Information for the processing of personal data made pursuant to and for the purposes of Legislative Decree no. 196 of 20 June 2003 and subsequent amendments and supplements, and the EU Regulation 2016/679 (GDPR)

PURPOSE OF THIS DOCUMENT
The following is a list of the methods of processing the personal data of users of the e-commerce website () that may be collected when consulting and browsing the Website.
The information is provided pursuant to art. 13 of Legislative Decree no. 196 of 20 June 2003 and subsequent amendments and supplements - Personal data protection code - and art. 14 et seq. of the EU Regulation 679/2016 (GDPR) to those who interact with web services accessible by electronic means starting from the address info@veschetti.com
The information provided below also follows the guidelines derived from art. 29 of Directive no. 95/46/EC and refers in particular to the acquisition of personal data on the Internet, with the aim of specifying the minimum measures to be implemented in relation to data subjects to guarantee the ethics and legality of these operations.

THE DATA CONTROLLER
After consulting and browsing the www.veschetti.com hereinafter referred to as the WEBSITE, data relating to identified or identifiable persons may be processed.
The Data Controller of their processing is VESCHETTI GIOIELLI S.R.L. with registered office in Corso Magenta 27/ e 25121 BRESCIA BS ITALY , Tax code and VAT no. 02065740173, e-mail info@veschetti.com, hereinafter identified as the "DATA CONTROLLER" or "MANAGER".

SCOPE
The information is provided only for the WEBSITE in question and not for other external websites that may be consulted through links on the WEBSITE's pages, which link to different domains, for which the DATA CONTROLLER is not responsible.

PLACE OF DATA PROCESSING
The processing operations connected to the Web services on the WEBSITE (physically resident on servers connected to the network) are carried out at the headquarters of the DATA CONTROLLER and are carried out only by employees, collaborators or persons in charge of processing, or by persons in charge of non-routine maintenance operations. No data resulting from navigation on the WEBSITE is communicated or disclosed to third parties whose work is not inherent to the management, operation or control of the operations of the WEBSITE itself. The personal data provided by users who request information material are used only to perform the service or provision requested and are communicated to third parties if this is necessary for this purpose except as provided in the chapter "optional data provision".

TYPES OF DATA PROCESSED
Navigation Data
The computer systems and software procedures used to operate the WEBSITE acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes, by way of example only, IP addresses or domain names of computers used by users who connect to the Website, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc..) and other parameters relating to the operating system and computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the WEBSITE and to check its correct functioning. The data may be made available by the DATA CONTROLLER to ascertain responsibility in case of hypothetical computer crimes or other requests authorised by the judicial authorities.
Data voluntarily provided by Website users
The optional, explicit and voluntary sending of e-mail messages to the addresses indicated on the WEBSITE or by filling in purchase order and/or request forms or other guided procedures on the WEBSITE itself, involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered such as telephone numbers or country of origin. Specific summary information will be reported or displayed on the pages of the Website prepared for particular services on request.
For the purposes described in this Policy, personal data of various kinds is collected, including:
- information relating to the contract (name, surname, place and date of birth, nationality, residence/domicile, e-mail address, postal address, telephone number and any other personal data of the data subject) provided during the completion of the forms on the Website, including the registration and creation of an account on the Website;
- information relating to any transaction carried out by the data subject;
- data subject’s user name and password;
- personal data contained in communications sent by the data subject for any reason whatsoever;
- information resulting from proposed surveys;
- payment information (credit card number, expiry date, authorisation number or security code, shipping address and billing address, bank details -IBAN),
- information regarding personal or professional interests, marital status, demographic data and experience of the data subject with the products and contact preferences;
- click-stream data and other information about online activities of the data subject (e.g., information about devices, browsing activities and how to use them), including through the Online Channels and third party websites, obtained through the use of cookies and similar technologies (Cookie Policy);
- information obtained from third party service providers;
- personal data collected by third parties, shared by the data subject on social networks and accessible to the public (e.g. Facebook, Instagram, Twitter, etc.) and/or collected in other publicly accessible databases.
No personal data is knowingly collected or used by anyone who is not of legal age or is considered a minor according to the legislation of his/her country of residence: the User, by registering on the Website and, in any case, when providing his/her data, confirms that he/she has reached the minimum legal age.

VOLUNTARY PROVISION OF DATA
The provision of such data is not mandatory.
The user is free to provide personal data contained in the request forms or indicated in contacts to request information material or other communications. Failure to provide such data may make it impossible to obtain the information requested. For the sake of completeness it should be remembered that, in some cases (not covered by the ordinary management of this Website), the Authority may request news and information pursuant to art. 15 of the EU Regulation 679/2016 (GDPR), for the purposes of controlling the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction.
The communication of the user's personal data (in particular, name and surname, e-mail and postal address, credit/debit card details, bank details and telephone number) is necessary in order to process the purchase order of the products offered for sale on the Website and to fulfil the obligations provided for the laws or regulations in force. The refusal to provide personal data necessary for the pursuance of the above purposes may make it impossible for Veschetti Gioielli SRL to process and accept the order of the products sold on the Website and/or to fulfil the obligations provided for by law and other regulations in force.
It is optional for the user to provide further personal data, other than those necessary for the fulfilment of legal or contractual obligations and the correct consultation of the services that can be provided.
Data which is mandatory and/or essential for the purchase offer of products and/or for the provision of services requested is marked with a special symbol (*) on the website.

USE OF DATA
The use of the user's personnel data is carried out on a legal basis in order to achieve the following purposes:
- the processing is necessary for the execution of a contract or to initiate the necessary and useful operations in connection with the conclusion of a contract (e.g. sales contract), such as, for example, pre-contractual measures taken, including: - the execution of transactions and supplies of products and services; - the processing and execution of orders related to products and services; - information and assistance to the data subject;
- the processing is necessary for the fulfilment of legal obligations and/or judicial and/or administrative measures;
- the processing falls within the legitimate interests of the Data Controller, in his/her capacity as a business operator, such as:
- interest in the use of personal data of customers and users of the Website in order to carry out, evaluate, develop and improve commercial and promotional activities (including the performance of marketing activities) including current and potential customers and Website users;
- interest in exercising and/or defending a right before a court of law or out of court and/or administrative authorities, and in reducing the risk of defaults and managing credit recoveries; before a court of law or out of court
- interest in sending promotional material and other communications, including contacting the data subject by e-mail, post, telephone and other means, to organise and manage special events, contests, programmes, offers, surveys and market research;
- interest in preventing and avoiding fraud and other illegal activities, as well as in respecting and complying with current legal requirements;
- the processing is based on the prior and explicit consent of the data subject, for example in the case of personalised marketing activities.

DISCLOSURE OF PERSONAL DATA
The Data Controller may disclose personal data to its affiliated company or to its suppliers who contribute to providing services, processing transactions, responding to requests for information, receiving and sending communications, updating marketing lists, analysing data, providing assistance or performing other necessary and related activities.
You will be asked for your explicit consent before sharing your personal data, for marketing purposes, with any third party company other than the above mentioned subjects.
The personal data will be accessible to authorised personnel of Veschetti Gioielli SRL and service providers operating on its behalf, in case of need. It may be necessary to transfer personal data to third countries in which Veschetti Gioielli SRL operates; some of these countries are subject to the decision of the European Commission on the adequacy of data protection, while others, such as the USA, are not. In order to ensure that the protection of your personal data complies with applicable laws, such transfer outside your country of residence or the European Economic Area (EEA) will be made in compliance with the EU Type Clauses, the EU-US or CH-US Privacy Shield Agreement, the Clauses binding on companies belonging to the same Group or other legal mechanisms.
Personal Data may be shared with third parties in case of enhancement, restructuring and/or other operations that may result in the sale and/or transfer for any reason, in whole or in part, of the company of the data controller. STORAGE OF PERSONAL DATA
Personal data will be kept for the period necessary for the purposes for which it was collected and, generally, for five years after the end of the relationship or the last contact with the data subject, unless otherwise required by applicable law. Under specific circumstances, personal data may be kept for a longer period, if required by legal, tax and financial requirements, or, in compliance with applicable law, to keep an accurate record of transactions in the event of complaints or appeals. SECURITY - PROCESSING METHOD
Specific security measures are observed to prevent the accidental loss of data, their alteration and/or disclosure, illicit or incorrect use and unauthorised access in compliance with minimum security measures.
For the best possible protection of personal data, the data subject must use a protected device (for example, equipped with an effective updated antivirus system) and its Internet provider must adopt appropriate measures for the security of data transmission over the network (for example, firewalls and spam filters).
In order to provide a complete service, the WEBSITE may contain links to other websites, not managed by this DATA HOLDER, who shall be held responsible for errors, content, cookies, publications of illicit moral content, advertising, banners or files that do not comply with the regulations in force and the respect of the EU Regulation no. 679/2016 by the above-mentioned websites.
While adopting reasonable protection measures, it is not possible to ensure that the personal data communicated cannot be violated: by using the Website, the User accepts the possible implications on the security of data inherent in online business transactions, releasing Veschetti Gioielli SRL from any liability through no fault of its own.

COOKIES
Cookies are short text files that are downloaded to your device when you visit a website and allow the WEBSITE to recognise your device. They have various purposes such as, for example, enabling you to browse efficiently between pages, remembering your favourite websites and generally improving your browsing experience.
Depending on the function and purpose of use, cookies may be divided into technical cookies, profiling cookies or third party cookies. For more information on the cookies used by the WEBSITE see the chapters below.

RIGHTS OF THE DATA SUBJECT
The subjects to whom the personal data refers have the right at any time to obtain confirmation of the existence or otherwise of such data and to know its content and origin, verify its accuracy or request its integration or updating, or correction (art.15 of Legislative Decree no. 679/2016). According to the same article you have the right to request cancellation, transformation into anonymous form or blocking of data processed unlawfully, and to oppose, for legitimate reasons, their handling. In any case, the User is free at all times to withdraw the consents given, by sending an informal communication stating this to the DATA CONTROLLER using the contact details provided at the start of this document.
In particular, the data subject is entitled:
- to be informed of the existence of data processing operations concerning him/her, to obtain access to and a copy of the data, their origin and the recipients to whom the data has been or will be communicated;
- to ask the data controller to correct or delete the personal data or to limit the processing of personal data concerning him/her or to oppose its processing;
- to obtain from the data controller the rectification of inaccurate personal data concerning him/her without undue delay and the integration of incomplete personal data, including by providing a supplementary statement;
- to revoke the consent given at any time, without prejudice to the lawfulness of the processing based on the consent acquired before the revocation, pursuant to art. 7, par. 3 of EU Regulation no. 679/2016: the revocation may make it impossible for the Data Controller to execute the contract and/or provide the service and to pursue the above mentioned purposes;
- to obtain the immediate deletion of their personal data if consent has been revoked, if it is no longer necessary for the purposes for which it was collected or otherwise processed or if the legal basis for the processing has ceased to exist; if it has been processed unlawfully or if this obligation is imposed by law or judicial authorities, pursuant to art. 17 of EU Regulation no. 679/2016; 
The User has the right.
- to obtain the limitation of the processing of data concerning him/her if: the data subject contests its accuracy; the processing is unlawful and the data subject opposes the deletion of the personal data and requests that its use be limited; although the data controller no longer needs them for the purposes of processing, the personal data is necessary for the data subject to ascertain, exercise or defend a right in court; the data subject has opposed the processing pursuant to Article 21, paragraph 1, of EU Regulation no. 679/2016/2016 pending verification as to whether the legitimate reasons of the data controller take precedence over those of the data subject;
- to request the portability of his/her data and, therefore, to receive all his/her personal data in a structured format, of current use and readable by automatic device and to request its transfer to another data controller pursuant to art. 20 of EU Regulation no. 679/2016;
- to object at any time, for reasons related to his particular situation, to the processing of personal data concerning him/her pursuant to Article 6, paragraph 1, letters e) or f) of EU Regulation no. 679/2016, unless there are legitimate reasons for the Controller to continue processing;
- where personal data is processed for direct marketing purposes, to object at any time to the processing of personal data concerning him/her carried out for such purposes, including profiling in so far as it is related to such direct marketing;
The data subject may exercise the above rights by sending a request by e-mail to the e-mail address …….. , if he/she considers that the processing of his/her personal data is carried out in violation of the legislation in force, he/she has the right to lodge a complaint with the supervisory authority.

CHANGES TO THIS PRIVACY POLICY
The DATA CONTROLLER reserves the right to update this Privacy Policy at any time in order to adapt it to the law in force and to improve it, also taking into account the suggestions made by customers, collaborators and users.

COOKIES

DATA CONTROLLER

The Website www.veschetti.com is owned by Veschetti Gioielli SRL with registered office in Italy, Brescia, Corso Magenta n.27/E, Tax Code/VAT no.02065740173 (hereinafter also "Owner") and this information is provided in accordance with the provisions of Legislative Decree no. 196./03 (Privacy Code), EU Regulation 2016/679 of 27 April 2016 (on the protection of individuals with regard to the processing of personal data) and the Italian Personal Data Protection Authority measure dated 8 May 2014 "Simplified procedures for information and consent concerning the use of cookies". Pursuant to Art. 13 of the Privacy Code, Veschetti Gioielli SRL, as Data Controller, operates in compliance with the provisions of the relevant legislation.

ACCEPTANCE METHODS
As specified in the summary information given in the banner, the User can give his/her consent to the use of cookies in a simplified form as follows: clicking on the "OK" button; closing the banner using the "X" button; browsing and/or scrolling through the page and/or clicking on any element of the contents on the Website pages.
Please note that continuing to browse on exiting this cookie policy in the absence of a specific different choice of consent management, represents the provision of consent to the use of all cookies.

WHAT IS A COOKIE
Cookies are short text files that are downloaded to your device when you visit a website. On each subsequent visit, cookies are redirected to the website where they originated from (first-party cookies) or to another website that recognises them (third-party cookies). Cookies are useful because they allow a website to recognise your device. They have various purposes such as, for example, to enable you to browse efficiently between pages, remember your favourite websites and, in general, improve your browsing experience. Depending on the function and purpose of use, cookies can be divided into technical cookies, profiling cookies, third party cookies, etc.

TECHNICAL COOKIES
The purpose of technical cookies is to enable functions without which it would not be possible to make full use of the WEBSITE. These cookies allow the operation of multi-step procedures (several successive pages, such as a contact request), to keep track of the user's choices about the content of the WEBSITE to be displayed and the features to enable or disable. A cookie of this type is also used to store your decision on the use of cookies on our website. Essential cookies cannot be disabled using Website features. Technical cookies also include those used to statistically analyse accesses or visits to the Website, also known as "analytics", which are exclusively for statistical purposes and collect information in aggregate form without being able to trace the identification of the individual user. Cookies analytics may also be third party cookies (Google Analytics) for which reference is made, for further details, to the privacy of the respective owner ...

PROFILING COOKIE
The purpose of profiling cookies is to improve the WEBSITE user experience by suggesting content similar to the preferences expressed by the user while browsing, based on the content displayed and other behaviour parameters. You may choose to disable the use of individual WEBSITE cookies through the appropriate options on your browser. In this case, some features of the WEBSITE may not be available.

THIRD PARTY COOKIES
The WEBSITE uses some external features or contains some external links in order to improve the integration with commonly used third party websites and the sociality of the WEBSITE itself (e.g. Facebook, Google sharing buttons, etc.). These features and links may result in the use of third party cookies for which you may refer to the specific privacy policy posted on individual websites.

DISABLING COOKIES ON THE MOST COMMON BROWSERS
You can disable cookies using the options provided by your browser. The following are some examples of the most popular browsers

Internet Explorer

- Select Tools from the menu bar
- Click on Internet Options
- Click on the General tab, which is located under "Browsing History" and click on "Delete".

Firefox
- Select Tools from the menu bar
- Click Options
- Click on the Privacy tab
- Click "Delete Now"
- Select "Cookies”
- Click "Delete personal data now".

Google Chrome
- Click the wrench icon in the top right corner of your browser
- Click on "Options"
- Click on "Geek stuff"...
- Click the "Content Settings" button in the Privacy section
- Click the "Clear browsing data" button

Safari
- Go to the Safari menu (icon in the top right corner of your browser) and select Preferences
- In the pop-up window that opens, select the Security icon (in the form of a padlock)
- Under "Accept Cookies", select the "Never" button.