PRIVACY POLICY
Gioielleria Grande Srl, as the owner of the company of the same name, with logo and sign Gioielleria Grande, with registered office in Viale Parioli, 104 00197 – Rome, is the Data Controller of the personal data collected on this site pursuant to and for the purposes of EU Regulation 679/2016 (hereinafter referred to as GDPR):
1. PERSONAL DATA AND BROWSING DATA
Gioielleria Grande is committed to protecting your personal data and asks you to take a few minutes to read how we collect, use, disclose and transfer the personal data you provide to us through our website www.gioielleriagrande.it, or by interacting through the data transmitted to Gioielleria Grande by third party companies that provide technological and/or IT, logistical and commercial services. Furthermore, this policy explains how we collect data through the use of cookies and related technologies using our Platforms.
PERSONAL DATA PROCESSED FOR CONTRACTUAL PURPOSES – LEGAL OBLIGATIONS – HOLDER’S RIGHTS
Personal data, contact details.
PERSONAL DATA PROCESSED FOR GENERIC MARKETING PURPOSES OF JOINT OWNERS
Personal data, contact data.
PERSONAL DATA PROCESSED FOR MARKETING AND PROFILING PURPOSES
Personal data, contact data, data collected by cookies installed by the Sites.
PERSONAL DATA PROCESSED FOR SENDING NEWSLETTERS
Contact data.
PERSONAL DATA PROCESSED FOR THE OPERATION OF THE SITES
The IP addresses or domain names of the computers used by users who connect to the Sites, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), other parameters relating to the operating system. ), other parameters relating to the user’s operating system and computer environment, information relating to the user’s behaviour on the Sites, to the pages that have been visited or searched, in order to select and make specific announcements to the user of the Sites and data relating to the browsing behaviour on the Sites, for example, using cookies.
Ensuring the safety and privacy of children is paramount to Gioielleria Grande. It is not in our interest to knowingly collect and use personal information from anyone under sixteen (16) years of age or any age limit set by the laws of their country of residence.
By registering on the Site, you confirm that you have reached the age of majority in your country of residence.
2. PURPOSE AND LEGAL BASIS OF THE PROCESSING
The data and cookies received will be processed by Gioielleria Grande exclusively with the methods and procedures necessary to provide the services requested and for the further purposes for which consent has been given.
– Generic marketing purposes of the Joint Owners: for example, sending – by automated means of contact (e-mail) – promotional and commercial communications relating to services/products similar to those already used offered by the Joint Owners, for example, but not limited to, notification of company events or webinars or whitepapers or subscription to newsletters.
– Marketing purposes by third parties (with data communication) belonging to the service sector (in particular ICT and digital) and consulting, manufacturing, commerce, Public Administration: sending – by automated contact methods (such as sms, mms e-mail) and traditional ones (such as phone calls with operator) – of promotional and commercial communications, advertising material related to services/products offers, company events signalling, as well as carrying out market studies and statistical analysis by third parties specified above, with respect to the Joint Holders, to whom the data are communicated.
– Marketing purposes by the Joint Holders in favour of third parties (without communication of data) belonging to the service sector (in particular ICT and digital) and consulting, manufacturing, commerce, Public Administration: sending – with automated contact modalities (such as sms, mms e-mail) and traditional ones (such as phone calls with operator) – of promotional and commercial communications, advertising material related to offers of services/products, company events reporting, as well as carrying out market studies and statistical analysis by the Joint Holders on behalf of third parties.
– Purposes of profiling: analysis of preferences, habits, behaviour, interests deduced, for example, from online clicks on articles/sections of the Gioielleria Grande websites, in order to send personalised commercial communications/perform targeted promotional actions, business intelligence. The processing of personal data for profiling purposes will take place, in case of consent, with data processing tools that, following cross-referencing, will create a personal commercial and behavioural profile on the web. This data processing tool relates the data collected while browsing the Sites through the use of personally accepted first-party profiling cookies with the data collected through the registration to Gioielleria Grande through the appropriate forms. Furthermore, this data and/or information will be associated with any eventual and/or additional data and/or information already in our possession as a result of your subscription to our services.
– Legal obligations: fulfilling obligations under applicable national and international regulations and legislation.
– Sending newsletters: if explicitly requested by registering for such service.
– Rights of the Joint Owners: if necessary, to ascertain, exercise or defend the rights of the Joint Owners in court.
– Operation of the Sites: The computer systems and software procedures used to operate the Sites acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties but, by its very nature, could, through processing and association with data held by the Sites or by third parties, allow the identification of the users of the Sites.
3. DISSEMINATION, COMMUNICATION AND SUBJECTS ACCESSING THE DATA
The data may be processed by external subjects operating as data controllers such as, by way of example, Authorities and supervisory and control bodies and, in general, subjects, including private subjects, entitled to request the data, Public Authorities that expressly request them from the Joint Holders for administrative or institutional purposes, in accordance with the provisions of current national and European regulations, as well as persons, companies, associations or professional firms that provide assistance and consultancy.
The data may also be processed, on behalf of the Joint Holders, by external subjects designated as Data Processors pursuant to Article 28 of the GDPR, to whom appropriate operating instructions are given. These subjects are essentially included in the following categories:
– companies offering website and information system maintenance services;
– companies that offer support in carrying out market studies;
– companies that provide database management and maintenance services for the Tenants;
– companies offering e-mailing services;
– companies offering marketing automation platform management services;
– companies providing organisational support and event hosting services.
Personal data may be processed, if explicit consent is given, by third parties to whom the data is disclosed.
Personal data will not be disclosed.
4. DATA TRANSFER ABROAD
Data may be transferred abroad to non-European countries, and in particular to the United States, only after verification of the standard contractual clauses (Standard Contractual Clauses) adopted/approved by the European Commission pursuant to Article 46(2)(c) and (d) of the GDPR or the binding rules for the company referred to in Article 47 of the GDPR or, in the absence thereof, pursuant to one of the derogatory measures referred to in Article 49 of the GDPR.
A copy of the warranties referred to in Article 46(2)(c) and (d) of the GDPR, adopted by the Joint Holders can be obtained by emailing [email protected].
5. DURATION OF PROCESSING AND STORAGE OF PERSONAL DATA
In accordance with Art. 5.1 e) of the GDPR, Gioielleria Grande will process the data provided for the period necessary to pursue the purposes for which it was collected. Generally, we will retain personal data for one year from the end of our relationship or last contact, unless local legislation requires otherwise. In some cases it may be necessary for us to retain personal data for a longer period, for example if we are required to do so for legal, tax or financial reasons:
– Contractual Purposes, Legal Obligations and Newsletter Sending: throughout the contractual period and, after termination, for 10 years.
– Generic marketing purposes of the Joint Holders: until the exercise of the right to object exercisable through the unsubscribe button (“Click here”) or by contacting the Joint Holders directly.
– Marketing and profiling purposes: until consent for such purposes is revoked.
– Rights of the owner: in the event of legal disputes, for the entire duration of the same, until the time limit for appeals is exhausted.
– Operation of the Sites: for the entire duration of the browsing session on the Sites.
– Once the above mentioned retention periods have elapsed, personal data shall be destroyed, deleted or made anonymous, compatibly with the technical procedures of deletion and backup.
6. SECURITY
At Gioielleria Grande, personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which it was collected and in accordance with the principle of necessity and proportionality, avoiding the processing of personal data when the operations can be carried out through the use of anonymous data or by other means.
We have adopted specific security measures to prevent the loss of personal data, unlawful or improper use and unauthorised access, but it is essential, for the security of personal data, that the device is equipped with tools such as constantly updated antivirus software and that the provider, who provides the Internet connection, guarantees the secure transmission of data through firewalls, spam filters and similar safeguards.
7. RIGHTS OF THE DATA SUBJECT
By contacting the Data Controllers by e-mail at [email protected], you may request from the Data Controllers access to the data concerning you, their deletion, the rectification of inaccurate data, the integration of incomplete data, and the restriction of processing in accordance with Article 18 GDPR.
In addition, if the processing is based on consent or contract and is carried out by automated means you may request the portability of the data and to receive them in a structured, commonly used and machine-readable format, as well as, if technically feasible, to transmit them to another data controller without hindrance.
You have the right to revoke your consent at any time for marketing and/or profiling purposes, as well as to object to the processing, for reasons related to your particular situation, of your data in the event of the exercise of a public interest or legitimate interest of the Data Controller as well as for marketing purposes, including profiling related to direct marketing. This is without prejudice to the possibility of being contacted for the aforesaid purposes exclusively through traditional methods, and of expressing one’s opposition only to the receipt of communications through automated methods. The Data Controllers shall refrain from processing, except for legitimate reasons that override the interests, rights and freedoms of the data subject, or for ascertaining, exercising or defending a right in a court of law.
You have the right to lodge a complaint with the competent supervisory authority in the Member State in which you habitually reside or work or in the State where the alleged infringement occurred.
8. DATA PROTECTION OFFICER
The data may be processed by employees of the company features of the Joint Holders assigned to the pursuit of the purposes indicated above, who have been expressly authorised to process the data and who have received adequate operating instructions.
The personal data processed for the functioning of the Sites, collected during the navigation on the Sites, will be processed by employees, collaborators of the Joint Holders or external subjects, in their capacity of persons in charge and responsible for the processing, duly instructed by the Joint Holders, who carry out on behalf of the Joint Holders tasks of a technical and organisational nature of the Sites.
Rolex Section
When browsing within the Rolex section on our website, you may interact with an embedded website of www.rolex.com. In that case, only the Terms of Use, Privacy Policy and Cookie Policy of www.rolex.com will apply.