WEBSITE PRIVACY POLICY www.vibenfactorystore.it

Dear User, pursuant to EU Regulation no. 2016/679 GDPR (General Data Protection Regulation), we inform you that the processing of your information will be based on principles of correctness, lawfulness, and transparency, safeguarding your privacy and rights.

On this page, we describe how your data, collected through the website www.vibenfactorystore.it, is managed by Dory Conf, the sole owner of the website.

1) Type of data collected
Regarding the data collected, we inform you that the processing concerns only personal data and that its processing will be carried out according to the methods described in point 4. of this policy.

• Personal data
In order to provide the services on the website www.vibenfactorystore.it and/or related services, we collect any data deemed necessary, such as identification data (i.e., name, surname, personal details, email address, bank details, etc.).

• Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. This data is used solely to obtain anonymous statistical information on the use of the site and to check its correct functioning, and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical cybercrimes against the site.

• Cookies
Cookies are text elements that are placed on a computer's hard drive only after authorization. Cookies streamline the analysis of web traffic or indicate when a specific site is visited and allow web applications to send information to individual users. On this point, we invite you to visit the cookie policy https://www.vibenfactorystore.it/pages/cookie

• Data voluntarily provided by users
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. Summary information will be progressively reported or displayed on the pages of the site set up to offer particular services.

2) Purpose of processing and data retention period
All data provided by you will be processed, for no longer than necessary, exclusively for the management of the relationship with the site and in any case for purposes strictly connected to the performance of the requested service. The data will be stored for the legal terms and in any case until it is necessary to provide the requested services.

3) Marketing and commercial communications
Your data, where you have given your explicit consent, may be processed not only for the purposes indicated in point 2 but also for marketing and advertising purposes, for example by sending newsletters from us. In particular, your data may be processed for:
a) Sending direct marketing communications, newsletters, advertising material, carrying out market research, by means of traditional contact systems and automated IT systems, including commercial or promotional communications via email or SMS;
b) For profiling activities.
Scope of communication and dissemination of data.
For the purposes set out above, employees of the Marketing & Communication department appointed as data processors may become aware of personal data.
Furthermore, consulting firms that provide technical services functional to achieving the specified purposes may become aware of personal data, acting as data processors. Data may be exported both within and outside the European Union. Personal data will not be disseminated.

4) Processing methods
Data processing may be carried out using manual, computerised or telematic tools capable of storing, managing and transmitting the data itself, organised according to logics related to the declared purposes, and in any case, in a manner that guarantees the security and confidentiality of the processed data. The storage and archiving of personal data takes place through the use of electronic and computer tools.

5) Mandatory nature of processing
We highlight that the provision of data is not mandatory, however, failure to provide it may result in the non-execution or partial execution of the requested service.
Mandatory or optional nature of providing data referred to in point 3
The provision of your personal data for the purpose referred to in point 3 letter a) is optional and entirely at your discretion. Failure to consent to the processing of personal data by you does not entail any prejudicial consequences for you, except for the impossibility of sending you commercial communications.
The provision of your personal data for the purpose referred to in point 3 letter b) is optional and entirely at your discretion. Failure to consent to the processing of personal data by you does not entail any prejudicial consequences for you, except for the impossibility of providing you with a personalized browsing experience and/or sending you profiled commercial communications.

6) Communication and sharing of information with third parties
Our company may need to make your data accessible to judicial authorities as well as to qualified third parties only on the basis of precise legal obligations and for the performance of the requested service. In particular, we may communicate data, upon express consent, to third parties such as 1) Companies and/or entities belonging to Dory Conf for the improvement of the quality of the services offered and for marketing purposes of our services and/or updated information on products and services; 2) natural and/or legal persons who, by virtue of contracts stipulated with Dory Conf, provide specific processing services or carry out activities connected, instrumental or supportive to those carried out by us.
In all other cases, any communication may only take place upon explicit request and, in any case, exclusively for the purposes referred to in point 2. of this policy.

7) Security measures
The system is protected against access by potential malicious individuals; our Company has established and will continuously improve the security system for data access and storage. We use industry standards for the protection of personal information. Data will be processed by employees and/or professionals appointed by the company, who will carry out the aforementioned activities under the direct supervision and responsibility of the legal representative.

8) Rights of data subjects
At any time, the User may exercise their rights towards the Data Controller, pursuant to art. 7 of Legislative Decree 196/2003 and arts. 11 and 12 of EU Regulation no. 2016/679 GDPR.
Specifically, the User has the right to obtain an indication of:
a) the origin of personal data;
b) the purposes and methods of processing;
c) the logic applied in case of processing carried out with the aid of electronic instruments;
d) the identification details of the owner, managers and designated representative;
e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as managers or appointees.
The User also has the right to obtain:
• confirmation of the existence or otherwise of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
• updating, rectification or, when interested, integration of data;
• the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;
• restriction of processing or opposition to their processing;
• access to data as provided for in art. 15 EU Reg. 2016/679 GDPR;
• data portability;
• the right to lodge a complaint with a supervisory authority;
• the right to erasure (right to be forgotten) as provided for in art. 17 of EU Reg. 2016/679 GDPR.

9) Right to object
The User has the right to object, as provided for by art. 21 EU Regulation 2016/679 GDPR, in whole or in part:

1. at any time, for reasons connected with his particular situation, to the processing of personal data concerning him, pursuant to art. 6 Paragraph 1 letters e) or f) of EU Regulation 2016/679 including profiling on the basis of these provisions;
2. to the processing of personal data concerning him for the purposes of sending advertising material or direct sales;
3. to processing for direct marketing purposes, including profiling to the extent that it is connected to direct marketing.
4. To processing for scientific or historical research purposes or for statistical purposes, unless the processing is necessary for the performance of a task carried out in the public interest.

10) Methods of exercising rights
At any time, the User may exercise their rights towards the Data Controller by sending a request to the following email address: info@vibenfactorystore.it

11) Data Controller
The Data Controller is Dory Conf, exclusive owner of the website www.vibenfactorystore.it

12) Contacts
For any information, request, or clarification, please contact us at: info@vibenfactorystore.it