Privacy policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA “PRIVACY POLICY” IN REFERENCE TO ART. 13 OF EU REGULATION 2016/679 GDPR
This page describes the management of this site in reference to the processing of personal data of users who consult it, in compliance with the obligations of national law (D.L. 30.06.2003 n. 196, Protection of personal data, and subsequent amendments - D.L. 101/2018) and European (European Regulation for the protection of personal data n. 679/2016, GDPR). This site respects and protects the privacy of visitors and users, making every effort possible and proportionate not to infringe the rights of users. The possible use of Cookies, or other tracking systems, by this website or by the owners of the third-party services used by this website, unless otherwise stated, is intended to provide the service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy. The policy for the online collection of personal data, illustrates, for transparency, the manner, time and nature of the information that the data controller must provide to the User who connects to this website.

DATA CONTROLLER
Following the consultation of this website, data relating to identified or identifiable persons may be processed. The Data Controller according to the laws in force is: MINERALCENTER SNC DI SPINELLI L.M.P., with registered office in VIA ALESSANDRO VOLTA, 7/13 - 35031 ABANO TERME (PD), e.mail: info@mineralcenter.it, Tel. +390498601595.

TYPE OF DATA AND INFORMATION COLLECTED
- Contact and/or Registration Data. This data is requested during the registration on  our Site, also through computer tools and may cover information related to: ID, name, surname, tax code, address, telephone numbers, e-mail address.
- Navigation data and use of the website. The computer systems and the software procedures necessary for the website operation, acquire in the course of their normal exercise, some personal data whose transmission is implicit in the use of Internet communication protocols.
- Activation Data Services. The computer systems and the software procedures responsible for the operation of the services, acquire during their normal operation, the data related to the IP address used by users who connect to the Site of origin and the related logos of the services.
- Data collected by third parties. This information may concern site-related data that the user wishes to share on publicly available social networks.
- Cookies. We inform the user that the site makes use of cookies as well as specified in the special Cookie Policy that can be accessed through the link on the homepage.

PURPOSE AND LEGAL BASIS FOR PROCESSING

This site deals with data mainly on the basis of user’s consent. The consent is given through the use, the consultation of the website, or the voluntary registration of the user, as a conclusive behavior. With the use or consultation of the site, visitors and users approve this privacy policy and consent to the processing of their personal data in relation to the modalities and purposes described below, including any possible distribution to third parties if needed for a service disbursement.  Further consents related to the specific purpose of the service, are collected through the communication forms or services request forms.

Note: The provision of data and therefore the consent to the collection and processing of data is optional, the User may refuse consent, and may revoke at any time a consent already provided. However, denying consent may result in the impossibility of providing certain services and the experience of browsing the site would be compromised.  Note: In some jurisdictions the Data Controller may be authorized to process Personal Data without the User’s consent or any other of the legal bases specified below, until the User opposes ("opt-out") such processing. However, this is not applicable if the processing of Personal Data is regulated by the European legislation on the Personal data protection; Data for site security and prevention from abuse and SPAM, as well as data for the analysis of site traffic (statistics) in aggregate form, are processed on the basis of the legitimate interest of the Data Controller for the protection of the site and users themselves. In such cases the user always has the right to object to the data processing (see User rights). The user’s data, in accordance with European Regulation 679/2016, are treated by the Data Controller in a lawful, correct, transparent manner and are adequate, relevant and limited to what is necessary to the following purposes:
- Site navigation. In order to allow the User access to the Site, for purposes strictly related to the provision of online services that the company "Spinelli Gioielli-Mineralcenter snc" could provide.
- Assistance. In order to guarantee the User the correct and effective technical support or in relation to the possible collection of technical data necessary during the navigation of the site, such as, the IP address. Such data will be used by the Data controller for the sole purpose of verifying the identity of the User, avoiding possible fraud or abuse, or to ascertain and verify any liabilities in case of hypothetical cyber crimes against the site or third parties.
- Contractual purposes. In order to fulfill contractual obligations and service provision in case of requests for quotation of products offered on the site, in accordance with the general conditions that are accepted by the User during registration and to fulfill subsequent reports and requests of the User himself. For these reasons, the provision of contact data is “de facto” mandatory.
- Administrative purposes. In order to be able to fulfil contractual obligations related to administrative-accounting purposes, or to carry out activities of an organizational, administrative, financial and accounting nature, functional to the management of the contractual relationship. The provision of User Contact Data is de facto mandatory to fulfill these obligations.
- Marketing The data can be processed for marketing purposes, newsletters, market analysis, statistics and advertising and/or commercial communications in general, directed to inform the User about sales promotions, realized through automated contact mode (e-mail) and traditional contact methods (for example, landline and/or mobile telephone, with automated call systems or through the intervention of an operator), SMS/MMS, where appropriate consent is given.
-Legal Obligations. In order to fulfil the obligations under the law, by an authority, by a regulation or by the European legislation to which the Data Controller is obliged to comply. The provision of User data contact is “de facto” mandatory. The User can easily object to the sending of promotional communications and newsletters via email also by clicking on the appropriate link for the withdrawal of consent, which is present in each promotional email and newsletter. After the withdrawal of consent, the data controller will send an e-mail to the user to confirm the withdrawal of consent. The Data controller informs that, following the opposition for the sending of promotional communications and newsletters via email, it is possible that, for technical and operational reasons, the User will continue to receive some additional messages. Should the User continue to receive promotional messages and/or newsletters, please report the problem to the Data controller, using the contacts indicated in the section "Data subject’s rights".

PLACE, METHODS, RECIPIENTS OF DATA PROCESSING

The data is processed at the Data Controller’s operating office and in any other place where the parties involved in the processing are located and the Data Controller takes appropriate security measures to prevent access, unauthorized disclosure, modification or destruction of Personal Data. The processing connected to the web services of this company is carried out using computer and/or telematic tools, with organizational methods closely related to the above stated purposes.  In addition to the Data Controller, in some cases, may have access to the Data other parties involved in the organization of this Web Site such as: Administrative, Commercial, Marketing, Legal, System Administrators, external entities such as third party technical service providers, postal couriers, hosting providers, computer companies, communication agencies. In reference to marketing purposes, data could be communicated to providers and/or platforms for sending newsletters such as MAILCHIMP.COM or similar.  Personal data provided by users who submit requests for information shall be used solely for the purpose of performing the service or service requested and shall be disclosed to third parties only where this is necessary for that purpose. User’s personal Data are processed by the Data Controller using servers located in the EU, it is understood in any case that the Data Controller, if necessary, will have the right to move the reference servers even in extra-territories EU, thus transferring data to a country other than the one where the User is located; in particular with Google, Facebook and Microsoft (LinkedIn) via social plugins and the Google Analytics service. The transfer is authorized on the basis of specific decisions of the European Union and the Guarantor for personal data protection, in particular 1250/2016 (Privacy Shield), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield. The User has the right to obtain information about the legal basis for the transfer of data outside the European Union or to an international organization governed by public law or consisting of two or more countries, such as the UN, as well as the security measures taken by the Data Controller to protect the Data. The User may verify at any time whether any of the transfers described above take place by making an express request to the Data Controller through the contacts on this document.

DATA STORAGE
The Data Controller will keep personal data for the time strictly necessary to carry out the purposes for which they have been collected, or for any other legitimate related purpose and until the consent is revoked by the User; in any case this retention period will be in accordance with the Applicable Regulation. The contact data will therefore be kept for the period of time necessary for the fulfilment of the contractual obligations with the User and for the protection of both the User’s and the Data Controller’s interests in civil matters.  The User’s personal data acquired for marketing purposes will be kept in accordance with the Applicable Regulation as well as the provisions of the Guarantor for personal data protection Authority in force. Personal data may be kept for a longer periods only if they are processed exclusively for archiving in the public interest, for scientific or historical research or for statistical purposes, in accordance with Article 89-P.1, without prejudice to the implementation of appropriate technical and organizational measures required by the Regulation to protect the rights and freedoms of the data subject.

DATA SUBJECT’S RIGHTS
The User of the site, in the capacity of data subject, has the right to request the exercise of the rights set out in art. 7 of the Code, according to art. 8 of the Code. At any time the User may exercise his rights, in accordance with EU Regulation no. 679/2016. In particular, by contacting the Data Controller, the User may request:
- To know the existence of data processing which may concern him and, in this case, to obtain access to his personal data under art. 15 of the EU Regulation n. 679/2016 and obtain without delay the communication in intelligible form of the same data and their origin, on recipients or categories of recipients to whom personal data are or will be communicated;
- To obtain, without undue delay, the rectification or integration of personal data relating to him in accordance with art. 16 of the EU Regulation n. 679/2016;
- To obtain the limitation of user’s data processing if the data subject contests the accuracy of the data or opposes to their processing or if the processing is unlawful or, in case Data Controller no longer needs it for the purposes of processing, personal data are in any case required for the establishment, exercise or defense of a right in court, in accordance with art. 18 of the EU Regulation n. 679/2016;
- To exercise the right of Data portability, understood as the right to obtain from the Data Controller in a structured format, in common use and readable by automatic device, the personal data concerning him, and to transmit such data without hindrance to another Data controller in accordance with art. 20 of the EU Regulation n. 679/2016;
- To bring Appeal or complaint at the Guarantor for Personal data protection Authority (garante@gpdp.it) or a Supervisory Authority, if he considers that his personal data processing violates the Regulation or law Code;
- To object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning Him, even if relevant for the purpose of the collection; b) to the processing of personal data concerning Him for the purpose of sending advertising material or direct sale or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or traditional marketing methods by telephone and/or paper mail. Please note that the data subject’s right of objection, as set out above in point b), for purposes of direct marketing using automated methods, it extends to the traditional ones, and, in any case the user maintains the possibility to exercise the right of opposition even partially. Therefore, the data subject may decide to receive only communications through traditional methods or only automated communications or neither of the two types of communication.

VOLUNTARILY PROVIDED DATA
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to answer requests, as well as any other personal data entered in the letter. The data entered in the subscription to the newsletter through the site or the sending of requests through the form present on the site, will be acquired after acceptance by the user of personal data processing. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.

WITHDRAWAL OF CONSENT
The User has the right to revoke the consent given at any time, without prejudice to the lawfulness of the processing based on the consent obtained before the revocation, ref. to art. 7, par. 3 of the EU Regulation n. 679/2016. The revocation may imply the impossibility to give further course to the provision of the service by the Data Controller and to pursue the above stated purposes.
The Data Controller is not responsible for updating any links that may be displayed in this Policy, therefore, whenever a link is not working and/or updated, the User acknowledges and accepts that he must always refer to the document and/or section of the websites named and/or invoked by such link. The Data Controller reserves the right to make changes to this privacy policy at any time by notifying the User on this page and, if possible, on this Web Site and, if technically and legally feasible, by sending a notification through one of its contact details.



COOKIES POLICY
Cookies are small text files that the sites visited by the user send and record on the computer or mobile device of the user, to be then transmitted to the same sites at the next visit. Thanks to cookies the site remembers the actions and preferences of the user (such as, for example, the login data, the language chosen, the size of the characters, other display settings, etc.) so that they do not have to be indicated again when the user returns to visit the same site or he navigates from one page to another of the same site. Cookies, therefore, are basically used to perform computer authentications, monitoring sessions and storing information about the activities of users who access a site and may also contain a unique identification code that allows you to keep track of the user’s navigation within the site. In the course of browsing a site, the user can also receive on his computer or mobile device cookies of sites or web servers other than the one he is visiting (c.d. cookies of "third parties").  Some operations could not be performed without the use of cookies, which in certain cases are therefore technically necessary for the operation of the site. When the installation of Cookies takes place on the basis of consent, this consent may be revoked freely at any time following the instructions contained in this document.

TYPES OF COOKIES
Technical cookies, that means for navigation or session, strictly necessary for the operation of the site or to allow the user to take advantage of the contents and services requested by them.
Analytics cookies, which allow to understand how the site is used by users. These cookies do not collect information about the user identity, nor any personal data. Information shall be treated in an aggregated and anonymous form. Functionality cookies, that is used to activate specific functionality of the site and a series of selected criteria (for example, language, products selected for purchase) in order to improve the service rendered.
Third parties cookies, that is cookies of sites or web servers other than the one hosting this site, used for the own purposes of those third parties.
Profiling cookies, including third-party cookies, that are cookies aimed at creating user-related profiles and used in order to send advertising messages in line with the preferences expressed during web browsing.

DATA TRANSFER TO A THIRD COUNTRY AND/OR AN INTERNATIONAL ORGANIZATION
The Data Controller will not transfer personal data to a third country or an international organization, except for those services/components of third parties "embedded" in the site, referred to in the paragraphs below with the relevant policies.

COOKIES USED ON THE WEBSITE
The site www.spinelligioielli.it mainly uses system cookies or technical useful to ensure the functioning of the services offered and to allow to improve the performance, for authentication, for statistical purposes, such as the counting of visits to the site. The use is therefore strictly finalized to facilitate the functions of the server during the navigation. These technologies allow sites, services, apps. and tools, to store important information, in the User’s browser or device and then to use it later to speed up the recognition of it when the User returns to the site. The User’s personal data are not stored in cookies or other similar technologies used. These cookies are essential for the proper use of the site. The User can disable them from the browser by following the directions in the dedicated paragraph, but doing so he could compromise the navigation on the site, in which case the Data controller not responsible for possible malfunctions
The site may also allow the sending of third-party cookies, even without Data controller’s knowledge. These cookies are not tools managed directly by the Data controller, therefore, for more information can access to the policy and the forms of acquisition of the third parties’ consent, by referring to the links and/or specific platforms named.
To improve the way of browsing the website and understand which parts or elements are most appreciated by the User, third-party cookies of Google Analytics could be used as an anonymous and aggregated analysis tool. Google Analytics is a web analytics service provided by Google Inc. ("Google"). Google may therefore use the Personal Data collected in order to track and examine the use of this Application, compile reports and share them with other services developed by Google. Google may use Personal Data to contextualize and customize ads in your advertising network. These cookies are not tools managed directly by the Data Controller, so for more information you can consult the information provided by Google.
In order to save the User’s browsing preferences, this site may collect Cookie features. Among these types of Cookies (such as Wordpress) are those to set the language and currency or to manage statistics by the Data Controller of the site. These cookies are not tools managed directly by the Data Controller, therefore, for more information you can consult the information provided by the specific platform.

INTERACTION WITH SOCIAL NETWORK and/or OTHER PLATFORMS Google+, Instagram, Facebook, Twitter, linkedin, YouTube
This type of services allows interactions with social networks, or with other external platforms, directly from the pages of this Application. The interactions and information acquired by this Application are in any case subject to the privacy settings of the User related to each platform and/or social network.  In case that an interaction service with social networks or other platform is installed, even if Users do not use the service, the same may collect traffic data related to the pages where it is installed (e.g. Google Map Widget - Google inc.) Some web pages may incorporate YouTube video content into them. Visiting a page containing a video, or clicking to view the video, may call cookies from YouTube. These cookies are not tools managed directly by the Data controller, so for more information you can visit the Google Info page, (Widget Video YouTube - Google Inc.) The website could use the Facebook ADS programs managed by Facebook Inc., Google AdWords and Google remarketing technology, managed by Google Inc. Also the function tracking Facebook ADS and AdWords conversions uses cookies to help track any sales and other conversions.

HOW TO EXPRESS CONSENT TO THE INSTALLATION OF COOKIES
In addition to what is stated in this document, the User can manage the preferences related to Cookies directly within his browser and prevent - for example - that third parties can install them. Through the preferences of the browser it is also possible to delete the Cookies installed in the past, including the Cookie in which the consent to the installation of Cookies by this site is saved. The User can find information on how to manage cookies with some of the most popular browsers such as the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer. With reference to Cookies installed by third parties, the User can also manage their own settings and revoke consent by visiting the relevant opt out link (if available) using the tools described in the third party’s privacy policy or contacting the third party directly.  Notwithstanding the foregoing, Users are advised to make use of the information provided by YourOnlineChoices (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services. With these services you can manage the tracking preferences of most advertising tools. The Data controller, therefore, advises Users to use these resources in addition to the information provided by this document.

DATA CONTROLLER
The Data Controller according to the laws in force is: MINERALCENTER SNC DI SPINELLI L.M.P., with registered office in VIA ALESSANDRO VOLTA, 7/13 - 35031 ABANO TERME (PD), E-mail: info@mineralcenter.it, Tel. +390498601595. Since the installation of Cookies and other tracking systems operated by third parties through the services used on this Web Site cannot be technically controlled by the Data controller, any specific reference to Cookies and tracking systems installed by third parties is to be considered indicative.  To obtain complete information, the User is invited to consult the privacy policy of any third party services listed in this document.
In view of the objective complexity of identifying the technologies based on Cookies, the User is invited to contact the Data controller if he wishes to receive any further information regarding the use of the Cookies through this Web Site

VOLUNTARILY PROVIDED DATA
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to answer requests, as well as any other personal data entered in the letter. The data entered in the subscription to the newsletter through the site or the sending of requests through the form present on the site, will be acquired after acceptance by the user of personal data processing. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.  For the sake of completeness, it should be noted that in some cases, which are not the subject of the day-to-day management of this site, the Authority may request news and information in ref. to GDPR 2016/679 for the purposes of monitoring the processing of personal data; in these cases the reply is mandatory.

DATA SUBJECT RIGHTS
The person to whom the personal data relate has the right at any time to obtain confirmation of the existence or not  of the data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification in ref. to Articles 15 to 22 GDPR. It is also the right of each user to withdraw any consent previously granted for information or marketing purposes. Pursuant to the same articles, the user has the right to request the deletion, the transformation into anonymous form or the blocking of data processed in violation of law, as well as to object in any case, for legitimate reasons, to their processing. The User also has the right to request the limitation to the use of data and the right to the portability of data to another Data Controller. Apart from what is specified for the navigation data, the user is free to provide personal data. The Data controller guarantees to the "Right to be forgotten" or the right to obtain the cancellation of data concerning him without undue delay.

RIGHT TO COMPLAIN TO THE SUPERVISORY AUTHORITY
The data subject has the right to complain to the Supervisory Authority (For Italy: Guarantor for Personal data protection Authority www.garanteprivacy.it)
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying it to Users on this page and, if possible, on this Web Site and, if technically and legally feasible, by sending a notification to the Users through one of the contact details in its possession.

DEFINITIONS
Personal Data (or Data): Any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a natural person identified or identifiable, constitutes personal data.
Usage Data: This information is collected automatically through this Web Site (including by third party applications integrated into this Web Site), including: IP addresses or domain names of computers used by the User who connects with this Web Site, the addresses in URI notation (uniform Resource identifier), the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (good end, error, etc.) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example, the time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters related to the User’s operating system and computer environment.
User: It corresponds to the individual who uses this Web Site that, unless otherwise specified, coincides with the person concerned.
Concerned: The natural person to whom the Personal Data relates.
Responsible for processing (or Responsible): The natural, legal person, public administration and any other entity that processes personal data on behalf of the Data Controller, as described in this privacy policy.
Data Controller: The natural or legal person, public authority, service or other body that, individually or together with others, determines the purposes and means of processing personal data and the instruments adopted, including security measures relating to the operation and use of this Web Site. The Data Controller, unless otherwise specified, is the owner of this Web Site.
This Website (or this Application): The hardware or software tool through which User Personal Data are collected and processed.
Service: The Service provided by this Web Site as defined in its terms (if any) on this site/application.
European Union (or EU): Unless otherwise specified, any reference to the European Union contained in this document is intended to be extended to all current Member States of the European Union and the European Economic Area.
Cookies: Small portion of data stored inside the User’s device.