Privacy
PRIVACY POLICY & GDPR
To purchase on this site is necessary to release personal data. This is essential to proceed with the order and to allow us to provide assistance on it for the duration of the European warranty. The conferment of data is always optional, but the refusal to provide such data makes it impossible for us to provide the mail order service and / or assistance.
What kind of data we process
- first and last name
- shipping address and residence
- postal code
- mobile and/or landline telephone number
- any other data declared inherent to the delivery
- billing data
- any tax code
- e-mail address
- IP address
What data we do not process
We do not process, display or store any type of data relating to credit cards or security codes, the online transactions take place on secure servers of PayPal, we only receive confirmation of payment via secure SSL channel.
For what reasons we process them
- to offer the service of online sales
- to offer the service of assistance on sales
- to fulfill legal obligations
- to fulfill tax obligations
- to prevent and/or prosecute computer fraud
How long we keep your data
We keep your personal data and the details of the material ordered up to a maximum time of 2 years, unless you request otherwise (right to be forgotten). If you do not place orders or do not log in for 2 years, in order to limit damages in case of data leakage, your account and your order history will be automatically deleted from the customers database; however, you will be able to create a new one for free when you want.
On what media we store your data
Order data is stored on computer and on paper. Our computer systems process your data to allow us to print on paper the list of materials you ordered and to produce the shipping label that will be affixed to the package, as well as to store a history that allows us to provide assistance in case of problems with your purchases. Our computer systems reside behind a firewall that does not allow access from unauthorized terminals under normal conditions and are protected by a multi-factor authentication that makes them available only to internal staff. Data backups are encrypted and are stored on European cloud facilities that therefore do not have access to their contents.
To whom we communicate your data following a purchase, what data is communicated and why
- to the express couriers; BRT s.p.a. whose website can be reached at https://www.brt.it and/or Poste Italiane s.p.a. whose website can be reached at https://www.poste.it/ and/or FedEx whose website can be reached at https://www.fedex.com: name, surname, full address, cell phone number, e-mail address, order number, order value; to allow the delivery of the goods and / or to contact you in case of problems with this
- who processes payments online; PayPal Europe whose website can be reached at https://www.paypal.com: name, surname, full address, cell phone number, e-mail address, order number, order value; for the appropriate security checks of the case
Who can become aware of your data, which - besides the subjects listed above - and why
European subjects
- Emme.Ci2k1 di Marco Curradi, via Orly 21/b 50013 Campi Bisenzio (FI) Italy, whose website can be reached at https://www.mc2k1.it: name, surname, full address, cell phone number, e-mail address, order number, order value, IP address, geolocation, site usage statistics; for any technical support interventions on the e-commerce software platform and consulting, the data are not stored
- Qualiteam software, Georgiou Katsounotou 6, 3036 Limassol Cyprus, whose website can be reached at https://www.x-cart.com: first name, last name, full address, mobile number, e-mail address, order number, order value, IP address, geolocation; for any technical support interventions on the e-commerce software platform, the data are not stored
- Consorzio FullOutSourcing, via R. Sanzio 52/r 50013, Campi Bisenzio (FI) Italy, whose website can be reached at https://www.fulloutstudio.it: name, surname, full address, cell phone number, e-mail address, order number, order value, IP address, geolocation; for purchase analysis and evaluation of social advertising campaigns, the data are not stored
- Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, whose website can be found at https://www.google.com: site usage statistics, searches performed, approximate geolocation, order value; the data is anonymized and stored for a maximum of 24 months
Non-European subjects
- MailChimp, The Rocket Science Group, LLC 675 Ponce de Leon Ave NE Suite 5000 Atlanta, GA 30308 USA: e-mail address, first name, favorite interest among 5 suggestions, operating system and browser, IP address, geolocation; only in case of newsletter subscription, data are kept up to a maximum of 3 months after the last newsletter opening then they are deleted
- Facebook, 1 Hacker Way (6,108.00 mi) Menlo Park, California 94025: amount of anonymized purchases, likes and shares of the pages of our website; only in case you are registered and logged into the Facebook platform
How we take care of your privacy
Although no computer system is 100% secure, we make every effort to minimize security risks and data loss in order to protect your privacy.
In case you have an account on our site, this is protected by a password encoded with hash ρiυ' salt in a database not publicly accessible, if this is entered incorrectly for 3 times, even by malitenzionati, your account will be blocked and you can recover only by clicking on a special link that will be sent to your e-mail address used during the creation of the account.
Your personal order information (first and last name, shipping address, phone number, etc.) can only be accessed by knowing your account password or by the company personnel or authorized persons listed above. If you do not have an account, your information is visible only to the company personnel or authorized persons listed above. We send order confirmations containing your data only to the e-mail address you provided during the purchase process. The personal data reported on the company paper material are destroyed at the end of their use.
Site usage statistics are processed by Google and are anonymized. Google is trained to anonymize your IP address and cannot directly associate you with purchases you make on our site. We do not have code that allows retargeting and therefore do not transmit the correlation between you and your purchases to Google. We keep the circulation of your data in non-European territory to a minimum. Currently, the only non-European partner that has access to the data listed above in the case of a newsletter subscription is MailChimp, which resides in the United States.
We have signed a Data Processing Agreement (DPA) with anyone who may gain access to your data:
- the provider of the newsletter service, MailChimp (The Rocket Science Group ltd.) which undertakes not to disclose your data and to use them only to provide you with the newsletter service, the subscription to which is optional, regulated by a double opt-in, can be revoked at any time also independently
- suppliers of technical support Qualiteam ltd. and Emme.Ci2k1 di Marco Curradi who undertake not to disclose your data and to use them only for diagnostic activities and technical support to the e-commerce platform.
What are your rights
You have the right to:
1. obtain confirmation of the existence or not of personal data concerning you, and their communication in intelligible form
2. know the origin of your personal data in our possession
3. know the purposes and methods with which they are treated
4. know the logic with which your data is processed with electronic instruments
5. to know the identification details of the owner of the data processing and of the persons responsible for it
6. to know who are the subjects or categories of persons to whom your data may be communicated, including those who can learn about them as appointed representative in the State, managers or agents
7. to obtain the updating, rectification or integration of data
8. obtain the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed
9. obtain certification that the operations referred to in paragraphs 7 and 8 have been notified, also as regards their contents, to those to whom the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate to the protected right
10. oppose for legitimate reasons the processing of personal data concerning you, even if pertinent to the purpose of collection
11. oppose the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication.
Who is the data controller and how you can contact him:
Mrs. Chiara Bernardini as data controller, c/o Tosca Italian Fabrics srl, via Emilio Boni 19 - 59100 Prato - Italy [info chιoccιola toscaitalianfabrics.com].
Security measures of the Owner
The Customer will have access credentials, consisting of user-id and password, which can be regenerated at any time. It is up to the Customer to choose strong passwords and keep them confidential.
Server
We use multiple web servers to provide online sales, support, and related services. These servers automatically collect and store information that your browser automatically transmits to us while you are browsing in a log file. The information is only kept for as long as required by law and is as follows:
- pages visited on our domains
- time of page requests
- type of browser and browser version
- operating system used
- URL address of origin
- host name of the accessing computer
- IP address
Cookies
Our website makes use of cookies for the purpose of operating the online sales system and improving your online experience.
What are Cookies
A Cookie is a small text file that sites save on your computer or mobile device as you visit them. Cookies help the site remember your actions and preferences (e.g., login, language, shopping cart contents, font size, and other display settings) so that you don't have to re-enter them when you return to the site or navigate between pages.
Cookies do not contain any information that can directly identify a user, however, personal information stored on our site may be linked by us to information stored in and obtained from Cookies.
What information we obtain from Cookies and how we use them
The Cookies that are installed by our domain allow us to:
- recognize the device you are using and remind us of the material you have in your shopping cart, customizations and options you have chosen
- provide you with a reminder that you have not completed the checkout process
- improve site usability
- analyze site usage
- administer the site
- prevent fraud
- protect personal data
- customize the site according to user choices (language, colors, preferences in general)
Is enabling cookies secure?
Yes. Cookies contain only small amounts of data and cannot perform any operations on their own. We recommend that you configure your web browser to accept cookies from our site.
How can you change my Cookie settings?
You can disable Cookies by changing the settings of the browser you use. Because browsers are updated frequently and there are always ρiυ' many platforms that support them, it is not possible to provide a single guide suitable for all versions of browsers and devices; however, the following links will direct you to a Google search with the appropriate keywords related to changing cookies for each major browser. You can customize the search by entering the browser version and the platform you use (PC, MAC, iPhone, Android, BlackBerry, etc.).
What types of cookies are used by this site?
We use three different types of cookies on our website:
- Session Cookies: temporary files that are only stored for the duration of your session on the website. The web browser normally deletes them on closure.
- Persistent Cookies: the duration of these files extends beyond your browser session (for example, if you sign in to a website, it will recognize you on your next visit). Persistent cookies enable features such as welcome notifications, keeping items in your shopping cart (in case of online shopping), recognizing preferences such as languages, colors, etc.
- Third Party Cookies: While browsing our website, you may transmit Cookies to third parties that are not related to our company. If you access a web page with embedded content, such as YouTube, Cookies may be transmitted to and from that site. We do not control these Cookies, so we recommend that you consult the third party websites for more information regarding the Cookies they use and how to manage them.
Below is a list of the Cookies assigned directly by our site, with an explanation of how each is used.
recent_login
Functional, session. It allows to remember personal data and order history, special offers applied to the user, wish list and personalized offers.
xid
Essential, session-based. It allows the maintenance of the objects in the cart and the choices made on the site for the duration of the session.
Other cookies may be assigned by browsing this site by:
How you can delete Cookies
You can delete Cookies already stored on your computer. Because browsers are updated frequently and there are always many platforms that support them, it is not possible to provide a single guide suitable for all versions of browsers and devices; however, the following links will direct you to a Google search with the appropriate keywords related to deleting cookies for each major browser. If you have a different browser or operating system, we recommend that you search for the appropriate method for your configuration.
This action may have negative consequences regarding the usability of many websites in addition to this site.