Privacy Policy
Privacy Policy of favella.shop
This website collects some personal data of its users.
This document can be printed using the print command available in the settings of any browser.
Data Controller
Sud Rienergy Soc. Agr. S.r.l. | IT03094550781 - Via Favella della Corte, 87064 Corigliano Rossano, Cosenza
Email address of the Data Controller: favellagroup@gmail.com
Types of Data Collected
Among the personal data collected by this website, either independently or through third parties, are: Tracking Tool; Usage Data; email; first name; last name; gender; date of birth; phone number; physical address; country.
Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific informational texts displayed before the collection of the data themselves.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this website.
Unless otherwise specified, all data requested by this website are mandatory. If the User refuses to provide them, it may be impossible for this website to provide the Service. In cases where this website indicates some data as optional, Users are free to refrain from communicating such data without any consequence on the availability of the Service or its operation.
Users who have doubts about which Data is mandatory are encouraged to contact the Data Controller.
The eventual use of Cookies - or other tracking tools - by this website or the holders of third-party services used by this website, unless otherwise specified, aims to provide the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.
The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this website and guarantees that they have the right to communicate or disseminate them, freeing the Data Controller from any liability towards third parties.
Processing Methods and Place of Data Processing
Processing Methods
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.
Processing is carried out using IT and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the organization of this website (administrative, commercial, marketing staff, legal personnel, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Data Controller may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.
Legal Basis for Processing
The Data Controller processes Personal Data relating to the User if one of the following conditions applies:
- The User has given consent for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be allowed to process Personal Data without the User’s consent or another of the legal bases specified below, until the User objects (“opt-out”) to such processing. This does not apply where the processing of Personal Data is governed by European Data Protection legislation;
- The processing is necessary for the performance of a contract with the User and/or for the performance of pre-contractual measures;
- The processing is necessary to comply with a legal obligation to which the Data Controller is subject;
- The processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
- The processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.
It is always possible to ask the Data Controller to clarify the specific legal basis of each processing and, in particular, to specify whether the processing is based on the law, provided by a contract, or necessary to conclude a contract.
Place
The Data is processed at the Data Controller's operational offices and in any other places where the parties involved in the processing are located. For more information, contact the Data Controller.
The User’s Personal Data may be transferred to a country other than the one where the User is located. For further information on the place of processing, the User may refer to the section on details of the processing of Personal Data.
The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or established by two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
The User can check if any of the transfers described above take place by examining the section of this document related to the details of the processing of Personal Data or by requesting information from the Data Controller using the contact details provided at the beginning.
Retention Period
The Data is processed and kept for the time required to fulfill the purposes for which it was collected.
Therefore:
- Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the performance of such contract is completed.
- Personal Data collected for purposes related to the legitimate interests of the Data Controller will be retained until such interest is fulfilled. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When processing is based on the User’s consent, the Data Controller may retain the Personal Data longer until such consent is revoked. Additionally, the Data Controller may be obliged to retain the Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of this term, the right to access, deletion, correction, and the right to data portability can no longer be exercised.
Purposes of the Collected Data Processing
The User’s Data is collected to allow the Data Controller to provide the Service, fulfill legal obligations, respond to requests or executive actions, protect its rights and interests (or those of Users or third parties), identify any fraudulent or illegal activities, and for the following purposes: Statistics, Viewing content from external platforms, Contact management and messaging, Remarketing and behavioral targeting, Advertising, Heat mapping, and session recording.
For detailed information on the purposes of processing and the Personal Data processed for each purpose, the User can refer to the section “Details on the processing of Personal Data.”
Details on the Processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
Information on how to opt out of interest-based advertising
In addition to any opt-out function provided by any of the services listed in this document, Users can read more about how to opt out of interest-based advertising in the appropriate section of the Cookie Policy.
User Rights
Users can exercise certain rights with regard to the Data processed by the Data Controller.
In particular, the User has the right to:
- Withdraw consent at any time. strong> The User has the right to withdraw consent where they had previously given their consent to the processing of their Data.
- Oppose the processing of their Data. The User has the right to object to the processing of their Data if the processing is carried out on a legal basis other than consent.
- Access their Data. The User has the right to know if their Data is being processed by the Data Controller, obtain disclosure regarding certain aspects of the processing, and obtain a copy of the Data being processed.
- Verify and request rectification. The User has the right to verify the accuracy of their Data and ask for it to be updated or corrected.
- Obtain the erasure or removal of their Data. The User has the right to request the deletion or removal of their Data when it is no longer necessary for the purposes for which it was collected or if they have withdrawn consent.
- Receive their Data and have it transferred to another controller. The User has the right to receive their Data in a structured, commonly used, and machine-readable format and, if technically feasible, to have it transmitted to another controller without hindrance.
- File a complaint. The User has the right to bring a claim before their competent data protection authority.
To exercise their rights, Users can contact the Data Controller using the contact details provided in this document. Requests are free of charge and will be addressed by the Data Controller as soon as possible, in any case within one month.
Changes to this Privacy Policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying its Users on this page. Therefore, please consult this page frequently, referring to the date of the last modification indicated at the bottom. If the User objects to any of the changes to the Policy, the User must cease using this website and can request the Data Controller to remove their Personal Data.
Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected prior to the changes.
Definitions and legal references
Personal Data
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows the identification or unidentifiable of a natural person.
Usage Data
Information collected automatically through this website (or third-party services employed in this website), which includes: IP addresses or domain names of the computers used by the User connecting to the website, URI addresses (Uniform Resource Identifier), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's response (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system used by the User, the various time details per visit (e.g. the time spent on each page) and details about the itinerary followed within the website, with particular reference to the sequence of pages viewed, and other parameters about the operating system of the User.
User
The individual using this website, which must coincide with or be authorized by the Data Subject, to whom the Personal Data refer.
Data Subject
The natural person to whom the Personal Data refers.
Data Controller
The natural or legal person, public authority, agency, or any other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data and the tools used, including the security measures related to the operation and use of this website. The Data Controller, unless otherwise specified, is the owner of this website.
Data Processor
The natural or legal person, public authority, agency, or any other body that processes Personal Data on behalf of the Data Controller, as set out in this privacy policy.
This website
The means by which the Personal Data of the User is collected and processed.
Service
The service provided by this website as described in the relative terms (if available) and on this site/application.
European Union (EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states of the European Union and the European Economic Area.
Cookie
Small piece of data stored in the User’s device.
Legal References
This privacy policy is written in compliance with the obligations provided by Regulation (EU) 2016/679, known as the General Data Protection Regulation (GDPR), and by Legislative Decree 196/2003, as amended by Legislative Decree 101/2018 (the Italian Data Protection Code), and other applicable laws and regulations.
Definitions provided in the above-mentioned regulations are considered in this document.
Last modified: