pursuant to articles 7 and 13 of Legislative Decree 196/2003 (“Privacy Code”) & 13 and 14 of REG. EU 2016/679 (GDPR)
Fabi S.p.A. (Tax Code/VAT Registration Number: 01085710430), having its registered office in Monte San Giusto (MC), Via Bore Chienti not having a street number, pursuant to Regulation EU no. 2016/679 on the protection of natural persons with regard to the processing of personal data, as owner of the domain www.fabiboutique.com, informs you that: your personal data, collected from you (art. 13 GDPR) or from third parties (art. 14 GDPR), shall be processed solely for the purpose of giving execution to the contractual relationships brought into existence with you.
In every case the processing shall take place respecting the principles of correctness, lawfulness and transparency, protecting your confidentiality and your rights. For this purpose, we provide you with the following information:
Data controller [articles 13, para. 1, letter a) and 14, para. 1, letter a) GDPR]
The Data Controller is the Company FABI S.p.A. (Tax Code/VAT Registration Number: 01085710430), having its registered office in Monte San Giusto (MC), Via Bore Chienti not having a street number, in the person of its legal representative pro tempore, Mr. Elisio Fabi, electing to receive service of notice at the said registered office.
Data source [art. 14, par. 2, lett. f) GDPR]
Your data are given to us directly by you, or, on your express and conscious choice, by Facebook and Google, in case you decide to use the specific option while registering on our site.
Purposes of processing [articles 13, para. 1, letter c) and 14, para. 1, letter c) GDPR]
Your personal data shall be processed solely for the purpose of giving execution to the contractual relationship which constitutes the legal basis thereof, as well for the connected performances, relative to legal, tax, financial and commercial obligations,as well as for marketing purposes.
Your data, with your consent, could be the subject of an automated decision-making process and could be used for your profiling (Article 22, paragraphs 1 and 4, GDPR) for marketing purposes through the use of appropriate Cookies that will allow you to receive information related to our products most wanted by you while browsing our site (we will discuss this topic later).
Conferral of data and refusal [articles 13, para. 1, letter c), e) and 14, para. 1, letter c), para. 2, letter f) GDPR]
The conferral of your data is to necessary to the implementation for the purposes of the processing mentioned above and constitutes a contractual obligation; the refusal on your part may entail the impossibility of establishing and/or pursuing the obligatory relationship, within the limits in which this data shall be necessary to the execution of the same.
Methods of processing [articles 13, para. 1, letter d) and 14, para. 1, letter b) GDPR]
The processing of the data takes place by means of the use of appropriate tools and procedures to guarantee security and confidentiality and it may be carried out both by means of hard copy media, and through the aid of electronic tools. This data may furthermore by processed for the purposes mentioned at art. 6, para. 1 letter f) of Reg. EU 2016/679 (legitimate interests pursued by the controller).
The processing is undertaken by the data controller and by data processors expressly authorised by the same.
Communication of the data and transfer of the same abroad [articles 13, para. 1, letter e), f), para. 2, letter f) and 14, para. 1, letter e), f), para. 2, letter g) GDPR]
Your personal data is not subject to dissemination, that is to say that it shall not be made available in any way, to undetermined parties; however, it may be communicated or transferred to data processors or to external collaborators, situated in Italy or in the Member States of the EUor even in the rest of the world, solely for the purpose of the correct conduct of the purposes of processing mentions above (for example for shipping of the goods you have purchased). It shall be communicated to data subjects whether or not an adequacy decision by the EU Commission exists.
The parties who shall process your data are:
- the data processors and consultants present within our Business, in particular the staff of the Administrative Office, the Production and Logistics staff and the Commercial Office;
- additional parties external to our Business, necessary for the fulfilment of purposes auxiliary to the relationship existing between you and us within the limits and while respecting Reg. EU 2016/679, such as financial institutions, shipping agents, insurance agencies, agents, representatives, etc., or for the exercise and protection of our rights and duties, such as accountants, lawyers etc.
Conservation of data [articles 13, para. 2, letter a) and 14, para. 2, letter a) GDPR]
Your data shall be processed for the full term of the contractual relationship and also subsequently, for the performance of legal obligations and for administrative and commercial purposes, unless you expressly and acceptably request for it to be deleted.
Rights of the data subject [articles 13, para. 2, letters b), c), d) and 14, para. 2, letters c), d), e) GDPR]
In your capacity of “Data Subject” you have the right:
- to ask the Data Controller for access (art. 15 GDPR), rectification (art. 16 GDPR), erasure (art. 17 GDPR), limitation (art. 18 GDPR), as well as to object to the processing of personal data the concerns you (art. 21 GDPR);
- to the portability of the data (art. 20 GDPR), that is to say to obtain, without impediments on the part of the Data Controller, your data in structured, commonly used and machine-readable format in order to transmit it to another Data Controller;
- to revoke the consent to the processing of your data, without any prejudice to the lawfulness of the processing based on the consent acquired prior to the revocation, pursuant to articles 6, para. 1, letter a) and 9, para. 2 letter a) of Reg. EU 2016/679:
- to lodge a complaint with the Supervisory Authority [articles 13, para. 2, letter d) and 14, para. 2, letter e) GDPR]: the Italian Data Protection Authority, with its head office in Rome (00186), Piazza di Monte Citorio, no. 121.