Privacy policy

Information on the processing of personal data of users of the site www.carreraworld.com

Art. 13 and 14 of Regulation 2016/679/EU (hereinafter also "GDPR")

1. Why this notice

This policy has the aim give information of the processing activities carried out by Safilo S.p.A. with registered office in Settima Strada 15, 35129 Padua, Italy, telephone +39 049 698 5111, as Data Controller (hereafter "Safilo" or “Data Controller”) of the personal data of the subjects that visit the website www.carreraworld.com (hereafter “Site”).

On this page, the Data Controller intends to provide some information on the processing of personal data relating to the subjects (hereinafter "Users") who visit or interact with this website. The information is provided only for the website of the Data Controller and not for other websites that may be consulted by the user via links (for which please refer to the respective privacy policies / policies). The reproduction or use of pages, materials and information contained within the Site, by any means and on any medium, is not permitted without the prior written consent of Safilo. Copying and/or printing of the contents of the site is permitted only for personal and non-commercial use (for requests and clarifications, contact the Data Controller at the addresses indicated below). Other uses of the contents, services and information on this site are not permitted.

With regard to the contents offered and the information provided, Safilo will do the best to keep the contents of the Site reasonably updated and revised, without offering any guarantee as to the adequacy, accuracy or completeness of the information provided, expressly declining any responsibility for any errors of omission in the information provided on the Site.

2. Navigation data

Safilo informs that the personal data provided by you and acquired at the same time as the request for information and/or contact, via smartphone or any other tool used to access the Internet, as well as the so-called site "navigation" data from users will be processed in compliance with applicable legislation. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet. This is information that is not collected to be associated with identified interested parties, could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the "IP addresses" or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the operating system and the IT environment of the user. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check the correct functioning of the site www.carreraworld.com. We inform you that the aforementioned data could be used to ascertain responsibility in the event of computer crimes against the site of the Data Controller or other sites linked or connected to it.

3. Data provided by the user

Safilo collects, stores and processes your personal data in order to provide you with the requested information on the products and services offered by the company. The optional, explicit and voluntary sending of e-mails to the addresses indicated in the appropriate section of the Site, communications via social networks, call centers, etc., entails the subsequent acquisition of some of your personal data, necessary to respond to requests.

4. Newsletter

By requesting registration for the newsletter service, you will enable the use of the email address submitted to receive periodic communications and updates on the services and products offered by the Data Controller.

These communications could allow the collection of data relating to the date and time of display of the messages by the User, as well as the interaction and information relating to access to the links included in the messages: the collection of this information has the purpose to evaluate the User's interest, improve the quality of the communications sent and adapt them to his needs. We inform you that at the bottom of each email you will have the possibility to revoke the registration to the service and stop receiving.

5. Purpose of the processing and legal basis

The data are processed for the purposes:

5.1) creation and management of the account to access the restricted areas of the site;

5.2) strictly connected and necessary for the management of contact requests or information;

5.3) for the pre-contractual and contractual obligations connected to the management of purchases of products offered through the site or that may be of interest to the User, for the completion of the purchase order for the products and services offered, including aspects relating to payment by credit card, the management of shipments, the possible exercise of the right of reconsideration provided for remote purchases, the update on the availability of products and services temporarily unavailable;

5.4) direct marketing, i.e. sending advertising material, direct sales, carrying out market research or commercial communication of products and / or services offered by Safilo; this activity may also concern products and services of Safilo Group companies and be carried out by sending advertising / information / promotional material and / or invitations to participate in initiatives, events and offers aimed at rewarding users / customers, carried out with "traditional" methods (by way of example, paper mail and / or calls from an operator), or through "automated" contact systems (by way of example SMS and / or MMS, telephone calls without operator intervention, e-mail, fax, interactive applications), pursuant to art. 130 c. 1 and 2 of Italian Legislative Decree 196/03 and subsequent amendments or additions;

5.5) collect information relating to the user's choices while browsing the web in order to send communications in line with the preferences expressed;

5.6) related to the fulfillment of obligations under EU and national regulations, the protection of public order, the detection and repression of crimes as well as to comply with European and national legislation and the provisions of the Supervisory Authority;

5.7) to improve the quality of communications sent by Safilo by noting the User's interest in the contents of the newsletters or offers and promotions and, more generally, in the communication model adopted by the Owner.

The provision of data for the purposes referred to in points 1), 2) and 3), connected to a pre-contractual and / or contractual phase or functional to a user's request or provided for by a specific regulatory provision, is mandatory and failing that, it will not be possible to receive information and access any services requested. With regard to the purposes referred to in points 4) and 5), the legal basis is the User's consent. With regard to point 6) the legal basis of this processing is the legal obligation while for point 7) the legal basis is the legitimate interest of the Data Controller to improve the quality of its communication.

Safilo may send commercial communications relating to products and / or services similar to those already provided, pursuant to Directive 2002/58, using the e-mail address indicated by you on such occasions to which you can oppose in the manner and at the addresses indicated. Users can object by interrupting the sending in the manner indicated in the footer of each communication or using the contact details indicated in the Rights of the interested parties.

6.Methods, logic of processing, retention period and security measures

The processing is carried out with the aid of electronic or automated means by the Data Controller and / or by third parties which he can use to store, manage and transmit the data. The data processing will be carried out with the logical organization and processing of your personal data, also relating to the logs originating from the access and use of the services made available via the web, of the products and services used in relation to the purposes indicated above and, in any case, in order to guarantee the security and confidentiality of the data. The personal data processed will be kept for 36 month from the request of information, until the request for withdraw your news – letter’s subscription or withdraw the consent, 36 months for data processed for profiling activities, for 7 days relating to the navigation data collected for the operation and maintenance of the site.

With reference to data security, in the sections of the website set up for particular services, where personal data is requested from the User, the data is encrypted using a security technology called Secure Sockets Layer (abbreviated to SSL). SSL technology encrypts the information before it is exchanged via the Internet between the user's computer and Safilo's central systems, making it incomprehensible to unauthorized persons and thus guaranteeing the confidentiality of the information transmitted; moreover, transactions made using electronic payment instruments are carried out directly using the payment service provider's platform (PSP) and Safilo only keeps the minimum set of information necessary to manage any disputes.

With reference to the security and protection aspects of personal data, the user is invited, pursuant to art. 33 of the GDPR, to report to Safilo circumstances or events from which a potential "breach of personal data (data breach)" may arise in order to allow an immediate assessment and the adoption of any actions aimed at countering this event by sending a communication to [email protected].

7.Cookies

A cookie is a short string of text that is sent to your browser and, possibly, saved on your computer (alternatively on your smartphone / tablet or any other tool used to access the Internet); such sending generally occurs every time you visit a website.

The cookies stored on your terminal cannot be used to retrieve any data from your hard disk, transmit computer viruses or identify and use your e-mail address. Each cookie is unique in relation to the browser and device you use to access the website of the Data Controller. In general, the purpose of cookies, including the so-called "Pixel and/or web-bacon", is to improve the functioning of the website and the user experience in using it. These cookies allow us to understand how users use the site in order to then be able to evaluate and improve its functioning and create content that is increasingly appropriate for users' preferences. For example, analytical cookies allow us to know which pages are the most and least visited, how many visitors to the site are, how much time is spent on the site on average by users and how visitors get on the site. In this way it is possible to determine which are the optimal functioning and the most liked contents and how the contents and the functionality of the pages can be improved. In order to know how our users, use the site, we use the services offered by third parties to collect, aggregate and analyze data in order to better understand how the site is used. These cookies have a limited duration. The information collected is used by the Data Controller in aggregate and/or pseudo-anonymous form, for example to monitor and analyze the use of the Site, improve its functionality and choose the contents and graphics more accurately, in order to meet the needs. of visitors. In any case, if for any reason you prefer that these specific cookies were not activated, Google provides a free add-on for the opt-out that can be installed on the main browsers (see https://tools.google.com/dlpage/gaoptout). For more information on what cookies are and how they work, you can consult the “All about cookies” website http://www.allaboutcookies.org.

If you wish to block or delete the cookies received from the Site, you can do so by changing the settings on your browser. Remember that if you choose to disable all cookies, also the necessary, functional and performance cookies will be blocked and this could cause inconvenience to your navigation on the site. For example, you will be able to visit the public pages of the site, but you may not be able to access any restricted areas.

For detailed information on the cookies used by the site, read the Cookies Policy at this link: https://www.carreraworld.com/cookie-policy.

8.Interaction with external social networks and platforms

The site, through widgets and buttons, can interact with external platforms and social networks. In this case, the information acquired depends on the settings of the profiles used by the user on each social network and not by the administrator of this site, especially if the User has an active access profile to these platforms.

The connections with Facebook®, YouTube®, Instagram®, Twitter® or other social site, allow you to interact with the pages of www.carreraworld.com present in social networks and share ideas, opinions or topics of the website with the respective social platforms and can collect data of the interested party. We would like to point out that by using the dedicated Carrera pages on social networks you could insert content publicly available on the Internet. Before interacting with these areas, please read the General Conditions of Use of social media carefully, taking into consideration that, in certain circumstances, the information published can be viewed by anyone and all the information you include in your publications can be read, collected and used by third parties. More information can be obtained from the websites of the companies offering the service. We would like to point out that in this case, during such browsing your personal data are not managed by Safilo whose intervention is limited to making the connection available through these buttons only to offer an additional service to the user but has no control over them.

We use "Google reCAPTCHA" (hereinafter "reCAPTCHA") on our website which is a service provided by Google used to check whether the data entered, for example in the information request forms, have been entered by a human or by an automated program. In order to do this, reCAPTCHA analyzes the behavior of the User of the Site based on various characteristics and different information such as the IP address, the User's stay on the Site or even the movements of the mouse made. This analysis starts automatically as soon as you enter the website. The reCAPTCHA analyzes take place completely in the background, which means that the User may not be aware that this analysis is in progress. The data for carrying out the analysis is collected directly by Google. This data processing is mainly based on Safilo's legitimate interest in protecting our site from abusive automated scanning and spam. For more information on Google reCAPTCHA and Google's privacy policy, please visit the following links: https://policies.google.com/privacy and https://www.google.com/recaptcha/about/

9.Communication and data transfer.

For the pursuit of the aforementioned purposes, the Data Controller may communicate and have the personal data of users/customers processed in Italy and abroad by third parties with whom we have relationships, where these third parties provide services at our request. We will provide these third parties only with the information necessary to perform the requested services, taking all measures to protect your personal data. The data may be transferred outside the European Economic Area if this is necessary for the management of your contractual relationship or to offer a service requested by you. In this case, protection and security obligations equivalent to those guaranteed by the Data Controller will be imposed on the recipients of the data and in any case in compliance with the provisions of Title V of the GDPR. In case of use of services offered directly by Partners we will provide only the data strictly necessary for their execution. In any case, only the data necessary for the pursuit of the intended purposes will be disclosed and the guarantees applicable to data transfers to third countries will be applied, where required. Furthermore, personal data may be communicated to the competent public subjects and authorities for the purposes of compliance with regulatory obligations or to ascertain responsibility in the event of computer crimes against the site as well as communicated to, or allocated to, third parties (as of Data Processor or, in the case of suppliers of electronic communication services, of autonomous Data Controller), who provide IT and telematic services (eg: hosting, management and development of websites) which Safilo uses for the performance of tasks and activities of a technical and organizational nature instrumental to the functioning of the website. The subjects belonging to the categories listed above operate as separate Data Controllers or as Data Processor appointed for this purpose by Safilo pursuant to art. 28 of the GDPR.

Personal data may also be known by employees / consultants and by those who collaborate with Safilo who, authorized, are specially trained and appointed as “Incaricati del trattamento” pursuant to art. 29 of the GDPR and art. 2 quaterdecies of the Code.

Safilo informs that the site is hosted on the Shopify platform, which acts as Data Controller, and that the supplier's personal data transfer policy is available at the following link: https://help.shopify.com/en/manual/your-account/privacy/GDPR/cross-border-data

10. Data of minors

The Site is not aimed at minors under the age of 18 and Safilo does not intentionally collect personal information from them. In the event of accidental recording of any information on minors, as soon as it becomes aware of it, Safilo will promptly delete it.

11.Rights of data subjects

As data subjectsUsers may at any time exercise the rights provided for byArticles. from 15 to 22 of the GDPR. In particular, the data subjectshave the right to revoke the consent to the processing of data at any time, request its rectification, updating, transformation into anonymous data, limit even partially its use, request its portability, where applicable to the processing carried out by the Data Controller, and in the cases provided for by law, obtain the erasure of their data. The rights can be exercised to the extent that the processing is not mandatory by law or regulation.

You can also lodge a complaint with the Supervisory Authority pursuant to art. 77 of the GDPR. A list of EU data protection authorities is available at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

If the interested party wishes to exercise the rights recognized by law, he can send, without any formalities, an e-mail to the address of the Data Protection Officer ("DPO") [email protected], specifying his request and providing the information necessary for the identification of the interested party.

12.Data Controller and DPO

The Data Controller is Safilo S.p.A. with registered office in Settima Strada 15, 35129 Padua, Italy. The appointed Data Protection Officer ("DPO") can be contacted at the e-mail [email protected].

The use of the Website, including those intended for tablets and / or smartphones, by the Customer and/or the User implies full knowledge and acceptance of the content and any information included in this version of information published by the Owner in the time in which the site is accessed. Safilo warns that this information can be changed without notice and therefore recommends a periodic reading.

This privacy statement was updated in June 2022.