Privacy Policy

Last updated: August 2019

Website Privacy Notice

INTRODUCTION

This privacy notice provides you with details of how we collect and process your personal data through your use of our site www.damoreweddingdesign.com

Contact Details

Our full details are:

Full name of legal entity: EXE srl

Data controller’s email address: info@damoreweddingdesign.com

Postal address: Via Eugubina 40, Assisi (Pg), Italy, Vat number:  01114750571

How to navigate www.damoreweddingdesign.com and The Cookies used on the Website

This document describes the practices adopted for the management of the site in relation to the processing of personal data of the users navigating it. This policy is based on principles of lawfulness and fairness in compliance with all current regulations and appropriate security measures are adopted to protect the data.

This privacy policy has been drafted in compliance with the article 13 of Legislative Decree 196/2003 and art. 13 GDPR 679/2016, as well as the provision n. 229 of 8 May 2014 concerning the cookies’ usage. It also informs the visitors about the use of the data entered and the cookies used by the site. This policy is also in compliance with the Recommendation no. 2/2001 adopted by the Working Group established by art. 29 of the directive n. 95/46 / EC. to those who interact with the web services of this site, for the purpose of the protection of personal data, accessible electronically from the address.

By using any of our services and / or by accepting this Statement, for example when registering for one of our services, you consent to the collection and use of Personal Information as described in this Policy.

WHAT DATA WE COLLECT

Among the Personal data collected by this Application, either independently or through third parties, there are Cookies and Usage Data.

Full details on each type of data collected are either provided in dedicated sections of this privacy policy or through specific information texts displayed before the data are collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of this Application.

Unless otherwise specified, all the Data required by this Application are mandatory.

If the User refuses to enter them, it may be impossible for this Application to provide the Service. In case of optional data, Users are free not to provide such Data, with no consequences on the availability or functionality of the Service.

When unsure about which data are mandatory, Users are strongly advised to write to the data controller.

Cookies - or of other tracking tools – used by this Application or by “third party service providers” used by this Application, unless otherwise specified, are needed to provide the Service requested by the User, and to satisfy any other additional purposes described in this document and in the Cookie Policy, if available.

The User is responsible for the third parties’ Personal Data which have been obtained, published or shared through this Application and guarantees he/she has the right to provide or release them, freeing the Owner from any liability to third parties.

HOW WE COLLECT YOUR DATA AND WHERE WE TREAT THEM

HOW WE TREAT YOUR DATA

The Data controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized  disposal of Personal Data.

Data Processing is carried out using IT and / or telematic tools, through specific organizational methods and following a logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties (administrative, commercial, marketing, legal or system administrators) involved in the organization of this Application or external subjects (suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data. These people may be appointed, if necessary, Data Processors by the Data Controller. The updated list of whom is managing the data can always be requested to the Data Controller.

LEGAL BASIS OF DATA PROCESSING

The Data controller processes your Personal Data related to the User if:

the User has given consent for one specific purpose, or more;
Note: in some jurisdictions the Data controller may be authorized to process your Personal Data without the User's consent or without any legal base specified below, as long as the User does not object ("opt-out") to this. However, this is not applicable if the processing of your Personal Data is regulated by the European legislation regarding the protection of your Personal Data;

·         the processing is necessary for the execution of a contract with the User and / or the execution of pre-contractual measures;

·         the processing is necessary to fulfil a legal obligation to which the Data Controller is subject

·         the processing is necessary to carry out a task of public interest or for the exercise of public authority vested in the Holder;

·         the processing is necessary for the pursuit of the legitimate interest of the owner or third parties.

However, it is always possible to ask the Data controller to clarify the legal basis of each treatment and in particular to specify whether such treatment is requested by  law, by a contract or to close it.

WHERE THE DATA ARE TREATED

The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, please contact the owner.
The User's Personal Data may be transferred to another country other than that in which the User is located. To obtain further information on the place where these data are processed, the User can refer to the section regarding the processing of Personal Data.

The User has the right to obtain information regarding the legal basis of the Data transfer outside the European Union or to an international organization of public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures taken by the Data Controller to protect the Data.

In any of the  situations described above,  the User can refer to the related sections of this document or request information to the Owner by contacting him at the above address.

RETENTION PERIOD

The Data are processed and stored for the time required by the purposes for which they were collected.
Therefore:
• Personal Data collected for the execution of a contract between the Owner and the User will be retained until the contract is fully completed.
• Personal Data collected for the legitimate interest of the Data Controller will be retained until such interest is met. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Data Controller.

When the processing is based on the User’s consent, the Data Controller may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or for any authority’s order.
Once the retention period is expired, the Personal Data will be deleted. Therefore, at the end of this term, the right to access, cancell, rectify as well as the right to data portability can no longer be exercised.

Purposes of processing the collected data

The Data concerning the User are collected to allow the Owner to provide the Services, as well as for the  statistics, platform and hosting services purposes.
To obtain further detailed information on the purposes of the processing and on the Personal Data relevant to each purpose, the User can refer to the relevant sections of this document.

Details on the processing of Personal Data
Personal Data are collected for the following purposes and to enable the use of the following services:

Platform and Hosting Services

These services are designed to host and operate key components of this Application, making it possible to deliver this Application from a single platform. These platforms provide the Owner with a wide range of tools such as, for example, analytical tools, and are used to manage user registration, to manage comments and databases, for e-commerce, to process payments, etc. The use of such tools involves the collection and processing of Personal Data. Some of these services work through servers, which may be geographically dispersed in different locations. This makes difficult to determine the exact location where your Personal information is stored.

Platform and Hosting services used:
Squarespace (Squarespace, Inc.)
Squarespace is a platform provided by Squarespace, Inc. which allows the Owner to develop, operate and host this Application. Squarespace is an extremely versatile and customizable tool that enables to host various types of websites ranging from simple blogs to complex e-commerce platforms.

Personal Data collected: various types of Data as specified in the privacy policy of the service.

Place of processing: United States - Privacy Policy

STATISTICS:
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User’s behavior.
Statistics services used:
• Google Analytics (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google uses the Personal Data collected with the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements on its advertising network.

Personal Data collected: Cookies and Usage Data.
Place of processing: United States - Privacy Policy - Opt Out. Person adhering to the Privacy Shield

USER’S RIGHTS:
The Users may exercise certain rights with reference to the Data processed by the Data Controller.
Specifically, the User has the right to:
• withdraw their consent at any time. The User can withdraw his/her consent, previously expressed, to the processing of the Personal Data.
oppose the processing of his/her data. The User may object to the processing of the data when it occurs on a legal basis different/other than his/her consent. Further details on the right of opposition are indicated below.
• access his/her data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
verify and request correction. The User can verify the accuracy of his/her Data and request they are updated or amended.
obtain the limitation of the treatment. When certain conditions are met, the User may request the limitation of the processing of his/her Data. In this case, the Data Controller will not process the Data for any other purpose other than their storage.
obtain the cancellation or removal of Personal Data. When certain conditions are met, the User can request the cancellation of his/her Data held by the Owner.
receive their Personal data or have them transferred to another holder. The User has the right to receive his/her data in a structured format, commonly used and readable by any automatic device and, where technically feasible, to obtain the Data’s transfer without hindrance to another holder. This provision is applicable when the Data are processed with automated tools and the User has given his/her consent, it is allowed by a contract, the User is party to, or on contractual measures connected to it.
file a complaint. The User can file a complaint with the competent authority for personal data protection or act in court.

Details on the right of opposition
When the Personal Data are processed in the public interest, in the exercise of the public authority to which the Holder is invested, or to pursue a legitimate interest of the Owner, the Users have the right to oppose the Data’s processing for reasons related to their particular situation.
Users are reminded that, if their data are processed for direct marketing purposes, they can oppose the processing without providing any reason. To find out if the Owner deals with the data for direct marketing purposes, the Users can refer to the respective sections of this document.
How to exercise the  User’s rights
To exercise their rights, the Users can send a request to the Owner’s contact details as shown in this document. The requests are free of charge and processed by the Owner as soon as possible, in any case within a month.

MORE INFORMATION ON DATA’S TREATMENT
Defense in court
The User's Personal Data may be used by the Owner in a court or in the preparatory stages before going to court for the defense against any abuse in the use of this Application or of related Services by the User.
The User declares to be aware that the Data Controller may be obliged to disclose the Data at the behest of any public authority.

SPECIFIC DISCLOSURES

At the User’s request, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data

System logs and maintenance
For needs related to its operation and maintenance, this application and any third party services, linked with it, may collect system logs, which are files recording the interactions and may also contain personal data, such as the user IP address.

Information not contained in this policy
Further information regarding the Personal Data processing may be requested at any time to the Data Controller using the contact details

Response to "Do Not Track" requests
This Application does not support "Do Not Track" requests.
To find out if any third-party services, used by this application, support them, the User is invited to consult their privacy policies.
 

Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing the Users on this page, if possible on this Application and, if technically and legally feasible, by sending a notification to the Users through one of contact details in the owner's possession.

Therefore, pleasew check this page regularly, referring to the last update shown.

If these changes concern treatments whose legal basis is consent, the Controller will collect the User's consent again, if necessary.

Definitions and Legal References

·         Personal Data (or Data)
By personal data we mean any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a physical person identified or identifiable.

·         Usage Data
This information is collected automatically through this Application (also from third party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User that connects with this Application, addresses in URI notation ( Uniform Resource Identifier), the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (good order, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various time connotations of the visit (for example the time spent on each page) and the details of the journey followed within the Application, with particular reference to the sequence of the pages consulted, to the parameters related to the operating system and to the IT environment..

·         User
The individual who uses this application that, unless otherwise specified, coincides with the interested party.

·         Interested
The natural person to whom the Personal Data refers.

·         Data Processor (or Manager)
The natural person, legal person, public administration and any other entity that processes personal data on behalf of the Owner, as set out in this privacy policy.
·         Data Controller (or Data Controller)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures related to the operation and use of this application. The Data Controller, unless otherwise specified, is the owner of this Application.

·         This Application
The hardware or software tool through which the Personal Data of Users are collected and processed.

·         Service
The Service provided by this Application as defined in the relevant terms (if any) on this site / application.

·         European Union (or EU)
Unless otherwise specified, any reference to the European Union contained in this document shall be extended to all current member states of the European Union and the European Economic Area.

Cookies
Small portion of data stored in the User's device.
________________________________________
Legal references
This privacy statement is drawn up on the basis of multiple legislative systems, including articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy statement only concerns this Application