Privacy policy
WHY THIS INFORMATION
Pursuant to Legislative Decree 196/2003 and Regulation (EU) 2016/679 (hereinafter "Regulation"), this page describes the methods of processing the personal data of users who consult the website of GMP Sas by Tupputi Mauro & C. accessible electronically at the following address: https://www.lafilledesfleurs.it
We inform the user that following consultation of this site, data relating to identified or identifiable persons may be processed.
This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on the site.
Identity of the Data Controller
The data controller is GMP Sas di Tupputi Mauro & C., with registered office in Barletta (BT), via Trani n. 187 - postal code 76121, (Email: amministrazione@gmpoffice.com, PEC: gmpsas@pec.it )
Source of data and type of data collected
- Data provided by the User
The Data Controller collects personal data provided by users:
- when purchasing a product/service offered. The data collected by the Data Controller may include, by way of example and not limited to: personal data, contact data, location data, corporate and financial information; information relating to your creditworthiness, payment information, your VAT number.
- when creating an account/registration on the Data collected by the Data Controller may include, by way of example and not limited to: personal data, contact data.
- when sending a message using the addresses and/or contact forms on the site. The optional and voluntary sending of messages to the contact addresses, as well as the compilation and forwarding of the forms on the site, involve the acquisition of the sender's contact data necessary to provide feedback, as well as all the personal data included in the
The data provided will be used with IT and telematic tools for the sole purpose of providing the requested service.
2) Navigation data
The Owner collects data relating to the use of the website by the user. This information is acquired by the computer systems and software procedures responsible for the operation of the online portal, during their normal operation. Furthermore, the transmission of the same is connected and inherent to the use of Internet communication protocols.
This category of data includes the IP addresses or domain names of the computers and terminals used by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and the user's IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
- obtain statistical information on the use of services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.);
- check the correct functioning of the services
The navigation data do not persist for more than seven days and are deleted immediately after their aggregation (except for any need for the investigation of crimes by the judicial authority).
3) Cookies and other tracking systems
In order to make its services as efficient and simple to use as possible, this site uses cookies.
Therefore, when you visit the Site, a minimal amount of information is placed on your device, such as small text files called "cookies", which are saved in the directory of your web browser. There are different types of cookies, but essentially the main purpose of a cookie is to make the Site work more effectively and to enable certain features.
For more information on the cookies used by this website, you can view the cookie policy below
link .
Purpose of the processing
Depending on the type of processing to be carried out, the Data Controller uses the data collected and/or provided by the User for the following purposes:
- process and fulfill orders, manage payments, communicate with you about your order, manage any returns, provide customer support and allow product collection. They will also be used to acquire pre-contractual data and information; exchange information aimed at the execution of the contractual relationship, including pre- and post-contractual activities; formulate requests or process requests received; manage accounting and tax obligations;
- carry out the preliminary and subsequent activities to the request for registration/creation of the User Account, as well as for the fulfillment of any other resulting obligation;
- provide feedback to any communications, requests for information and/or services from users by sending a message using the addresses and/or contact forms on the site;
- manage and control risks, prevent possible fraud, insolvency or default; prevent and manage possible disputes, take legal action if necessary.
Legal basis of the processing
In reference to the purposes indicated in the previous paragraph, the legal basis of the same is, in relation to the point:
- the need to execute a contract of which the interested party is a party or pre-contractual measures adopted at the request of the interested party;
- the need to execute a contract of which the interested party is a party or pre-contractual measures adopted at the request of the interested party;
- the need to execute a contract of which the interested party is a party or pre-contractual measures adopted at the request of the interested party;
- the need to pursue the legitimate interest of the data controller (in particular with regard to the prevention of fraud and insolvency).
Recipients of the data
The personal data processed by the Data Controller are not disclosed, i.e. they are not disclosed to indeterminate subjects, in any possible form, including that of making them available or simple consultation.
They may, however, be communicated to workers who work for the Data Controller, or to subjects authorized to process as they operate under the authority of the Data Controller. On the basis of the roles and work tasks performed, these workers have been entitled to process personal data, taking into account their respective skills and in accordance with the instructions given to them by the Data Controller.
The Owner has appointed third party service providers in relation to the operation of the website, such as hosting service providers, service providers relating to the Siro Web, IT maintenance service providers, as well as service providers that allow integration into the site Web of other functions that the user can use at his discretion.
These service providers, designated as Data Controllers, are provided only with the personal data necessary to provide the corresponding services and are not allowed to use or disclose the personal data of the interested parties for other purposes, without prior authorization from the interested party. .
The data may also be communicated, as strictly necessary, to subjects who, for the purpose of processing orders or other requests or providing services relating to the transaction or contractual relationship with the Data Controller, must supply goods and/or perform on behalf of of the Owner performances or services.
Finally, the data may be communicated to subjects entitled to access it pursuant to legal provisions, regulations and community regulations.
Data transfer
Under no circumstances will the Data Controller transfer personal data to third countries or to international organisations.
However, we reserve the right to use cloud services. In which case, the service providers will be selected among those who provide adequate guarantees, as required by the art. 46 of EU Regulation 2016/679.
Data retention
The Data Controller stores and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, the personal data will be stored and not further processed for the time established by current civil and tax provisions.
In the case of data provided for commercial promotion purposes for services other than those already acquired by the interested party, for which he initially gave consent, these will be kept for 24 months, unless the consent given is revoked.
The data collected when creating an account will be kept for the entire duration of your registration and in any case no longer than a maximum period of 12 (twelve) months of inactivity, or if, within this period, no Services and/or Services are associated. or purchased products via the same registry.
It should also be added that, in the event that a user provides the Data Controller with unsolicited or unnecessary personal data for the purpose of carrying out the requested service or for the provision of a service strictly connected to it,
GMP Sas by Tupputi Mauro & C. cannot be considered the owner of these data, and will delete them as soon as possible.
Rights of the interested party
In relation to the data subject to the processing referred to in this information, the interested party is granted the right at any time to:
- ask the Data Controller for access to your personal data and information relating to them (art. 15 of the GDPR); the rectification of inaccurate data or the integration of incomplete data (art. 16 of the GDPR); the deletion of personal data concerning you (upon the occurrence of one of the conditions indicated in art. 17, par. 1 of the GDPR and in compliance with the exceptions provided for in paragraph 3 of the same article); the limitation of the processing of your personal data (in the event of one of the hypotheses indicated in art. 18, par. 1 of the GDPR);
- request and obtain from the Data Controller - in the cases in which the legal basis of the processing is the contract or consent, and the same is carried out by automated means - your personal data in a structured and machine-readable format, also for the purpose of communicating such data to another data controller (so-called right to portability of personal data - 20 of the GDPR);
- object at any time to the processing of your personal data in the event of particular situations concerning you (art. 21 of the GDPR);
The specific request is presented by contacting the Data Controller via PEC at the address gmpsas@pec.it, email to the address
amministrazione@gmpoffice.com or registered letter with return receipt to the address Barletta (BT), via Trani n. 187 - cap 76121.. The interested party, if he believes that the processing of his data is in violation of the provisions of the Regulation, can lodge a complaint with a supervisory authority (Authority for the protection of personal data - www.garanteprivacy.it ), as required by art. 77 of the GDPR, or take action in the appropriate judicial offices (art. 79 of the GDPR).
Refusal to provide data
In the event that the interested party does not provide his/her data identified as necessary for the execution of the requested service, the Data Controller will not be able to carry out the processing related to the management of the aforementioned service, nor the obligations that depend on it.
In the event that the interested party does not provide consent to the processing of personal data for the activities that require it, said processing will not take place for the same purposes without this having effects on the provision of the other services requested, nor for those for which he has already given his consent. In the event that the interested party has given consent and subsequently revokes it or opposes the processing, his/her data will no longer be processed.
for these activities, without this leading to consequences or prejudicial effects for the interested party and for any other services requested.
Automated decision-making processes
The Data Controller does not carry out processing consisting of automated decision-making processes on the data of natural persons.
“In order to offer you Klarna's payment methods, we may pass your personal data to Klarna at checkout in the form of contact details and order details, so that Klarna can assess your suitability for its payment methods and customize those payment methods. Your personal data transferred is treated in line with Klarna's privacy policy. ”