Because your privacy is so important to us, we provide you with this Policy, explaining how we collect, use and share your personal data, so that you can make informed choices, about the use of your data.
A. DATA CONTROLLER
Seiseta S.r.l. is the controller for the personal data we process. Data Controller is the company, which decides how and why your personal data is processed.
You can contact us by email: firstname.lastname@example.org
Our postal address is: Via San Francesco a Patria ZONA ind. ASI - 80014 - Giugliano in Campania (NA) - Italy
B. WHAT PERSONAL DATA DO WE COLLECT
This website collects personal data in two ways:
Data provided voluntarily: by filling in the contact form or by registering for a newsletter or creating an account, for example, email address, telephone number, first and last name, hairstylist licence.
Data collected automatically (cookies): through the Website, which collects them independently or on behalf of third parties, e.g. usage data and cookies.
Seiseta also collects personal data offline, for example at trade shows or in other lawful ways, for example during a negotiation with a customer or supplier. This notice is also addressed to these data subjects
C. WHY DO WE USE YOUR PERSONAL DATA?
We use personal data collected for a number of purposes, including the following:
- To give feedback to your requests when you fill out the appropriate contact form.
- To sell our products or buy services and products. We also use personal data for related internal administrative or legal purposes - such as our accounting and records - and to make you aware of any changes to our services.
- To send marketing communications about our products.
D. LEGAL GROUNDS
- Compliance with law: In some cases, we may have a legal obligation to use or retain your personal data.
- Performance of a contract with you (or in order to take steps prior to entering into a contract with you); for example, to register a personal account.
a) with reference to third-party profiling cookies. The user gives consent in the banner provided by the Cookie Law. Seiseta does not use its own profiling cookies.
b) to receive both paper, email, and telephone marketing communications.
c) for offline collection of personal data, e.g. at trade fairs, in order to do direct marketing. In this case, as well as in the case of legitimate interest for soft marketing purposes, at the expiry of the second year, the controller, if it still intends to process data for marketing purposes, must ask the data subject for a new consent.
- Our legitimate interests and in particular:
a) if it is necessary to promote our products (direct marketing);
b) to perform soft data profiling as allowed by the Guidelines of the Working Group ex art. 29, for example, if we need to understand the sales trends of certain products in a determinate area. In this type of profiling, the data controller does not carry out invasive processing and does not cross-profile. Moreover, the data controller does not make automated decisions.
E. WHAT ARE THE POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE PERSONAL DATA?
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data, if you don’t provide personal data, we will not be able to enter into the contract.
F. WHO WILL WE SHARE YOUR PERSONAL DATA WITH?
Normally we don’t share personal data with third parties.
However, there are circumstances when we are likely to share data with other public authorities and organizations where there is a legal ground for doing so, which might include:
- Public authorities
- Tax authorities
- Judicial/investigative authorities such as the police, public prosecutors, courts on their express and legal request.
- our accountant
- our lawyer.
G. WHERE DO WE STORE AND PROCESS YOUR PERSONAL DATA?
We primarily store and process your personal data in the EU/European Economic Area (“EEA”). If we transfer your personal data outside the EEA, we will have a legal ground to do so.
Some examples of grounds your data may be processed outside of the EEA include:
- Order fulfillment
- Technical support services.
If your personal data cannot be processed within the EEA, we will comply with all other data protection principles.
Where possible, we will be in a country that is on the list of the EU Commissions’ countries that provide adequate protection for the rights and freedoms of data subjects.
In all other cases, subject to article 49 GDPR we make sure that:
- the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request;
- the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person;
H. DATA PROCESSOR
To the extent of responsibility, we have appointed, as data processors, external professional managers or service companies for the administration and business management who work on behalf of our company, for example, with regard to tax obligations, our accountant.
You can receive the updated list of the subjects above by contacting the data controller.
I. HOW DO WE PROCESS YOUR PERSONAL DATA?
We implement serious security measures to grant the best protection to your personal data against unauthorized access, modification, disclosure or deletion. Your data is protected by our highly sophisticated security systems.
We actively implement data loss prevention systems against leakage, theft, and data breach in order to ensure that our site and the entire IT infrastructure related to it are updated against the latest network security vulnerabilities. Our site incorporates the most advanced security technologies available in order to ensure the best safety of its users and the safekeeping of their related information.
L. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We will retain your personal data as long as it’s necessary to fulfill the purposes for which it is collected.
In any case, for tax purposes we will retain data for no longer than ten years after the termination of our contractual relationship.
For marketing purposes, we will retain personal data for no longer than two years.
M. WHAT ARE YOUR RIGHTS?
- Right of access - you have the right to request a copy of the information that we hold about you.
- Right to rectification - you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten - in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing - where certain conditions apply, you have a right to restrict the processing.
- Right to data portability - you have the right to have the data we hold about you transferred to another organization.
- Right to object - you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling - you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to lodge a complaint with a supervisory authority.
If you want to exercise any of the above rights, please mail us: email@example.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
N. CALIFORNIA CONSUMER PRIVACY ACT DISCLOSURES
This California Consumer Privacy Act disclosure page ("Disclosure") implements the Seiseta Privacy Notice and it is effective from 7 December 2021
These additional disclosures are required by the California Consumer Privacy Act:
O. Categories of personal information collected.
The personal information that Seiseta collects, or has collected, from consumers in the twelve months prior to the effective date of this Disclosure, fall into the following categories established by the California Consumer Privacy Act, depending on which Seiseta is used:
- identifiers such as your name, alias, address, phone numbers, email or IP address, hairstylist licence;
- personal information, such as a credit card number;
- age, gender, or other protected classifications;
- commercial information;
- Internet activity information, such as content downloads;
- geolocation data, such as the location of your device or computer;
- professional information, for example, data you may provide about your business;
- information about your purchase preferences.
P. Categories of personal information disclosed for a business purpose.
The personal information that Seiseta disclosed to the third parties (identified in the “WHO WILL WE SHARE YOUR PERSONAL INFORMATION WITH?” section of the Seiseta Privacy Notice about consumers) for a business purpose in the twelve months prior to the effective date of this disclosure fall into the following categories established by the California Consumer Privacy Act, depending on which Seiseta is used:
- identifiers such as your name, address, phone numbers, email or IP address, for example if we use a third party carrier to deliver your order;
- personal information, such as a credit card number, for example, if we use a third-party payment processor;
- commercial information, such as the details of a product you purchased if a third-party service provider is assisting to provide that product to you;
- geolocation, such as the location of your device or computer; if we need to undestand purchasing trends in a certain area;
- professional information, for example, if we provide your account details to a service provider for verification as part of enrollment for a Seiseta account.
Q. Right to Request Access to or Deletion of Personal Information.
You may have the right under the California Consumer Privacy Act to request information about the collection of your personal information by Seiseta, or access to or deletion of your personal information.
If you wish to do any of these things, please contact Seiseta at the following email address: firstname.lastname@example.org
No sale of personal information.
In the twelve months prior to the effective date of this disclosure, Seiseta has not sold any personal information of consumers, as those terms are defined under the California Consumer Privacy Act.
Seiseta will not discriminate against any consumer for exercising their rights under the California Consumer Privacy Act.
Annual Reporting for 2021.
In 2020, Seiseta didn’t exist.