Summer Sale Up to 40% Off - Free shipping and size exchanges
Privacy Policy (pursuant to EU Regulation 2016/679 “G.D.P.R.”)

Customer Service

Privacy Policy (pursuant to EU Regulation 2016/679 “G.D.P.R.”)

Dear Customer,


Confezioni Peserico S.P.A., Data Controller, has always paid constant attention to the protection of its Customers’ personal data. For this reason Confezioni Peserico S.P.A. wishes to provide you with clear and simple information, pursuant to art. 13 of the EU Regulation 2016/679 (hereinafter G.D.P.R.), on how your personal data will be processed.

1. Data Controller. The Data Controller is Confezioni Peserico S.P.A., with registered office in Via Lucca di Cereda - Cornedo Vicentino (VI) - C.F. and P.I. 00655390243, which can be contacted at the following e-mail address: info@peserico.it or at the following fax number: 0445 450299.

 

2. Purpose and legal basis of Data Processing. The Data Controller collects and processes your personal data, provided through the customer form, such as biographical information (name, surname, age), contact details (address, landline phone number, mobile phone number, e-mail), tax data (in case of invoicing), exclusively for the following purposes:

A) conclusion and proper execution of the contract of sale of the Data Controller’s products and/or to process your requests for quotations, as well as for the processing of the order and any requests relating to the order and/or purchase. The legal basis of Data Processing consists of the performance of the sales contract to which you are a party and/or the performance of pre-contractual measures taken at your request
(art. 6.1 b GDPR);


B) the fulfilment of legal duties arising from the sale of products (e.g. administrative, tax, accounting, anti-money laundering,) and also to comply with obligations arising from regulations, EU legislation and/or to respond to requests from the Authorities. The legal basis of Data Processing consists of the compliance with legal obligations to which the Data Controller is subject (art. 6.1 c GDPR);


C) the exercise of the Controller’s rights, for example, the right of defence in court in the event of litigation. The legal basis is the legitimate interest (Art. 6. 1 f GDPR), which is based on the right of defence guaranteed by law.


Only with your express consent may Confezioni Peserico S.P.A. also process your personal data to:


D) send you, via e-mail, sms, whatsapp, according to the preferences you expressed when purchasing the products, informative and promotional communications relating to the Data Controller’s products, services, initiatives and events (marketing purposes). In this way you will be constantly updated on our new products and initiatives;


E) send you, via e-mail, sms, whatsapp, according to the preferences you expressed when purchasing the products, customised communications relating to the Data Controller’s products and services. For this purpose, the Data Controller may collect information on your behaviour and commercial habits, with reference to the industry in which the Data Controller operates, creating homogeneous groups of consumers, in order to improve the services offered on the basis of the needs you have expressed and to offer goods in line with your habits and preferences (profiling purposes).


The legal basis for the processing described in points D) and E) above is your express consent (Art. 6.1 a) G.D.P.R.), which can be withdrawn at any time, according to the procedures set out in section 9 of this Policy. Revocation of consent shall not affect the processing based on the consent acquired prior to the exercise of the revocation.
Always subject to your express consent (Art. 6.1 a) G.D.P.R.), which can be withdrawn at any time, the Data Controller may disclose your personal data to other companies belonging to the Group and, in particular, to: Fintex s.r.l., Confezioni Peserico GMBH; PG Studio s.r.l.; Peserico USA inc. Peserico Spain S. exclusively for the following purposes:


F) dispatch by the aforementioned Group companies of communications relating to the Group’s products, services, initiatives and events, by e-mail, sms, whatsapp, according to the preferences you expressed when purchasing the goods (marketing purposes);


G) dispatch by the aforementioned Group companies of customised communications relating to the Group’s products and services, by e-mail, sms, whatsapp, according to the preferences you expressed when purchasing the goods (profiling purposes).

 

3. Nature of provision of personal data. The provision of personal data for the purposes specified in section 2 (A) and (B) is mandatory, as it is necessary for the management of the contract of sale and for the compliance with legal obligations incumbent on the Data Controller.
The provision of data for the purpose of section 2 (C) is required as in case of litigation the Data Controller has the right, based on its legitimate interest, to take legal action.
The provision of data for the purposes of the data processing specified in section 2 (D), (E), (F) and (G) is voluntary and it is subject to your express consent. This means that if you refuse to provide them, you will still be able to enter into the contract and purchase our products, but you will not be able to be updated with communications about our products and/or services (marketing purposes) or receive customized offers (profiling purposes) from the Data Controller and/or other companies in the Group.

 

4. Methods of processing of personal data. Your personal data are processed using methods and procedures strictly required for the pursuit of the purposes set out in section 2, with the support of paper, electronic and telematic methods, in compliance with the principles of correctness, lawfulness and transparency and the protection of your confidentiality and your rights. The processing is carried out only by subjects expressly authorized by the Data Controller.

 

5. Disclosure of personal data. The personal data provided may be disclosed, solely for the purposes mentioned in section 2 to the following categories of subjects:

  • individuals, companies, associations or professional firms that provide assistance and consulting services to Confezioni Peserico S.p.a., with particular but not exclusive reference to issues in accounting, administrative, legal, labor law, social security, tax and financial matters, who need access to the data for purposes related to the execution of contracts regarding the provision to the extent strictly required to carry out their duties;
  • •individuals or consulting companies that provide their services in order to manage marketing and communication campaigns on behalf of Confezioni Peserico S.p.a.;
  • companies belonging to the Group appropriately identified for the purpose of the execution of related services that may send you commercial communications (marketing and/or profiling purposes) (such as Fintex s.r.l., Confezioni Peserico GMBH; PG Studio s.r.l.; Peserico USA inc. Peserico Spain S.L);
  • any office of the Public Administration to which the acts are ordinarily addressed and/or where they expressly request it for good reason.

The above mentioned subjects act as Autonomous Data Controllers or, where the requirements are met, as Personal Data Processors, designated by agreement pursuant to Article 28 G.D.P.R. The list of subjects appointed as Processors can be requested from the Data Controller in the manner indicated in Section 9.

 

6. Transfers of personal data. The Data Controller does not usually transfer Clients’ personal data to recipient countries based outside the EU or to international organizations. In the event that organizational needs (e.g., use of cloud services and/or use of platforms for organization management) make it necessary to transfer to recipients based outside the EU, the Data Controller assures that it will be done in compliance with the provisions on the transfers of personal data (Chapter V G.D.P.R.). Specifically, regarding the sending by e-mail of commercial communications (for marketing purposes) and personalized commercial communications (for profiling purposes), we inform you that the Data Controller uses the Mailchimp service of the American company Rocket Science Group LLC, based at Ponce de Leon Ave NE
Suite 5000 Atlanta, Georgia, USA with which the privacy relationship has been regulated through standard contractual clauses (Standard Contractual Clauses SCC).
Your personal information is not disclosed.


7. Storage of personal data. In compliance with the principles of lawfulness, purpose limitation and data storage and minimization, pursuant to Article 5 G.D.P.R., the Data Controller stores your personal data according to the following policy:


• for as long as is strictly necessary for the proper performance of the contractual relationship and, after its termination, no longer than the ordinary ten-year statute of limitations, in compliance with storage obligations in fiscal, tax and accounting matters;


• in case of litigation, for the time strictly necessary for the defense of the Data Controller ‘s rights and until the enforcement of the right in court;


• in the case of consent for marketing purposes [section 2 (D) and (F)] until the consent is withdrawn and, in any case, no later than 24 months after the recording of the data, both by the Controller and by the Group companies to which, if you give consent, the data will be communicated;


• in case of consent for the purposes of profiling [section 2 (D) and (F)] until the consent is withdrawn and, in any case, no later than 12 months after the registration of your data, both by the Controller and by the companies of the Group to which, if you give consent, the data will be communicated.

 


8. Rights of the data subject. At any time, in the manner and within the limits provided for by current legislation, we inform you that you may exercise the following rights towards the Data Controller: - request access to your personal data (art. 15 G.D.P.R.); - request the rectification of inaccurate data or the integration of incomplete data (art. 16 G.D.P.R.); - request the erasure of your personal data (“right to be forgotten” art. 17 G.D.P.R.); - request the restriction of processing (art. 18 G.D.P.R. ); - data portability, understood as the right to receive from the Data Controller, in a structured format in common use and readable by automatic devices, your personal data and request its transmission to another Data Controller without hindrance, where this is technically feasible (art. 20 G.D.P.R.); - object to the processing of personal data in the cases provided for in Article 21 G.D.P.R.; - withdraw the consent given, where consent is the legal basis for processing, without prejudice to the lawfulness of the processing based on the consent acquired before the revocation.

 


9. How to exercise your rights. You may exercise the above rights by written communication to be sent to the e-mail address: info@peserico. it or to the following fax number: 0445 450299. Requests are free of charge, except in the case of manifestly unfounded or excessive requests for which a reasonable fee may be charged, taking into account the administrative costs incurred in providing the information. The Data
Controller shall provide feedback in the shortest possible time, in any case within one month, unless an extension is justified, pursuant to Article 12, paragraph 3, of the G.D.P.R.

 


10. Right to lodge a complaint with Data Protection Authority. In the event that you should recognize a violation in the processing of your personal data, as a Data Subject, you have the right to lodge a complaint with the Guarantor for the Protection of Personal Data in the manner and within the time limits reported on the institutional website of the Guarantor for the Protection of Personal Data (https://www.garanteprivacy.it/).