Privacy Policy

The purpose of this privacy policy is to provide all the information on the processing of personal data carried out by Treccani Reti SPA when the User makes use of the services promoted within this site (as better indicated below). 

  1. INTRODUCTION - WHO ARE WE?

Treccani Reti SPA with registered office in Piazza della Enciclopedia Italiana 4, 00186 Rome RM, tax code 00396050585 and vat number 00878851005 ((hereinafter, "Owner"), as the owner of the processing of personal data of users who take advantage of the services promoted within https://emporium.treccani.it/en/ (hereinafter, the "Users" and the "Site") provides below the privacy policy pursuant to Article 13 of the EU Regulation 2016/679 of April 27, 2016 (hereinafter, "Regulation", or the "Applicable Legislation").

  1. HOW TO CONTACT US?

The Controller holds in the highest regard the right to privacy and protection of personal data of its Users. For any information in relation to this privacy policy, Users may contact the Controller at any time using the following methods:

  • By sending a registered letter with return receipt to the Holder's registered office
  • By sending an e-mail message to emporium@treccani.it ;
  • By sending a fax to the n. +39 02 647414 14. 

The User may also contact the Data Protection Officer (RPD or DPO) of the Owner, whose contact details are given below: GDPR.emporium@treccani.it.

  1. WHAT WE DO? - PURPOSE OF PROCESSING

Through browsing the Site, the User can purchase products from the Owner or its partners (hereinafter, the "Service"). In connection with the activities that may be carried out through the Site, the Owner collects personal data relating to Users. The information regarding the use of cookies on this website can be found at the following link: https://emporium.treccani.it/en/cookie-policy. The Service is restricted to individuals who are eighteen years of age or older. Therefore, the Owner does not collect personal data relating to individuals under the age of 18. Upon request from Users, the Owner will promptly delete all personal data unintentionally collected relating to individuals under the age of 18. In particular, Users' personal data will be lawfully processed in accordance with Article 6 of the Regulations for the following processing purposes:

  1. Contractual Obligations and Service Delivery: to give effect to the Terms and Conditions governing the Service offered on the Site, which are accepted by the User at the time of purchase; to fulfill specific requests of the User and allow the User to create their own personal profile within which they can: (i) consult information related to their purchases and update their data, including for the sending of products; (ii) make a wishlist with in products selected as favorites; (iii) manage the newsletter subscription (sign up and unsubscribe); proceed to the cancellation of the account, consult the profile accesses; (iv) access more expeditiously to purchases and customer service thanks to the storage of basic information. The User's data collected by the Controller for this purpose include: first name, last name, email address, shipping address, billing address, telephone number, and in case of invoice request also tax code, as well as any personal information of the User that may be and voluntarily communicated by the same such as company name, PEC address and recipient code. The User's personal information will be used by the Owner for the sole purpose of ascertaining the User's identity (including through validation of the e-mail address), thus avoiding possible fraud or abuse, and contacting the User for service reasons only (e.g., to send notifications regarding the performance of the Service or problems encountered during the same). Notwithstanding the provisions elsewhere in this privacy policy, under no circumstances will the Owner make Users' personal data accessible to other Users and/or third parties.
  2. administrative-accounting purposes, or to carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;
  3. legal obligations, or to fulfill obligations under the law, an authority, a regulation or European legislation.

The provision of personal data for the above processing purposes is optional but necessary, as failure to provide such data will result in the impossibility for the User to use the Service. Personal data that are necessary for the pursuit of the processing purposes described in this paragraph 3 are indicated with an asterisk within the request form.

 

  1. FURTHER PURPOSES OF TREATMENT

4.1 Marketing (sending advertising material, direct sales and commercial communication)

Some of the User's personal data (i.e. first name last name, e-mail address and telephone number) may also be processed by the Data Controller for marketing purposes (sending of advertising material, direct sales and commercial communication), i.e. so that the Data Controller can contact the User by mail, e-mail, telephone (fixed and/or mobile, with automated call or call communication systems with and/or without the intervention of an operator) and/or SMS and/or messaging systems to propose to the User the purchase of products and/or services offered by the Data Controller itself and/or by partner companies, present offers, promotions and commercial opportunities. In case of non-consent, the possibility of registering on the Site will not be affected in any way. In case of consent, the User may at any time revoke the same by making a request to the Owner in the manner indicated in paragraph 8 below. The User may also easily object to further sending of promotional communications via e-mail also by clicking on the appropriate link for revocation of consent, which is present in each promotional e-mail. Once the revocation of consent has been effected, the Controller will send the User confirmation of the revocation of consent. If the User wishes to revoke his/her consent to the sending of promotional communications via telephone, while continuing to receive promotional communications via e-mail, or vice versa, please send a request to the Controller in the manner indicated in paragraph 8 below. The Data Controller informs that, following the exercise of the right to object to the sending of promotional communications by e-mail, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before the receipt by the Data Controller of the request for objection) the User will continue to receive some additional promotional messages. Should the User continue to receive promotional messages after 24 hours have elapsed since the exercise of the right to object, please report the problem to the Controller, using the contacts indicated in paragraph 8 below.

4.2          Personalized marketing

The User's personal data (i.e. personal and contact data, that information relating to the products or services towards which the same has expressed interest) may also be processed by the Owner for profiling purposes, i.e. to reconstruct the User's tastes and consumption habits, identifying the consumer profile, in order to be able to send the User commercial offers (through the means referred to in paragraph 4.1 above) consistent with the identified profile.In the event of lack of consent, the possibility of registering on the Site will not be affected in any way. In case of consent, the User may at any time revoke the same by making a request to the Data Controller in the manner indicated in paragraph 8 below.

  1. LEGAL BASIS

Contractual Obligations and Service Delivery (as described in par. 3, lett. a)): the legal basis consists of art. 6, par. 1, lett. b) of the Regulation, i.e. the processing is necessary for the performance of a contract to which the User is a party or the execution of pre-contractual measures taken at the User's request.

Administrative-accounting purposes (as described by par. 3(b)): the legal basis consists of Article 6(1)(b) of the Regulation, as the processing is necessary for the performance of a contract and/or the execution of pre-contractual measures taken at the request of the User.

Legal obligations (as described by Paragraph 3(c) above): the legal basis consists of Article 6(1)(c) of the Regulation, as the processing is necessary to fulfill a legal obligation to which the Data Controller is subject.

Additional processing purposes: for the processing related to marketing activities (as described by Section 4.1) above), the legal basis consists of Article 6, paragraph 1, letter a) of the Regulations, i.e. the provision by the data subject of consent to the processing of his/her personal data for one or more specific purposes. For this reason, the Controller asks the User for the provision of a specific free and optional consent, in order to pursue this processing purpose.

 

  1. PROCESSING METHODSANDDATA RETENTION TIMES 

The Data Controller will process Users' personal data by means of manual and computerized tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data. The personal data of the Users of the Site will be kept for as long as necessary for the execution of the contract, related legal obligations and until the termination of the relationship. Your personal data will be retained in accordance with the provisions of the law and in particular in accordance with the terms provided for the prescription of rights (in general 10 years from the termination of the contract, purpose point a). At the end of this period, personal data will be deleted or irreversibly anonymized. In the case of paragraph 4.1 above, Users' personal data will be kept for the time strictly necessary to fulfill the purposes illustrated in the same and, in any case, until the User revokes his or her consent. It should be noted that in the event of revocation of consent, the processing based on it will stop and that prior processing will remain legitimate. Withdrawal of consent does not result in the deletion of data that the Data Controller is obliged by law or contract to retain. In any case, any retention periods provided for by law or regulations are without prejudice.

  1. SCOPE OF DATA COMMUNICATION AND DISSEMINATION

The User's personal data may be transferred outside the European Union and, in this case, the Controller will ensure that the transfer takes place in accordance with the Applicable Legislation and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate safeguards) of the Regulations. The personal data of the Users may come to the attention of the employees and/or collaborators of the Controller in charge of managing the Site and the Users' requests. These subjects, who have been instructed to this effect by the Controller pursuant to Article 29 of the Regulations, will process the User's data exclusively for the purposes indicated in this notice and in compliance with the provisions of the Applicable Regulations. Users' personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as Data Processors, such as, by way of example, IT and logistics service providers functional to the operation of the Site, outsourcing or cloud computing service providers, professionals and consultants. In particular, Users' personal data will be processed by DigiTouch E-Commerce Solutions as a Data Processor appointed by the Data Controller with reference to the management of the Site and the Service. Users have the right to obtain a list of any data processors appointed by the Data Controller by making a request to the Data Controller in the manner indicated in paragraph 8 below.

  1. RIGHTS OF INTERESTED PARTIES

Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Owner in the following ways:

  • By sending a registered letter with return receipt to the Holder's registered office;
  • By sending an e-mail message to emporium@treccani.it ;
  • In by sending a fax to the n. +39 02 647414 14;

The User may also contact the Data Protection Officer (RPD or DPO) of the Owner, whose contact details are given below: GDPR.emporium@treccani.it.

Pursuant to the Applicable Legislation, the Data Controller informs that Users have the right to obtain information on (i) the origin of personal data; (ii) the purposes and methods of processing; (iii) the logic applied in case of processing carried out with the aid of electronic instruments; (iv) the identification details of the data controller and data processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as data processors or persons in charge.

In addition, Users have the right to obtain:

  • access, update, rectify or, when they have an interest, supplement the data;
  • the cancellation, transformation into anonymous form, or restriction of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
  • certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except where this proves impossible or involves the use of means manifestly disproportionate to the right protected.
  • In addition, Users have:
    1. The right to evoke consent at any time if the processing is based on their consent (including via their personal profile);
    2. The right (where applicable) to data portability (the right to receive all personal data concerning them in a structured, commonly used, machine-readable format);
    3. the right to object:
      • in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection..
      • in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications;
      • where personal data are processed for direct marketing purposes, at any time to the processing of their data carried out for that purpose, including profiling insofar as it is related to such marketing
    4. should they believe that processing concerning them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they normally reside, in the Member State in which they work, or in the Member State in which the alleged violation occurred). The Italian Supervisory Authority is the Data Protection Authority, based in Piazza Venezia n. 11, 00187 - Rome (https://www.garanteprivacy.it/web/garante-privacy-en/home_en).

 ____________

The Owner is not responsible for updating all links viewable in this Policy; therefore, whenever a linkis not working and/or updated, Users acknowledge and agree that they should always refer to the document and/or section of the websites referred to by that link.

To Top