In accordance with Regulation (EU) 2016/679 (hereinafter referred to as "Regulation" or "GDPR"), this policy describes how the personal data of users who consult Tip Tap S.r.l.'s website available electronically at the following address www.dlsport.it are processed. This information does not concern other sites, pages or online services that can be reached through hypertext links published on the site referring to resources outside the domain of Tip Tap S.r.l..
Following consultation of the site at the above address, data relating to identified or identifiable natural persons may be processed. The Data Controller is Tip Tap S.r.l., via Marche 19/21/23, Monte San Pietrangeli 63815 FM - Italy - firstname.lastname@example.org - C.F./P.IVA: IT 01635820440
TYPE OF PROCESSING CARRIED OUT IN THE PORTAL
Personal data will be processed for the following purposes:
- Consultation of Digital Catalogue
- Registration on the Portal for the purchase of goods, also through Facebook
- Personal Profile Management
- Electronic Shopping Cart Management for Goods Purchase
- Administrative Management, Taxation, Logistics, Purchase Guarantee
- PayPal electronic payments management
- Order History Management
- Management of Communications with the Virtual Shop (Internal Messaging), email reception
- Newsletter subscription
- Consultation and Active Participation in the Company Blog
LEGAL BASES OF THE TREATMENT
Tip Tap S.r.l. (hereinafter "Data Controller") processes the user's personal data on the basis of the following legitimacy criteria:
Pre-contractual or contractual conditions in the actions of registration to the E-Commerce Portal, management of each phase of the sale (shopping cart, purchase, payment, invoicing, shipping, etc.).
The legitimate interest of the Data Controller to guarantee the use of web services to the users, to check the correct functioning of the offered services and to respond to specific requests of the retailers/end customers through the contacts reported on the website and/or the contact form.
The fulfilment of legal obligations or the need to provide navigation information required by a judicial authority, or for the management of the product warranty.
The express consent of the customer to subscribe to the company newsletter and blog, to personalize the customer experience and improve the services offered, including through the collection of specific cookies.
TYPES OF DATA PROCESSED AND PURPOSES OF PROCESSING
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of the computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment.
This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
It is also permitted to visit the Site anonymously. In this case, the Data Controller will not be able to recognise the user, therefore some of the advantages deriving from the use of the Site may not be available.
This data, necessary for the use of web services, may be processed for the purpose of:
obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);
evaluate the use of the Site and its content;
check the correct functioning of the services offered (e.g. not exhaustive in order to correctly and punctually fulfil all obligations deriving from the law or regulations in force).
Data communicated by the user
The optional, explicit and voluntary registration to the Web Portal, the sending of messages to the contact addresses of the Data Controller involve the acquisition of personal data such as name, sender's contact, contact details, profile images (in case of fast registration through Facebook), tax code and further information necessary to meet the customer's requests according to the purposes described above.
Any partial or total failure to provide the data by the visitor to the Site will make it partially or totally impossible to achieve the purposes, for which the data is provided to the Data Controller, and described in this policy and therefore the impossibility of following up any requests made through the Site.
Cookies and other tracking systems
With regard to the installation of cookies by this site, please refer to the following paragraph Cookies Policy.
HOW WE PROCESS DATA
The personal data provided, collected and made available by the Data Controller will be processed by electronic and non-electronic means.
WHERE WE PROCESS DATA
The processing operations connected to the web services of this site take place at the aforesaid registered office of the Data Controller or at third parties appointed as data processors and are carried out only by technical personnel responsible for or in charge of the processing, or by persons in charge of occasional maintenance operations.
The data will be kept by the Data Controller for the period strictly necessary to guarantee the correct delivery of the services purchased, except for the need to keep the data for a longer period in compliance with the applicable regulations, including accounting regulations.
The data will cease to be actively processed within 12 months from the last use of the service or from the closure of the user account, unless any legal obligations (e.g. sales invoices) oblige the Data Controller to keep such data for a longer period.
Once this period has elapsed, the data will be transformed into an anonymous form, so it will not be possible, even indirectly, to identify the persons concerned.
RECIPIENTS OF DATA
To perform the activity online, the Data Controller needs to use third parties to host the applications, communicate with customers, manage e-mails, etc.. This collaboration takes place with the best players on the market who provide this type of service. The Data Controller may transfer personal data, possibly collected through the Site, in other countries, including outside the European Union, to subsidiaries, associated companies, as well as to external service companies, even if only for technical-informatics reasons. Data are shared with them only when necessary to ensure the maximum functionality of our services and in compliance with security measures and good practices in accordance with the provisions of Article 44 et seq. of the GDPR.
Personal data may also be communicated to:
- internal staff responsible for the management of orders registered on the E-commerce Portal;
- persons (including Public Authorities) who have access to personal data by virtue of regulatory or administrative measures;
- third parties or Internet providers in charge of managing the Portal, also for sending documentation and/or information material (e.g. newsletters);
- public and/or private subjects, natural and/or legal persons (Judicial Offices, Chambers of Commerce, Chambers and Labour Offices, etc.), if the communication is necessary or functional to the correct fulfilment of the obligations deriving from the law;
- External subjects in charge of the management of collections (Paypal for example);
- External subjects responsible for the shipment of the purchased goods.
RIGHTS OF THE DATA SUBJECTS
The user has the right to ask the Data Controller, compatibly with the processing needs indicated in this information notice, for access to his/her personal data and the rectification or cancellation of the same or the limitation of the processing of data concerning him/her. The user also has the right to object to the processing, as well as the right to withdraw consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal, in addition to the right to data portability.
Any requests may be sent to email@example.com, or to the postal address indicated at the end of this notice. Furthermore, the user has the right to lodge a complaint with the Italian Control Authority: Autorità Garante per la protezione dei dati personali (firstname.lastname@example.org, email@example.com).
UPDATE OF THIS POLICY
Last update 14 September 2020