Dolce & Gabbana S.r.l., a company incorporated and operating under Italian law (hereinafter also referred to simply as “Dolce & Gabbana” or the “Data Controller”), recognizes the importance of the privacy of those using its own websites, and undertakes to observe such privacy.
TYPES OF PERSONAL DATA COLLECTED AND PROCESSED
In general, Dolce & Gabbana does not collect the personal data of users visiting and consulting the Website, with the exception of so-called browsing data. The technological platform by means of which the Website is made available to the user, in fact automatically records certain browsing data – transmission of which is implicit in the use of Internet communications protocols – such as the name of the Internet provider, the source website, the pages visited, the date and duration of each visit, etc. Such information permits access to the Website and the use of certain services, and this information may be utilized in an anonymous, aggregated form for statistical purposes and in order to verify the correct functioning of the Website.
Dolce & Gabbana does not collect such data in order to associate them with other information about users, and subsequently to identify such users; nevertheless, the data in question, by their very nature, may permit the identification of users following processing and association with other information. Browsing data may thus be used by Dolce & Gabbana to ascertain whether any liability exists regarding computer crimes committed to the detriment of the Website, or by means of the Website. Without prejudice to such event, the aforementioned browsing data are only stored temporarily, in accordance with applicable law.
Data volunteered by the user
Dolce & Gabbana collects and processes the personal data that the user voluntarily provides when he/she interacts with the Website’s functions and services, such as in the event of registration in order to have information about new developments from the world of Dolce & Gabbana, and to receive newsletters and other commercial information, and to send spontaneous applications for information or communications to Dolce & Gabbana.
Those sections in which the user’s personal data is collected, contain a statement drawn up pursuant to Section 13 of Legislative Decree 196/2003, and ask for the user’s specific agreement to the processing of the personal data supplied in said sections, in compliance with the aforementioned Decree.
PURPOSES OF PROCESSING
Dolce & Gabbana process users’ personal data for the following purposes:
– the management of registration for the Website, and the operational management of Website navigation;
– the management of Website security; – market surveys and statistical calculations; – personnel recruitment;
– compliance with legal and regulatory requirements;
– the exercise of rights in courts of law.
Furthermore, once the user’s authorization has been given, the Data Controller may process the data for the purpose of establishing individual and group profiles (profiling), and for marketing purposes such as the communication, by newsletter, e-mail or sms, of information and/or updates regarding Dolce & Gabbana’s products, or regarding any ventures or events organized by Dolce & Gabbana S.r.l. and by the other companies in the Dolce & Gabbana Group, including any invites to take part in such ventures or attend such events.
Nevertheless, the user may decide at any time not to have such e-mails (newsletters) sent: for each type of communication, the manner in which the user may refuse the processing of data or the sending of e-mails, shall be explained.
NATURE OF THE PROVISION OF DATA
With the exception of browsing data (which are collected by the system automatically), the user may choose whether to provide data for the aforementioned purposes or not. Failure to provide data for marketing purposes shall not affect your access to those features offered by the Website, with the exception of those services strictly connected to registration, which shall not be available. Failure to provide data for profiling purposes shall not affect your access to those features offered by the Website.
MEANS OF DATA PROCESSING
The user’s personal data shall be processed using computerized and data transmission systems, mainly by electronic and computerized means, as well as on paper in the case of certain specific operations. In accordance with Legislative Decree 196/2003, specific safety measures shall be observed to prevent the loss of data, the illegal or incorrect use thereof, and unauthorized access to such data.
PERSONS INVOLVED IN DATA PROCESSING
The user’s personal data shall be processed by persons appointed as data processors pursuant to Sections 29 and 30 of Legislative Decree 196/2003.
Said data may be disclosed to the other companies in the Dolce & Gabbana Group. Moreover, with the user’s authorization said data may be transferred outside of Italy to other companies in the Dolce & Gabbana Group with registered offices in non-EU countries: in the latter case, the data in question shall be covered by adequate levels of protection.
Furthermore, Dolce & Gabbana may disclose the data to other third parties, such as professionals, consultants and, in general, any third parties cooperating with Dolce & Gabbana in the pursuit of the aforementioned purposes, or to third parties to whom given services have been outsourced.
In any case, Dolce & Gabbana undertakes to supply said third parties exclusively with those data strictly required in order to perform the services and operations assigned to such third parties; Dolce & Gabbana also undertakes to do everything possible to ensure that the third parties use the data they receive exclusively for the purposes indicated by Dolce & Gabbana, and in accordance with the provisions governing personal data processing.
The user’s personal data may be disclosed to other companies as well in the event of mergers, demergers, takeovers, the sale of a business or business unit, or of other extraordinary corporate transactions.
The user’s personal data may also be disclosed to those recipients deemed legitimate by law or regulation, as, for example, in the case of requests on the part of the appointed public authorities or the legal authorities, or in general within the context of legal proceedings, and also in order to protect and defend the Website and the rights of Dolce & Gabbana.
Such persons shall process the data in their capacity as independent data controllers or data processors, depending on the circumstances.
An updated list of all data processors may be requested from the Data Controller cited below, at the e-mail address: firstname.lastname@example.org or at the fax no. +39 0227727777.
The Personal Data shall not be disclosed.
CONNECTION TO THIRD-PARTY WEBSITES AND SERVICES
The Website or the messages that Dolce & Gabbana sends users may contain the banners, advertising messages and advertisements of third parties or of the Data Controller’s business partners.
Dolce & Gabbana thus invite users to take care when accepting offers of services from third parties, and to read the information provided by the third party regarding its processing of personal data, which the Data Controller has no control over, nor can be held liable for.
AMENDMENTS TO THIS DOCUMENT
The data controller is Dolce & Gabbana S.r.l., with registered office in Milan, Via C. Goldoni, no. 10.
Users of the Website may exercise their rights under Section 7 of Legislative Decree 196/2003 set out in full below. Such rights may be exercised without the need for any formalities, simply by submitting a request to the above Data Controller, to be sent to the e-mail address email@example.com, or to the fax no. +39 0227727777.
Section 7 of Legislative Decree 196/2003. Data Subject’s rights
(Right to Access Personal Data and Other Rights)
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain:
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.