Statement on the processing of personal data
Date updated: 22/07/2019
In compliance with the regulations for privacy, we would like to provide you with some information on how personal data processing is carried out when browsing the website www.sisley.com (herein after the “Site”), by our company, Benetton Group S.r.l. (herein after also simply referred to as Sisley), as owner of the web site and data controller.
1. Data Controller
Your personal data will be processed by the following companies (hereinafter "Data Controller” or also “Sisley”) as joint data controllers:- Benetton Group S.r.l., with headquarters in Ponzano Veneto, via Villa Minelli 1 (Treviso), Italy;
- Benetton Servizi S.r.l., with headquarters in Ponzano Veneto, via Villa Minelli 1 (Treviso), Italy.
You can contact the data controllers by writing to the address indicated above. Additionally, you can contact the head of personal data protection for Benetton Group s.r.l. at the following email address firstname.lastname@example.org, or by writing to the following address: Responsabile Protezione Dati, presso Benetton Group S.r.l., via Villa Minelli 1, 31050 Ponzano Veneto (TV), Italy.
2. Processing Purposes
Sisley will use the data collected via the web site exclusively for the following purposes:
a. Registration on the site
You can decide to register on the website by creating a password-protected account with your personal details. By registering on the site, with your consent, Sisley will process your data so that you can take advantage of various services, including viewing outstanding order data and orders that have been processed or recently completed. By registering, you can also manage the consents given to subscribe to the newsletter and profiling.
b. Purposes of the management of the contractual relationship
If you purchase products on our website, you will be asked for some standard personal data (name, surname, home address, email address, data related to the means of payment), to complete the purchase order. Sisley identifies and processes your data to fulfil your purchase, including the subsequent warranty procedures and technical and commercial administrative services, such as preventing crimes and fraud. Your personal data will be passed on to third parties, only as permitted by law, for the purpose of completing of the contact or billing. n the realm of carrying out an order, for instance, those we entrust with the services (for example: courier, logistics agency, banks) receive the necessary data to complete the order and their task. These entrusted providers can use the given data solely for the purpose of carrying out their tasks.
c. Purposes related to marketing and profiling activities
With your specific consent, the personal data entered on the pages for subscription to the newsletter service and registration on the site, will be used for the following purposes: collection, registration and processing of purchase data, economic and statistical analyses, sending of advertising/information/promotional material, promotional operations and offers by Gruppo Benetton.
d. Purposes linked to customer care services
In the event that you would like to request information through the “contact us” website section, whether written or by telephone at the indicated number, some personal data will be requested from you for request management, some of which (name, surname, telephone number and email address) are required. Your consent to the processing of this data will allow us to process your requests. No other use of the data will be made other than the management of the request submitted.
3. Legal Basis of Data Processing
Sisley will process your personal data on the following legal basis:
a. on the basis of your specific consent (site registration, marketing and profiling, customer care). In the event that you do not give consent, the requested service will not be able to be carried out;
b. because it is necessary for contractual obligations (e.g. if you purchase products via the e-commerce channel);
c. because it is necessary to pursue a legitimate interest (e.g. for anti-fraud checks in the use of payment instruments).
4. Methods of Use
Sisley aims to protect your personal data and manages data processing according to the principles of correctness, lawfulness and transparency. We inform you, therefore, that your personal data will be processed, through the use of tools and procedures suitable for guaranteeing security and confidentiality, using IT and on-line tools, as well as hard copies and files. In the case of data communication via on-line tools, Sisley transmits your personal data securely via encryption (e.g. TLS encryption, Transport Layer Security, or SSL, Secure Socket Layer).
5. Retention Time
Sisley will keep your personal data for different periods of time, depending on the purposes for which they were collected:
a. generally speaking, Sisley will keep your personal data only for the time strictly necessary for the management of the requested service or until required by virtue of our legal and contractual obligations worldwide;
b. if you have an account, we will conserve your data while the account is still active as well as no more than 24 months after content has been granted or renewed;
c. if you subscribe to our newsletter, we will keep your data until you communicate your intention to unsubscribe;
d. in the event that you grant consent for marketing or profiling purposes, we will conserve the data in question for no more than 24 months.
6. Sharing the Information with other parties
For the purposes indicated in this statement, your personal data may be disclosed to other companies managed by the Data Controller or to third parties working in collaboration with the Data Controller to provide services, duly appointed as persons responsible for or in charge of data processing Moreover, for all the purposes indicated in the information policy, your data may also be communicated abroad, inside or outside the European Union, in compliance with the rights and guarantees provided by current legislation and after verification of the adequacy of the level of protection guaranteed by the third country.
Finally, your data will be processed by internal resources in the offices of the data controller who have been suitably trained and are authorised to process personal data.
7. Data Subject’s Rights
You have the right to ask the head of data processing to access your personal data and amend them if they are incorrect as well as delete them or limit their processing if they have a wider scope.
You may also oppose their processing for legitimate interests pursued by our company, as well as obtaining the portability of the data given, provided that they regard automated treatment based on your consent or a contract.
You also have the right to revoke the consent given for processing purposes that require it, without prejudice to the legitimacy of the processing carried out until consent was withdrawn. We inform you that you can exercise your rights by contacting the data controller at the addresses indicated in point 1. We also remind you that you have the right to lodge a complaint with the Antitrust Authority for the protection of personal data (https://www.garanteprivacy.it/en/ ).