Privacy policy

PRIVACY NOTICE TO USERS

De. Vi Industria Tessile Srl with registered office in Piazza dei Martiri 58, 80121 Naples (NA) Italy, as Data Controller (hereinafter the “Controller”) of the personal data of Users (hereinafter, the “Users”) who browse and use the services available on the website www.depetrillo.shop (hereinafter, the “Site” and the “Services”) provides the following privacy policy pursuant to art. 13 of EU Regulation 2016/679 of 27 April 2016 (hereinafter, the “ Regulation ” or also the “ Applicable Legislation ”). This Site and the Services are reserved for persons who are at least eighteen years of age. The Data Controller, therefore, does not collect personal data relating to persons under the age of 18. Upon request of the Users, the Data Controller will promptly delete all personal data inadvertently collected and relating to persons under the age of 18.

The Data Controller takes the privacy and personal data protection rights of its Users very seriously. For any questions regarding this privacy policy, Users may contact the Data Controller at any time using the following methods: 

• By sending a registered letter with return receipt to the registered office of De.Vi Industria Tessile Srl, Piazza dei Martiri 58, 80121 Naples (NA) Italy

• By sending an email to shop@depetrillo.it

• By sending a fax to +390813951393

1 – Purpose of the processing

Users' personal data will be lawfully processed by De.Vi Industria Tessile Srl pursuant to Article 6 of the Regulation, for the following processing purposes:

• contractual obligations and provision of Services , to enable navigation of the Site or to enforce the Site's Terms of Use, which are accepted by the User during registration on the Site and/or during use of the Services, and to fulfill specific requests from the User. The User's data collected by the Data Controller for the purposes listed above includes: name, surname, email address, and tax code, as well as any personal information the User may voluntarily disclose. Unless the User gives the Data Controller specific and optional consent to the processing of their data for additional purposes, the User's personal data will be used by the Data Controller exclusively to verify the User's identity (including by validating the email address), thus preventing possible fraud or abuse, and to contact the User for service-related purposes only (e.g., sending notifications relating to the Services). Without prejudice to the provisions elsewhere in this privacy policy, under no circumstances will the Data Controller make Users' personal data accessible to other Users and/or third parties.

• administrative-accounting purposes, or to carry out organizational, administrative, financial and accounting activities, such as internal organisational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;

• legal obligations , or to fulfill obligations established by law, by an authority, by a regulation or by European legislation.

Providing personal data for the processing purposes indicated above is optional but necessary, as failure to provide such data will make it impossible for the User to browse the site, register on the Site, and use the Services.

The personal data required to pursue the processing purposes described in this paragraph 1 are indicated with an asterisk in the registration form on the Site.

2 – Additional processing purposes: marketing (sending advertising material, direct sales and commercial communications)

With the User's free and optional consent, some of the User's personal data (i.e., first name, last name, email address, telephone number, and address) may be processed by the Data Controller for marketing purposes (sending advertising materials, direct sales, and commercial communications), or so that the Data Controller can contact the User by post, email, telephone (landline and/or mobile, with automated calling or call communication systems with and/or without the intervention of an operator), and/or SMS and/or MMS to propose to the User the purchase of products and/or services offered by the Data Controller and/or third-party companies, and to present offers, promotions, and commercial opportunities.
Failure to provide consent will not affect the User's ability to register on the Site in any way. If consent is given, the User may revoke it at any time by making a request to the Partner using the methods indicated in paragraph 7 below.
The User may also easily object to further promotional communications via email by clicking on the appropriate link to revoke consent. which is included in each promotional email. Once consent has been withdrawn, the Data Controller will send the User an email to confirm the withdrawal of consent. If the User wishes to withdraw their consent to receiving promotional communications by telephone, but continue to receive promotional communications by email, or vice versa, please send a request to the Data Controller using the methods indicated in the following paragraph 7.
The Data Controller informs that, following the exercise of the right to object to the sending of promotional communications by email, it is possible that, for technical and operational reasons (e.g., contact lists already filled shortly before receiving the request to object), the User may continue to receive some additional promotional messages. If the User continues to receive promotional messages after 24 hours have passed since exercising the right to object, please report the problem to the Data Controller using the contact details indicated in the following paragraph 7.

3 – Further processing purposes: newsletter

With the User's free and optional consent , some of the User's personal data (i.e., name, surname, address, telephone number, and email address) may also be processed by the Data Controller for the purpose of sending the newsletter. Therefore, the User will receive a periodic newsletter from the Data Controller containing information regarding news and promotions on the Site and/or the Data Controller's initiatives.
Failure to provide consent will not affect the User's ability to register on the Site in any way. If consent is given, the User may withdraw it at any time by making a request to the Data Controller using the methods indicated in paragraph 7 below.
The User may also easily object to further promotional communications by clicking on the appropriate link to withdraw consent, which is included in each newsletter email. Once consent is withdrawn, the Data Controller will send the User an email confirming the withdrawal of consent.

4 - Further processing purposes: profiling

With the User's free and optional consent , the User's personal data (i.e., personal and contact details, and information relating to services in which the User has expressed interest) may also be processed by the Data Controller for profiling purposes, i.e., to reconstruct the User's tastes and consumer habits, identifying their consumer profile, in order to send the User commercial offers consistent with that profile. Failure to provide consent will not affect the User's ability to register on the Site in any way. If consent is given, the User may withdraw it at any time by making a request to the Data Controller, De.Vi., using the methods indicated in paragraph 7 below.

5 - Data processing methods and retention periods

The Data Controller will process Users' personal data using manual and electronic tools, with logic strictly related to the purposes themselves and, in any case, in a way that guarantees the security and confidentiality of the data.
Users' personal data will be retained for the time strictly necessary to carry out the primary purposes illustrated in the previous paragraph 1, or in any case as necessary to protect the interests of both the Users and the Data Controller under civil law.
In the cases referred to in the previous paragraphs 2, 3 and 4, Users' personal data will be retained for the time strictly necessary to carry out the purposes illustrated therein and, in any case, for no longer than twenty-four (24) and twelve (12) months, respectively.

6 - Scope of communication and dissemination of data

Users' personal data may be disclosed to the Data Controller's employees and/or collaborators responsible for managing the Website and all services related to the provision of the Services. These individuals, who have been instructed to do so by the Data Controller pursuant to Article 29 of the Regulation, will process Users' data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Law. Users' personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller as "External Data Processors," such as, for example, IT and logistics service providers essential to the operation of the Website and/or the Services, outsourced or cloud computing service providers, professionals, and consultants.
Users have the right to obtain a list of any data processors appointed by each Data Controller by making a request to the Data Controller concerned using the methods indicated in the following paragraph 7.
Furthermore, the Data Controller may disclose Users' personal data, to the extent necessary and essential to fulfill contractual obligations, to independent third-party data controllers, such as payment service providers and logistics providers required for the delivery of goods sold through the Site. These independent data controllers will process the User's data exclusively for the purpose of properly fulfilling orders relating to the Services.

7 - Scope of communication and dissemination of data

Users may exercise the rights granted to them by the Applicable Regulations by contacting the Data Controller using the following methods:

• by sending a registered letter with return receipt to the registered office of the Data Controller: De.Vi Industria Tessile Srl, Piazza dei Martiri 58, 80121 Naples (NA) Italy

• by sending an email to shop@depetrillo.it

Pursuant to Applicable Law, the Data Controller informs Users that they have the right to obtain information on (i) the source of their personal data; (ii) the purposes and methods of processing; (iii) the logic applied in the event of processing carried out with the aid of electronic means; (iv) the identification details of the Data Controller and data processors; (v) the entities or categories of entities to whom the personal data may be disclosed or who may become aware of it in their capacity as data processors or persons in charge of processing.
Furthermore, Users have the right to obtain:

• access, updating, rectification or, when relevant, integration of the data;

• the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

• certification that the operations referred to in letters a) and b) have been brought to the attention, including with regard to their content, of those to whom the data were communicated or disseminated, except in the case in which such fulfilment proves impossible or involves the use of means manifestly disproportionate to the right protected.

Additionally, users have:

• the right to withdraw consent at any time, if the processing is based on their consent;

• (where applicable) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restrict the processing of personal data and the right to erasure (the "right to be forgotten");

• the right to object:

  • in whole or in part, for legitimate reasons, to the processing of personal data concerning them, even if pertinent to the purpose of the collection;
  • in whole or in part, to the processing of personal data concerning them for the purposes of sending advertising or direct sales materials or for carrying out market research or commercial communications;
  • where personal data are processed for direct marketing purposes, at any time, to the processing of their data carried out for such marketing, including profiling to the extent that it is related to such direct marketing.
• If they believe that the processing of their personal data violates the Regulation, they have the right to lodge a complaint with a supervisory authority (in the Member State in which they habitually reside, in the one in which they work, or in the one in which the alleged violation occurred). The Italian supervisory authority is the Italian Data Protection Authority, located in Piazza di Montecitorio n. 121, 00186 – Rome (http://www.garanteprivacy.it/).

The Owner is not responsible for updating all the links displayed in this Policy. Therefore, whenever a link is not functioning and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the website linked to by that link.