Privacy Policy

(Notice on the processing of personal data pursuant to Article 13 of Italian Legislative Decree no. 196/2003 and Regulation EU 679/2016)

As Data Controller pursuant to Italian Legislative Decree no. 196/2003 (hereinafter "Code") and Regulation EU 679/2016 (hereinafter "Regulation"), the Brunello and Federica Cucinelli Foundation (hereinafter "Foundation" or "Data Controller") considers privacy and the protection of personal data to be one of its primary objectives. Therefore, before disclosing any personal data to the Data Controller we invite you to carefully read this Privacy Policy because it contains important information on the protection of your personal data.

This Privacy Policy:

Is understood to be for the website www.solomeo.it (henceforth "Website').

Is an integral part of the Website and the services offered.

Is provided pursuant to article 13 of the Code, as well as article 13 of the Regulation, to those who interact with the web services of the Website.

The processing of your personal data shall be based on the principles of propriety, lawfulness, transparency, limitation of purpose and storage, minimization and accuracy, integrity and confidentiality, as well as on the principle of accountability pursuant to article 5 of the Regulation. Your personal data shall therefore be processed in accordance with the legal provisions of the Regulation and the confidentiality obligations set out therein.

By "processing” of personal data we mean any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

CONTENTS

Below is the table of contents of this Privacy Policy so that you can easily find the information concerning the processing of your personal data that is of interest to you.

1. DATA CONTROLLER
2. PERSONAL DATA PROCESSED; Browsing data; Cookies
3. PURPOSES OF THE PROCESSING
4. LEGAL BASIS AND COMPULSORY OR OPTIONAL NATURE OF THE PROCESSING
5. RECIPIENTS OF THE PERSONAL DATA
6. TRANSFERS OF PERSONAL DATA
7. STORAGE OF PERSONAL DATA
8. RIGHTS OF THE DATA SUBJECT
9. AMENDMENTS
10. CONTACTS

1. DATA CONTROLLER AND DATA PROTECTION OFFICER

The data controller is the Brunello and Federica Cucinelli Foundation with registered office in Via Giovine Italia, 06073, Solomeo, Municipality of Corciano (PG, Italy), enrolled in the Register of Legal Persons of the Prefecture of Perugia, general part no. 1172, detail no. 1173.

2. PERSONAL DATA PROCESSED

We inform you that the personal data being processed may consist of an identifier such as a name, an identification number, location data, an online identifier or one or more elements that are characteristic of your physical, physiological, mental, economic, cultural or social identity which are capable of making you identified or identifiable, depending on the type of services requested (hereinafter only "personal data"). The personal data processed through the Website are as follows:

1. Browsing data
   During their normal operation, the computer systems and software procedures used to operate the Website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. It is information that is not collected to be associated with identified interested parties, but by its very nature could allow users to be identified through processing and association with data held by third parties. This category of data includes IP addresses or domain names of the computers used by users connecting to the Website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment.

1. Cookies
   Information on the cookies served by the Website is available here.

3. PURPOSES OF THE PROCESSING

Your personal data will be processed for the following purposes:

3.1. To allow you to browse the Website and to provide the services made available by the Data Controller, including the management of the Website's security.
3.2. To fulfil any obligations envisaged by current laws, regulations or Community legislation, or to comply with requests from the authorities.
3.3. For the processing of statistics, without it being possible to trace your identity.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

4. LEGAL BASIS AND COMPULSORY OR OPTIONAL NATURE OF THE PROCESSING

The legal basis for the processing of personal data for the purposes referred to in section 3.1 is article 6(1)(b) of the Regulation (“processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract”), as the processing is necessary for the provision of services. The legal basis for the processing of personal data for the purposes referred to in section 3.2 is, on the other hand, is article 6(1)(c) of the Regulation (“processing is necessary for compliance with a legal obligation to which the controller is subject”). The provision of personal data for these purposes is optional, but failure to do so will make it impossible to provide the services requested. Note, however, that the processing referred to in section 3.3 is not performed on personal data and can therefore be freely carried out by the Controller.

5. RECIPIENTS OF THE PERSONAL DATA

Your personal data may be shared for the purposes set out in section 3 of this Privacy Policy with:
5.1. Parties that typically act as data processors pursuant to articles 29 of the Code and 28 of the Regulations, i.e., parties that cooperate with the Data Controller for the pursuit of the above purposes, including parties delegated to perform technical maintenance (collectively "Recipients").
5.2. Parties, entities or authorities that it is mandatory to disclose your personal data to by virtue of provisions of law or orders of the authorities.
5.3. Parties authorized by the Data Controller pursuant to articles 30 of the Code and 29 of the Regulation to process personal data necessary to perform activities closely related to the provision of the services, which are committed to confidentiality or have an appropriate legal obligation of confidentiality. The updated list of the parties that may process your personal data as data processors is available by sending a written request to the Data Controller at the addresses specified in the "Contacts" section of this policy.

6. TRANSFERS OF PERSONAL DATA

Some of your personal data may be shared with recipients outside the European Economic Area. The Data Controller ensures that the processing of your personal data by these Recipients is done in compliance with articles 43 and 44 of the Code, as well as articles 44 to 49 of the Regulation. Further information is available by sending a written request to the Data Controller at the addresses specified in the "Contact" section of this policy.

7. STORAGE OF PERSONAL DATA

Personal data processed for the purposes set out in section 3.1 shall be kept for the time strictly necessary to achieve those purposes. In any case, since the processing is carried out for the provision of the services, the Data Controller shall keep the personal data for the period of time envisaged and permitted by Italian law to protect its interests (article 2946 of the Italian Civil Code as amended).
Personal data processed for the purposes referred to in section 3.2 shall be kept for as long as required by the specific obligation or applicable regulation.
Further information on the data retention period and the criteria used to determine this period may be requested by sending a written request to the Data Controller at the addresses specified in the "Contact" section of this policy.
In any case, this is without prejudice to the possibility for the Controller to retain your personal data for the period of time envisaged and permitted by Italian law to protect its interests (article 2947(1)(3) of the Italian Civil Code).

8. RIGHTS OF THE DATA SUBJECT

Pursuant to article 7 of the Code, you have the right at any time to obtain confirmation of the existence or otherwise of your personal data and to know their content and origin, verify their accuracy or request their completion or updating, or their correction. You have the right to request their erasure, transformation into anonymous form or blocking of data processed in violation of the law, and in any case to oppose their processing for legitimate reasons. As of 25 May 2018, you also have the right to request access to your data, to object to their processing, to request the restriction of their processing in the cases envisaged by article 18 of the Regulation where technically possible, and to receive your data in a structured, commonly used and machine-readable format in the cases envisaged by article 20 of the Regulation. Such requests must be addressed in writing to the Data Controller at the addresses specified in the "Contact" section of this policy. In any case you always have the right to lodge a complaint with the competent supervisory authority (Personal Data Protection Authority) pursuant to art. 77 of the Regulation if you believe that the processing of your data is being done contrary to current law.

9. AMENDMENTS

The Data Controller reserves the right to partially or completely modify or simply update the content of this document, including in light of changes to applicable laws. The Data Controller therefore invites you to visit this section on a regular basis in order to become familiar with the most recent and up-to-date version of the Privacy Policy, so that you can always be up to date with the data collected and the use made thereof by the Foundation.

10. CONTACTS

To exercise the above rights or for any other request you may write to the Data Controller at the postal address specified above or to the email address fondazione@fondazionecucinelli.it, preferably with the words "request to exercise privacy rights" in the subject line.