Privacy and Cookies

Privacy Policy

Privacy policy for the site https://nanaboutique.shop/: Information on the processing of personal data in accordance with the EU Regulation no. 2016/679 (GDPR).

This notice does not apply to other websites that may be accessed through links on the Owner's domain websites, as the Owner is not responsible for third-party websites.

Nanà Boutique di Simona Di Costanzo (hereinafter, the “Owner”), as the data controller, informs you pursuant to art. 13 of Legislative Decree 30.06.2003 n. 196 (hereinafter, the “Privacy Code”) and art. 13 of EU Regulation no. 2016/679 (hereinafter, “GDPR”) that your data will be processed in the following ways and for the following purposes:

1. Data Processing Object

The Owner processes personal, identification, and non-sensitive data (by way of example, but not limited to: name, surname, business name, address, telephone, email – hereinafter, “personal data” or “data”) provided by you when registering on this website (hereinafter, “Site”), participating in opinion and satisfaction surveys, filling in registration forms through the Site, and from online requests.

2. Purpose of Data Processing

Your personal data is processed for the following Service Purposes:

• manage and maintain the Site or allow you access to reserved areas;
• allow you to use the Services you may request;
• respond to online contact chats;
• guarantee access to programs and services;
• provide assistance and consultancy, even remotely;
• process a contact request;
• for general administrative and accounting purposes;
• comply with obligations under law, regulations, EU legislation, or orders from authorities, or upon requests from the Italian or foreign government or the Italian Chamber of Commerce;
• prevent or detect fraudulent or harmful activities for the Site;
• exercise the Owner's rights, for example, the right to exercise a right in judicial proceedings.

3. Processing Method and Data Retention Period

Your personal data is processed through the operations indicated in art. 4 Privacy Code and art. 4 no. 2) GDPR, specifically: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction of data. Your personal data is processed both on paper and electronically and/or automatically, using a website hosted on the data controller's server or external company websites that allow the data controller to provide its services (such as online chat assistance or depositing files for the client providing their email and name for download). The Owner will process the personal data for the time necessary to fulfill the above purposes and in any case for no more than 10 years from the end of the relationship for service purposes and no more than 2 years from data collection for other purposes. In compliance with art. 5, paragraph 1, letter e) of Reg. EU 2016/679, the personal data collected will still be retained in a form that allows the identification of the data subjects for no longer than necessary to achieve the purposes for which the personal data is processed.

4. Security

The Owner has adopted a variety of security measures to protect your data against the risk of loss, misuse, or alteration. Specifically, it has adopted the measures under articles 32-34 of the Privacy Code and article 32 GDPR. Where necessary for more secure communications, it uses data encryption technology established by AES Standards (BCrypt) and protected data transmission protocols known as HL7 and HTTPS.

5. Data Access

Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):

• to employees and collaborators of the Owner, in their capacity as designated persons and/or internal data processors and/or system administrators;
• to third-party companies or other entities (website provider, cloud provider, e-payment service provider, suppliers, hardware and software technicians, shippers and carriers, credit institutions, professional firms, etc.) that perform outsourced activities on behalf of the Owner, in their capacity as data processors.

6. Data Disclosure

Without your express consent (pursuant to art. 24 letters a), b), d) of the Privacy Code and art. 6 letters b) and c) GDPR), the Owner may disclose your data for the purposes referred to in art. 2.A) to Supervisory Bodies and Judicial Authorities, as well as to all other entities to whom disclosure is mandatory by law. It is ensured that your personal data will never be made public on the Owner's website.

7. Data Transfer

The management and storage of personal data will take place in Europe, on servers located in Italy belonging to the Owner and/or third-party companies, appointed and duly nominated as Data Processors for the use of the requested services. The personal data provided may be transferred abroad, inside and outside the European Union, within the limits and conditions set out in articles 44 et seq. of EU Regulation 2016/679, to comply with purposes connected to the transfer itself.

8. Nature of Data Provision and Consequences of Refusal

Providing data for the purposes of art. 2.A) is mandatory. Without it, we cannot guarantee you registration on the Site or the Services of art. 2.A).
You may decide not to provide any data or subsequently deny permission to process data already provided. In any case, you will continue to be entitled to the Services referred to in art. 2.A).

9. Data Subject Rights

As data subjects, you have the rights referred to in art. 7 of the Privacy Code and art. 15 of the GDPR, specifically the rights to:

• obtain confirmation of the existence or otherwise of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
• obtain the following information: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied if processing is carried out with the help of electronic tools; d) the identification details of the data controller, processors, and the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the entities or categories of entities to whom or which the personal data may be communicated or who may learn about them in their capacity as designated representative in the State's territory, data processors, or persons in charge;
• obtain: a) updating, rectification, or, where interested, integration of the data; b) deletion, transformation into anonymous form, or blocking of data processed unlawfully, including data that does not need to be retained for the purposes for which the data was collected or subsequently processed; c) certification that the operations under a) and b) have been notified, also as regards their content, to those to whom the data has been disclosed or distributed, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right being protected;
• oppose, in whole or in part: a) on legitimate grounds to the processing of personal data concerning you, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning you for sending advertising materials or direct selling or for carrying out market research or commercial communication, using automated calling systems without the intervention of an operator via email and/or using traditional marketing methods via phone and/or mail. Please note that the data subject's right to object, set out in the preceding point b), for direct marketing purposes through automated methods also extends to traditional methods, and the data subject may exercise the right to object only in part. Therefore, the data subject may decide to receive only communications through traditional methods or only automated communications, or neither.

Where applicable, you also have the rights under articles 16-21 GDPR (Right to Rectification, Right to Erasure, Right to Restrict Processing, Right to Data Portability, Right to Object), and the right to complain to the Supervisory Authority.

10. Exercising Your Rights

You may exercise your rights at any time by sending an email to nanaboutiquesperone@libero.it

11. Minors

This Site and the Owner's Services are not intended for minors under 18 years of age, and the Owner does not intentionally collect personal information related to minors. If information on minors is unintentionally recorded, the Owner will delete it promptly upon the users' request.

12. Data Controller, Processor, and Representatives

The Data Controller/Processor (pursuant to articles 4, 24, 28 of Reg. EU 2016/679) is Nanà Boutique di Simona Di Costanzo. The updated list of processors and persons responsible for processing is kept at the data controller's headquarters.

13. Changes to This Notice

This notice may be subject to changes. Therefore, it is advisable to check this Notice regularly and refer to the most updated version.

Additional Policies and Agreements

Confidentiality Agreement for All Information Provided by Our Customers and Website Users

The data controller declares, through this document, awareness that following the work relationship with customers and/or free consultations with website users who contact the data controller via email, chat, or other communication channels, they may come into possession of data, information, and general news of a confidential nature and commits to maintaining the strictest confidentiality on what is received, as well as on any other news, confidence, and/or information, in the broadest sense of the term, learned from and/or about the customer or website user.

Copyright of Texts and Content

The graphics, layout, texts, videos, and code of this site may not be replicated, even partially, on other websites, mailing lists, newsletters, paper magazines, and CD-ROMs, without the prior authorization of the data controller, regardless of profit.

Link Policy

Authorization to create links to our site must be requested in writing via email and is considered accepted only with the data controller's explicit written consent. Silence does not imply any authorization. The trademarks mentioned and programs on the site are the exclusive property of their respective owners in compliance with the declared licenses.

Cookies Policy and Statistical Data

What are cookies?

Cookies are small text files that websites visited by users send to their terminals, where they are stored to be retransmitted to the same sites on subsequent visits. Cookies are used for various purposes, have different characteristics, and may be used by the site owner you are visiting or by third parties. Below you will find all the information about cookies installed through this site and the necessary instructions on how to manage your preferences regarding them.

The cookies used by this site fall into three categories: technical cookies that do not require consent, non-technical cookies that require the user's consent, and third-party cookies.

Technical Cookies That Do Not Require Consent

This website uses technical cookies strictly necessary for the site's functionality and service delivery, as well as technical cookies related to preference-saving and site optimization activities. Specifically, technical cookies are used for JavaScript functionality, session cookies that allow the site to connect user actions during a browser session (e.g., navigating from one page to another), enabling faster browsing, and cookies that store the user's preference (cookie consent) and prevent the banner from being displayed again on subsequent visits. All technical cookies do not require consent and are therefore installed automatically upon site access.

Cookies Requiring Consent

All cookies other than the technical ones mentioned above are installed or activated only after the user has expressed consent the first time they visit the site. Consent can be expressed in a general way by interacting with the short information banner on the landing page of the site, according to the methods indicated in the banner (clicking on the OK button or the X button, or continuing to browse, even by scrolling or through a link); or it can be provided or denied in a selective way, as described below. This consent is recorded for future visits. However, the user can always revoke all or part of the previously expressed consent. If the automated system does not work, the user is required to notify the data controller.

Third-Party Cookies

Through this site, cookies managed by third parties are also installed. Below, you will find some indications and a link to the privacy policy and consent form for each one. For all of them, you can express your consent by continuing to browse or closing this window.

Below you will find the name of the third parties that manage them, and for each one, the link to the page where you can get information about the processing and give your consent where required by regulation.

• Social Network Cookies: used for content sharing on social networks
  • YOUTUBE
  • FACEBOOK
  • TWITTER
• Statistics Cookies: Third-party statistical cookies (Google Analytics) are used to manage statistics in anonymous form, without user IP tracking (user data is not profiled at the IP level), with data sharing with the third party.
  • GOOGLE Privacy Policy
  • GOOGLE Cookie Policy
  • For Deactivation

Interaction with Social Networks and External Platforms

Widget: a graphical user interface component of a program, designed to facilitate user interaction with the program. The most commonly used widgets are social network widgets, which allow users to easily open social networks in a separate browser window.

These services allow interaction with social networks or other external platforms directly from the pages of a site. Interactions and information acquired by the site are subject to the privacy settings of the third party that created these technologies. For detailed information on the use of personal data processed when you use these technologies, please visit the websites of the third parties managing these technologies.

Below you will find the references of these third parties, and next to each one, the link to the page where you can receive information about the processing and, where required by law, give or deny your consent:

• Facebook Social Widget
• Twitter Social Widget
• Youtube Social Widget (Google)
• LinkedIn Social Widget

Remember that you can manage your cookie preferences through your browser. If you do not know the type and version of browser you are using, click on “Help” in the browser window at the top to access all the necessary information.

If you know your browser, click on the one you are using to access the cookie management page.

• Internet Explorer
• Google Chrome
• Mozilla Firefox
• Safari