Privacy Policy
pursuant to and for the purposes of Articles 13 and 14 of EU Regulation no. 2016/679 (hereinafter, “GDPR”)
This Privacy Policy is intended to describe the management of personal data collected by Scalia Group Srl (“Company”) through this website, in compliance with the applicable regulation. You can print or save this document using the functionality of your internet service program (=browser: usually “file” > “save as”).
Purpose of the processing
Scalia Group informs you that your data will be processed exclusively for the following purposes:
Registrations for reserved areas : we will use the data to allow you to create a personal reserved area on our site. We remind you that registration allows you to access many of the other services on the site more quickly, but it is not a mandatory condition for using it.
Purchase of products: the personal and/or sensitive data provided will be used to process your purchase orders and related activities (sending goods, invoicing, payment management and related activities, etc.).
Newsletter subscription: the newsletter is a communication with promotional and advertising content sent to all interested parties who request it. On the site, subscription to the newsletter implies the sending of promotional communications that are not generalized but targeted based on the language, gender and country of origin of the interested party. This means that we process the data we receive in order to divide the subscribers into distinct groups by language, gender and country of origin so that the newsletter sent is as close as possible to what you have requested and what may interest you. It is also specified that your data will be processed only with your consent for each purpose of the newsletter (e.g. creation of wish lists, e-mail preferences, ongoing promotions, promotions on selected items, statistical analysis and market research in anonymous form, anonymous satisfaction questionnaires, etc.).
Sending targeted communications and generalized commercial offers: Scalia Group may ask you for consent to use your data to send you targeted communications, e.g. birthday greetings or generalized promotions and advertising messages via traditional mail, e-mail, fax, SMS, etc. Your consent to receive these communications will be valid both for sending via automated systems without the intervention of an operator (e.g. e-mail, SMS), and for traditional contact methods (e.g. paper mail). You can always revoke your consent to the processing of your data for this purpose, even separately, for example by choosing to receive only advertising via paper mail and rejecting that sent via automated systems.
Information or contact requests: e.g. requests for commercial and technical information, contact requests, order fulfillment status, product availability, etc. for which the data you provide will be used to send you exclusively what is requested.
Treatment methods
The personal data collected (“Data”) may be processed in the following ways:
- with the prior consent of the interested party, execute a specific request of the user ("E-commerce Service").
- with the prior consent of the interested party, send newsletters with commercial and/or promotional information on the Company's products and services (“Marketing”).
- with the prior consent of the interested party, allow the Company to carry out pseudonymised user profiling, to improve the purchasing experience, making it personalised.
- The Data may be processed using paper and/or electronic and automated means, in particular, by ordinary mail or e-mail, telephone (e.g. automated calls, SMS, MMS), fax and any other IT channel (e.g. websites, mobile apps).
- The data will be processed exclusively by internal personnel not authorized and responsible for the processing (art.28 GDPR), after the application of the necessary security measures referred to in art. 32 GDPR.
- The data provided may be subject to review, verification and control by the Competent Authorities for any inspection activities. In these cases, the response is mandatory under penalty of administrative sanction.
Personal and/or sensitive data subject to processing
The personal data that may be collected are the following:
- personal data (name, surname, tax code, address, date of birth) for user registration on the website.
- data present on the customer account page relating to the completion of orders and the purchasing methods chosen by the user.
- Contact details (email, telephone) for receiving newsletters.
- personal data provided to receive specific assistance navigation data cookies, for details of which, please refer to the Cookie Policy on the website.
- statistical data, not attributable to the person, related to the viewing of the site.
- pseudonymized profiling data associated with personalized advertising for the user.
Optional nature of data provision
It is specified that the user is free to provide the personal data necessary to Scalia Group Srl in order to use the E-Commerce services made available by the Company, subject to consent to this information. Failure to provide such data may make it impossible to obtain what is requested.
As regards cookies, for which we refer in detail to the cookie policy, the user has the possibility at any time to block them, modify their preference or exercise their rights pursuant to GDPR/679/2016.
As regards the “stay connected” function, designed by the Company to make viewing the site as pleasant as possible, the user is free to activate it; in any case, the password is requested, with prior consent and exclusively for the purposes indicated, for any modification of personal data and/or to place an order, or for any non-conformity and support activities.
Other entities that may process the data
The Data may be processed by persons operating on behalf of the Company and under specific contractual obligations. The Data may also be communicated to third parties to fulfill legal obligations, to comply with orders from public authorities, or for prior consent or to exercise a right of the Company in court.
Transfer of data outside the European Economic Area (EEA)
The Company does not currently transfer data outside the European Economic Area and does not provide them to international organizations, except for necessary and ongoing legal proceedings, where required and under authorization and information of the interested parties.
The user's personal data that transit on the Company's website are managed in a secure manner through the SSL (Secure Socket Layer) coding system: this applies from login to order completion to data maintenance.
Link to third party websites
Third party websites accessible from this site are under the responsibility of the third parties themselves. The Company declines all responsibility regarding requests and/or provision of personal data to third party websites.
Data retention
- The Data processed to provide the Service will be retained by the Company for the period deemed strictly necessary to achieve these purposes, except in the case in which it has to manage any disputes related to the provision of the Service, which will be retained until the completion of this process.
- Customer Account Data is retained for ten years from the last use of the Service by the User.
- The Data processed for Marketing purposes will be retained by the Company from the moment the interested party has given his/her consent until such consent is revoked. In the event that the consent is revoked, a longer retention period may be used for such data, as in the previous case, in order to manage any disputes and/or litigation.
- The Data processed to improve the user experience on the websites will be stored for the periods indicated in the Cookie Policy.
- Where necessary, for the initiation or conduct of legal proceedings, appeals, non-payment, etc. and for specific regulations, the data may be retained for a variable period of time established subsequently.
The rights of the interested party
The interested party is granted the following rights:
- right of access, i.e. the right to obtain confirmation from the Company as to whether or not the Data is being processed and, where that is the case, to obtain access to it;
- right to rectification and erasure, i.e. the right to obtain the rectification of inaccurate Data and/or the integration of incomplete Data or the erasure of Data for legitimate reasons;
- right to restriction of processing, i.e. the right to request suspension of processing where there are legitimate reasons;
- right to data portability, i.e. the right to receive the Data in a structured, commonly used and readable format, as well as the right to transmit the Data to another data controller, if provided for;
- right to object, i.e. the right to object to the processing of Data when there are legitimate reasons, including the processing of Data for marketing and profiling purposes, if applicable;
- right to receive information regarding data breaches concerning him or her.
The Data Controller is obliged to inform users, in a specific Privacy Policy, about the existence of their privacy rights (articles 15-17 GDPR) and the relative methods of exercising them.
To exercise the above rights, the interested party may exercise a request by MAIL/PEC following the instructions below:
- insert in the subject: NAME, SURNAME, CF, SUBJECT OF REQUEST, REFERENCE REGULATORY ARTICLE.
- Address the MAIL/PEC to: dpo@scaliagroup.com
Dear Sir, | SCALIA GROUP SRL |
Data Controller | SCALIA JOHN THE BAPTIST |
Registered office |
VIA MARESCIALLO CAVIGLIA, 10 – 90100 PALERMO (PA) |
- In the text, report in detail the reason for the request (date, time, description of the event, categories of data in reference, purpose of the request, other), any evidence where present and necessary, signature of the interested party.
- Attach a valid identification document.
- Authorize Scalia Group SRL to process personal and/or sensitive data pursuant to GDPR/2016/679
As an alternative to the previous one, the “GDPR user rights exercise request form” is provided in the attachment, with instructions below:
- Please fill in the area of greatest interest.
- Send by EMAIL/PEC to dpo@scaliagroup.com, inserting as subject: NAME, SURNAME, CF, SUBJECT OF REQUEST, REFERENCE REGULATORY ARTICLE.
- Address the MAIL/PEC to: dpo@scaliagroup.com
Dear Sir, | SCALIA GROUP SRL |
Data Controller | SCALIA JOHN THE BAPTIST |
Registered office | VIA MARESCIALLO CAVIGLIA, 10 – 90100 PALERMO (PA) |
- In the text, report the identification of the applicant, the purpose of the request, the list of attachments included, and the signature of the interested party.
- Attach a valid identification document.
- Authorize Scalia Group SRL to process personal and/or sensitive data pursuant to GDPR/2016/679.
As an alternative to electronic notification, it is possible to have the aforementioned form delivered by means of Registered mail with return receipt by entering the necessary data in the appropriate form.”
Data Controller and DPO/RDP
The data controller is Scalia Group Srl, with registered office in Via Maresciallo Caviglia, 10 - 90143 Palermo, Tel: +39 3496625672, e-mail: info@scaliagroup.com. All updated references of the Company are reported at the bottom of each page of the Company's website.
The Data Protection Officer (DPO/RDP) is Linking Sicurezza Responsabilità Lavoro soc. coop., with registered office and operational headquarters in Viale Regione Siciliana NO 2132 - 90135 Palermo. The contact details are given: email dpo@linkingsrl.it; Pec linking@legalmail.it.
Changes
This Privacy Policy was updated on 06/17/2022. The Company reserves the right to partially or fully modify the Privacy Policy or simply to update its content (for example following changes in applicable law), following which, the same will publish any update on this website.