PRIVACY POLICY
Policy notice pursuant to EU Regulation 2016/679
This policy is provided pursuant to Art. 13 of Regulation EU 679/2016 (General Data Protection Regulation). This policy shall not be applicable to any other website made available via links on the domain holder’s websites; under any circumstance, the holder cannot be held responsible for third-party websites.
This policy notice is provided pursuant to Art. 13 by Sugar S.r.l as Data Controller (Art. 4 and Art. 24 of Reg. EU 2016/679) with registered office in Corso Italia 19, 52100 Arezzo (AR) in relation to personal data provided by users through the access and/or the registration to the Website https://www.sugar.it (Website).
Contacts: Phone: 0575/354631 or e-mail: customerservice@sugar.it
IT systems and procedures required for Website’s operation collect, in their normal course, some personal data that are implicitly shared in the implementation of Internet communication protocols. This information is collected anonymously. Our operations are governed by ethical principles and we commit to protect the privacy of all visitors to our website. For this reason, the way we collect and store data is closely correlated to the usage of our Website and its services.
When users/visitors visit our Website and provide their personal data in order to make requests (via e-mail) for access and/or registration, their data are collected by the Data Controller.
SUGAR S.R.L will process personal data provided by the user for the following purposes:
Pursuant to Art. 5 Par. 1 Letter e) of Reg. EU 679/2016, personal data collected shall be kept in a form which permits identification of data subjects for no longer than it is necessary for the purposes for which the personal data are processed.
Personal data retention period varies according to the purposes of the processing:
In accordance with the law, SUGAR S.R.L will store log files and IP addresses used for shopping online in order to prevent and detect any fraud in online transactions.
Transfer of personal data for purposes (a), (b) (d) is necessary and mandatory for the correct displaying and browsing of the Website.
Transfer of personal data for purposes stated in section (c) above is completely optional. However, as data transfer is mandatory for registering to the Website and shopping online, if user denies consent to data transfer, user will not be able to register to the Website and shop online.
In respect to the purposes of the processing as of section (e) (the so-called “marketing” purposes) of Art. 3 above, user consent to personal data processing is completely optional. Failure to consent will not affect registration to the Website and/or online shopping; however, user will not be able to receive by SUGAR S.R.L informational and promotional contents via e-mail newsletters regarding products offered for sale on the Website.
User may, in any circumstance, withdraw his/her consent previously agreed for the purposes stated in section (e) (the so-called “marketing” purposes) and exercise the right to object to processing for the purposes stated in section (f) (“soft spamming”):
Notwithstanding the above, user may exercise the right to object at any time by contacting SUGAR S.R.L via the contact details provided in Art. 1 above.
The California Consumer Privacy Act (CCPA) is the most recent Californian law on privacy aimed at protecting the rights of users resident in California (United States). CCPA entered into force on January 1st 2020 and is effective as of July 1st 2020.
CCPA introduces new requirements for personal data processing and gives consumers new rights regarding Privacy. It can be thus be expected that CCPA will significantly impact business responsibilities and procedures.
Pursuant to CCPA, “Personal data” are “information that can identify, relate to, describe, be associated with, or be reasonably capable of being associated, directly or indirectly, with a particular consumer or household”. (Name, pseudonyms, postal address, personal ID, IP address, e-mail address, user name, social security number, driving license number, passport number or similar ID information, business information, such as assets, product or services records purchased, obtained or taken into account, and other logs or purchasing and consumption trends, biometric data; networking activities information (via Internet or other channels), including browsing technologies, research history and information regarding interactions with a website, an app or an ad; geo-localization data)
For the purposes stated in Article 3, section (c) of this document, the company may process data of users resident in CALIFORNIA.
Pursuant to CCPA, consumer has the right to object, at any time, by notifying the company, to the sale of their personal data to third parties; in this respect, consumer may decline personal data sale using the form "Do Not Sell My Personal Information" (DNSMPI) available on the Website banner at the first purchase.
By doing this, Data Controller shall not sell personal information to third parties, unless the user explicitly allows to do so at a later time (opt-in).
Pursuant to and in compliance with CCPA, consumer may exercise the following rights:
User can submit a request to the following e-mail address customerservice@sugar.it
Personal information provided by the user for the purposes stated in Art. 3 of this document may be disclosed to or shared with the following entities:
https://rakutenmarketing.com/legal-notices/services-privacy-policy/
https://rakutenmarketing.com/legal-notices/subject-requests/
Personal data provided by user with respect to the registration to the Website and/or online shopping on the Website will not be disclosed. The updated Data Controller list is available at the Data Controller’s registered office; the updated list can also be requested by contacting us using the details provided in Article 1 of this notice.
Personal data provided by user may be transferred to other EU countries in relation to the above-mentioned purposes.
Transferred data will not be disclosed without prior consent.
User may exercise their rights as expressed by Articles 15, 16, 17, 18, 19, 20, 21, 22 of Regulation EU 679/2016 by contacting the Data Controller. User may request at any time the Data Controller to access, amend or delete their personal data or to restrict the processing. User may request at any time to object to processing concerning their data (including automated processing, such as profiling) as well as to exercise data portability. Without prejudice to any other administrative or judicial remedy, if user believes that the processing of their personal data does not comply with Reg. EU 2016/679, pursuant to Art. 15 Letter f) of the aforementioned Reg. EU 2016/679, user shall have the right to lodge a complaint with the Data Protection Officer and, in respect to Art. 6, Par 1, Letter a) and Art. 9, Par. 2, Letter a) user shall have the right to withdraw their consent at any time.
As to the purposes stated in Par. 3, Letter c) the withdrawal of consent shall not affect the lawfulness of processing based on the consent given before its withdrawal. (Pursuant to Art. 7).