Privacy Policy

Information for the processing of personal data (art. 13 EU Regulation 679/2016)

Pietro Romanengo fu Stefano Srl ("Romanengo") considers the protection of personal data of users who browse and/or purchase products on its website (the "Users") to be of fundamental importance and guarantees that the processing of personal data carried out through the site www.romanengo.com (the "Site") is carried out in compliance with the rights of the interested party, in compliance with the provisions of the European Regulation n. 679/2016 (the "GDPR") and other relevant national and EU provisions.

1. Who processes the User's personal data?
The Data Controller is Pietro Romanengo fu Stefano Srl, with legal and operational headquarters in Genoa, via Soziglia 74/76 r 16123 Genoa, e-mail: sabrina.zampardi@romanengo.com. The Data Controller can be contacted at any time at the contact details specified above. All Romanengo employees who will have access to User data will be appointed by the Data Controller as subjects authorized to process personal data and will have received adequate operating instructions in this regard.

2. What data are processed?
Romanengo collects some personal data of Users (the "Data"), such as aggregate information while browsing the Site and personal data voluntarily provided by the User when purchasing products offered by the Site and/or requesting information sent to the Site by e-mail or through the appropriate “Contact Us” box. For more information on the type and use of cookies on the Site, please refer to the Romanengo cookie policy available on this Site.

Navigation data
The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated to identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow Users to be identified.
This category of data includes the IP addresses or domain names of the computers used by Users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the Users' IT environment.

Data provided voluntarily by the User
Romanengo mainly collects the data necessary to complete the purchase of the products requested by the User or to contact the latter in response to a request for information. Romanengo could collect, by way of example, the following Data:

1) name and surname;
2) address;
3) e-mail;
4) fiscal code or VAT number;
5) date of birth;
6) sex;
7) telephone number.

3. What are the purposes and legal bases of the processing?
Romanengo will process User Data for the following purposes: a) to allow registration on the Site, allow navigation on the Site and the use of services reserved for registered users; b) conclude and execute the contract for the purchase of products offered on the Site; c) respond to requests for information sent to us via e-mail or via the appropriate "Contact Us" box; d) carry out direct marketing activities, aimed at promoting the Romanengo products and brand; e) send newsletters and periodic updates relating to products, initiatives and events organized by Romanengo, including invitations to reserved events; f) carry out statistical surveys.

The processing of data for the purposes listed above is carried out:
1) to provide the service requested by browsing the Site (e.g. registration and creation of the reserved area, communications connected to the provision of the service) and execute a contract or pre-contractual measures requested by the User, as well as comply with legal obligations, as to the purposes a., b. and c.; 2) upon acquisition of the User's express consent, as regards the purposes d. and it's.; 3) on the basis of the legitimate interest of the Data Controller as regards the purpose f., with the specification that in this case the User can always oppose the processing.

4. What are the consequences of not providing the Data?
Except as specified for navigation data, Users have the right to provide or not provide Data in the various sections of the Site for the purchase of products available on the Site or by sending a request for information to the Site by e-mail or the appropriate box. “Contact us”. The provision of User Data to Romanengo, which is requested on various collection occasions, may, in some cases, be indispensable for the pursuit of the purposes identified in this disclosure. In case of refusal to provide the data required for the purposes listed in article 3. points a., b. and c., the consequence will be the impossibility for Romanengo to supply the User with the products and to respond to his requests. The provision of data for the purposes listed in article 3. points d. and it's. requires express consent, pursuant to the GDPR. In the case of the purposes listed in the aforementioned points d. and e., the consent given for the sending of commercial and promotional communications by electronic means is also understood to be given in relation to the traditional methods of contact. In the event of refusal to provide the Data requested for the purposes listed in the aforementioned points d. and e., the consequence could be the mere impossibility for Romanengo to carry out the activities indicated therein and therefore for the User to receive commercial information and updates with respect to Romanengo's activity.

5. And what are the methods of treatment?
Data processing will be based on the principles of lawfulness, correctness, transparency, proportionality and minimization and may also be carried out through automated methods designed to memorize, manage and transmit them and will take place using suitable tools, as far as reasonable and state of the art, to guarantee security and confidentiality through the use of suitable procedures that avoid the risk of loss, unauthorized access, illicit use and dissemination.

6. Who are the recipients of the data communication?
In addition to Romanengo's employees and/or collaborators, the Data will (or could be) communicated to: a) Romanengo's tax consultants; b) IT consultants and electronic/technological service providers of Romanengo; c) Romanengo's legal advisors; d) courier companies for the delivery of purchased products; e) competent authorities; f) subjects who can access the Data under the provisions of the law or secondary or community legislation; The updated list of recipients can be consulted by writing to the e-mail: sabrina.zampardi@romanengo.com. The Data will not be disseminated.

7. What is the place of data processing?
The Data will be processed within the European Economic Area.

8. What about the data retention period?
The Data will be archived in electronic format and kept for the period of time strictly necessary to comply with legal and contractual obligations. In this regard, it should be noted that the Data: 1) necessary to process requests will be kept for the period strictly necessary to process the request, if the same does not have a contractual follow-up; 2) necessary to guarantee Romanengo compliance with legal obligations (e.g. accounting and tax legislation) will be kept for the period indicated by the applicable legislation; 3) necessary for Romanengo to execute any contracts stipulated with the User will be kept for the entire duration of the contract as well as for the period necessary to guarantee Romanengo the defense of its rights in the event of disputes relating to the contract concluded with the User (6 months after the statute of limitations has expired); 4) necessary for carrying out the activities indicated in article 3. points d. and it's. they will be kept until the consent is revoked by the User. 5) necessary for carrying out statistical surveys, until the User objects to the treatment.

9. What are the rights of the interested party?
The User has the right to ask the Owner:
1) confirmation that data is being processed and, in this case, access to the data and information referred to in art. 15 of the GDPR (purpose of processing, categories of data, categories of recipients, data retention period); 2) the rectification of inaccurate Data; 3) the integration of incomplete Data; 4) the deletion of data, in the cases provided for by law; 5) the limitation of the processing of the Data which allows you to obtain, in the cases provided for by law, the marking of the personal data stored with the aim of limiting their processing in the future; 6) to receive the Data in a structured format, commonly used and readable by an automatic device and to transmit them to another data controller (so-called portability); 7) to revoke the consent where given; 8) to object in whole or in part to the processing of data, in accordance with the law, where applicable; 9) not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or which significantly affects your person in a similar way; 10) to lodge a complaint, pursuant to art. 77 of the GDPR, to the national supervisory authority of the member state of the European Union in which you have your habitual residence or place of work or where the alleged violation of your right has occurred; if this State is Italy, the person who can contact is the Guarantor Authority for the protection of personal data.

It should be noted that the User's right to object to the processing of data for the purposes listed in article 3. points d. and e., carried out through automated contact methods, extends to traditional methods and the possibility remains for the User to exercise this right in part, or, in this case, by opposing, for example, only the sending of promotional communications carried out through automated tools. These rights may be exercised by contacting Romanengo at the addresses referred to in article 1 of this information.

10. Third Party Sites
This disclosure applies to the personal data of Users, collected through the Site; the same does not apply to other websites owned by third parties, which can possibly be accessed via a link on the Site. Romanengo cannot be held responsible for the contents of these sites and the rules adopted by them, also with regard to privacy of Users and the processing of their personal data during navigation operations on such sites. Users are therefore invited to pay attention, when they connect to these sites, through the links on our site and to carefully read their conditions of use and privacy policies.