This Website collects some Personal Data from its Users.

Disclosure pursuant to Article 13 of Legislative Decree no. 196/2003 to visitors to the website www.cioni.it and users of the services offered therein starting from the address https://www.cioni.it, excluding external links.

Data Controller: Ilaria Cioni

c/o Pellicceria Cioni Snc di Maria Patrizia e Ilaria Cioni
Via Ricasoli, 1
50121 Florence
Tel. +39.055294539
VAT and Tax ID: 04682200482

Data Controller email address: cioni@cioni.it

In compliance with EU Regulation 2016/679, known as the GDPR (General Data Protection Regulation), the following information is provided:

Types of Data Collected

Among the Personal Data collected by this Website, independently or through third parties, are: telephone number, name, email address, Cookies, Usage Data, Last name, date of birth, address, username, password, company name, tax code, VAT number, fax number, country, state, province, postal code, city, and various types of data.

Complete details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data are collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Website.

Unless otherwise specified, all Data requested by this Website is mandatory. Failure to provide this Data may make it impossible for this Website to provide the Good/Service. In cases where this Website specifies some Data as optional, Users are free not to provide such Data, without any consequences on the availability or operation of the Service.

Users who are unsure about which Data is mandatory are encouraged to contact the Owner. Any use of Cookies – or other tracking tools – by this Website or by the owners of third-party services used by this Website, unless otherwise specified, is intended to provide the Service requested by the User, in addition to any other purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through this Website and guarantees that he or she has the right to communicate or disseminate such Data, thereby relieving the Data Controller of any liability to third parties.

Methods and place of processing of collected Data

Methods of processing

The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data. Processing is carried out using computer and/or electronic means, following organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the operation of this Website (administrative, sales, marketing, legal, and system administration personnel) or external parties (such as third-party technical service providers, mail carriers, hosting providers, IT companies, and communications agencies) may have access to the Data. These parties may also be appointed, if necessary, as Data Processors by the Data Controller. An updated list of these Data Processors may be requested from the Data Controller at any time.

Legal basis for processing

The Data Controller processes Personal Data relating to the User if one of the following conditions applies:

The User has given consent for one or more specific purposes; Note: Under some jurisdictions, the Data Controller may be authorized to process Personal Data without the User’s consent or any other of the legal bases specified below, until the User objects to such processing (“opt-out”). However, this does not apply if the processing of Personal Data is regulated by European data protection legislation;
processing is necessary for the performance of a contract with the User and/or for the implementation of pre-contractual measures;
processing is necessary for compliance with a legal obligation to which the Data Controller is subject;
processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
processing is necessary for the pursuit of the legitimate interests pursued by the Data Controller or by third parties.
In any case, the Data Controller may always be asked to clarify the specific legal basis for each processing operation, and in particular to specify whether the processing is based on a statutory requirement, a contractual requirement, or a requirement necessary to enter into a contract.

Place

The Data is processed at the Data Controller’s operating offices and in any other places where the parties involved in the processing are located.