1. General information
illycaffè UK Limited (hereinafter also referred to as the "Company" or “illycaffè UK”)”) hereby informs you (according to you to register to the site and shop and defining you also as "user" or "data subject") the purposes and procedures of data processing (provided by you and/or as a result of processing by the Company) of which will be hold. If you purchase and register as a legal representative of a firm/company/organization, per user or data subject shall be considered the firm /company/organization represented by you (which will be the subject recorded and will purchase) and your data will be processed by the Company only to identify you as the legal representative and for the purposes specified in point 2(A), 2(B), 2(C), considering the consent to the processing of data provided (through you) by the firm/company/organization that you represent.
Please note that your will indicate only your data and/or data of the firm/company/institution represented by you.
2. Purposes and legal basis
illycaffè UK may process data for the following purposes:
A. in order to allow the registration to the shop recognize you as a user registered and manage the recording (without the consent for such purposes you will not sign up); the processing is based on the following legal basis: consent;
B. where you shall purchase, to fulfill obligations arising from the purchase contract, and therefore also for administrative-accounting purposes and for the order management. About the credit card information is you also refer to the contents of the payment section of the site; the processing is based on the following legal basis: need for the performance of a contract;
C. to fulfill an obligation established by law, by a regulation or by EU legislation (for this purposes the legal basis is the fulfillment of legal obligations) and for legitimate interests such as to assert or defend the rights of the Company (for this purposes the legal basis is the pursuit of legitimate interests).
3. Mandatory provision of data
A. The provision of data on the registration form marked as mandatory (those marked in bold) is necessary for the purposes specified in point 2(B) of this information and therefore the refusal to provide it in whole or in part may make it impossible for the Company to execute the contract and then buying illycaffè products. The indication of the product to purchase and the method of payment is necessary to purchase the product (and then again for purposes specified in point 2(B) of this information) and the lack of information will make it impossible to buy the product. As far as shipping information if different from billing you see to point 3(F) of this information. About other data contained in the optional fields see also as shown below. Where not otherwise specified in this information data in optional fields can optionally be provided and the failure does not lead to any result other than that not to use such information (which may still be useful for the purpose in object).
B. The provision of data (tax code or VAT number, personal details and address, billing information and purchase, other data that may be necessary in pursuance of legal obligations and legislation or regulations to enforce or exercise a right of illycaffè UK) for the purposes specified in point 2(C) of this information is necessary and failure makes it impossible to register and/or to follow up the purchase contract.
C. The provision of data specified as mandatory (those marked in bold) in the registration form in order of registration (point 2(A) of this information) is optional but the absence of data will make it impossible to register the same. As far as shipping information if different from billing you see to point 3(F) of this information. About data relating to VAT and company name will also see to point 3 (E) of this information. As far as credit card information see to point 3(D) of this information. As for other data not marked in bold in the registration form and any other data provided, the provision is optional and failure to provide not lead to any result but to disregard such data that may be useful in some cases to better manage the order (see also refer to point 3(E) of this information).
D. As far as credit card information, your provision is optional and failure to make it impossible to pay by credit card.
E. The provision of requested data in case of invoice request (such as that of the VAT and the company name) is optional, but failure to make it impossible to invoice with the data given, if required.
F. The provision of data relating to alternative addresses to which to send the goods and/or a gift is optional but the missing data in bold will make it impossible to ship the material to the address indicated. Please note that for these activities, the user agrees on its own responsibility to obtain the consent of the subject of which indicates the data, send the goods to him address or indicate him as holder of the gift. In addition, user engages for these activities to inform the subject of which he communicates data to illycaffè UK (subject to which to send the goods or holder of the gift) that he will communicate data to illycaffè UK, so illycaffè UK can treat them (through persons in charge and data processors specified they must have knowledge to perform the tasks assigned by illycaffè UK) in order to send the material to the address and also informing him that illycaffè UK will give specific information about processing of data, putting him still aware immediately on that illycaffè UK may disclose data to carriers and shippers, and that provision of data is optional and failure to make it impossible to ship the goods to the address and/or to indicate the subject as a holder of the gift. You agree to obtain consent (where due) to communicate the data to illycaffè UK and their processing (therefore also consenting to the recording in databases illycaffè UK) by illycaffè UK for the purposes specified above in this section. User data will then be known even by those who receive the goods.
4. Data addressee categories
The data will not be disclosed to third parties by illycaffè UK for the purposes specified in point 2(A) of this information. The data may be communicated by illycaffè UK for the purposes specified in point 2(B) of this information (communicating only data that are necessary for the pursuit of these purposes) both in Great Britain and abroad to: banks for payments, carriers and forwarding agents, post offices, distributors, companies (including foreign) that contracts could be sold as provided in the contract of purchase (in which case it will be, with the assignment of the contract, including the transfer of data relating to the contract and its implementation and management), lawyers and legal consultants, companies audit where no appointed as data processor. For the purposes specified in point 2(B) and 2(C) of this information, data may be communicated in Great Britain and abroad (by communicating only the data that are necessary for the pursuit of these purposes) by illycaffè UK to judicial authorities, tax police and public security and public bodies if there is an obligation to this disclosure, also to law firms and legal advisers and to post offices (being able to see the address for sending any written notices). The data may be disclosed on behalf of illycaffè UK, each for own role, to all subjects delegated by illycaffè UK (administrative staff, transport and correspondence staff, including external to the Company, marketing staff and site management staff also external to the Company, IT technicians and IT staff, public relations staff, legal department staff, members of Board and Statutory Auditors, internal auditor, trainees, freelancers and consultants-employees also external to the Company acting under the direct responsibility of the Company, such as It technicians, quality control consultants, legal consultants and auditors, staff of internal and external Data processors) and to internal and external Data processors (companies-professional studies who perform instrumental activities of illycaffè UK such as marketing activities, shipping and enveloping or call center activities, audit of accounts and management public relationships, including information technology outsourcing company based in other states). The list of Data Processors is always available by contacting the Data Controller.
5. Data retention
Data will be retained by illycaffè UK for the entire period necessary for the pursuit of the purposes contained in this information. The data retention period is as follows:
- for legal obligations, regulations and community regulations, data may be retained for the periods imposed by these regulatory sources;
- for contractual purposes until the end of the relationship and even after the end of it for the period determined by British and European regulations, including in tax matters;
- for the purposes described in point 2(A) of this policy, the data can be retained until the withdrawal of consent or request for cancellation;
in any case, all data may be retained for a period necessary to assert or defend a company right according to British and European regulations.
6. Data Controller
The Data Controller is the undersigned company illycaffè UK Limited a company duly incorporated and validly existing under the laws of England & Wales, whose registered office is at Unit 7 – 8 Osyth Close Brackmills Northampton NN4 7DY, Ph: +44(0)1604 821234, e-mail firstname.lastname@example.org.
We inform you that the GDPR provides the possibility for the data subject to ask the Data Controller (at the above addresses) to access personal data and to correct or cancel them or limit their processing or to oppose their processing, in addition to exercising the right to data portability, as well as other rights contained in Chapter 3 of the GDPR including the revocation of consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on consent given before revocation.
The data subject can always lodge a complaint with the British Supervisory Authority whose references can be found on the website https://ico.org.uk.
9. Processing procedures
We remind you that only for technical assistance needs data may be sent to companies outside the European community who are specifically designated as data processors by committing to comply with all the requirements of European legislation. also, by signing the appropriate Contractual Clauses indicated by the Data Protection Authority; the data are only a copy of those contained in the European servers and the copy of the same is always available at illycaffè S.p.A..