Privacy Policy
IN ACCORDANCE WITH EU REGULATION NO. 679/2016 AND LEGISLATIVE DECREE NO. 101/2018
Pursuant to and for the purposes of Articles 12, 13, and 14 of EU Regulation No. 679/2016 and Legislative Decree No. 196/2003, as amended by Legislative Decree No. 101/2018 and subsequent amendments and additions, concerning the protection of natural persons with regard to the processing of personal data, the company MMA S.A.S. di Michela Zucchini e C. (Tax ID/VAT No.: 03659741205)
PURPOSE AND OBJECTIVE OF THE PROCESSING OF PERSONAL DATA.
The personal data—both general and special categories as defined in Article 9 of EU Regulation 679/2016—that you have voluntarily provided will be processed by MMA S.A.S. di Michela Zucchini e C., acting as the Data Controller (hereinafter referred to simply as the “Controller”), for the sole and exclusive purpose of ensuring the provision of the services offered by the Company and/or requested by you, such as—by way of example only and not limited to—the design, development, production, and marketing of web-based marketing, the design, creation, and management of websites or other forms of informational communication on behalf of third parties, as well as e-commerce activities and any other IT services, including via the Internet, and the design of management software or multimedia works—whether developed in-house or by third parties—for web pages and websites; the operation and management of providers, hosting, and housing services; consulting and corporate training services focused on marketing, advertising, and public relations, as well as any other activities closely related to or functional to the foregoing and in any case pertaining to the Company’s corporate purpose.
PROCESSING METHODS.
a) The processing will be carried out through operations or a set of operations such as: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, disclosure, erasure, and destruction of data.
b) The above operations may be performed with or without the use of electronic or otherwise automated tools.
c) The processing will be carried out by the Data Controller’s organization and, in particular, by the data processor(s) and/or persons in charge of processing designated for this purpose by the Data Controller based on specific skills and qualifications. Individual collaborators and/or professionals—including those outside the Data Controller’s organization—may also be appointed as data processors and/or persons in charge of processing. The Data Controller may also install tracking cookies via so-called web analytics software, which are used to generate detailed, real-time analytical reports regarding information such as: number of website visitors, referring search engines, keywords used, language used, most-visited pages, IP address, nationality, city, date, time of visit, browser, operating system, screen resolution, duration of visit, etc. In any case, the processing of personal data requires the Data Controller to adopt appropriate security measures, in accordance with the needs and availability of the company’s premises.
In order to offer you Klarna’s payment methods, we may share your personal information—such as your contact information and order details—with Klarna at checkout so that Klarna can assess your eligibility for its payment methods and customize those payment methods for you. The personal information we share is processed in accordance with Klarna’s privacy policy.
PROVISION OF PERSONAL DATA.
The provision of general and special categories of personal data is essential for the performance of the activities and the provision of the services referred to in point 1.
FAILURE TO SUBMIT DATA OR INCORRECT SUBMISSION OF DATA.
If the data subject refuses to provide personal data in the case described in point 3, or if the data provided is incorrect, the Data Controller will be unable to provide the services described in point 1 and/or to fulfill the related contractual obligations.
DATA DISCLOSURE.
Personal data may be disclosed to external companies and/or entities and/or associations or platforms with which the Data Controller has a contractual and/or fiduciary relationship, including through collaborations and/or joint projects; such companies and entities will act as independent data controllers or data processors and are required to comply with the laws governing the protection of natural persons’ personal data on their own behalf.
The personal data referred to in the preceding articles may also be disclosed to professionals in the legal, accounting, and tax sectors; to banks and insurance companies; to entities operating in the advertising sector, such as public and/or private entities that own billboard space; and, in general, to all public and private entities to whom such disclosure is necessary for the proper fulfillment of the purposes indicated in point 1, as well as for compliance with all obligations and requirements imposed by national and EU law.
DATA DISTRIBUTION.
Personal data will not be disclosed, except for purposes strictly related to the performance of the activities indicated in point 1 or upon the express request of the data subject.
TRANSFER OF DATA ABROAD.
The personal data you provide may be transferred to countries within the European Union and to countries outside the European Union, always for the purposes set forth in point 1.
RIGHTS OF THE DATA SUBJECT.
The data subject, in accordance with the provisions of Articles 15 et seq. of EU Regulation 679/2016, has the right to: obtain from the data controller confirmation as to whether or not personal data concerning him or her exist and to have such data made available in an intelligible form; be informed of the origin of the data, the purposes and methods of processing, the logic applied to the processing, and the identifying details of the data controller and the parties to whom the data may be disclosed; obtain the updating, rectification, and supplementation of the data, as well as the erasure, anonymization, or blocking of data processed in violation of the law; and to obtain, without
hindrance from the data controller, the data in a structured, commonly used, and machine-readable format in order to transmit it to another data controller. The data subject also has the right to withdraw consent to processing without affecting the lawfulness of processing based on consent given prior to withdrawal, to lodge a complaint with the data protection authority, and to object, on legitimate grounds, to the processing of the data.
All of the above rights may be exercised at any time by sending an email to the Data Controller’s certified email address (mma-srls@pec.it) or by sending a registered letter with return receipt to the Data Controller’s headquarters.
DATA RETENTION.
In accordance with the provisions of Article 5 of EU Regulation 679/2016, your personal data will be retained for the period strictly necessary to carry out the activities described in point 1 and, in any case, for a period not exceeding ten years, unless a different retention period is required by specific
legal provisions.
DATA CONTROLLER AND DATA PROCESSOR.
The data controller is MMA S.A.S., owned by Michela Zucchini and C (Tax ID/VAT No.: 03659741205), represented by its current legal representative (certified email: mma-srls@pec.it). (info@momia.it).
