

WHO IS THE DATA CONTROLLER?

Bastiani S. r. l. Unipersonale, a company based in Trieste, in Via San Nicolò 19, is the Data Controller.

For the exercise of your rights, the Data Controller can be contacted as follows: phone +39 040 673 942, Email amministrazione@pbastiani.it, Certified email legalmail@pbastiani.it

WHAT TYPE AND NATURE OF DATA ARE PROCESSED

When filling in the form on the site, personal data will be collected, i.e. data that enables your identification, even indirect, such as for example name, surname, address, email, telephone number, Tax Code, VAT number, or other data that you will provide spontaneously when contacting us directly.

PURPOSES AND LEGAL BASES OF LAWFULNESS OF THE PROCESSING

The data collected will be used for the following purposes:

to allow you to create and manage your own personal account within the e-commerce in order to take advantage of the services provided;
to manage the supply contracts and their correct execution from the moment of the order until the delivery phase (registration, choice of product and placement in the customer’s basket, purchase, payment, shipping and delivery, withdrawal, management of any disputes), managing the billing accounting operations, management of the relationship with you for any communications relating to the supply contract and the collection of any considerations and judgments;
to allow the release of information at your request;

Data of a common nature may also be processed without your specific consent, in order to satisfy your requests and for the pre-contractual and contractual purposes connected and instrumental to the requested service, as well as to fulfil the related legal obligations to which the Data Controller is subject.

You are free to provide or not provide your data, but in the absence of the requested data it will not be possible to conclude or execute the service and your requests.

PROCESSING METHOD AND PLACE AND RETENTION PERIOD

The processing of your data takes place at our headquarters, through the use of telematic, paper, electronic or automated tools and is carried out by authorised and trained persons within the scope of the task assigned to them, for the time strictly necessary to achieve the purposes for which the data were collected.

Your data, in particular, will be kept for the duration of the contract and, subsequently, for the time necessary to fulfil tax obligations, or for other purposes provided for by law or regulations (as a rule, 10 years).

If you do not exercise any active action (e.g. login with username and password) for a period longer than 24 months, you will be classified as an inactive user and your personal data, whose retention is not necessary for tax or legal purposes, will be deleted.

COMMUNICATION AND DISCLOSURE OF DATA

Your personal data may be communicated to the following categories of parties:

a) to our suppliers with whom we collaborate, to provide you with the requested service;
b) to shipping companies and companies that handle payments (PayPal, credit institutions, companies that manage credit cards).
c) to data processing and IT services companies, traders, consulting companies or firms and companies operating in the provision of services for the execution of the contract.

These parties will operate as independent Data Controllers, or will be designated as Data Processors with a specific contract or legal act.

The data may then be accessed by parties to whom this power is granted by legal provisions or regulations (e.g. public security authorities).

The data will not be subject to an automated decision-making process, nor will profiling of any kind be carried out.

Personal data will not be disclosed, nor will they be transferred to third countries or international organisations.

RIGHTS OF THE DATA SUBJECT

Your rights include the rights to:

request access to personal data and information relating to them; the correction of inaccurate data or the integration of incomplete data; the deletion of personal data (in the event of one of the conditions indicated in Article 17, paragraph 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same Article); the limitation of the processing of personal data (in the event of one of the hypotheses indicated in Article 18, paragraph 1 of the GDPR);
request and obtain – in cases where the legal basis of the processing is the contract or consent, and the same is carried out by automated means – personal data in a structured and machine-readable format, also in order to communicate such data to another data controller (the so-called right to portability of personal data);
object at any time to the processing of personal data in the case of special situations that concern the data subject;
withdraw consent at any time, limited to cases where the processing is based on consent for one or more specific purposes and concerns common personal data (for example date and place of birth or place of residence), or particular categories of data (for example data revealing health status or sexual orientation). However, processing based on consent, and carried out before withdrawal thereof, remains lawful;

Your requests should be addressed to P. Bastiani at the following email address: amministrazione@pbastiani.it, Certified email legalmail@pbastiani.it

If you believe that there has been a breach in the processing of your personal data, you can lodge a complaint with the Supervisory Authority of the place where you habitually reside or work, or where the alleged breach occurred. We inform you that in Italy you can lodge a complaint with the Data Protection Authority.

CHANGES TO THIS POLICY

We inform you that this privacy policy may be subject to changes and additions over time, which may be necessary in reference to new regulatory interventions in the area.

The updated version of the privacy policy will be published on this page, indicating the date of its last update.