0
  • No products in the cart.
mobile-logo
0
  • No products in the cart.
Giki / Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA ISSUED BY GIKI S.R.LS.

European Data Protection Regulation EU/2016/679 (henceforth, also “GDPR”) and the Privacy Code (Legislative Decree 196/03), as amended by Legislative Decree. 101/18, provide that the processing of personal data of individuals shall be carried out with respect for the fundamental rights and freedoms of the individual.

Personal data is information about an identified or identifiable natural person.

Processing of personal data is any operation or set of operations -completed either by electronic means or by paper media- applied to personal data.

The processing of personal data by Giki s.r.l.s. (hereinafter also just “Giki” or “Company”) is based on the principles of lawfulness, correctness, transparency, accuracy, integrity and confidentiality, and is not excessive in relation to the determined, explicit and legitimate purposes for which the data are collected.

Data controller

The Data Controller is Giki s.r.l.s., in the person of its legal representative, Mr. Maurizio Crocetti, having its registered office in Rome, Corso Trieste, no. 136/A, (c.a.p. 00198), C.F. 14877671009 (henceforth, also just “Holder”).

The contact details at which the Holder can be contacted are as follows: 06 8541331

Purpose and legal basis for processing

The processing of personal data is aimed at the correct and complete execution of the activity of online product sales by Giki and the contractual obligations undertaken.

– The processing is necessary to enable the owner to:

  1. Customer management; 2. Management of possible litigation; 3. Monitoring of contractual compliance; 4. Scheduling of activities; 5. Internal control services; 6. Consumer and user protection services; 7. Marketing (market analysis and surveys) subject to your consent, which will be requested when you release your personal data within the web page www.giki.it 8. Advertising – subject to your consent, which you will be asked for when you release your personal data within the web page www.giki.it 9. Survey degree of customer satisfaction subject to your consent, which will be requested when you release your personal data within the web page www.giki.it; 10. Customer information of new services/products subject to your consent, which will be requested when you release your personal data within the web page www.giki.it; 11 Protection of client’s property 12. Accounting or treasury management 13. Services to protect corporate assets

– The processing of data is also necessary for the pursuit of Giki’s legitimate interests, consisting in the possibility of demanding the fulfillment of an obligation contractually undertaken with it or to assert its reasons following complaints made to it by a data subject or a third party.

The provision of all data, except for data provided for the activities in 7, 8, 9 and 10 above and for which explicit consent is requested, is strictly necessary. If the data subject refuses to provide them, the owner will not be able to carry out its activities and complete the services commissioned or those contractually agreed upon.

Purposes that do not require consent

This policy has been prepared in order to make the information regarding the data processing carried out by Giki as transparent as possible.

Therefore, for some purposes, strictly related to the performance of the online sales service by Giki, your consent is not required for:

  • Customer management activities – Litigation management – Monitoring of contractual obligations – Scheduling of activities – Internal control services – Services to protect consumers and users – Protection of customer property – Accounting or treasury management – Services to protect corporate assets

Purposes requiring consent

For other purposes, not strictly related to the activity of online sales of products by Giki, however, your specific consent is required to be manifested at the time of purchase of goods by ticking the appropriate boxes via flags.

The above purposes for which your specific consent is required are:

  • Marketing (market analysis and surveys) – Advertising – Sending of informative and/or advertising material including by telephone or internet.

 

Data source.

Your data are collected directly from you through the process of accessing the website www.giki.it within which the products made available by Giki are sold, by filling out the appropriate form.

Type of personal data processed

Name, address or other personal identification, Tax code and other personal identification numbers, Bank details, Residential address, E-mail address.

Method of treatment

Personal data may be processed by electronic and paper-based means.

The owner has put in place adequate security measures to prevent loss, illegal or improper use, or unauthorized access.

Recipients of personal data

The data may be communicated to employees and collaborators of Giki, authorized to the processing and bound to the respect of confidentiality imposed by the owner, and duly instructed by the latter; to external managers who carry out data processing operations on behalf of Giki (such as, but not limited to, shippers, companies for online and IT payments), bound to the respect of confidentiality with legal acts ex art. 28 RGPD; to autonomous holders to whom Giki is obliged to disclose them in order to fulfill a legal obligation or to pursue its legitimate interests.

Transfer of data outside the EU

Personal data will not be transferred to non-EU countries or to international organizations.

Period of data retention

The collected data will be kept for the period of 10 (ten) years starting: from the receipt of payment of the amounts deducted in the invoice issued by the owner. Data for the purpose of loyalty in the strict sense, i.e., necessary to enable membership in the loyalty program and for the management of marketing activities will be processed and retained until the administrative duration of the relevant program, or in any case until cancellation and/or termination by the member. In the case of any withdrawal, disabling due to non-use within a certain time frame, the retention period of personal data for administrative purposes only (and not also for profiling or marketing purposes) will be no longer than one quarter (subject to any specific legal obligations on retention of accounting records). The Data Controller, in such cases, has implemented appropriate mechanisms for automatic deletion of data, including from third parties to whom the data may have been disclosed.

Rights of the data subject

The data subject may exercise against the data controller the rights provided for in Articles 15 to 22 of the GDPR, namely, the right of access, rectification, erasure, restriction, objection, portability, and revocation.

It may also file a complaint with the Italian Data Protection Authority, having its headquarters in Rome, Piazza Venezia, no. 11 c.a.p. 00187.