1. THE DATA “CONTROLLER” , under the terms of Article 28 of the Code regarding personal data protection is Moleskine Srl – Via Piceno, 17 – 20129 Milan, in the person of its legal representative pro tempore.
THE DATA PROCESSOR, pursuant to Article 29 of the Code regarding personal data protection, is the Marketing and Communication Director, at Moleskine Srl\
PLACE DATA IS PROCESSED
The processing connected to web services of this site, (physically placed “in hosting” at third parties) is carried out on the company premises and is seen to by its own contractors, in the role of data processors, or by outside parties for services of maintenance or updating.
2.TYPES OF DATA PROCESSED
Personal and identifying data. Personal data, any information relating to an identified or identifiable natural person, even indirectly, by way of reference to any other information, including a personal identity number. Identifying data, personal data which allow direct identification of the data subject
Minors’ data. Minors may not provide personal data. The Controller shall in no way be responsible for possible false declarations that may be provided by minors, and in any event, should the false nature of the declaration be ascertained, Moleskine spa shall immediately cancel all personal data and any material acquired. The Data Controller shall facilitate requests inherent to the personal data of minors, in terms of Art. 7, 8, 9 and 10 of the Privacy Code in respect of whoever exercises parental responsibility or the legal guardian.
Third parties’ data. Should you provide us with the personal data of a third party (e.g. family members, and other parties in general), you must ensure that they have been informed and where applicable, provided their consent to the use of said data according to this disclosure.
Navigation data. The computer systems and software procedures put in place for the functioning of this website shall, during the course of their normal operation, obtain certain personal data the transmission of which is implicit in the use of Internet protocols and communication. This involves information that is not collected for the purposes of association with designated interested parties, but which due to its very nature may, following procession and the cross-referencing with data held by third parties, make it possible to identify the users. This class of data includes the IP addresses or domain names of the computers used by the users who connect to the site, the addresses in URI form (Uniform Resource Identifier) of the resources requested, the time of the request, the method used in order to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful completion, error, etc.) and other parameters relating to the user’s operating system and computer environment.
Please see the cookies policy at the following link
3.PURPOSES OF PROCESSING
Data of a personal nature shall be processed for the following purposes:
A) Moleskine Srl services:
– browsing on this website;
– contact request, customer care and for assistance with Moleskine Srl services
– data collection to enlist the controller’s services;
– on-line purchases purchases and related administrative-accounting activities, for the purposes of applying regulations regarding personal data protection, the processing carried out for administrative-accounting purposes refers to processing connected to performing organizational, administrative and accounting activities, regardless of the nature of the data processed. In particular, such purposes are pursued by internal organizational activities, activities necessary for fulfilling contractual and pre-contractual obligations, informational activity, shipping and returns;
-completion of data collection forms inherent to Moleskine Srl services and activities to activate a single authentication or single identification, with an access control system that allows the user to perform a single valid authentication for several software systems or computer resources to which you will be enabled through Single Sign-On (SSO)
B) for direct marketing, newsletters and promotions, market research or other sampling research and direct sales, surveying the level of satisfaction, to receive – by automated means email, MMS or SMS messages, activation with beacons, or other types or messages, social networks and applications, as well as by operator-made telephone calls and paper mail or any other means – informational, promotional, commercial and advertising material and material related to events and initiatives on products, services, offers and promotions, from Moleskine Srl also through the managing companies in charge of processing. The data will be included in the corporate CRM. In order to compare and possibly improve its communication results, Moleskine Srl uses systems to send out newsletters and promotional notices with reports.
C) for activities, to compile your profile and analyse your habits and consumer choices and purchasing behaviour (if done), so as to improve the sales and services offered, enabling us to send you communications that could interest you. The processing of personal data could refer to customer care activities, comprising offers for personalised services at the points of sale and after sales, as well as complimentary services. Such purposes are also pursued by these being entered in the CRM of the company.
4. METHODS OF PROCESSING – RETENTION
Processing will be done using automated and manual methods, with procedures and tools aimed at guaranteeing maximum security and confidentiality, by parties specially appointed in compliance with art. 31 and foll. Leg. Dec. 196/03. The data shall be stored for a period that shall not exceed the purposes for which the data has been collected and subsequently processed and based on applicable privacy regulations.
5. EXTENT OF DISCLOSURE AND DISTRIBUTION
Data shall not be circulated but can be communicated to companies contracted to Moleskine Srl, to associated and/or subsidiary companies within the European Union and non-EU countries, in compliance with applicable regulations, also through managing companies. Should certain countries not guarantee adequate security standards, we shall put in place the protection measures required by applicable regulations on the protection of personal data, and we shall divulge these to third parties only when this is required by law or regulations in this regard. Data may be communicated to third parties falling under the following categories: – parties that provide services for managing the computer system used by Moleskine Srl and the telecommunication networks (including email, CRM Data Base management and mailing lists, e-commerce platforms, APP providers, call centres, etc.…); – third parties to support on-line purchases and administrative-accounting activities, shipping and returns (e.g. banks, shipping insurance);- offices or companies within the scope of assistance and consulting services; – the relevant authorities for compliance with legislative requirements and/or directives issued by public bodies, on request.
Parties belonging to the categories above cover the function of Data Processor or operate completely independently as distinctive Data Controllers. The list of data processors is constantly updated and available at Moleskine Srl – Via Piceno, 17 – 20129 Milan by writing to email@example.com
6. DATA TRANSFER OUTSIDE THE EU
To manage its e- commerce activities, Moleskine Srl will be able to use cloud platforms provided by third parties as sub-processors. In this regard, we inform you that your personal data acquired on the basis of this disclosure will be stored on servers located in the United States of America. The United States of America does not benefit from an EU Commission’s adequacy decision in accordance with Art. 25 of the EC Directive no. 46/95, therefore the transfer will take place on the basis of contractual clauses such as those approved by the Commission or by virtue of other suitable mechanisms for data transfer required by applicable regulations.
7. NATURE OF SUPPLY AND REFUSAL
The transfer of data for the purposes stated under point A) above is optional, but necessary. The refusal to supply the necessary data regarding point A) makes it impossible to use the services of the Data Controller. The transfer and consent to processing for the purposes under point B) and/or C) is optional. Any refusal to provide consent for the purposes detailed under points B) and/or C) above, does not result in any negative consequence regarding the purposes referred to in point A). Profiling and marketing activities are only an eventuality and shall only be done with the specific consent of the data subject, should the party consent to the profiling of their data with these being entered into the CRM. Entering data into the CRM is optional and shall result in this becoming automatically visible to those that have access, or the data processors and persons in charge of the processing at the various points of sale worldwide. For the registration areas for newsletters and promotions only, proving personal data for point B) is necessary. Any refusal to provide data related to point B) for the newsletter and promotion registration area only makes it impossible to receive marketing communications (as indicated in the purpose under point B). In this case, only an acknowledgement will be requested.
8. RIGHTS OF DATA SUBJECTS
You can assert your rights as stated in Art. 7, 8, 9 and 10 of Leg. Dec. 30 June 2003 no. 196, applying to the Data Controller,to the data processor, by contacting our head office, or by sending an email to firstname.lastname@example.org . You are entitled to obtain confirmation, at any time, whether data exist and to know their content and origin, check their accuracy or request supplementation, updating or correction (Article 7 of the Personal Data Protection Code ). Based on this article, you are entitled to ask for the cancellation, transformation into an anonymous format or the blocking of data processed in violation of the law, as well as object to the data processing for legitimate reasons. As an alternative to automatic-cancellation systems for e-mail, in order to stop receiving electronic direct marketing (e-mails, SMS, MMS, social networks), you can write to email@example.com with the subject line “cancellation from electronic communications”. If you do not want to receive traditional direct marketing (telephone calls from operators, paper-based mail), you can write to firstname.lastname@example.org with the subject line “cancellation of traditional”. If you do not want to receive any direct marketing, you can write to email@example.com with the subject line ” marketing cancellation”. To object to profiling processing, you can write to firstname.lastname@example.org with the subject line “no profiling”.
9. CHANGES TO THE PRIVACY INFORMATION NOTICE
The Data Controller reserves the right to change, update, supplement or remove parts of the present Privacy Information Notice at its sole discretion at any time. The Data Subject must check periodically for any changes. To facilitate such checking, the Information Notice will contain the date of updating of the Information Notice.
10. SOCIAL LOGIN
Social Login is a technology that allows the user to share, in an automated way, personal data entered in a social network with the website administrator. For example, the user will be able to use this technology to register on a website quickly or to participate in an on-line contest or to make an on-line purchase (etc.). In short, subject to the user’s authorisation, the social network will send the website administrator the personal data necessary for the user to register on the site, participate in the contest, make the on-line purchase etc., without said user having to enter the requested data manually. To receive detailed information pursuant to Art. 13 of the Privacy Code regarding the use of personal data processed when using this technology, we invite you to visit the websites of third party administrators of the aforesaid technology. Below you will find references to these third parties, and next to each one of these you will find the link to the page where you can receive information on processing and, where required by the law, give or refuse your consent:
Facebook social login: https://developers.facebook.com/docs/plugins
Twitter social login: https://support.twitter.com/articles/20170519#
Google account login: https://www.google.com/policies/privacy/
Date updated: 15.01.2018