Information on the processing of personal data of users of the website
in accordance with Article 13 of EU Regulation No. 2016/679 (“GDPR”)
E-Services S.r.l. places the utmost attention on the security and confidentiality of the personal data of the users (the “Users” or “User” in singular) of this website (the “Website” or “Site”) and wishes to provide them with information regarding the processing of their personal data.
1. Data Controller and Data Protection Officer – DPO
The data controller is E-Services s.r.l., located at Via Lodovico Seitz, 47, 31100 Treviso TV (the “Company”).
For any request regarding the processing of personal data, as well as to exercise the rights recognized by the GDPR and further described in point 7, you can contact the Company at the email address dpo.privacy@delonghigroup.com
The Company employs a Data Protection Officer (“DPO”), appointed pursuant to Article 37 of the GDPR, who can be contacted at the following email address: dpo.privacy@delonghigroup.com
2. For what purposes the Company processes personal data
Through the Website, the Company collects some personal data related to the Users, either voluntarily provided by them or collected during their normal operation, which are processed for the purposes described below.
The computer systems and software procedures used for the operation of the Site acquire, during their normal exercise, some personal data whose transmission is implicit in the use of Internet communication protocols. These are pieces of information that are not collected to be associated with identified individuals, but which by their very nature could, through processing and associations with data held by third parties, allow the identification of Users. This category of data includes the IP addresses of the computers used by Users connecting to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the operating system used. These data are used only to obtain anonymous statistical information on the use of the Site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site.
In addition, the website uses cookies and other tracking tools. Please refer to the cookie policy available at the following link, as well as the corresponding control panel accessible at the following link, for further information and to manage your preferences at any time.
Below is a schematic representation of the treatments carried out by the Company.
1. Responding to User requests
Purpose of Processing
The Company collects certain personal data necessary to respond to requests made by Users through the specific Contact section of the Site. This section contains, in addition to specific fields that collect data strictly necessary for sending the response, also a free text section through which to describe the specific request. Users are invited not to include personal information that is not indispensable or at least relevant to the request they intend to make.
Categories of data processed
First and Last Name
Email*
Phone
Any personal data contained in the free text field
Data marked with an asterisk in the collection form are required to provide the requested response. If the User prefers to receive this response by phone, they can optionally provide this information, which will then be used exclusively for this purpose.
Legal basis and conferment
Performance of a contract of which the User is a party (Article 6(1)(b) GDPR).
The provision of data is necessary, as without it, the Company will not be able to respond to user requests.
Conservation period
The data will be processed to respond to the data subject and subsequently deleted from the website’s database after 12 months from the request.
2. Receiving information on the Academy
Purpose of Processing
The Company processes the personal data of Users who wish to receive information about the Academies it organizes, collected through the completion of the specific form found in the dedicated section. This section contains, in addition to specific fields that collect data strictly necessary for sending the requested information, also a free text section through which Users can detail their request. Users are invited not to include personal information that is not indispensable or at least relevant to the information request.
Categories of data processed
First and last name
E-mail*
Phone
Any personal data contained in the free text field
Data marked with an asterisk in the collection form are required to provide the requested response. If the User prefers to receive this response by phone, they can optionally provide this information, which will then be used exclusively for this purpose.
Legal basis and conferment
Execution of a contract to which the User is a party (Article 6 (1) (b) GDPR).
The provision of data is necessary as, without it, the Company will not be able to respond to user requests.
Conservation period
The data will be processed to respond to the data subject and subsequently deleted from the website’s database after 12 months from the request.
3. Defending one's rights
Purpose of Processing
The Company may process personal data for the defense of rights in judicial, administrative, or extrajudicial proceedings, and in disputes arising against Users.
Categories of data processed
Depending on the case, personal data collected for purposes 1 and 2 will be processed.
Legal basis and conferment
Legitimate interest of the Company in protecting its rights (Article 6(1)(f) GDPR). A new and specific provision of data is not required as the Company will pursue this further purpose, where necessary, by processing data collected for the above purposes.
Conservation period
The time necessary to pursue the protection of the right.
4. Fulfilling legal obligations
Purpose of Processing
The Company may process personal data to fulfill obligations it is required to meet under laws, regulations, or European Union legislation, as well as provisions/requests from authorities authorized by law and/or supervisory and control bodies.
Categories of data processed
Depending on the need, personal data collected for purposes 1 to 4 will be processed.
Legal basis and conferment
Fulfillment of a legal obligation (Article 6(1)(c) GDPR). The provision of personal data for this purpose is mandatory, as without it, the Company will be unable to fulfill specific legal obligations.
Conservation period
The time necessary to process the request.
3. How We Keep Personal Data Secure
The Company adopts appropriate security measures to ensure the protection, security, integrity, and accessibility of Users’ personal data. Appropriate security measures are aimed at preventing unauthorized access, disclosure, alteration, or destruction of personal data.
All personal data is stored on the Company’s protected IT devices (or appropriately archived paper copies) or those of our suppliers, and is accessible and usable according to our security standards and policies (or equivalent standards for our suppliers).
4. How Long We Keep Personal Data
The Company retains Users’ personal data only for the time necessary to achieve the purposes for which they were collected or for any other legitimate connected purpose, as specified in the table in paragraph 2. Personal data that are no longer necessary, or for which there is no longer a legal basis for their retention, will be irreversibly anonymized or securely destroyed.
If the processing of personal data serves multiple purposes, they will be deleted or anonymized as soon as the retention period for the last purpose has expired.
5. Who We Can Share Personal Data With
The Company allows access to Personal Data only to those who need to use them for relevant purposes. Personal Data may be accessed by duly authorized employees, as well as external suppliers, appointed, if necessary, as data processors, who provide support for the provision of services.
Personal Data may also be accessed by other companies of the De’Longhi Group, for the purposes described above, based on specific contractual agreements.
Data may be transferred outside the European Union; in such cases, the Company will adopt appropriate guarantees of the rights of the data subjects, as required by the GDPR.
6. Rights Concerning Personal Data Protection and the Right to Lodge Complaints with the Supervisory Authority
Every User has the right to request the Company, upon the existence of a legal basis for the request:
a) access to personal data, as provided by Article 15 of the GDPR;
b) correction or integration of personal data held by the Company deemed inaccurate, as provided by Article 16 of the GDPR;
c) deletion of personal data for which the Company no longer has any legal basis for processing, as provided by Article 17 of the GDPR;
d) restriction of the way personal data is processed, in the event that one of the conditions set out in Article 18 of the GDPR is met;
e) a copy of the personal data provided to the Company, in a structured, commonly used and machine-readable format, and the transfer of such data to another data controller (so-called portability), as provided by Article 20 of the GDPR;
Right to object: in addition to the rights listed above, the User always has the right to object at any time to the processing of personal data carried out by the Company for the pursuit of its legitimate interest.
For any requests regarding the processing of personal data, as well as to exercise the rights recognized by the GDPR, it is possible to contact the Company at the e-mail address dpo.privacy@delonghigroup.com
The exercise of these rights is free of charge and is not subject to formal constraints. It will be the Company’s responsibility to verify that the User is entitled to exercise the relevant right and to respond, typically within one month.
If the User believes that the processing of their personal data occurs in violation of the provisions of the GDPR, they have the right to lodge a complaint with the Data Protection Authority, using the references available on the website www.garanteprivacy.it, or to take appropriate legal action
Last modified: 23/02/2024