TYPE OF PERSONAL DATA COLLECTED AND PROCESSED
When users visit and view the Site, Kyme do not generally collect personal data from them, with the exception of “browsing data”. The technological platform through which the Site is made available to users automatically records some browsing data (the transmission of which is implicit in the use of internet communication protocols), such as the name of the internet access provider, the site of origin, pages visited, date and duration of the visit, etc. Such information allows users to access the Site and use certain services, and may be aggregated and used anonymously for statistical purposes and to verify that the Site is functioning properly.
Kyme and do not collect these browsing data in order to associate them with other information about the users and subsequently identify the users. However, browsing data, by their very nature, may allow identification of the users after they have been processed and associated with other information. Browsing data may therefore be used by Kyme and in order to ascertain any liability concerning computer crimes committed to the detriment of the Site or through the Site. With the exception of this possibility, the browsing data described above are stored only temporarily, in compliance with applicable regulations.
Data provided voluntarily by users collects and processes personal data that users provide voluntarily when interacting with the functionalities and services of the Site. In the sections of the Site where users’ personal data are collected, a disclosure is published pursuant to Article 13 of Legislative Decree 196/2003.
PURPOSES OF THE PROCESSING
Kyme process users’ data for the following purposes:
• management of browsing on the Site;
• management of Site security;
• compliance with legal and regulatory obligations;
• exercise of rights in judicial proceedings. process users’ data for the following purposes:
• management of sales and transactions performed in the context of the Kyme Online Store;
• management of orders;
• sale and delivery of products;
• management of returns and guarantees, and other activities necessary for the sale of products via the Kyme Online Store.
NATURE OF THE PROVISION OF DATA
With the exception of browsing data (which are automatically collected by the system), the transmission of data by users for the aforementioned purposes is optional. Failure to transmit data for commercial purposes will not affect your ability to access the functionalities offered by the Site, except that it will be impossible to buy products.
Users’ personal data are processed using IT and electronic tools, mainly via electronic and automated means and, in certain specific transactions, using paper documentation. In accordance with LD 196/2003, specific security measures are observed to prevent data loss, unlawful or improper use, and unauthorised access.
PARTIES INVOLVED IN THE PROCESSING
Users’ personal data are processed by parties designated as processors or tasked with processing, in accordance with the provisions of Articles 29 and 30 of LD 196/2003. In addition to the above, the data may be brought to the attention of third parties such as freelancers, consultants and, more generally, third parties that cooperate with Kyme and/or to pursue the aforementioned purposes, or third parties that have been tasked with activities on an outsourcing basis.
In any case, Kyme and undertake to provide such third parties only with the data necessary to perform the duties and activities assigned to them; it also undertakes to do everything in its power to ensure that third parties use the data received exclusively for the purposes indicated by Kyme and and in compliance with the applicable regulations on personal data processing.
Users’ personal data may also be brought to the attention of third-party companies in the event of mergers or demergers, acquisitions, disposals of companies or business units, or other extraordinary corporate transactions. Users’ personal data may also be brought to the attention of legitimate recipients pursuant to law or regulations, for example in the event of a request by the competent public authorities or judicial authorities or, more generally, in the context of judicial proceedings, as well as to protect and defend the Site and the rights of Kyme and.
Such parties shall process the data as autonomous data controllers or processors, depending on the case in question.
An updated list of all Data Processors may be requested from the Data Controllers identified below, the email address CUSTOMERSERVICE@KYMESUNGLASSES.COM.
Furthermore, these data may be transferred outside of the national territory in countries not belonging to the European Union. In this case, an adequate level of data protection will be guaranteed. The Data shall not be disseminated.
CONNECTION TO THIRD-PARTY WEBSITES AND SERVICES
Kyme e thus invite users to take care when accepting offers of services from third parties, and to read the information provided by the third party regarding its processing of personal data, which the Data Controllers have no control over, nor can be held liable for.
MODIFICATIONS TO THIS DOCUMENT
THE DATA CONTROLLER
• Kyme S.R.L., VIA RUGGERO BONGHI 1, 70022 ALTAMURA (BARI – ITALY), vat number 07503420726.
Users of the Site may exercise the rights pursuant to Article 7 of Legislative Decree 196/2003, which are reproduced in full below. These rights may be exercised informally simply by sending a request to the Data Controllers as identified above, to the email address CUSTOMERservice@kymesunglasses.com.
ARTICLE 7 OF LEGISLATIVE DECREE 196/2003. THE DATA SUBJECT’S RIGHTS
1. The data subject has the right to obtain confirmation of the existence or non-existence of personal data concerning them, even if they are not yet recorded, and the communication of said data in an intelligible form.
2. The data subject has the right to be informed of:
a. the origin of the personal data;
b. the purposes and methods of the data processing;
c. the logic applied in the event of processing performed with the aid of electronic instruments;
d. the identification details of the data controller, the data processors and the designated representative pursuant to Article 5, paragraph 2;
e. the parties or categories of parties to which the personal data may be communicated or which may access the data in the capacity of designated representative in the territory of the state, data processor or party tasked with processing the data.
3. The data subject has the right to obtain:
a. an update, adjustment or, where they have an interest therein, supplement to the data;
b. the deletion, anonymisation or blocking of data processed unlawfully, including data that do not need to be stored for the purposes for which the data were collected or subsequently processed;
c. a certification that the operations mentioned under a) and b) have been brought to the attention, including with regard to their content, of those to whom the data were communicated or disseminated, except in cases where this is impossible or requires a use of resources that is manifestly disproportionate to the right being protected.
4. The data subject has the right to object, in full or in part:
a. for lawful reasons, to the processing of personal data concerning them, even if it is pertinent to the purpose of the data collection;
b. to the processing of personal data concerning them for the purposes of sending out advertising or direct-sales material or for the performance of market research or marketing communications.