This "Privacy Policy" describes the modalities and logic of the processing of personal data by the Company Flair Fashion Srl in its capacity as data controller (hereinafter the "Data Controller") through the website flair-fashion.it (the "Website").
This information is provided in accordance with Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on data protection (hereinafter referred to as "Ordinance" or "GDPR") is provided only for the Website and not also for other websites that may be accessed by the user via links.
The holder of the processing of the users' personal data is Flair Fashion Srl, with registered office in Via Bastioni Maggiori 17, 39042 Bressanone (BZ),
E-Mail: info@flair-fashion.it, PEC: flairfashion.bz@pec.it
The personal data will be processed for the sole purpose of providing the services accessible through the website, and in particular in order to
a) answering requests for information and/or contacts made by users in the "Contacts" section;
b) in order to fulfil the tasks prescribed by law.
The legal basis for the processing for the purposes mentioned under a) is Article 6(1)(b) of the GDPR ("Processing is necessary for the performance of a contract to which the data subject is party or for the implementation of pre-contractual measures taken at the data subject's request") and the above-mentioned Article 6(1)(c) ("Processing is necessary for compliance with a legal obligation to which the controller is subject").
The controller shall implement appropriate technical and organisational measures to ensure that only personal data of users which are necessary for the purpose of the processing in question are processed and to minimise the risks of destruction or loss, including accidental, of such data, of unauthorised access or of processing which is not authorised or not adequate for the purposes set out in this statement.
The processing of users' personal data may be carried out by electronic or automated means, using methods and procedures strictly necessary for the pursuit of the purposes described above.
The computer systems and software procedures used to operate this website collect some personal data during their normal operation, the transmission of which is implicit in the use of internet communication protocols.
This data is not collected for the purpose of attributing it to identified individuals but, by its nature, could allow users to be identified through processing and linking with data held by third parties.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the website, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
This data is used for purposes related to the use of the website and its correct functioning, as well as for statistical purposes in anonymous form.
The data may be used and stored in the event of suspected computer crime to the detriment of the website, and the data controller reserves the right to contact the competent authorities to establish any liability.
The transmission of personal data by the user (e.g. first name, surname, e-mail address, etc.) entails their collection and processing by the controller in order to respond to the requests received.
The personal data of users may be disclosed, for the aforementioned purposes, to subjects who are necessary for the provision of the services offered by the website (e.g. for the analysis of the operation of the website itself) and who process the data in their capacity as data processors (art. 28 of the Regulation) and/or as agents acting under the supervision of the data controller (art. 29 of the Regulation) or as subjects expressly entrusted with the processing of the data in accordance with the provisions of the GDPR and Legislative Decree No. 196/2003, as amended by Legislative Decree No. 101/2018, such as suppliers of IT services and/or other services of a technical/organisational nature or employees and collaborators of the data controller.
The personal data of the users are not the subject of the transfer,
User data will not be transferred to a third country outside the European Union or to international organisations.
The data will be kept for a period not exceeding the achievement of the above purposes and in any case within the limits prescribed by law.
In accordance with Articles 15 et seq. of the Regulation, the user has the right to ask the controller:
Without prejudice to any other administrative or judicial remedy, the User who considers that the processing operation concerning him/her is in breach of the GDPR has the right to lodge a complaint with a supervisory authority in the Member State where he/she has his/her habitual residence, where he/she works or where the alleged breach within the meaning of the aforementioned Article 77 has taken place (the Italian supervisory authority is the Garante per la protezione dei dati personali).
In order to exercise the above rights, the user may contact the controller at the contact details provided above.
Whether the provision of personal data is a legal or contractual obligation or a necessary condition for the conclusion of a contract and whether the data subject is obliged to provide personal data and the possible consequences of not providing it. Apart from the data provided for the navigation data, the user is free to provide the personal data indicated in the forms in the "Contacts" section. Failure to provide the personal data will result in the controller not being able to respond to the user's information and/or contact request
The website's privacy policy is subject to updates; users are therefore encouraged to review its contents on a regular basis.