INFORMATION ON THE TREATMENT AND PROTECTION OF YOUR PERSONAL DATA
according to art. 12 Reg. GDPR (EU) April 27th 2016, n. 2016/679 relating to the protection of individuals with regard to the processing of personal data, as well as to free movement
This Policy also tells you what your rights are in relation to the personal data you give to us.
Pursuant to the articles 4, paragraph 7, and 24 of the GDPR the Data Controller of personal data is UNITED PETS SRL, with registered office in MILAN, Viale CERTOSA N. 46, which can be contacted in writing by e-mail address: email@example.com or by post at the aforementioned office address legal or by phone at +39 02 3927041
The Data Protection Manager is Pietro Ricci who may be contacted at firstname.lastname@example.org
What personal data do we collect?
The personal data we collect from you directly can include your name, email address, mobile/landline telephone number, date of birth, address, your purchasing activity, your credit, or debit card or other payment information, and information you give us when you contact our customer services team or when you engage with our social media platform (for example by tagging us in a post on Instagram).
If you are using a mobile device and shopping with us online or browsing our website, we may collect your IP address or other device identifier, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, and other portable device information.
When do we collect your personal data?
- When you purchase products and services from us online or over the phone.
- When you contact us or we contact you to take part in surveys, competitions or promotions.
- When you contact our customer services team online or over the phone.
- When you engage with us on social media (by mentioning/tagging us or by contacting us directly).
How do we use your personal data and what are our legal justifications for doing so?
To make our products and services available to you
We use your personal data to provide you with the information, products and services that you request or purchase from us (i.e. to complete certain tasks, processes or orders on our website or within our apps, take payment online (where applicable) and deliver your products or services), and to communicate with you regarding those products and services that you purchase from us and respond to your questions and comments;.
We may also use your personal data to measure how satisfied our customers are and provide customer service (including troubleshooting in connection with purchases or your requests for services or when you ask us questions on social media);.
We rely on our contractual arrangements with you as the lawful basis on which we collect and process your personal data when you make an order for products and services. Alternatively, in some cases, we rely on our legitimate interests as a business (for example, to measure customer satisfaction and troubleshoot customer issues). Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
For administrative and internal business purposes?
We may use your personal data for our internal business purposes, such as enhancing our site, improving our services and products and identifying usage trends. We may also use your data to monitor the use of our website and ensure that our website is presented in the most effective and relevant manner for you and your device and setting default options for you (such as language);
It is in our legitimate interests as a business to use your personal data in this way. For example, we want to ensure our website is customer friendly and works properly and that our products and services are efficient and of high quality. We also want to make it easy for you to interact with us. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
For security and legal reasons
We use your personal data to:
- ensure the personal and financial information you provide us is accurate;
- conduct fraud checks or prevent other illegal activity;
- protect our rights or property (or those of others); and
- fulfil our legal and compliance-related obligations.
In some cases, we will use your personal data because it's necessary for us to comply with a legal obligation (such as if we receive a legitimate request from a law enforcement agency). In other cases (such as the detection of fraud) we will rely on our legitimate interests as a business to use your personal data in this way. Where we rely on our legitimate interests, we will always make sure that we balance these interests against your rights.
To personalise your shopping experience and improve our operations
We use your personal data to:
- allow you to create a profile on our website which enables you to purchase UNITED PETS products and services online without having to fill in your personal data every time you shop online with us;
- provide you with marketing material via SMS and email;
- analyse how you shop and what you shop for. This may include information on products you have viewed, historical transactions and products you have added to your online basket. This allows us to provide a browsing experience which is relevant to you.
It is in our legitimate interests as a business to use your data in this way and we do this in order to enhance your shopping experience with us. This allows us to help you find the products and services which you may be looking for and avoids you having to browse through products or services which are not relevant to you.
When we send you marketing material via SMS, and email, we will rely on our legitimate interests as a business, always ensuring that your rights are protected.
Who do we share your personal data with?
We will never sell any of your personal data to a third party. However, in order for us to provide our services to you, we share your personal data with our trusted third party service providers or our group companies, as detailed below. Whenever we share your personal data, we put safeguards in place which require these organisations to keep your data safe and to ensure that they do not use your personal data for their own marketing purposes.
Third party service providers
To fulfil orders for products and services
We work with a number of trusted service providers who carry out services on our behalf. When you purchase products and services from us, the services provided by these organisations includes delivery, product assembly and installation, waste removal and processing payments. It is in our legitimate interests as a business to work with these service providers since we may not have the capabilities to provide these services ourselves. In each case, we will ensure that the service provider is only allowed to use your personal data in order to provide the services to us and for no other purpose.
To prevent crime and comply with laws
We share your financial information including your credit, debit card or other payment information with third parties to ensure that your payment is safe and that your details are not being used fraudulently. This data sharing enables us to conduct fraud analysis which ensures that genuine and accurate payment details are provided to us for any purchase. We may share your personal data with credit agencies if you are requesting credit.
There may be other scenarios where we are subject to a legal obligation to share or disclose your personal data, such as with law enforcement agencies or public authorities in order to prevent or detect crime or fulfil a legal requirement.
Other professional services
We may need to disclose your personal data to our insurers where we believe that it is required under our contractual relationship with our insurance provider to do so.
Transfer of your personal data outside Italy
Your data could be transferred to external IT service providers that provide the server infrastructure, IT maintenance tasks or extensive IT solutions (such as cloud services) and software solutions on our behalf. Your personal and accounting data could be transferred to external payroll processing and accounting services, and the preparation and review of accounts and financial statements or even for the mere archiving of invoices. In certain circumstances determined by law or by the public authority to fulfill disclosure obligations strictly required by law or imposed by the public authority, your personal data may be transferred to government agencies, courts, Environmental Protection Agencies, external Consultants and third parties similar if they are public bodies or other authorized third parties. Some contact details can be transferred to logistics companies if the processing is necessary to send products or packages by post or courier. Some data may be transferred to the MailChimp newsletter service platforms provided by companies with registered offices in the United States. In this regard, we inform you that the MailChimp platform adheres to the Privacy Shield, and is therefore authorized to process data on subjects present in the Union.
According to the Art. 15 GDPR, you have the right to access personal data stored by us. This means that you have the right to obtain confirmation from us that your personal data is being processed and, in this case, to request access to personal data. Access information includes - among others - the purposes of the processing, the categories of personal data in question and the recipients or categories of recipients to whom the personal data have been or will be communicated. However, this is not an absolute right and the interests of other parties may limit your right of access. You have the right to obtain a copy of the personal data being processed. In case of further copies requested by you, we can charge a reasonable fee based on the administrative costs incurred. The right of access can be limited in certain circumstances. You have the right to obtain the correction of incorrect personal data based on Art. 16 GDPR. This means that you have the right to obtain rectification of inaccurate personal data concerning you. Taking into account the purposes of the processing, you may have the right to obtain the integration of incomplete personal data, even providing a supplementary declaration. You have the right to delete your personal data based on Art. 17 GDPR. This means that in certain circumstances, you may have the right to obtain the cancellation of your personal data from us and we may have the obligation to delete such personal data. The right to data deletion may be limited in certain circumstances. You have the right to obtain the limitation of the processing of your personal data according to the Art. 18 GDPR. This means that, in this case, the respective data will be marked and may be processed by us only for certain purposes (eg with your consent or to take legal action). According to the Art. 20 GDPR, in certain circumstances, you may have the right to receive in a structured format, commonly used and readable by automatic device, the personal data concerning you that you provided to us and you may have the right to request the transmission of such data to a another holder of the processing without impediment on our part. If you have your personal data that is processed exclusively by Your consent and not for other legitimate reasons, then you have the right to revoke that consent at any time with future effect. Such revocation will not affect the lawfulness of the processing based on consent before the revocation. However, if you now affirm the dissent, then it will no longer be possible to receive promotional information or have information on events that you might be interested in. If you want to think about it and eventually interrupt the sending of advertising material, newsletters, promotional phone calls at a later time, you need to know that at any time you always have the right to block our marketing.
If you no longer wish to be contacted by us about our products or services, or for other marketing purposes, you can amend your preferences or unsubscribe by contacting us. Alternatively, if you have a profile on the UNITED PETS website, you can unsubscribe by logging into your account, or simply follow the unsubscribe link provided in emails you receive from us.
You can block our direct marketing by sending an e-mail regarding NO-MARKETING to the following address: email@example.com.
To exercise all your privacy rights, send us an email concerning the right you intend to exercise and you will be contacted as soon as possible by the person responsible for data processing and protection, whose name is indicated: Pietro Ricci available at the following email address: firstname.lastname@example.org.
You also have the right to file a complaint with the Privacy Guarantor (www.garanteprivacy.it) according to the provisions of art. 141 and subsequent Legislative Decree 30-6-2003 n. 196 Code regarding the protection of personal data, containing provisions for the adaptation of national legislation to Regulation (EU) n. 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of individuals with regard to the processing of personal data, as well as to the free movement of such data and repealing Directive 95/46 / EC.
Security and retention of your personal data
Security of your personal data
We take the security of your personal data very seriously. We have implemented various strategies, controls, policies and measures to keep your data secure and keep these measures under close review. We protect your data by using encryption techniques and we use other safeguards such as firewalls and password protection. This means that your data is protected and only accessible by co-workers who need it to carry out their job responsibilities. We also ensure that there are strict physical controls in our buildings which restricts access to your personal data to keep it safe.
Retention of your personal data
We undertake to keep your personal data as long as it is necessary to achieve the purposes for which they were collected. Furthermore, we keep personal data if this is required by legal obligations for 10 years. For example, invoices must be kept for 10 years. Furthermore, we keep your personal data up to the expiry of the statute of limitations in order to be able to enforce any existing legal claims.