Privacy Policy – Press Room

This privacy policy aims to provide all the information on the processing of personal data carried out by Studio Italia Design S.r.l. when the user registers and accesses the Press Room (as better indicated below).

1. Introduction – Who are we?

Lodes S.r.l., having its registered office in Marcon (VE) – 30020, Via Pialoi n. 32 (Italy), VAT No. 02992370276 (hereinafter, “Controller”), manager of the internet website https://www.lodes.com (hereinafter, the “Website”), in its capacity as data controller in relation to personal data pertaining to the users using the Website (hereinafter, the “Users”) hereby provides the privacy policy pursuant to art. 13 of the Regulation EU 2016/679 dated 27 April 2016 (hereinafter, “Regulation” or “Applicable Law”).

2. How to contact us?

The Controller takes the outmost account to the privacy rights and to the protection of its Users’ personal data.

Users may contact the Controller at any time whatsoever using the following modalities:

· Sending a registered letter to the registered office of the Controller (Marcon (VE) – 30020, Via Pialoi n. 32 – Italy);

· Sending an email to [email protected].

The Controller did not appoint a Data Protection Officer (DPO), because the Controller is not subject to the mandatory obligation to appoint it pursuant to art. 37 of the Regulation.

3. What wo do? Processing purposes

Lodes S.r.l. is a company that, balancing technical know–how and the best Made in Italy design, has been designing and producing lighting solutions for interiors and exteriors.

Browsing the Website, the User can register to the Press Room section in order to have access to content such as press releases and exclusive materials on news and products of Studio Italia Design S.r.l. (hereinafter, the “Service”). Such registration is subject to prior approval by the Controller.

In relation to the Service, the Controller collects personal data regarding the Users.

This Website and the services eventually offered through the Website are reserved to subjects over the age of 18 years old. Hereby, the Controller does not collect personal data pertaining to subjects under the age of 18 years old. At request of the Users, the Controller will promptly delete all the personal data, involuntary collected, pertaining to subjects under the age of 18 years old.

The Users’ personal data will be processed by the Controller lawfully pursuant to art. 6 of the Regulation for the following processing purposes:

1. executing the User’s request and providing the Service: the personal data of the Users will be processed by the Controller with the only purposes to execute the request of the User regarding the registration to the Press Room and to allow the access to the Press Room.

2. accounting-administrative purposes, or in order to carry out organisational, administrative, financial and accounting activities, as internal organisational activities and activities aimed at fulfilling contractual and precontractual obligations;

3. legal obligations, or in order to fulfil obligations provided by the law or the European laws and regulations.

Providing the personal data for the processing purposes specified above is optional but necessary, since failing to provide the same imply the impossibility for the User to register and access to the Press Room.

A star in the form identifies the personal data, which are necessary for purporting the processing purposes described under this paragraph 3.

4. Further processing purposes

4.1. Newsletter

With the free and optional consent of the User, some personal data of the User (name, surname, address, city, postal code, email address, company, phone number, job) are processed by the Controller to send newsletter, with commercial and marketing content too.

Therefore, the User will receive a periodic newsletter from the Controller that will contain relevant information and news in relation to the activities of the Controller and/or third party companies, proposals for the purchase of products and/or services offered by the Controller and/or third party companies, as well as presentations of offers, promotions and commercial opportunities.

In case of lack of consent, the possibility to register to the Press Room will not be affected.

In case of consent, the User may at any time revoke the same, making a request to the Controller in the manner indicated in paragraph 8 below.

The User can also easily oppose further sending of newsletter communications also by clicking on the appropriate link for the revocation of consent, which is present in each e-mail containing the newsletter. Once the consent has been revoked, the Controller will send the User an e-mail message confirming the revocation of the consent.

The Controller hereby informs that, following the exercise of the right to object to the sending of newsletter communications, it could be possible due to technical issues (i.e. sending list already completed a little before the receipt by the Controller of the objection request) the User continues receiving further newsletter messages. In the event that the User continues receiving newsletter messages once elapsed 24 hours from the exercise of the objection right, please flag such issue to the Controller, using the contacts specified under the following paragraph 8.

Providing the personal data for the processing purposes specified above is optional but necessary, since failing to provide the same imply the impossibility for the User to receive the newsletter and the commercial communications from the Controller.

5. Legal Basis

Executing the User’s request relating to the Service (as described in paragraph 3, letter a)): the legal basis of processing is art. 6, letter b) of the GDPR (processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract).

Administrative and accounting purposes (as described in paragraph 3, letter b)): the legal basis of processing is art. 6, letter b) of the GDPR (processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract).

Legal obligations (as described in paragraph 3, letter c)): the legal basis of processing is art. 6, letter c) of the GDPR (processing is necessary for compliance with a legal obligation to which the Controller is subject).

Further processing purposes: for the processing of data related to the sending of the newsletter, with commercial contents (as described in the previous paragraph 4.1), the legal basis of processing is article 6, letter a) of the GDPR (consent of data subject to the processing of his or her personal data for one or more specific purposes). For this reason, the Controller asks the User to provide a specific, free and optional consent in order to pursue this processing purpose.

6. Processing methods and data retention

The Controller will carry out the processing of Users’ personal data by manual and IT instruments, applying logics strictly connected to the purposes and, in any case, so that the safety and confidentiality of the relevant data is guaranteed.

In the cases described in the previous paragraph 3 Users’ personal data will be retained for the time strictly necessary to carry out the relevant purposes, illustrated in the same paragraphs and, in any case, for the time necessary for the protection of the civil interests of the Users and of the Controller.

In the case described in the previous paragraph 4.1, Users’ personal data will be retained for the time strictly necessary to carry out the purposes illustrated in the same paragraph and, in any case, until the User revokes his/her consent.

In any case, any retention periods provided for by law or regulations are not affected.

7. Data disclosure and dissemination

Controller’s employees and/or workers appointed to manage personal data may become aware of any Users’ personal data. Such subjects, who have been instructed by the Controller accordingly to art. 29 of the Regulation, will process the relevant User’s data exclusively for the purposes specified under this policy and in compliance with the provisions of the Applicable Law.

Furthermore, third parties which may process personal data for the account of the Controller may become aware of any Users’ personal data in their capacity as “Data Processor” pursuant to art. 28 of the Regulation, such as, including, but not limited to, providers of logistics and IT services functional for the Website operational, outsourcing or cloud computing services providers, professionals and advisors, companies entrusted with the sending of newsletter e-mails for the account of the Controller.

Users have the right to obtain a list of the data processor (if any) appointed by the Controller upon a specific request to be made to the Controller following the modalities specified under the following paragraph 8.

8. Data subjects’ rights

Users may exercise the rights granted to them by the Applicable Law, contacting the Controller with the following modalities:

· Sending a registered letter to the registered office of the Controller (Marcon (VE) – 30020, Via Pialoi n. 32 – Italy);

· Sending an email to [email protected].

Pursuant to the Applicable Law, the Controller hereby informs that any Users has the right to obtain the indication of (i) the source of the personal data; (ii) the purposes and methods of the processing; (iii) the logic applied to the processing, if the latter is carried out with the help of electronic means; (iv) the identification data concerning data controller and data processors; (v) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated data processor(s) or person(s) in charge of the processing.

 

Furthermore, data subjects have the right to obtain:

a) access, updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

Furthermore, Users have:

a) the right to withdraw the consent at any time, when the processing is based on consent;

b) the right to data portability (if applicable), that is the right to receive all the personal data concerning the User, in a structured, commonly used and machine-readable format; the right to restriction of processing of the personal data; the right to erasure (right to be forgotten).

       c)the right to object:

i) in whole or in part, on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
ii) in whole or in part, to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys;
iii) if personal data are processed for direct marketing purposes, to object at any time to the processing for such marketing, which includes profiling to the extent that is related to such direct marketing.

d) the right to lodge a complaint with a supervisory authority (in the Member State of him or her habitual residence, place of work or place of the alleged infringement) if the User considers that the processing of personal data relating to him/her infringes the Regulation. The Italian Data Protection Authority is the Garante per la protezione dei dati personali, with registered office in Piazza Venezia, n. 11, 00186 – Rome (RM) (http://www.garanteprivacy.it).

The Controller is not responsible for updating all links that can be viewed in this Privacy Policy, therefore whenever a link is not functional and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to such link.