1. GENERAL INFORMATION
Via the Website, ROIDULAC may collect personal data, particularly that which is entered when creating an account on our Website, or when subscribing to our newsletter or to the “Fashion Show” or “e-shop opening” Alerts. Any personal information which you transmit to ROIDULAC for the use of certain services is subject to the provisions of the Personal Data Protection Act (Law no. 78-17 of January 6, 1978 on Information Technology and Civil Liberties as amended by the Law of August 6, 2004 and, as of May 25 2018, to European Data Protection Regulation 2016/679 of April 27, 2016 and any national law supplementing it).
2. YOUR RIGHTS
You have a right to access, rectify, limit, remove, and transfer your personal information, as well as the possibility to oppose the processing of such data for legitimate reasons or at any time when opposing the use of your data for commercial purposes, as well as to provide us instructions on the fate of your data after your death, which you can exercise at any time:
• For the newsletter Fashion Show and e-shop opening alerts: either within your account under the “Personal Data” section, or by using the unsubscribe link in each electronic newsletter you receive.
• In all cases: by an e-mail to the ROIDULAC Customer Service at email@example.com or by letter to:
Service Clients ROIDULAC
“Protection des données personnelles ROIDULAC”
Piazza de'Massimi 2, 00186 Roma, Italy
Such requests must always be sent via mail or e-mail signed by the author sending the request and be accompanied by a photocopy of an identity document bearing the signature of the person exercising his/her right.
You also have the right to lodge a complaint at a competent supervisory authority.
3. OUR COMPANY’S MANAGEMENT OF PERSONAL DATA
3.1 Means of collecting data
When you register on the Website, we collect personal data through the form available in the “Create an account” insert. We will ask you to enter your title, first name, last name, e-mail address, and IP address (or UDID of your mobile phone, as the case may be), which are needed for processing. In addition, we may ask you to provide us with optional information, such as your product and service preferences.
Unless otherwise indicated, the fields indicated are mandatory, as they are essential in order to meet your requests. Mandatory fields will be indicated as such verbally at the time of their collection. If you do not fill out these mandatory fields, we will not be able to meet your requests.
When you decide to contact Customer Service through the Website tools provided by ROIDULAC such as automatic callback or instant messaging with one of our advisors, we will use the information you have already entered on the Website, in particular the information linked to a customer account creation (as defined above), in order provide you with personalized service and to effectively meet your requests.
Finally, when you request to view pages on the Website, ROIDULAC’s servers will automatically recognize your computer’s IP address (the number that identifies each computer connected to the Internet. The IP address follows the form: XXX.XXX.XXX.XXX) or the UDID of your mobile phone (the number that identifies the telephone model connected to the Internet. The UDID is composed of forty characters).
3.2 Purposes of personal data collection
ROIDULAC processes your personal data through its Website. This data is strictly required for the following purposes:
• Managing client/prospect relationships
• Managing your newsletter subscriptions and cancellations
• Managing your Fashion Show and e-shop opening alerts subscriptions and cancellations
• Compiling anonymous statistics on visits to our Website
• Enabling access to certain features on our Website
• Subject to your prior agreement, informing you of information about our company and its activity, products, and/or services, and commercial prospection messages
• Managing visitors’ opinions on products, services, or content
• Conducting surveys and polls, with your agreement.
The information we collect for these purposes, and which is essential for meeting your requests (mainly your first name, last name, mailing addresses, e-mail addresses, and telephone number) is indicated as mandatory or marked with an asterisk on data collection forms, and is processed either in order to allow ROIDULAC to execute its agreement with you or because you agreed to its use for some of the purposes above, or to provide you with better service. We cannot meet your requests if you do not complete these mandatory fields. We also collect, subject to your consent, your geolocation data in order to locate your nearest point of sale when you connect to the ROIDULAC mobile application.
3.3 Data storage
The maximum period that data is stored is the duration required for the purposes for which it was collected:
• Managing your newsletter and Fashion-Show alert subscriptions: we keep your data for as long as your subscription is effective. As soon as we receive your subscription cancellation request, we delete the data we kept in order to send your newsletters and alerts.
• Managing prospects: three (3) years as of the latest contact with the prospect
• Geolocation data: two (2) months
3.4 Data recipients
Your personal information is sent to ROIDULAC.
Personal data collected through the Website can be sent to partner companies in order to allow for, in particular, data processing for the purposes mentioned above, and to manage marketing operations organized by ROIDULAC. Your personal data is sent to the ROIDULAC departments that concern your requests. Please note that the information you provide on the Website may be transferred to countries that are located outside the European Economic Area. ROIDULAC may also transfer the information you provide on the Website to its subsidiaries, some of which are located outside of the European Economic Area. The same applies as far as Internet platform maintenance operations are concerned, which are carried out by a third-party company. These transfers are protected by data transfer contracts with the recipients based on the standard clauses adopted by the European Commission, in order to ensure that all transferred personal data benefits from an adequate level of protection, pursuant to the Personal Data Protection Act, and that appropriate technical and organizational security measures have been implemented to protect personal data against accidental or unlawful destruction, accidental loss, alteration, disclosure, unauthorized access, and all other forms unlawful processing. In any case, ROIDULAC only discloses your personal data to a third party if:
• You have previously agreed to share this information, or
• ROIDULAC has to share this information with third parties in order to provide you with the service you have requested, or
• ROIDULAC is ordered to disclose this information by a judicial authority or any other administrative authority.
3.5 Data Security and Confidentiality
ROIDULAC has striven to implement all necessary safeguards in order to protect the confidentiality and security of the personal data processed, and to prevent it from being distorted, damaged, destroyed, or unauthorized third parties from having access to it. Technical and organizational security measures that satisfy industry standards, in particular regarding information systems, have been installed. Nevertheless, ROIDULAC cannot not control all the risks associated with the functioning of the Internet and draws visitors’ attention to any risks inherent to the use and functioning of the Internet.
You must therefore enter a personal password when creating your account, as this procedure is part of our personal data protection Policy. This password must be composed of at least 8 characters of 3 different types: lowercase letters, uppercase letters, and numbers. We take the protection and security of our information systems very seriously. Tools have been implemented to enable us to detect any security vulnerabilities. These tools may require our security teams to have occasional access to personal data. This data will be collected and processed exclusively for the purposes of managing these vulnerabilities in compliance with the applicable legislation on personal data protection.
Version of May 10, 2018