1. General information
illycaffè may process data for the following purposes:
B. to carry out advertising communications/information on products-services-initiatives of illycaffè and its partners and market research and/or interviews for the evaluation of product-services of illycaffè, all by illycaffè to the addresses that you provided in the form or other contact details provided later (please note that the sending of SMS/MMS and e-mail will also be in electronically with the help of automated tools);
C. in order to create, based on the information about the user in possession of illycaffè, a user profile (profiling) including the study of habits and consumer choices also deriving from analysis of the choices of products aimed at specific activities of marketing, promotion, direct marketing and business communications by illycaffè S.p.A., in accordance with the user's specific needs emerged from the profiling and also designed to analyze the choices and consumer habits of customers of illycaffè products. The processing for this purpose will also take place in databases in an automated modality. Can be created a profile both individual user and of homogeneous classes of users. In addition, it may also be possible to associate and compare data coming from different databases of illycaffè partners (subsidiaries or affiliates companies of illycaffè S.p.A. resident in the European Union and subsidiaries or affiliates companies of Gruppo illy S.p.A. resident in the Union European). Marketing activities, promotion, commercial communications and direct sales will be conducted only if the user has agreed to the processing for this purpose. Consent and provision of data for this purpose are optional and the user is free to purchase, register without agreeing to the data processing for this purpose. The only consequence of this lack will be that the user will not be subject to the activities indicated in this point;
D. to be compliant with the requirements pursuant to the legislation in force, regulations or EU regulations and for legitimate interests such as to assert or defend the rights of the Company.
3. Mandatory nature of the provision
As regards the purposes set out in point 2, letter C of this information, please refer to the same.
4. Data recipient categories
5. Data retention
Data will be retained by illycaffè for the entire period necessary for the pursuit of the purposes contained in this information. The data retention period is as follows:
- for legal obligations, regulations and community regulations, data may be retained for the periods imposed by these regulatory sources;
- for the purposes described in point 2 letter A of this policy, the data can be retained until the withdrawal of consent or request for cancellation;
- for the purposes described in point 2 letter B of this policy, the data can be retained until the withdrawal of consent or request for cancellation without prejudice to the conservation in accordance with the law to prove the consent previously given;
- for the purposes described in point 2 letter C the data can be retained until the withdrawal of consent or request for cancellation not exceeding 12 months from their registration, save the effective transformation into anonymous form that does not allow, even indirectly or by linking other databases, to identify the data subjects;
in any case, all data may be retained for a period necessary to assert or defend a company right according to Italian and European regulations.
6. Data Controller and Data Protection Officer
The Data Controller is illycaffè S.p.A., having its registered office in via Flavia 110, Trieste, phone number +39.040.3890.111, fax number +39.040.3890.490, e-mail: firstname.lastname@example.org. There is also a Data Protection Officer available at the email address email@example.com and at the addresses of the Company.
We inform you that the GDPR provides the possibility for the data subject to ask the Data Controller (at the above addresses) to access personal data and to correct or cancel them or limit their processing or to oppose their processing, in addition to exercising the right to data portability, as well as other rights contained in Chapter 3 of the GDPR including the revocation of consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on consent given before revocation.
The data subject can always lodge a complaint with the Italian Data Protection Authority, whose references can be found on the website www.garanteprivacy.it
9. Legal Basis
The legal basis is based on the fulfillment of legal obligations (Italian and European laws) as well as on the legitimate interests of the Data Controller in the relationship with the user. Furthermore, for the purposes for which consent is provided, the legal basis is the consent itself.
11. Processing procedures
We remind you that only for technical assistance needs data may be sent to companies outside the European community who are specifically designated as data processors by committing to comply with all the requirements of European legislation, also by signing the appropriate Contractual Clauses indicated by the Data Protection Authority; the data are only a copy of those contained in the European servers and the copy of the same is always available at illycaffè S.p.A..
N.B. The consent can only be given by persons over 14 years, if the subject is under 14, he cannot use what is provided for in the purposes for which consent is required (e.g. receiving commercial communication, profiling, ...).