Table of Contents
The personal data provided directly by the user in the pages of the website that can be reached at the address simbashopping.com at the time of registration and subsequently for the use of the services provided from time to time by the online store will be treated in compliance with the provisions of the Decree Legislative Decree 196/2003 on the protection of personal data (“Privacy Code”) and following the entry into force of EU Regulation no. 679/2016 (“GDPR”) in accordance with the provisions of art. 13 of the aforementioned European Regulation.
informs the user of the following:
Processing of personal data means any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, even if not recorded in a data bank, such as collection, registration, organization, structuring, storage, processing, selection, blocking, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, comparison or interconnection, limitation, cancellation or destruction.
1.OWNER OF THE PROCESSING
The owner of the processing of personal data pursuant to art. 26 is SIMBA SRL S.U. with registered office in Corso Buenos Aires, 79 – 20124 Milan (MI). VAT IT02476130188. Telephone: +39 0382 968152, mail: firstname.lastname@example.org and PEC: email@example.com.
2.TYPES OF DATA PROCESSED, PURPOSE OF THE PROCESSING AND LEGAL BASIS
The user’s personal data, freely communicated and acquired by reason of the activity carried out by SIMBA SRL SU, will be processed lawfully and fairly.
The following types of users’ personal data may be processed:
a) Navigation data
The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used only to obtain anonymous statistical information on the use of the Site and to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site or third parties: except for this eventuality, the data on web contacts do not persist for more than seven days
b) For the simbashopping.com site, the personal data provided voluntarily by the user
The personal data provided freely and voluntarily by the users of this site concern respectively:
- necessary for the conclusion of e-commerce transactions, in the context of online purchases. The payment management services allow this site to process payments by credit card or PayPal. The data used for payment are acquired directly by the manager of the requested payment service without being in any way treated by the company (eg PayPal is a payment service provided by PayPal Inc., which allows the user to make payments online using the own PayPal credentials).
- those inserted in the forms present in some sections of the site (eg: the “Contacts” section), or sent via e-mail messages to the e-mail addresses indicated on the Website, or, the data entered for the purposes of registration to the website, to the extent necessary to respond to user requests.
- those included in the evaluation form of the purchase experience in the “My Account” section or the evaluation form received by e-mail following the purchase through CUSTOMER REVIEWS LTD (terms and conditions)
Personal data provided freely and voluntarily by users is collected and processed for the following purposes:
– supply of products requested by the user and management of related payments;
– site registration;
– reply to requests for information;
– statistical purposes;
The legal basis of the processing for the aforementioned purposes is represented not only by the need to execute the contract of which the user is a party or for the response to his requests, also by the need to fulfill the legal obligations to which the Company is subject .
Regarding the statistical purposes, the data will be processed anonymously and in aggregate form.
The user can create his own account on the simbashopping.com site by entering his personal data (including name, surname, telephone number, e-mail address). The user can update his personal profile at any time, modify and delete his data through the personal area of his account.
4.METHOD OF DATA PROCESSING
The data will be processed in compliance with the necessary security and confidentiality, through the following methods: collection of data from the interested party, collected and recorded for specific, explicit and legitimate purposes and used in further processing operations in terms compatible with those purposes, processing carried out with the aid of electronic and automated tools (data collection via data transmission, directly from the interested party).
5.LEGITIMATE INTERESTS CARRIED OUT BY THE DATA CONTROLLER
The legitimate interests pursued by the Data Controller in the processing of data are given by having to respect and honor the contractual obligations signed between the parties. According to the art. 6 the lawfulness of the processing is based on the consent expressly expressed by the interested party, documented in written form.
6.COMMUNICATION OF DATA AND RECIPIENTS OF PERSONAL DATA
Your personal data may be communicated to certain subjects, appointed by the Data Controller to provide services that are instrumental or necessary for the performance of obligations connected with the registration to the simbashopping.com website and online purchase, within the limits and in accordance with the instructions imparted. In particular, the data may be disclosed to:
- persons, companies or professional offices, who provide assistance, advice or collaboration to the Holders in accounting, administrative, legal, tax and financial matters;
- subjects delegated and / or appointed by SIMBA SRL SU to carry out activities or part of the activities related to the supply of sales services, such as the logistics center responsible for packaging the products purchased by the user; the carriers in charge of delivering the purchased products; and any other external collaborator to whom the communication is necessary for the correct fulfillment of the obligations assumed by SIMBA SRL SU in relation to the contract for the supply of its services;
- to Public Administrations for the performance of institutional functions within the limits established by law or regulation.
7.METHOD OF PROCESSING
The data is collected electronically and processed by means of registration, consultation, communication, storage, cancellation, carried out mainly with the aid of electronic tools, ensuring the use of suitable measures for the security of the processed data and guaranteeing confidentiality. of the same.
The user data, stored on electronic media, are kept and stored on a server owned by Provider Mantainer: Server Plan S.r.l. Reseller and hosting company: Stt S.r.l. . In particular, the Data Controller declares that the data recorded on the server are protected against the risk of intrusion and unauthorized access and that they have also adopted appropriate security measures to guarantee the integrity and availability of data as well as the protection of areas and premises relevant for their custody and accessibility.
The co-owners guarantee the maximum level of security in the management of user data. The credit card information is stored only in encrypted format and according to the security requirements of the PCI certification. The owner does not have access to confidential information relating to credit cards, which will be processed by intermediaries and card issuers in compliance with the Privacy Code.
8.RIGHTS OF THE INTERESTED PARTY
The user (hereinafter also “interested”), pursuant to the provisions of art. 7 Privacy Code and art. 15 GDPR, is entitled to:
- obtain confirmation of the existence or not of personal data concerning him, even if not yet recorded, and their communication in intelligible form;
- obtain the indication: a) of the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the aid of electronic instruments; d) of the identification data concerning the data controller, data processors and the representative designated pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or appointees;
- obtain: a) updating, rectification or, when interested, integration of data; b) the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including data which does not need to be kept for the purposes for which the data was collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the event that such fulfillment occurs it proves impossible or involves a manifestly disproportionate use of resources with respect to the protected right;
- object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of collection; b) to the processing of personal data concerning him for the purpose of sending advertising materials or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and / or through traditional marketing methods by telephone and / or mail. It should be noted that the right of opposition of the interested party for direct marketing purposes through automated methods extends to the traditional ones and that the possibility remains open for the interested party to exercise the right to object even in part. Therefore, the interested party may decide to receive only communications using traditional methods or only automated communications or none of the two types of communication;
- ask the Data Controller to access personal data (art. 15 GDPR), the correction (art. 16 GDPR) or the cancellation (art. 17 GDPR) of the same, the limitation of the processing or to oppose their treatment (art. 18 GDPR );
- the external portability of their data processed in an automated form where applicable;
- to withdraw the consent at any time without jeopardizing the lawfulness of the processing based on the consent given before the revocation;
- make a complaint to the Guarantor Authority for the protection of personal data;
To exercise the aforementioned rights, as well as to receive information relating to the subjects to whom the data is stored or to whom the data is communicated or to the subjects who, in their capacity as managers or appointees, may become aware of your data, may contact the Owner by sending a request to the following e-mail address firstname.lastname@example.org.
9.DURATION OF THE TREATMENT AND PERIOD OF STORAGE OF THE DATA
The processing of personal data with reference to the purposes referred to in section 2, will have a duration equal to that required for the execution of the services requested, to which will be added the additional period of time prescribed by law in compliance with civil, fiscal and current tax law.
10.INTENTION OF DATA CONTROLLER TO TRANSFER PERSONAL DATA
The management and storage of personal data will take place on servers located within the European Union. Currently the servers are located in Italy. The data will not be transferred outside the European Union.
In compliance with the obligations established by the European Regulation for the protection of personal data n. 679/2016, GDPR, and by the Privacy Authority Provision no. 229 of 08 May 2014 with this letter we intend to inform you that Simba Srl S.U. (hereinafter simbashopping.com), as Data Controller, uses technical cookies and third-party cookies to improve the delivery of its services and its browsing experience through the pages of the website www.simbashopping.com.
While browsing our company website, you will be able to receive on your computer (or mobile device) technical cookies of simbashopping.com and cookies of other parties (c.d. “third parties) through which some of your personal data may be collected and processed.
WHAT IS A COOKIE?
“Cookies” are small text files that are sent by a website and stored on a user’s browser during browsing in order to then be re-transmitted to the same sites on subsequent visits by the same user.
Based on its duration, a cookie can be classified as “Temporary Session” or “Permanent”.
“Temporary Session” Cookies remain active only during navigation and are automatically deleted at the end of the session when the browser is closed.
“Permanent” Cookies are not canceled at the end of the session and remain active until their expiration date or cancellation by the user.
Cookies, which are usually present in your browser in very large numbers and can be used for different purposes depending on their type.
WHICH COOKIES DO WE USE?
Technical cookies can be divided into browsing or session cookies, which guarantee the normal navigation and use of the Site (allowing, for example, to coordinate the modules that make up the pages of the Site or to correlate the pages visited to the same work session) and analytics cookies, similar to technical cookies only if used for the purpose of optimizing the Site directly by the site manager (so-called first-party analytical cookies) that can collect aggregate information on the number of users and how they visit the Site ( for example, to create statistics of the most visited pages, to collect the aggregated data of visits by operating system, by browser, etc.).
The use of session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) and of software usage data necessary to allow a safe and efficient exploration of the site: the variables (so-called cookies) of session may avoid the use of IT techniques potentially prejudicial to the privacy of users’ browsing and do not allow the acquisition of personal identification data of the user. Session cookies are not stored permanently on the user’s device, but are recorded locally for periods of time based on session variables (the values of which can be deleted on the device’s hard disk; it is also possible to disable them). cookies following the instructions provided by the main browsers).
Third-party cookies are set by a website other than the one the user is visiting and reside on servers other than the one of the site visited (eg: Google, Google ads, Facebook).
Therefore, the use of data collected by these external operators through cookies is subject to the respective privacy policies.
On the site there are cookies for:
- Remarketing and behavioral targeting
AdWords Remarketing (Google Inc.)
Remarketing with Google Analytics for display advertising (Google Inc.)
Facebook Remarketing (Facebook, Inc.)
Google Analytics (Google Inc.)
Google Analytics with anonymized IP (Google Inc.)
- Live chat platforms
Zendesk Chat widget
- Interaction with external social networks and platforms
Like button and Facebook social widgets (Facebook, Inc.)
Tweet button and Twitter social widgets (Twitter, Inc.)
+1 button and Google+ social widgets (Google Inc.)
“Pin it” button and Pinterest social widgets (Pinterest)
HOW CAN I DISABLE COOKIES?
Most browsers are configured to accept, control or possibly disable cookies through the settings. Please note, however, that the disabling, even partial, of technical cookies could compromise the functioning of the Website and / or limit its functionality.
The disabling of third-party cookies, on the other hand, does not affect browsing in any way.
For more information about third-party profiling cookies installed on your browser and to learn how to disable them, please visit the following website: www.youronlinechoices.com/it/
At any time you can refuse to accept our cookies. website simply by selecting, on its browser, the settings that allow you to reject them. Information on the procedures to follow to disable cookies can be found on the website of your browser provider or through the “help” tools available in your browser’s guide.
In any case, you can always delete cookies from your PC’s hard drive at any time.
Last update: January, 2021