Privacy policy
Privacy Policy
The personal data you enter is processed by Casa Capone Jewelry srl, Via del Ponte, 1, Caprona (PI), IT as Data Controller, for purposes related to the provision of the services you have requested (for example: requesting information, registering on the site to receive benefits and offers, obtaining quotes, making payments, purchasing goods and receiving them at an address you have indicated, making a reservation, exchanging documents).
Furthermore, the data you provide may be processed, only with your explicit consent, in order to send you commercial communications via email or SMS relating to the services offered by the Data Controller. In the first case, the legal basis for processing is the execution of an agreement; in the second case it is consent. The processing will take place electronically and will be made available to third parties (External Data Processors) within the European Union or in non-EU countries, regularly contracted by the Data Controller and offering adequate security guarantees, necessary for the provision of essential services to meet your needs. These External Processors, whose list is available upon request, may belong to categories of subjects that support the Data Controller in the provision of services offered through this site (such as, for example: software developers and website managers, shippers). They will also be processed for statistical analysis and direct marketing purposes, anonymously, as better specified by the cookie policy. These are therefore legitimate and necessary processing operations to ensure you a service that meets your expectations.
The data will be kept for the entire duration of the services you have requested or for longer periods only if required by law. At any time you can exercise the rights provided for in articles 15-22 of the GDPR by contacting the owner of this site. To modify or delete only the data that is stored on the systems that provide this site. The information you enter in the form (including your email address) may be communicated to a third party company that will act as External Processor and that supports the Data Controller in the management of the site and in the fulfillment of your request.
In case of a request to delete your data, we inform you that it may no longer be possible to continue to provide you with the service requested from us.
Finally, we inform you that you can lodge a complaint with the Data Protection Authority if you believe your rights have been violated.
INFORMATION ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLES 13 AND 14 OF EU REGULATION 2016/679
Pursuant to articles 13 and 14 of European Regulation EU 2016/679 on the protection of personal data (hereinafter GDPR), Casa Capone Jewelry s.r.l., as Data Controller, for the establishment and execution of contractual relationships that will be undertaken with you or that are currently ongoing, informs you of the following:
1. Data Controller and data protection officer
The Data Controller is Casa Capone Jewelry s.r.l., with registered office in Via del Ponte n.1, fraz. Caprona – Vicopisano (PI), represented by its legal representative pro-tempore, Sergio Capone, VAT No. 01001430501.
The Data Controller can be contacted via certified email at: centroorafopisano@arubapec.it
A Data Protection Officer has not been appointed.
2. Type and purpose of processing personal data
Casa Capone Jewelry s.r.l. may process the following personal data:
a) personal, tax, contact details and other administrative or commercial data necessary to give effect to the contractual relationships themselves, for accounting and administrative management, and for this purpose the provision of such data is necessary, in fact in case of refusal to provide them or in case of refusal to the subsequent processing may result in the impossibility of managing contractual relationships or managing them correctly;
b) special data that could fall within sensitive data, which are listed by way of example without claiming to be exhaustive (such as requests for engravings on jewelry and watches, or any other request for customization of the item), as provided for in article 9 par.2 GDPR, will be processed exclusively to fulfill contractual obligations (preparation, engraving or customization, replacement and for any activity related to these), therefore for this last purpose, the acquisition of these data is mandatory, as any refusal to provide them or subsequent opposition to their processing could result in the impossibility to fulfill the contractual obligations themselves (it is specified that these data will be deleted as soon as the requested activity is carried out);
c) telephone numbers and email address(es) or certified email address will be processed, with your explicit and specific consent, for sending promotional and advertising communications (including via newsletters), it is specified that their provision for the aforementioned purpose is optional.
3. Legal basis
The legal basis for processing the data referred to in point 2.a is constituted, as provided for in article 6, par. 1 letter B) of the GDPR, by the execution of the contract of which the customer is a party and by the need to fulfill the pre-contractual and contractual obligations provided for by current regulations.
The legal basis for processing the data referred to in point 2.b, in addition to being constituted by the need to fulfill contractual obligations, is also the consent given by the data subject. The legal basis for processing the data referred to in point 2.c is founded on the explicit consent given by the customer with specific signature in the form made available.
4. Retention times
Your personal data, subject to processing for the purposes indicated above, will be kept for the duration of the contract and, subsequently, for the time in which the Data Controller is required to keep them for tax purposes or for other purposes provided for by law, and in any case not beyond the terms provided for by current regulations.
5. Recipients of personal data
The data will be processed by authorized personnel, properly instructed and operating under the authority and responsibility of the Data Controller. Without prejudice to communications made in execution of legal obligations, personal data may be communicated to companies or professionals we trust for accounting or administrative activities, to banking and insurance institutions, to legal consultants for credit protection activities and other rights relating to individual commercial relationships and to judicial or administrative authorities, for the fulfillment of legal obligations. The data may also be communicated to third parties that provide services instrumental to the purposes indicated above, among these – by way of example – we can cite correspondence delivery providers or email/PEC management providers. The detailed list of such subjects is available at the Data Controller's headquarters and will be provided upon request by the data subject.
The personal data referred to, by way of example, in no. 2 letter b) will not be subject to any communication.
The Data Controller does not transfer personal data to third countries or international organizations.
6. Rights of the data subject
We also inform you that, in relation to the same data, you can exercise at any time the rights provided for by the GDPR. In particular, you have the right to ask the Data Controller:
- access to the data concerning you, you can request the rectification of inaccurate data, the integration of incomplete data, deletion, limitation of processing (when one of the hypotheses provided for by art.18, paragraph 1 GDPR occurs);
- in cases where the legal basis of processing is consent or contract and the processing is carried out through automated means, and to receive the data in a structured, commonly used and machine-readable format;
- to revoke any consent given, to object in whole or in part to the use of personal data. It is specified that processing based on consent and carried out before its revocation maintains its lawfulness.
You can also exercise all other rights recognized to you by the discipline on the matter. These rights can be exercised by writing via certified email to the address indicated in point 1 of the Information Notice (i.e. centroorafopisano@arubapec.it).
Pursuant to art. 77 of EU Regulation 2016/679 (GDPR), furthermore, you have the right to lodge a complaint with the Data Protection Authority, if you believe that the processing violates the aforementioned Regulation.
Effective date: May 15, 2024