PRIVACY POLICY

Welcome to the ISUIT website.

At ISUIT we are committed to protecting and respecting your privacy. This notice describes what personal data we collect, how we will use those data, and how we keep your data safe. If you reside in a country that is part of the European Union (hereinafter “EU”) and/or the European Economic Area (hereinafter “EEA”), you will find references to EU Regulation within the text of this Policy. If you are a California resident, please refer to the California Consumer Privacy Act Addendum at the bottom of this Policy. If you are a Nevada resident, please refer to Nevada Privacy Law Addendum. For additional information on how we use cookies please refer to our Cookie Policy. For all other information regarding our services, please see our Terms & Conditions.

If you have a question that is not answered here, or if you would like more information about how we collect, use and store your personal data, you can contact us at any time by emailing privacy@isuit.it, calling +39 (0) 81 8111648, or writing to the Privacy Team at PORCAMO S.R.L., Via Roma 300/A 81031 Aversa (CE), REA: CE – 287262, CF: 03961970617 (hereinafter also referred as the “Company”).

In this Privacy Policy we will cover:

  • Who is the data controller?
  • What personal data do we collect?
  • How do we use this personal data?
  • What is our legal basis for processing your personal data?
  • Who will process your data?
  • How long do we keep your personal data?
  • To Whom we disclose your data
  • How the transfer of data to non-EU countries is regulated
  • Your rights under GDPR Regulation 
  • Security measures
  • Complaints
  • Changes to this notice
  • CCPA Addendum
  • Nevada Privacy Law Addendum

Who is the data controller?

Under the data protection law, the data controller is responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected. In compliance with art. 13 decree 196/03 (Privacy Act- Italy) and the General Data Protection Regulation UE 2016 / 679, the data controller for any personal information we hold about you is PORCAMO S.R.L., Via Roma 300/A 81031 Aversa (CE), REA: ce – 287262, CF: 03961970617.

Should you have any queries about our use of your personal data, please email privacy@isuit.it, call +39 (0) 81 8111648, or write to our Privacy Team at PORCAMO S.R.L..

What personal data do we collect?

We collect your personal data when you place an order, call our Customer Care team, sign up for our marketing communications, engage with us on our social media platforms, browse our website or use the other services offered by our website (www.isuit.it). The data we collect includes details you provide to us, such as your given name and surname and your shipping and billing addresses. When you visit our website, we (or our third-party service providers) may collect information about your use of the website, such as your internet service provider’s address, your location as determined by your Internet Protocol (“IP”) address, the name of the website or advertisement directing you, your user agent, as well as your clicks and activity on our website. We use this data to:

  • Take your orders, process your payments, and deliver the items you have purchased;
  • Provide any additional services you have requested, such as our marketing communications;
  • Give you access to services reserved for registered users, such as Wish Lists and product alerts;
  • Provide you with help and assistance via our Customer Care team;
  • Make our website more available and user-friendly to our customers;
  • Personalize your visit to the website and ensure that content from our website is presented in the most effective manner for you and for your computer.

We do not serve interest-based advertising to users we identify as using our website from EU IP addresses. Under the GDPR- Regulation (EU) 2016/679, we must have a valid legal basis to process your data. In most instances, we will process your data because we have a contract with you e.g. to deliver your purchases or to provide you with other services you have requested. We will also use your personal data to send you sales and marketing communications that we believe may be of interest to you if we have your explicit consent for this activity, or if you are an existing customer whom we have a legitimate interest in communicating with you. You can opt-out of sales and marketing communications from us at any time.

How do we use the personal data we collect?

We collect and process your personal data for the following purposes:

  • When you purchase a product from www.isuit.it, we ask you for the personal data necessary to allow us to fulfill our contract with you including taking payment, any related anti-fraud checks if you choose to pay by credit/debit card, billing, shipping, and delivery of the product, and possible handling of the return.
  • When you visit www.isuit.it, we will collect the minimum personal data necessary to allow us to provide you with the services of the website, such as placing and holding items in your shopping bag.
  • When you visit www.isuit.it, we will use some data about your use of the website to help us improve the website and our promotion of the website. This will include data about how you came to the website; the date and time of your visit; products you viewed or searched for; page response times, download errors, length of visits to certain pages, and page interaction data (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
  • We also collect data about your use of www.isuit.it by using cookies. More information about how we use cookies and how you can, if you wish, turn off cookies is included in our Cookie Policy.
  • When you register on www.isuit.it, we will collect the data necessary to ensure that we can recognize you on return visits and provide you with the services registration offers, such as creating a Wish List or subscribing to emails about your favorite designers. If you would prefer not to continue receiving these emails, you can unsubscribe at any time using the link at the bottom of the email, or by contacting our Customer Care team.
  • When you sign up for our marketing communications, we will ask you for your email address. If you would prefer not to receive these emails, you can unsubscribe at any time using the link at the bottom of the email, or by contacting our Customer Care team.
  • If you have purchased from www.isuit.it, we will use the personal data we hold about you, including your purchase history, to contact you regarding products and services that may be of interest to you. This contact will normally be via email, but in certain circumstances, we may contact you via other methods e.g. we may call you if an item we know you have been eager to purchase comes back into stock, or send you instant messages (via SMS or Whatsapp). If you would prefer not to be contacted in this way, you can unsubscribe from emails at any time using the link at the bottom of the email, or update your contact preferences on www.isuit.it or by contacting our Customer Care team.
  • We analyze contact data, purchase history, web browsing data, and lifestyle data to tailor our marketing communications, website presentation, and internet advertising to meet your preferences. For example, if you have been browsing or have previously purchased a particular shoe designer, we may send you an email to tell you that these are now on sale or display similar products to you as part of our internet advertising.
  • When you contact our Customer Care team, we will use the personal data you provide and that we have collected to respond to your requests for help or information.
  • When you use the App version of our website, we will collect data regarding your use of the App
  • We will use the contact information that you provide to deliver service messages such as any change to our Terms and Conditions or Privacy Policy, delivery updates, or other non-marketing communications.
  • Finally, we may supplement your profile with information of statistical nature that we lawfully obtain from other sources: this could be related to where you live (e.g. demographic information, geo-referencing data, etc.) or what type/model of electronic device you are using to interact with us.

What is our legal basis for processing your personal data?

If you are a resident of the EU or EEA, we note that we are processing your information in order to fulfill contracts we might have with you (for example if you submit an order through the website), or otherwise to pursue our legitimate business interests listed above. In any case, we will always gather your consent before pursuing any purpose different from the contract’s obligations fulfillment.  

Who will process your data?

Your personal data will be processed by PORCAMO S.R.L., as the Data Controller, whose contact details are listed above.

How long do we keep your data?

We will not retain your personal data for longer than is necessary to fulfill the purposes for which you provided that personal data, unless the law permits or requires that we retain it for longer. The retention period varies depending on the purpose of the processing. You can request that we delete your personal information at any time by sending an email to email privacy@isuit.it. For details about your rights to deletion under California law, please see the section below titled “California Consumer Privacy Act Addendum”.

We may retain your information after you request such deletion, for longer periods and for specific purposes, to the extent that we are obliged to do so in accordance with applicable laws and regulations, and/or where necessary to protect our legal rights for certain business requirements. For example, when we process your payments, we will retain billing information for longer periods of time as required for tax or accounting purposes. See below for specific reasons we would retain some of your data for longer periods of time:

  • Security, fraud & abuse prevention – to protect you, other people, and us from fraud, abuse, and unauthorized access.
  • Financial record-keeping – when you make a payment to us, we are often required to retain this information for a longer period of time for purposes of accounting, dispute resolution, and compliance with tax, anti-money laundering, and other financial regulations (information relating to your purchases will be stored for processing for no longer than___years/months from the date of collection).
  • Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process, or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.
  • Direct communication with us – if you have directly communicated with us, through a customer support channel, feedback or bug report, we may retain reasonable records of those communications (in any case, for no longer than 12 months, from the date of collection).

 

To Whom we disclose your data

We never share your personal information with other companies for marketing purposes. For administrative purposes, we may transmit your data to technical service providers chosen for their expertise and reliability who act on our behalf and according to our instructions (IT subcontractor, host of our servers, etc.). We only allow these service providers to use your data to the extent necessary to perform services on our behalf or to comply with legal requirements and we endeavor to ensure that your data are protected at all times. A full list of our third-party service providers would be made available to you upon sending a written request to privacy@isuit.it

How the transfer of your data to non-EU countries is regulated

Some of our third-party service providers may be located in countries outside the European Union or the European Economic Area. In case of transfer of your data to foreign countries that do not guarantee the same level of data protection as the EU, we will make sure that the transfer is carried out in compliance with applicable laws, meaning collecting your previous consent where necessary, or through the adoption of any other measure to ensure an equivalent level of protection of transferred data, including the execution of standard contractual clauses in accordance with the European Commission template, introduced by European Commission Decision 2010/87/CE (https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1728496).

Your rights under GDPR Regulation (EU, EEA, and UK)

Any organization offering goods or services to a resident of an EEA (European Economic Area) country is subject to GDPR - Regulation (EU) 2016/679. If you are a resident of an EEA country (or the UK), you have the right to 

  • access the Data to request the amendment or cancelation of the Data, 
  • request that data processing be limited, 
  • object to our use of your Data, and 
  • request that a copy of your Data is sent to you.

 

Rights of the interested party

Right of access

You have the right to obtain confirmation as to whether your personal data is being processed or not. If it is, you have the right to access your personal data and receive the information contained in this Privacy Policy.

 

Right of amendment

You have the right to obtain – without undue delay – the amendment of any incorrect personal data regarding you.

 

Right of cancellation

You have the right to obtain – without undue delay – the cancellation of personal data regarding you for any of the following reasons:

  1. a) the personal data is no longer necessary as per the purposes for which they were collected or processed;
  2. b) you have revoked your consent to data processing and there are no other legal grounds for data processing;
  3. c) you have opposed data processing and there is no other legitimate motive to proceed to data processing;
  4. d) your personal data has been processed unlawfully;
  5. e) your personal data must be deleted to comply with a legal obligation.

 

Right to limit data processing

You have the right to obtain the limitation of data processing in the following scenarios:

  1. a) if you inform us that your personal data is incorrect, we will limit data processing for the period needed for the data controller to check your personal data;
  2. b) if data processing is illegal and you oppose the deletion of your personal data and instead request that its use be limited;
  3. c) even though the data controller no longer needs your personal data for data processing purposes, your personal data may still be needed to check, exercise, or defend a right in a legal proceeding;
  4. d) if you have opposed data processing and are awaiting verification we have legitimate reasons for this.

 

Right of opposition

You have the right to oppose – at any time – the processing of your personal data for direct marketing purposes, including any profiling activities linked to marketing.

 

Right to data portability

You have the right to obtain a copy of the personal data we have regarding you in a well-structured, intuitive format that can be viewed on an automatic device. You also have the right to pass this data to another data controller without the consent of the data controller that supplied you with it, in the event that:

  1. a) data processing is based on consent or a contract; and
  2. b) data processing is carried out using automated means.

You have the right to obtain the direct transfer of your personal data to another data controller, provided this is technically possible and only by request.

You can exercise these rights at any time by emailing the Data Controller at privacy@isuit.it 

If there is reasonable doubt about the identity of the interested party, proof of identity may be requested.

 

Security measures

We protect your personal data with specific technical and organizational security measures aimed at preventing your personal data from being used illegitimately or fraudulently.

In particular, we use security measures that guarantee: pseudonymization or encryption of your data; the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them; the ability to restore data in the event of a data breach. Furthermore, PORCAMO S.R.L. undertakes to test, verify and regularly evaluate the effectiveness of technical and organizational measures in order to guarantee continuous improvement in the safety of processing.

Complaints

If your rights under GDPR Regulation have been subject to delay, limitation, or exclusion by the Data Controller, you can file a complaint with the competent supervisory authority or directly contact the authority at the following address:

Garante per la Protezione dei Dati Personali [Personal Data Protection Authority]

Piazza di Montecitorio n. 121

00186 Rome

Italy

Fax: (+39) 06.69677.3785

Tel: (+39) 06.696771

Email: garante@gpdp.it

Certified email address: protocollo@pec.gpdp.it

 

Changes to this notice

We keep our Privacy Policy under regular review in order to reflect changes in our services and in privacy regulations. This Privacy Policy was last updated on May 6, 2022

 

***

 

California Consumer Privacy Act (CCPA) Addendum

Your CCPA rights are described below. You can make a “Request to Know” or a “Request to Delete” under CCPA by submitting this form.

 

Request to Know

You have the right to request the following information about the personal data we have collected about you in the past 12 months:

  • the categories and specific pieces of personal information we have collected about you;
  • the categories of sources from which we collected the personal information;
  • the business or commercial purpose for which we collect personal information;
  • the categories of third parties with whom we share the information; and
  • the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.

If you make a request more than twice in a 12-month period, you may be required to pay a small fee for this service.

 

Request to Delete

You have the right to request that we delete any personal information about you that you have provided to us. We will delete any personal information that is not necessary for our normal business operations from our records and direct all of our service providers to do the same. We consider information to be necessary for our business operations if it is used to:

  • provide goods or services to you
  • detect and resolve issues related to security or functionality
  • comply with legal obligations

Right to Opt-Out

You have the right to opt-out of the sale of your personal information. We do not sell any information that identifies you, such as your name or contact information. However, we use ad networks to serve interest-based ads to our website’s visitors. To do this, we allow ad networks to collect information about your electronic activity while on our websites (such as what product you view or add to your cart). They do this through third-party cookies and similar tracking technologies placed on our websites. We use this information to advertise to you after you leave our websites. If you do not want us to provide this information to our advertisers, you may opt out by following this link

 

Right to Non-Discrimination

If you exercise your CCPA consumer rights:

  • We will not deny goods or services to you
  • We will not charge you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties
  • We will not provide a different level or quality of goods or services to you

Request Verification

Before we can respond to any CCPA requests, we will need to verify that you are who you say you are. Verification is important for preventing fraudulent requests and identifying theft. The verification process depends on which type of request you make and how you make it. Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you that is associated with your name. If we cannot verify your identity, we cannot fulfill your CCPA request.

In some cases, we may have no reasonable method by which we can verify a consumer’s identity. For example, if a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request; if the only data we have collected about a consumer is gathered through website cookies (i.e., the consumer has visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.

 

Authorized Agent

A California resident’s authorized agent may submit a Request to Know or a Request to Delete under the CCPA. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request according to the process described above. An authorized agent that has the power of attorney pursuant to California Probate Code section 4000 to 4465 must submit proof of statutory power of attorney, but consumer verification is not required.

 

***

 

Nevada Privacy Law Addendum

Under Nevada privacy law, Nevada residents have a right to submit a verified request directing certain operators of Internet websites and online services not to sell their personal information, as “sell” is defined in Nevada law. We do not sell the personal information of Nevada residents. If you have any questions regarding our data privacy practices, please contact privacy@isuit.it