Privacy policy

Information on the processing of personal data pursuant to Articles 13 and 14 of EU Reg. n. 679/2016

Viro S.p.A. collects and uses your personal data when you browse or use the online services on the website clubsicurezza.viro.it.

By personal data we mean any information that can be used to identify an individual.

The purpose of this policy is to provide you with a clear and detailed explanation of how, when and why we collect and use personal data, and it is designed to give you a simple and transparent explanation of our data protection policy, as well as to show you how to effectively exercise your rights.

This information refers only to the data processed by Viro S.p.A. through this website and does not concern other websites, platforms or social network pages that may be reached through links on this website: in these cases, you should always refer to the information available on the respective pages.

This information may be subject to changes and variations over time, so we invite you to regularly consult this page to be updated on the processing of personal data carried out by Viro S.p.A.

INDEX:

  1. Who is the Data Controller?
  2. When do you collect my data?
  3. What data do you process?
  4. For which further purposes may you use my data?
  5. With whom will you share my data?
  6. How will you process my data?
  7. Will my data be processed outside Europe?
  8. How long will you keep my data?
  9. Links to third party sites and social networks
  10. What are my rights and how can I protect my privacy?
  11. Can I lodge a complaint?
  12. Possible changes

1.Who is the Data Controller?

Viro S.p.A., P.I. 01833121203, is the Data Controller, as it determines the means and purposes of the processing of personal data involved in the use of this website; for further information, please use these contact details:

– mail: Viro S.p.A., Via Garibaldi, 4 – 40069, Zola Predosa (BO) Italy;

– e-mail: privacy@viro.it;

– PEC: virospa@pec.it.

2. When do you collect my data?

Viro S.p.A. will collect information directly provided by you:

– when you access and navigate the site;

– when you request activation of the newsletter service or subscription to the blog.

3. For what purposes do you use my data?

When you browse or use the online services on the website, the following kinds of data may be processed:

a) Navigation data

Some personal data whose transmission is implicit in the navigation on this website are acquired by the computer systems that allow its proper functioning, including but not limited to data traffic and concerning the location, weblog and other data regarding the resources you access through your device. Although this information is not collected to be associated with identified data subjects, it could allow users to be identified – by its very nature and through processing and association with data held by third parties. For example, navigation data include IP addresses or domain names of computers used by users who connect to the Site, the addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and browser used.

· Purpose of the processing: allow you to browse the website safely and correctly;

  • Legal basis for the processing: the legitimate interest of Viro S.p.A. in the proper functioning of the site and the safety of navigation, regularly balanced with the rights of the person concerned (art. 6, paragraph 1, lett. f, GDPR).

b) Communications for marketing purposes in the context of legitimate interest and soft spam

In some cases, we may use the e-mail address that you conveyed using the site (for example, in case of personal account or purchase of products or in case of requests about specific products) to send some promotional communications, even without asking the user for prior consent. This processing will be carried out in compliance with the provisions of art. 6, lett. f), GDPR and art. 130, co. 4, d.lgs. 130/2003. You are informed of the processing activity through this information and you will always have the right to object – in a simple way and without being charged – to such treatment: every communication sent by the Controller indications on how to request the interruption of the treatment (by opt-out). In particular, you can either contact the Controller or select the dedicated link available at the bottom of each communication.

  • Purpose of the processing: to inform you about products similar to those of your previous purchase and of your possible interest;
  • Legal basis: the regulatory provision of art. 130, paragraph 4, Legislative Decree no. 196/2003 that legitimizes the sending of communications concerning products or services similar to those already purchased (art. 6, paragraph 1, lett. c and f, GDPR).

c) Newsletter

The Viro S.p.A. newsletter is sent by e-mail to those who explicitly request it by filling in the specific form on the Site with their e-mail address and authorising Viro S.p.A. to process their personal data for the aforementioned purpose. The service is provided exclusively upon explicit and unequivocal expression of consent by the user (issued by checking the appropriate box on the Site) and the provision of data is mandatory only for the purpose of receiving the newsletter and any refusal will result in the impossibility of using the service, without further consequences.

The newsletter service is provided through the SendinBlue SAS platform, based at 55 rue d’Amsterdam, 75008 Paris, France; VAT number 498 019 298; e-mail privacy@sendinblue.com; Link to the provider’s Privacy Policy https://it.sendinblue.com/legal/privacypolicy/.

In any case, to stop receiving the newsletter, simply select the unsubscribe link at the end of each e-mail or send a specific request to the e-mail address privacy@viro.it. The unsubscription is handled in a partially automated manner, so that further newsletters may be received after this request, however no later than 72 hours after the request for unsubscription, and the sending of which was planned before the request for unsubscription was received.

  • Purpose of the processing: to send e-mail communications to the interested party regarding Viro S.p.A.’s products and services, news and updates on related topics, as well as offers and promotions reserved for subscribers to the service;
  • Legal basis for processing: the consent of the data subject (art. 6, paragraph 1, lett. a, GDPR).

d) Leaving comments on the blog

The « Leave a comment » service is made available on the Site to articles and news items published in the Site: in this case, you will only need to indicate your name and e-mail address so that the Controller can handle your request and confirm to you that the comment has been received and published.

The Controller will only collect the data necessary to allow you to leave your review and to verify your identity, and to guarantee the security and reliability of the service. The comments and reviews will be published in such a way that they can never be traced back to the user by third parties, unless otherwise expressly indicated by the user requesting publication.

  • Purpose of the processing: to receive comments to our news and reviews from customers on products sold through our e-commerce platform;
  • Legal basis for processing: the provision of the service you have requested and the performance of a contractual relationship to which the data subject is a party (Art. 6, para. 1, lett. b GDPR).

e) Cookie

What are cookies? A cookie is a small text file that stores brief information about your browsing on a particular website and is installed on your device when you log in. Each cookie contains various data (e.g., the name of the server it comes from, a numeric identifier, etc.), may remain on your system for the duration of a session (until you close your browser) or for long periods, and may contain a unique identifier.

When you visit the site again, they will be forwarded to the site that generated them (first party cookies) or to those provided by third parties able to recognize them (third party cookies).

Viro S.p.A. wishes to reassure you about the security of the cookies on its website: they do not damage your device in any way, but they will allow you to navigate more quickly, offering you a better experience.

What are they used for? Cookies are used for different purposes depending on their type: some are strictly necessary for the proper functioning of a website (technical cookies), while others optimize performance to provide a better user experience or allow you to acquire statistics on the use of the Site, such as analytics cookies, or allow you to view personalized advertising, such as profiling cookies.

On Viro S.p.A.’s website can be activated:

a. Technical cookies (which do NOT require your consent):

These are cookies that are necessary for the operation of the site and allow you to access its functions (so-called navigation cookies) or authenticate yourself in the session.

There is also the use of functional cookies, which allow you to store your preferences and settings, thereby improving your browsing experience on the site.

To ensure their functionality, as a rule, these cookies are not deleted when you close the browser, however, have a fixed duration (usually up to a maximum of 2 years) and after this period is automatically deactivated. These cookies and the data they collect will in no way be used for any further purposes.

The installation of technical cookies occurs automatically after accessing the site or to activate certain features (e.g. by selecting the « remember me » option). You can always decide to disable them at any time by changing the settings of your browser: in this case, you may, however, experience some problems viewing the site.

  • Purpose of the processing: to ensure the proper functioning and security of the site;
  • Legal basis of the processing: the legitimate interest of Viro S.p.A. in the proper functioning of the site and the safety of navigation, regularly balanced with the rights of the data subject (art. 6, paragraph 1, lett. f, GDPR).

b. Anonymized analytical cookies (which could require your consent)

These cookies keep track of the choices made on the site and data relating to the online navigation of users (for example, pages viewed, time spent on a page, etc.), in order to perform statistical analysis, in an anonymous and aggregate form. These tools can be used only after the expression of the user’s consent.

An exception to this rule is only in the event that the following circumstances occur:

– the IP address has been duly anonymized;

– the information obtained with analytical cookies refer to a single computer resource (site, app, etc..) and are used only in an anonymous and aggregate form;

– the cookie provider does not combine the information with other processing and does not pass it on to third parties.

If these requirements are met, the complete anonymization of the data collected is guaranteed and also the cookies falling into this category can be activated without the need for user consent, precisely because the data processed cannot be linked to any identifiable user.

· Purpose of the processing: to have statistics relating to the behaviour of users on the Site, based on aggregated and anonymized data.

  • Legal basis: as appropriate:

the legitimate interest of Viro S.p.A. in optimizing the performance of the Site and improving the services provided through the Site, regularly balanced with the rights of the data subject (art. 6, paragraph 1, lett. f, GDPR);

the user’s consent (art. 6, paragraph 1, lett. a, GDPR), freely given and revocable at any time, through the cookies banner or by following the instructions below and in the Cookie Policy.

c. Profiling and marketing cookies (which require your CONSENT ):

The installation of profiling and third-party cookies, on the other hand, is subject to the prior consent of the data subject given through the banner or also managed at any time through the Cookie Policy.

Profiling cookies can include several categories, including advertising profiling, retargeting or social cookies.

– Advertising profiling cookies: they create a user profile that enables the display of advertising content in line with the preferences expressed when browsing the site;

– Retargeting cookies: these are created in order to send the user advertising content relating to products they have purchased or viewed on the site and in which they have expressed an interest;

– Social cookies: these are cookies relating to social network plug-ins. These cookies are managed directly by third parties and enable the display of advertising messages in line with the user’s preferences.

When you access the Site, a banner will inform you of the possible presence of profiling and retargeting cookies and, through it, you will be able to consent or not to their installation, possibly selecting the individual cookies you wish to install.

You may, however, revoke your consent at any time, without affecting your ability to visit the site and to enjoy its contents.

The installation of profiling, retargeting, analytical and social cookies, including any other activity related to them, is managed through third party services. For more information about the use (or not) of these cookies by the Site, and about their activation or deactivation, you can access the information provided directly by the third party companies: the relevant list is available in our Cookie Policy.

The user is informed both through the short information notice (banner displayed until consent is given or denied) and through our Cookie Policy which we invite you to read carefully for all other information on the cookies used on the Site and for information on how to disable them.

  • Purpose of the processing: to analyse the user’s browsing behaviour in order to present personalised advertising;
  • Legal basis for processing: the user’s consent (art. 6, paragraph 1, lett. a, GDPR), freely given and revocable at any time, via the cookie banner or by following the instructions below and in the Cookie Policy.

Disabling via browser

We would like to point out that from the website http://www.youronlinechoices.com/it/ it is possible not only to acquire further information on cookies, but also to check the installation of numerous cookies on your browser/device and, where supported, also to disable them.

Commonly used browsers (e.g., Internet Explorer, Firefox, Chrome, Safari) also accept cookies by default, but this setting can be changed by the user at any time. This applies to both PCs and mobile devices such as tablets and smartphones: it is a generally and widely supported feature.

Therefore, cookies can easily be deactivated or disabled by accessing the options or preferences of the browser used and generally only third party cookies can be blocked; in general, these options will only take effect for that browser and on that device, unless options are active to unify preferences on different devices. Specific instructions can be found on the options or help page of the browser itself. Disabling technical cookies, however, may affect the full and/or proper functioning of various sites, including this Site.

As a general rule, the browsers used today

  • offer a « Do not track » option, which is supported by some (but not all) websites. As a result, some websites may no longer collect certain browsing data;
  • offer the option of anonymous or incognito surfing: in this way no data will be collected in the browser and no browsing history will be saved, but browsing data will still be acquired by the operator of the website visited;
  • allow the deletion of all or part of the stored cookies, but on a new visit to a website they are usually installed if this possibility is not blocked.

We indicate the links to the support pages of the most popular browsers (with instructions on how to disable cookies on these browsers):

4.For what further purposes can you use my data?

Your personal data may also be used in order to:

a) comply with legal obligations and requests from public or governmental authorities;

b) manage any disputes or litigation and therefore defend the rights of Viro S.p.A. both in and out of court.

In such cases, the legal bases of the treatment will be:

– for point a), the fulfilment of a legal obligation (art. 6, paragraph 1, letter c, GDPR);

– for point b), the legitimate interest of the Data Controller in the protection of its rights, provided that it is adequately balanced, from time to time, with the rights of the data subject (art. 6, paragraph 1, lett. f, GDPR).

5. With whom will you share my data?

In compliance with the purposes indicated in the previous section, the staff of Viro S.p.A. may be assigned to process your data in order to provide you with the services, information or support requested.

Therefore, access to your personal data will be expressly authorised by the Data Controller, who, should it be necessary, may appoint the parties to whom he or she turns for the provision of services and for activities falling within his or her competence as Data Processors in accordance with articles 28 and 29 of the GDPR.

In this regard, we specify that the list of suppliers of cookies is available in the Cookie Policy.

We would also like to remind you that the list of those responsible for data processing is available from the Data Controller, from whom you can request it using the contact details given above.

The user’s data will in no case be transferred to third parties except in the case in which the nature of the services rendered requires it, or in the case in which, by virtue of a legal obligation or in the presence of its legitimate interest, the Data Controller needs to communicate them to the competent jurisdictional or control authorities.

6. How will you process my data?

Your personal data will also be processed with the aid of electronic means for the time strictly necessary to achieve the purposes intended at the time of their collection.

Viro S.p.A. will take appropriate technical and organizational measures to prevent loss, illegal or incorrect use of data, as well as to prevent possible unauthorized access by third parties. Therefore, Viro S.p.A. will protect the security of your personal data, limiting the number of persons who will be allowed access to servers or databases and providing protection systems to limit the risk of cyber-attacks.

7. Are my data processed outside Europe?

The data processed by Viro S.p.A. reside in servers located in Italy.

However, some providers of cookie services may be based in non-European countries, as indicated in the Cookie Policy. In these cases, the processed data will usually reside in servers located in the European territory, but in some cases there may be a communication of some data to the headquarters of the provider. In these cases, personal data will still be processed in compliance with European legislation. The transfer of data, in particular, will only take place in compliance with the provisions of Articles 45 et seq. of the GDPR. Therefore, all necessary precautions will be taken in order to ensure the most complete protection of personal data basing such transfer: a) on adequacy decisions of the third country recipients expressed by the European Commission; b) on adequate guarantees expressed by the third party recipient pursuant to art. 46 of the Regulation; c) on the adoption of corporate binding rules.

8. How long will you keep my data?

Viro S.p.A. will process your personal data for the time reasonably necessary to achieve only the purposes listed above, which can be consulted in the « What data will you process? » section, or for the conservation periods envisaged by sector regulations: for example, data relating to purchases made will be kept for the period envisaged by tax and fiscal laws and indicatively for a period of 10 years.

Furthermore, for the terms of deletion of data processed through cookies you can find information in our Cookie Policy.

At the end of the retention period, your personal data will be deleted or irreversibly anonymized.

9. Links to third party websites and social networks

The Website may contain links to and from the websites of our partners, as well as to advertisers and social networks. Please note that the Data Controller does not assume any responsibility for personal data that may be collected through these sites and for the use of their services and that, if the user follows a link to any of these websites, he is invited to consult their Privacy policy.

10. What are my rights and how can I protect my privacy?

In relation to your personal data and in accordance with the GDPR, Viro S.p.A. informs you that you have the right to request:

  • access to your data;
  • the modification and rectification of any errors in our databases relating to your data;
  • The cancellation of your data if they are held in the absence of the legal prerequisites;
  • the limitation of the processing of your data;
  • opposition to the processing of your data;
  • the portability of your data.

Any templates and more information are also available here: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924 .

In the following table we explain in detail how to exercise your rights:

YOUR RIGHTHOW TO EXERCISE IT?
AccessYou can ask:   a confirmationabout a processing on your personal data; to have a copy of your personal data; to have further information about your personal data that you cannot find in this privacy notice.
RectificationYou can ask for the rectification of incorrect or incomplete personal data.   Before rectification the data, we will verify the accuracy of the information in our archives.
Erasure (‘right to be forgotten’)You can ask for the erasure of your personal data, in the following cases:   the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; the data subject withdraws consent on which the processing is based. there are no legitimate groundsfor the processing; the personal data must be erased for compliance with a legal obligation in Union or Member State law to which Viro S.p.A. is subject.
Restriction of processingYou can ask for the restriction of processing, in the following cases:   the accuracy of the personal data has already been contested ; the personal data are no longer needed for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims; After you have asked for the restriction, the data can be still used if: there is your consent to it; it appears necessary to exercise or defend from a legal claim; for the protection of the rights of another natural or legal person involved in the data processing.
PortabilityYou can ask for a copy of your personal data in a structured, commonly used and machine-readable format.
ObjectYou can object at any time to the processing of personal data concerning you when:   • they are based on the pursuing of a legitimate interest pursued by the controller; • your personal data are processed for direct marketing purposes , including profiling to the extent that it is related to such direct marketing. When you object: • to processing for direct marketing purposes,your personal data will no longer be processed for such purposes; • in case of legitimate interest of the data controller, the processing may continue only if he demonstrates compelling legitimate grounds for the processing which override the interests, rights, and freedoms of the data subject or for the establishment, exercise or defence of legal claims. It is possible to exercise the right of object also by automated means using technical specifications, such as those you can find on your personal account and in the e-mails, you may receive (link for cancellation).

Viro S.p.A. ensures that we will answer to your requests within 30 days from the receipt.

11.Can I lodge a complaint ?

You have the right to lodge a complaint to a supervisory authority, if you think that Viro S.p.A.’ personal data processing is not compliant to GDPR or any other national law.

In Italy, the competent authority is Garante per la protezione dei dati personali, whose contact are accessible at the following page:http://www.garanteprivacy.it/.

Further information and a template to lodge a complaint are here: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524 .

Finally, in case there are the conditions of articles 78 e 79 GDPR, you have the right to an effective judicial remedy at the competent court.

12. Possible changes of this Privacy Policy

The information we are providing you with can now be modified over time, when processing activities change, the data collected or when there are legislative or regulatory changes, or in the event of technological developments. We therefore advise you to periodically consult this Privacy and Cookie policy always updated on this page.