In compliance with the obligations deriving from the new General Data Protection Regulation (EU Regulation No. 679/2016, referred to as GDPR) and in order to make the activity of the www.bellearti.net site as transparent as possible, this section is intended to inform the user about the methods of collection and processing of his/her personal data.
Personal data means any information that identifies (or facilitates the direct or indirect identification of) a physical person: name, address, identification number, online identification (for example, IP address) are considered personal data, as are one or more characteristic elements of a person's physical, physiological, genetic, psychic, economic, cultural and social identity.
Processing means any operation (or set of operations) applied to personal data such as collection, registration, organisation, structuring, adaptation or modification, storage, consultation, use, cancellation and destruction.
Ownership and Responsibility of Data Processing
The Data Controller (and Manager) of the data processing is BelleArti.net of Montecchiari Maurizio, with registered office in via Giovanni XXIII 45 - 62100 Macerata (MC)
Purposes of processing
On www.bellearti.net the collection (and subsequent processing) of personal data is carried out for fulfilling the following purposes:
- to allow browsing and consultation of the site
- to allow the provision of services and the management of the reserved customer area
- to allow the execution of the contract of sale between BelleArti.net and the user/buyer
- to respond to requests for assistance and/or information received by email, telephone or web pages
- to send advertising and/or informative material, carry out direct marketing campaigns via email (promotions, news, etc.), as well as provide customised commercial offers based on products purchased and/or displayed
- to fulfil the legal obligations established by national and EU legislation
- to guarantee the security of the site and prevent illicit and fraudulent behaviour, reserving the right to adopt any appropriate measures to protect the company itself and to protect third parties
Data subject to processing
During navigation (and during the purchase phase) BelleArti.net collects the following personal data:
This information is purely technical informational (IP address, browser used, operating system, pages of the site visited, products placed in the cart, etc.) that is collected in an aggregate and non-identifying manner (and cannot, therefore, be associated to a specific physical person) for: statistical purposes, correct operation of the site, and the identification of anomalies and/or abuses.
Some examples include:
- Font Awesome: is a collection of icon fonts that allows you to insert a series of icons into a website as if they were text characters; they are inserted because they can give an alternative graphic effect in contrast to the insertion of a textual paragraph, thus animating the reading of the content
- Google Fonts: a library of fonts (typographic characters characterised and united by a certain graphic style or intended to perform a given function) used by webmasters for the creation of websites
Data provided directly by the user
This is all information that is expressly and voluntarily entered by the user during registration, purchase, access to a reserved area, or when registering via a form.
Cookies are small text files stored in the user's computer when visiting certain internet pages: in most browsers these cookies are enabled, are not harmful to the device, and do not contain personal identification information.
They are encrypted information that is collected to improve/optimise navigability on the site: for example, they are useful for identifying and resolving errors or for determining relevant correlated products to be shown to the visitor while browsing.
BelleArti.net uses the following cookies:
- Technical cookies: they are necessary and essential in order to navigate on the site and use all its features; without these cookies we would not be able to provide some essential services and/or functions and navigation would not be as convenient and easy as it should be
- Analytical cookies: collect information on how a visitor uses the site (for example which pages are visited); all the information collected by these cookies is aggregated anonymously (it cannot be used to identify the user) and is used only to improve the functionality of the site
- Functional cookies: make it possible to "remember" the choices made by a user and to personalise the contents of the site in order to improve the service
- Advertising cookies: make it possible to trace user "profiles" by gathering information on their tastes, and then send personalised advertising content and improve campaign effectiveness; these may also be cookies from third parties (if, for example, they are set by a site different from the one you are visiting)
Some examples include:
- Google Tag Manager: a tag management system that allows you to quickly and easily update tracking codes and their code fragments (collectively known as "tags") on a website
- Google Analytics with anonymised IP: a Google analysis tool that collects and analyses the statistics of visits to a website in a completely anonymous form (the personal data of the user browsing is not collected); the purpose is to examine the use of the site by users, compile reports on activities and provide other information, such as the number of visitors and the most visited pages
- Hotjar: is an analysis tool that allows you to study the behaviours that users assume within a website (mouse movements, clicks, which information they skip over and which they, instead, consult more intensively, etc.); this facilitates the optimisation of site performance and marketing campaigns
NOTE: considering that the website www.bellearti.net only works optimally when cookies are enabled, the user can still decide to disable them at any time by accessing his/her browser settings. Disabling cookies may disable some features of the site.
- Google reCaptcha: a system that makes it possible to distinguish between the behaviours of real users and robots (for example by recognising traffic signs or shop windows); it is a deterrent aimed at removing malicious people and bots from websites or pages on which you are asked to confirm your login credentials
NOTE: all data collected by BelleArti.net during the user's navigation time and purchase process is in no way sold or disclosed to third parties except for the purposes referred to in point 2.
Recipients of the treatment
A recipient is defined as the natural or legal person, public authority, service or other body to whom/which personal data is communicated.
For the pursuit of the purposes referred to in point 2, BelleArti.net shares the personal data of users with the following parties:
- professional parties authorised to provide advice and/or assistance in legal, fiscal, financial or administrative matters
- professional subjects authorised to provide internet services
- professional subjects authorised to manage payments
- business partners dealing with deliveries on behalf of BelleArti.net (e.g. carriers and postal services)
- professional parties authorised to manage mailing lists
- public bodies or authorities, in order to fulfil legal obligations under the law or to ascertain, exercise and defend a right in court
These parties are not authorised to use or disclose such data except for the performance of services entrusted to them or for compliance with legislative obligations.
Personal data is stored for a period of time not greater than that required for the pursuit of the specific purposes of the processing provided for in point 2, or until the specific request for revocation of the treatment by the user
BelleArti.net implements all the technical and organisational measures (consistent with its own scope as a company:
- to effectively implement the laws regarding the protection of users' personal data (e.g. by ensuring that the site is browsed in encrypted HTTPS mode) and by preventing offences, or the unauthorised access or use of data
- to align itself so as to guarantee that only the personal data necessary for each specific purpose of the processing is processed
- such that anyone acting under the company's authority and having access to the user's personal data does not process such data if he or she has not been trained to do so
In the case of the violation of personal data, Bellearti.net will notify the competent supervisory authority of the violation within 72 hours from the moment it becomes known, unless it is unlikely that the violation presents a risk to the rights and the freedoms of natural persons.
A. Access to personal data
The user, through his/her Account, can at any time access, modify, delete ("right to be forgotten") and print ("right to portability") his/her personal data
B. Limitation and withdrawal of consent
The user has the right to limit and/or withdraw at any time the consent to the processing of his/her personal data by sending an email to firstname.lastname@example.org or accessing his/her account and using the specific sections dedicated to this purpose:
- The consent for the purposes referred to in points 2.A, 2.B, 2.C and 2.D can be independently withdrawn by checking the box DELETE YOUR PERSONAL DATA which is under the PERSONAL DATA (or YOUR DATA) section of your account; the withdrawal of consent precludes the possibility of continuing to provide services and/or of making the sales contract enforceable
- The consent for the purpose referred to in point 2.E can be independently withdrawn by checking the box UNSUBSCRIBE FROM THE NEWSLETTER which is located in the PERSONAL DATA (or YOUR DATA) section of your account or by clicking on the link at the end of each email sent; the withdrawal of consent does not preclude the possibility of continuing to provide services and/or enforce the sales contract
NOTE: the processing referred to in sections 2.F and 2.G is necessary to fulfil the obligations established by national and EU legislation or to ascertain responsibility in the case of computer crimes against the site or third parties
Right of complaint
Any user who believes that the processing of his/her personal data is in violation of current legislation has the right to lodge a complaint with a supervisory authority (Data Protection Authority), particularly in the Member State in which he/she normally resides, works, or in the place where the alleged violation has occurred.