Privacy Policy

Privacy Policy

The General Data Protection Regulation (or GDPR for short) is a positive step towards people having more control over how their personal data is used. On 25 May 2018 this new legislation comes into force and we have changed a number of processes and policies to prepare our business. We are committed to protecting and respecting the personal information you share with us.

This statement describes what types of information we collect, how we use it, how we share it with other organizations, how you can exercise your rights regarding the information we hold and how you can contact us.

As regards direct marketing communications, it will always be possible to inform us to stop such activities. We will never send “unsolicited” emails or communications and we will not share your data with anyone else. We do not resell the information to third parties, but work closely with selected partners who help us provide the information, products and services you request.

The content of this policy may change from time to time, so you may need to check this page occasionally to ensure you allow the sharing of information. Where possible, we will seek direct contact to inform you of any new changes.

WHAT INFORMATION IS COLLECTED?

We collect personal information through the site, applications or direct contact. We only collect information that is necessary, relevant and suitable for the purpose for which it is provided.

The information we collect may include some or all of the following:

• Identity Data:  includes first name, last name, username or similar identifier, and title.
• Contact information:  This includes billing address, delivery address, email address and telephone numbers.
• Financial Data : Includes bank account and payment card details collected solely for the purpose of completing your purchase.
• Transaction data:  includes details about payments to and from the customer/supplier and other details about the products and services that are purchased or sold.
• Profile Data : This includes purchases or orders you make, any social profiles (if applicable), preferences, feedback, communications and responses to internal surveys, and your password and username if applicable (customer portal).
• Usage Data:  includes information about how the website, products and services are used.
• Marketing and communications data:  includes preferences in receiving marketing and third-party communications and communication preferences.
• Technical Data:  includes Internet Protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, system operating system and the platform and other technologies on the devices used to access company websites.

How do we use the information that is collected?

Only information that is necessary for the purpose for which it was collected is processed. You are given the option not to receive marketing communications from us (and consent can be withdrawn at any time). No “unsolicited” emails or communications are sent and the data is not shared with anyone else, except to complete the purchase or sale contract. Personal data is used exclusively for the purposes and legal bases indicated in the following table:

How do we share this information?

We do not sell the information to third parties. However, we may from time to time disclose information to the following categories of companies or organizations to whom we pass responsibility for managing services on our behalf: support service providers, customer contact centers, direct marketing agencies and consultants, market research and market analysis service providers, our legal advisors and other professionals.

We work to ensure that all third party partners who handle information comply with data protection legislation and protect your information just as we do. We only disclose personal information STRICTLY necessary to provide the service they are undertaking on our behalf. We will aim to anonymize information or use aggregated specific datasets where ever possible.

How long do we keep the information?

We will not retain personal information in an identifiable format for longer than is necessary. For customers or suppliers, we will retain personal information for a longer period than when processing potential customers/suppliers.

And in any case we do not keep personal information in an identifying format for longer than necessary.

In the case of an ongoing relationship (for example a customer), we retain personal information for 10 years from the date our relationship ends. We retain personal information for this period to establish, bring or defend legal claims. Our relationship could end for a variety of reasons.

Where we have obtained your personal information following a request for information, brochures, quotations or any other information about one of our products or services, we will retain your personal information for 1 year and 6 months from the date we collect that information, unless that an actual relationship is created during this period, for example, a purchase. We will continue to process this data in line with the initial request for 6 months, to enable us to establish a relationship with the potential customer/supplier. After this period the data will remain pending for 1 year before being removed, unless a relationship is formed within this time.

The only exceptions to the periods mentioned above are where:

• the law requires us to keep personal information for a longer period, or to delete it sooner;
• in the event that you have raised a complaint or concern regarding a product or service offered, in which case we will retain your information for a period of 10 years from the date of such complaint or request; or
• you exercise the right to delete the information (where applicable) and you do not need to keep it in relation to any of the reasons permitted or required by law

How information can be managed

Each data subject has the right as an individual to access personal information and make corrections if necessary. You also have the right to withdraw the consent you have previously given us and ask us to delete the information we hold. You may also object to our use of your personal information (where we are relying on our business interests to process and use that personal information).

There are a number of rights in relation to personal information under data protection law. In relation to most rights, we will request information to confirm your identity and, where applicable, to help us look up your personal information. Except in rare cases, we will respond within 30 days of receiving your request.

Users have the following rights:

• Request a copy of the information we hold about you;
• Correct and update your information;
• Withdraw consent. Please see “How We Use This Information”;
• Object of our use of your information (where we rely on our legitimate interests to use your personal information), provided that there are no legitimate grounds for us to continue to use and process the information. Where we rely on our legitimate interests to use your personal information for direct marketing, we will always respect your right to object;
• Delete your information (or restrict our use of it), provided there are no legitimate grounds for us to continue to use and process that information;
• Transfer the information to a structured data file (in a commonly used, machine-readable format), where we rely on your consent to use and process your personal information or to process it in connection with the contract.

In the case of a subject access request or a request for information, please be aware that if the request is unfounded or excessive, we may still charge a fee or refuse to act on the request.

Please also note that when we remove data from our system, either after the periods of time stated earlier in this document or upon request, the data is permanently removed from our system and may affect any subsequent access requests.

You can exercise the above rights and/or manage your information by contacting us, using the details below:

If you have specific data protection concerns or a complaint, you can contact our data protection team at info@laconchigliacapri.it 

Where we store personal data

The personal data we collect may be transferred to, and stored in, a destination outside the European Economic Area (EEA), for the purposes described above, including in countries such as the United States of America or Russia, which do not can provide an adequate level of protection in relation to data processing. We will take all steps reasonably necessary to ensure that your personal data is treated securely and in accordance with this Privacy and Cookie Policy and data protection legislation. To the extent that it is necessary to transfer personal data outside the EEA, we will ensure that appropriate safeguards have been put in place to protect the privacy and integrity of that personal data, including the European Union Model Clauses under the Article 46.2 (for example using the so-called  Binding Corporate Rules  ). Please contact us if you would like information about these safeguards.