PRIVACY POLICY
Welcome to the ISUIT website.
At ISUIT we are committed to protecting and respecting your privacy. This notice describes what personal data we collect, how we will use those data, and how we keep your data safe. If you reside in a country that is part of the European Union (hereinafter “EU”) and/or the European Economic Area (hereinafter “EEA”), you will find references to EU Regulation within the text of this Policy. If you are a California resident, please refer to the California Consumer Privacy Act Addendum at the bottom of this Policy. If you are a Nevada resident, please refer to Nevada Privacy Law Addendum. For additional information on how we use cookies please refer to our Cookie Policy. For all other information regarding our services, please see our Terms & Conditions.
If you have a question that is not answered here, or if you would like more information about how we collect, use and store your personal data, you can contact us at any time by emailing privacy@isuit.it, calling +39 (0) 81 8111648, or writing to the Privacy Team at PORCAMO S.R.L., Via Roma 300/A 81031 Aversa (CE), REA: CE – 287262, CF: 03961970617 (hereinafter also referred as the “Company”).
In this Privacy Policy we will cover:
Who is the data controller?
Under the data protection law, the data controller is responsible for ensuring that your data is held securely, that you are given accurate information about how your data is used, and that your rights regarding your data are respected. In compliance with art. 13 decree 196/03 (Privacy Act- Italy) and the General Data Protection Regulation UE 2016 / 679, the data controller for any personal information we hold about you is PORCAMO S.R.L., Via Roma 300/A 81031 Aversa (CE), REA: ce – 287262, CF: 03961970617.
Should you have any queries about our use of your personal data, please email privacy@isuit.it, call +39 (0) 81 8111648, or write to our Privacy Team at PORCAMO S.R.L..
What personal data do we collect?
We collect your personal data when you place an order, call our Customer Care team, sign up for our marketing communications, engage with us on our social media platforms, browse our website or use the other services offered by our website (www.isuit.it). The data we collect includes details you provide to us, such as your given name and surname and your shipping and billing addresses. When you visit our website, we (or our third-party service providers) may collect information about your use of the website, such as your internet service provider’s address, your location as determined by your Internet Protocol (“IP”) address, the name of the website or advertisement directing you, your user agent, as well as your clicks and activity on our website. We use this data to:
We do not serve interest-based advertising to users we identify as using our website from EU IP addresses. Under the GDPR- Regulation (EU) 2016/679, we must have a valid legal basis to process your data. In most instances, we will process your data because we have a contract with you e.g. to deliver your purchases or to provide you with other services you have requested. We will also use your personal data to send you sales and marketing communications that we believe may be of interest to you if we have your explicit consent for this activity, or if you are an existing customer whom we have a legitimate interest in communicating with you. You can opt-out of sales and marketing communications from us at any time.
How do we use the personal data we collect?
We collect and process your personal data for the following purposes:
What is our legal basis for processing your personal data?
If you are a resident of the EU or EEA, we note that we are processing your information in order to fulfill contracts we might have with you (for example if you submit an order through the website), or otherwise to pursue our legitimate business interests listed above. In any case, we will always gather your consent before pursuing any purpose different from the contract’s obligations fulfillment.
Who will process your data?
Your personal data will be processed by PORCAMO S.R.L., as the Data Controller, whose contact details are listed above.
How long do we keep your data?
We will not retain your personal data for longer than is necessary to fulfill the purposes for which you provided that personal data, unless the law permits or requires that we retain it for longer. The retention period varies depending on the purpose of the processing. You can request that we delete your personal information at any time by sending an email to email privacy@isuit.it. For details about your rights to deletion under California law, please see the section below titled “California Consumer Privacy Act Addendum”.
We may retain your information after you request such deletion, for longer periods and for specific purposes, to the extent that we are obliged to do so in accordance with applicable laws and regulations, and/or where necessary to protect our legal rights for certain business requirements. For example, when we process your payments, we will retain billing information for longer periods of time as required for tax or accounting purposes. See below for specific reasons we would retain some of your data for longer periods of time:
To Whom we disclose your data
We never share your personal information with other companies for marketing purposes. For administrative purposes, we may transmit your data to technical service providers chosen for their expertise and reliability who act on our behalf and according to our instructions (IT subcontractor, host of our servers, etc.). We only allow these service providers to use your data to the extent necessary to perform services on our behalf or to comply with legal requirements and we endeavor to ensure that your data are protected at all times. A full list of our third-party service providers would be made available to you upon sending a written request to privacy@isuit.it
How the transfer of your data to non-EU countries is regulated
Some of our third-party service providers may be located in countries outside the European Union or the European Economic Area. In case of transfer of your data to foreign countries that do not guarantee the same level of data protection as the EU, we will make sure that the transfer is carried out in compliance with applicable laws, meaning collecting your previous consent where necessary, or through the adoption of any other measure to ensure an equivalent level of protection of transferred data, including the execution of standard contractual clauses in accordance with the European Commission template, introduced by European Commission Decision 2010/87/CE (https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1728496).
Your rights under GDPR Regulation (EU, EEA, and UK)
Any organization offering goods or services to a resident of an EEA (European Economic Area) country is subject to GDPR - Regulation (EU) 2016/679. If you are a resident of an EEA country (or the UK), you have the right to
Rights of the interested party
Right of access
You have the right to obtain confirmation as to whether your personal data is being processed or not. If it is, you have the right to access your personal data and receive the information contained in this Privacy Policy.
Right of amendment
You have the right to obtain – without undue delay – the amendment of any incorrect personal data regarding you.
Right of cancellation
You have the right to obtain – without undue delay – the cancellation of personal data regarding you for any of the following reasons:
Right to limit data processing
You have the right to obtain the limitation of data processing in the following scenarios:
Right of opposition
You have the right to oppose – at any time – the processing of your personal data for direct marketing purposes, including any profiling activities linked to marketing.
Right to data portability
You have the right to obtain a copy of the personal data we have regarding you in a well-structured, intuitive format that can be viewed on an automatic device. You also have the right to pass this data to another data controller without the consent of the data controller that supplied you with it, in the event that:
You have the right to obtain the direct transfer of your personal data to another data controller, provided this is technically possible and only by request.
You can exercise these rights at any time by emailing the Data Controller at privacy@isuit.it
If there is reasonable doubt about the identity of the interested party, proof of identity may be requested.
Security measures
We protect your personal data with specific technical and organizational security measures aimed at preventing your personal data from being used illegitimately or fraudulently.
In particular, we use security measures that guarantee: pseudonymization or encryption of your data; the confidentiality, integrity, and availability of your data as well as the resilience of the systems and services that process them; the ability to restore data in the event of a data breach. Furthermore, PORCAMO S.R.L. undertakes to test, verify and regularly evaluate the effectiveness of technical and organizational measures in order to guarantee continuous improvement in the safety of processing.
Complaints
If your rights under GDPR Regulation have been subject to delay, limitation, or exclusion by the Data Controller, you can file a complaint with the competent supervisory authority or directly contact the authority at the following address:
Garante per la Protezione dei Dati Personali [Personal Data Protection Authority]
Piazza di Montecitorio n. 121
00186 Rome
Italy
Fax: (+39) 06.69677.3785
Tel: (+39) 06.696771
Email: garante@gpdp.it
Certified email address: protocollo@pec.gpdp.it
Changes to this notice
We keep our Privacy Policy under regular review in order to reflect changes in our services and in privacy regulations. This Privacy Policy was last updated on May 6, 2022
***
California Consumer Privacy Act (CCPA) Addendum
Your CCPA rights are described below. You can make a “Request to Know” or a “Request to Delete” under CCPA by submitting this form.
Request to Know
You have the right to request the following information about the personal data we have collected about you in the past 12 months:
If you make a request more than twice in a 12-month period, you may be required to pay a small fee for this service.
Request to Delete
You have the right to request that we delete any personal information about you that you have provided to us. We will delete any personal information that is not necessary for our normal business operations from our records and direct all of our service providers to do the same. We consider information to be necessary for our business operations if it is used to:
Right to Opt-Out
You have the right to opt-out of the sale of your personal information. We do not sell any information that identifies you, such as your name or contact information. However, we use ad networks to serve interest-based ads to our website’s visitors. To do this, we allow ad networks to collect information about your electronic activity while on our websites (such as what product you view or add to your cart). They do this through third-party cookies and similar tracking technologies placed on our websites. We use this information to advertise to you after you leave our websites. If you do not want us to provide this information to our advertisers, you may opt out by following this link
Right to Non-Discrimination
If you exercise your CCPA consumer rights:
Request Verification
Before we can respond to any CCPA requests, we will need to verify that you are who you say you are. Verification is important for preventing fraudulent requests and identifying theft. The verification process depends on which type of request you make and how you make it. Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you that is associated with your name. If we cannot verify your identity, we cannot fulfill your CCPA request.
In some cases, we may have no reasonable method by which we can verify a consumer’s identity. For example, if a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request; if the only data we have collected about a consumer is gathered through website cookies (i.e., the consumer has visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.
Authorized Agent
A California resident’s authorized agent may submit a Request to Know or a Request to Delete under the CCPA. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request according to the process described above. An authorized agent that has the power of attorney pursuant to California Probate Code section 4000 to 4465 must submit proof of statutory power of attorney, but consumer verification is not required.
***
Nevada Privacy Law Addendum
Under Nevada privacy law, Nevada residents have a right to submit a verified request directing certain operators of Internet websites and online services not to sell their personal information, as “sell” is defined in Nevada law. We do not sell the personal information of Nevada residents. If you have any questions regarding our data privacy practices, please contact privacy@isuit.it