PRIVACY AND COOKIES: ALL THE INFORMATION YOU'RE ENTITLED TO, IN ONE PLACE!
Your data will always be protected. We explain why we need it, the purposes and the way of use, in line with the following principles.
1. Accuracy
We use your data to improve your experience on our site and for the better use of our services.
2. Security
Your data is protected.
3. Clarity
Every piece of information will be provided to you in the clearest and most accessible way: no surprises!
4. Your consent is crucial
You decide if you want to receive updates from us and in what way.
5. Essentiality
No unnecessary information: if we don't need it, we won't collect it.
---
Information on the processing of personal data pursuant to Articles 13-14 of EU Regulation 2016/679
Concerned parties: E-commerce customers
MAGGINI GROUP S.R.L., as the data controller of your personal data (the "Controller"), in accordance with the EU Regulation 2016/679 (hereinafter "GDPR"), hereby informs you, as the data subject (the "Data Subject"), that the said regulation provides protection for data subjects concerning the processing of personal data, and such processing will be based on the principles of correctness, lawfulness, transparency, and protection of your privacy and rights.
ONLINE PURCHASES
Why do we use personal data (Purpose of processing)?
MAGGINI GROUP S.R.L. as the Data Controller uses your personal data to provide you with the information, products, and services requested or purchased online and in our stores. In particular, we use your personal data to process your purchase and payment orders, issue electronic receipts or invoices, manage shipments, returns, complaints, and activities related to warranties for our products.
Whenever you make a purchase and/or payment, return a product, we use your personal data to verify your identity and your ability to enter into a contract, check that the financial information you provided is correct, perform fraud checks, or prevent other illegal activities.
The user's personal data is also used to confirm the user's address with our external partners.
Another purpose of the processing is the pursuit of the legitimate interest of the Controller to ensure the full operation and correct functionality of the website.
What types of personal data do we process?
We will process the following categories of personal data:
- Contact details such as name, address, email address, phone number
- Payment data and payment history
- Credit information
- Order information
- Tax code, identity card number, any VAT number or similar identification numbers (if you choose to provide them).
If you have a User Profile, we will also process the personal data you have transmitted to us regarding the account:
- User Profile or registration ID and related password
- Purchase history
Who has access to personal data?
Sometimes, your personal data is shared with third parties who help us perform certain tasks or provide certain services. In particular, we may ask third parties to validate your address, communication agencies to send you order confirmations, involve warehouses and distributors for the delivery of your order, payment service providers to process your credit/debit card payments, banks, and other financial service providers, and online platforms through which our products and services are available for purchase.
Remember that many of these recipients have an independent right or obligation to process your user data.
What is the legal basis for processing personal data?
MAGGINI GROUP S.R.L. processes the personal data necessary to conclude a contract with you and fulfill all obligations arising from such a contract, whether it relates to a purchase order, payment, or the use of services provided by us.
In relation to the provision of our products and services, we are sometimes required by law to collect, process, and store your personal data, for example, to enforce tax and financial laws.
What are the methods of processing personal data?
Personal data may be processed using automated methods, by means of computers or other computer tools. Each processing operation takes place in compliance with the methods specified in Articles 6 and 32 of the GDPR and by adopting the appropriate security measures provided for therein.
Data will be processed only by data processors expressly and formally appointed (the "Data Processors") and by persons authorized to process under the direct authority of the Data Controller or the Data Processor, duly trained and adequately instructed for this purpose.
In particular, for purposes related to ensuring the full operation and correct functionality of the website, data may be processed by external collaborators and, in particular, by computer consulting companies.
Communication of personal data
Without prejudice to communications made to fulfill legal and contractual obligations, as well as to pursue a legitimate interest of the Data Controller, your data may be communicated to public and/or private entities for which data communication is mandatory or necessary in relation to the purposes of the processing and, in any case, to fulfill legal obligations to constitutional or constitutionally relevant bodies.
Dissemination
Your personal data will not be disclosed.
Your personal data may also be transferred, limited to the aforementioned purposes, to EU countries.
How long are personal data stored?
In compliance with the principles of lawfulness, purpose limitation, and data minimization, pursuant to Article 5 of the GDPR, the storage period for your personal data is set for a period not exceeding:
- the execution of the necessary mandatory checks by the Authority and public bodies;
- the achievement of the purposes for which they are collected and processed.
Rights of the Data Subject
As a Data Subject, you have the rights set forth in Article 15 and the following of the GDPR, namely the right to:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form.
In particular, the Data Subject has the right to obtain information:
- on the origin of personal data;
- on the purposes and methods of the processing;
- on the logic applied in case of processing carried out with the aid of electronic instruments;
- on the identification details of the Data Controller and the Data Processors;
- on the subjects or categories of subjects to whom personal data may be communicated or who may become aware of them, as designated representatives in the territory of the State, Data Processors or persons authorized to process (persons in charge of processing).
The Data Subject also has the right to obtain:
- the updating, rectification, or, when interested, integration of data;
- the cancellation, transformation into anonymous form, or blocking of data processed in violation of the law, including those for which storage is not necessary in relation to the purposes for which the data was collected or subsequently processed;
- the attestation that the operations referred to in the preceding points have been brought to the attention, also as regards their content, of those to whom the data has been communicated or disseminated, except in the case where this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right;
- data portability.
The Data Subject has the right to object, in whole or in part, to the processing of personal data concerning him, for legitimate reasons connected to his personal situation, even if relevant to the purpose of the collection.
To exercise these rights and obtain any useful information regarding the processing of your data, you can make a specific written request to be sent to the address [•].
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the Italian Data Protection Authority if you believe that the processing concerning you violates the GDPR.
Data Controller, Data Processor, and Authorized Persons
The Data Controller for whom the aforementioned rights can be asserted is Maggini Group S.r.l., which can be contacted by email at the following address [info@fuix.com].
The updated list of Data Processors and persons authorized to process is kept at the operational headquarters of the company at Via Francesco Serritelli n. 31, 00123 – Rome.
CREATION OF ACCOUNT
Why do we use personal data?
We use personal data to create and manage the User Profile.
We will provide the user with the order history and order details, allowing the user to manage account settings. Additionally, we allow the customer to save items in the cart.
What type of personal data do we collect?
We always process the email address and password provided by the user when registering the User Profile on www.fuix.com.
We process the following categories of personal data that the user chooses to provide to us:
- Contact information such as name, postal address, email address, and phone number
- Date of birth
- Gender
- Country
- Encrypted payment card data
We also process the following categories of personal data when the user makes a purchase:
- Order history
- Delivery data
- Payment history
We also process the following categories of personal data related to cookies:
- Click history
- Browsing and viewing history
Who has access to personal data?
Data transferred to third parties are used exclusively to provide the services mentioned above. To optimize the website, we use computer consulting companies and analysis tools for product evaluation.
What is the legal basis for the processing of personal data?
The processing of the user's personal data for the management of the User Profile is based on consent when the user creates the respective account.
The processing of personal data to provide relevant product data is based on our legitimate interest.
Right to withdraw consent:
The user has the right to withdraw consent to the processing of personal data at any time. By doing so, the User Profile will cease to exist, and Maggini Group S.r.l. will not be able to provide the services mentioned above.
How long are personal data stored?
We retain personal data as long as the user has an active profile.
The user has the right to delete their User Profile at any time. If the user decides to do so, the account will cease to exist, and the user will be considered inactive. We retain the user's personal data in case of legal requests or open disputes.
After the account is deleted, all personal data will be erased.
Rights of the Data Subject
As a Data Subject, you have the rights set forth in Article 15 and the following of the GDPR, namely the right to:
- Obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in an intelligible form.
In particular, the Data Subject has the right to obtain information:
- On the origin of personal data;
- On the purposes and methods of the processing;
- On the logic applied in case of processing carried out with the aid of electronic instruments;
- On the identification details of the Data Controller and the Data Processors;
- On the subjects or categories of subjects to whom personal data may be communicated or who may become aware of them, as designated representatives in the territory of the State, Data Processors or persons authorized to process (persons in charge of processing).
The Data Subject also has the right to obtain:
- The updating, rectification, or, when interested, integration of data;
- The cancellation, transformation into anonymous form, or blocking of data processed in violation of the law, including those for which storage is not necessary in relation to the purposes for which the data was collected or subsequently processed;
- The attestation that the operations referred to in the preceding points have been brought to the attention, also as regards their content, of those to whom the data has been communicated or disseminated, except in the case where this fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right;
- Data portability.
The Data Subject has the right to object, in whole or in part, to the processing of personal data concerning him, for reasons connected to his personal situation, even if relevant to the purpose of the collection.
To exercise these rights and obtain any useful information regarding the processing of your data, you can make a specific written request to be sent to the address [info@fuix.com].
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with the Italian Data Protection Authority if you believe that the processing concerning you violates the GDPR.
Data Controller, Data Processor, and Authorized Persons
The Data Controller for whom the aforementioned rights can be asserted is Maggini Group S.r.l., which can be contacted by email at the following address [info@fuix.com].
The updated list of Data Processors and persons authorized to process is kept at the operational headquarters of the company at Via Francesco Serritelli n. 31, 00123 – Rome.