Lorem@mail.com
Laura Mussolin
Illustrator | Concept Artist
Laura Mussolin
Illustrator | Concept Artist
INFORMATION POLICY
This document describes the website's management procedures with regard to the processing of personal data of users who interact with all pages within the www.lamuart.com domain.
By placing an order, the customer fully accepts these Terms and Conditions.
1. DATA CONTROLLER
The Data Controller is:
Laura Mussolin
Via Curtatone 7
36100 Vicenza (VI)
Tax Code MSSLRA89E70L840R
P.I. 04570940249
2. TYPES OF DATA PROCESSED
2.1 Browsing data: The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature, it could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server response (successful, error, etc.), and other parameters relating to the user's operating system and IT environment. This data is used solely to obtain anonymous statistical information on site usage, to technically enable the site's functionality, and to monitor its proper functioning and ensure the maintenance of the relevant database. The data could be used to ascertain liability in the event of hypothetical cybercrimes against the site.
2.2 Data provided voluntarily by the user:
This includes:
• information sent by users voluntarily and/or voluntarily to the addresses indicated on the Site (email address, first and last name, addresses);
• personal data provided by users to use services provided by the Site;
• personal data provided by users who request newsletters and informational materials;
2.3 Cookies: This section of the site sends visitors some files commonly known as cookies. Cookies are used by the computer's browser exclusively to store the website user's session information. The use of cookies is an industry standard, and browsers store them in a dedicated folder. If you prefer not to receive cookies or wish to be informed in advance, you can set your web browser to accept them. For more information on cookies (cookie policy link)
PROCESSING METHODS
Processing involves the acquisition of data (e.g., collecting the sender's email address, which is necessary to respond to requests, and any other personal data entered, and other operations).
Processing will be carried out, with or without the aid of electronic tools, in accordance with the principles of fairness, lawfulness, and transparency, so as to protect the privacy and rights of the data subject at all times, in accordance with the provisions of applicable legislation. The purposes of the processing are to fulfill any user requests relating to the sending of informative material (newsletters, answers to questions, notices, documents and provisions, other documentation, etc.) or to perform the service or performance requested by the user. Data is disclosed to third parties only if necessary to fulfill the aforementioned requests or to fulfill the obligations of the Website Owner under applicable law.
After termination of any contractual relationship established between the Data Controller and the data subject, personal data will also be processed to fulfill all legal obligations related to or arising from the terminated relationship. In such cases, consent to processing is optional, and failure to provide such consent may make it impossible for the user to obtain what they have requested from the Website Owner (e.g., correct processing of an order).
Personal data is processed using IT tools for the time strictly necessary to achieve the purposes for which it was collected and is compared with any data already held by the data controller for the performance of activities or services. In the event of a discrepancy, the data controller may contact the sender to verify the integrity of the data or correct it if necessary. Specific security measures are implemented to prevent data loss, illicit or incorrect use, and unauthorized access.
Types of data processed
In our contact form, you will be asked to provide the following information: name, surname, and email address.
Purpose of processing
Your personal data will be processed only for the following purposes:
1.for browsing the website and compiling anonymous statistics based on data acquired from the user's browsing experience;
2.fulfilling administrative and legal obligations related to the website's activity;
3.technical information relating to browsing (where collected through, for example, acquisition of IP addresses or cookies).
The site uses technical/session cookies and third-party cookies, which are further described in the specific information available here (Extended Cookie Policy).
To whom may we disclose your personal data?
Your personal data may be disclosed within the EU, in full compliance with EU Regulation 2016/679, to the following entities: public authorities, where required by law or at their request; and external entities and/or companies used by the Data Controller to carry out related or instrumental activities (couriers, Aruba payment service providers for electronic invoicing). The Data Controller will appoint third parties who process data in its name and on its behalf as data processors pursuant to Article 28.
Duration of Processing
Personal data is generally processed for the entire duration of the contractual relationship established with the data subject and, thereafter, only for the duration necessary to fulfill our legal obligations (10 years). After termination of any contractual relationship established between the Data Controller and the data subject, personal data will also be processed to fulfill all legal obligations related to the terminated contractual relationship. The data will be retained for no longer than necessary to fulfill the aforementioned obligations, tasks, or purposes and to prove their fulfillment to supervisory authorities (generally for 10 years from the termination of the contract), after which they will be destroyed. Certain data (e.g., first and last name, company name, VAT number, tax code, email address, telephone number, mobile number, fax number, certified email address, registered office address, names of internal contacts and/or contact persons, etc.) are retained even after the aforementioned ten-year period, for as long as necessary to fulfill the Data Controller's legitimate interest in streamlining the selection and commercial contacts with users, customers, and/or suppliers. Conversely, where personal data is processed for IT security purposes (e.g., log recording), the data will be retained for a period sufficient to complete the relevant security checks and evaluate their outcomes; typically, a maximum of 1 year from the time of collection. In the event of an out-of-court or judicial dispute with the data subject and/or third parties, the data will be processed for the period strictly necessary to exercise the full protection of the Data Controller's rights. The retention period for data collected via cookies is illustrated in the "Cookie Policy" section below.
Legal Basis
The legal basis for processing is, as applicable:
I. Article 6, letter a) of EU Regulation No. 679/2016 or "GDPR" (the data subject has given his or her free and informed consent to processing for a given purpose and has not subsequently withdrawn it)
II. Article 6, letter b) of the GDPR (it is necessary for the performance of a contract to which the data subject is party or in order to take steps at the data subject's request prior to entering into a contract, e.g., requests for information or commercial offers)
III. Article 6, letter b) of the GDPR c) GDPR (it is necessary to fulfill a legal obligation to which the data controller is subject).
IV. Article 6, letter f) GDPR (it is necessary to pursue a legitimate interest of the data controller or a third party, which prevails over the interests or fundamental rights and freedoms of the data subject).
In particular, the legitimate interest of the data controller is to:
i) process data in order to effectively and efficiently manage the relationship with its users, customers, and/or suppliers and to organize the related internal organizational and management processes.
ii) in the case of processing for profiling, direct marketing, and loyalty purposes, to promote its products and/or services to target customers via offline and online channels.
The legitimate interest of third parties is to receive from the Data Controller and process personal data for the purpose of verifying the correct fulfillment of legal and contractual obligations towards the data subject or towards third parties (for example, verification by public authorities regarding the fulfillment of tax obligations, verification by the board of statutory auditors or auditors regarding the fulfillment of legal obligations, etc.) or to receive from the Data Controller and process personal data themselves in order to manage activities related to the Data Controller's request for support in managing activities towards data subjects.