FULL POLICY

DATA CONTROLLER

NEW SERVICE SRLS with registered office in VIA VITTORIO ARGENTIERI, 396 – MONTENERO DI BISACCIA (CB)

Owner's email address: info@onestore.moda

TYPES OF DATA COLLECTED

Among the Personal Data collected by this Application, either independently or through third parties, there are: first name; last name; email address; Tracking Tool; Usage Data.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data are collected.
Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this Application.
Unless otherwise specified, all Data requested by this Application is mandatory. If the User refuses to communicate them, it may be impossible for this Application to provide the Service. In cases where this Application indicates some Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or on its operation.
Users who have doubts about which Data are mandatory are encouraged to contact the Owner.
Any use of Cookies – or other tracking tools – by this Application or by the owners of third-party services used by this Application, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Application and guarantees that he/she has the right to communicate or disseminate them, freeing the Owner from any liability towards third parties.

METHOD AND PLACE OF PROCESSING OF COLLECTED DATA

TREATMENT METHODS

The Owner adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out using computer and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Owner, in some cases, other parties involved in the organization of this Application (administrative, commercial, marketing, legal, system administration personnel) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communications agencies) may have access to the Data, also appointed, if necessary, as Data Processors by the Owner. The updated list of Data Processors may always be requested from the Data Controller.

LEGAL BASIS FOR THE PROCESSING

The Data Controller processes Personal Data relating to the User if one of the following conditions exists:

• the User has given consent for one or more specific purposes; Note: in some jurisdictions the Owner may be allowed to process Personal Data without the User's consent or any other of the legal bases specified below, until the User objects (“opts-out”) to such processing. However, this does not apply when the processing of Personal Data is regulated by European legislation on the protection of Personal Data;
• processing is necessary for the performance of a contract with the User and/or for the execution of pre-contractual measures;
• processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
• processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller;
• processing is necessary for the pursuit of the legitimate interest of the Owner or third parties.

However, it is always possible to ask the Owner to clarify the specific legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

PLACE

The Data is processed at the Data Controller's operating offices and in any other place where the parties involved in the processing are located. For further information, contact the Data Controller.
The User's Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information on the place of processing, the User can refer to the section concerning the details on the processing of Personal Data.

In case of higher protection, the User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization of public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Owner to protect the Data.

If one of the transfers described above takes place, the User can refer to the respective sections of this document or request information from the Owner by contacting him at the contact details provided at the beginning.

RETENTION PERIOD

The Data is processed and stored for the time required by the purposes for which it was collected.

Therefore:

• Personal Data collected for purposes related to the performance of a contract between the Owner and the User will be retained until the performance of such contract is completed.
• Personal Data collected for purposes related to the legitimate interest of the Owner will be retained until such interest is fulfilled. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.

When the processing is based on the User's consent, the Owner may retain the Personal Data for a longer period until such consent is revoked. Furthermore, the Owner may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of such period, the right of access, deletion, rectification and the right to portability of the Data can no longer be exercised.

PURPOSE OF THE PROCESSING OF COLLECTED DATA

The User's Data is collected to allow the Owner to provide the Service, comply with legal obligations, respond to requests or enforcement actions, protect their rights and interests (or those of Users or third parties), identify any malicious or fraudulent activity, as well as for the following purposes: Contacting the User, Statistics and Access to accounts on third-party services.

To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User may refer to the section “Details on the processing of Personal Data”.

FACEBOOK PERMISSIONS REQUIRED BY THIS APPLICATION

This Application may ask for some Facebook permissions allowing it to perform actions with the User's Facebook account and to collect information, including Personal Data, from it. This service allows this Application to connect with the User's account on the Facebook social network, provided by Facebook Inc.

For more information on the following permissions, please refer to the Facebook permissions documentation and the Facebook privacy policy .

The permissions required are as follows:

BASIC INFORMATION

The basic information of the User registered on Facebook which normally includes the following Data: id, name, image, gender and localization language and, in some cases, the Facebook "Friends". If the User has made additional Data publicly available, the same will be available.

ACCESS TO PRIVATE DATA

Allows access to the User's and friends' private data.

CHAT

Provides applications that integrate with Facebook Chat the ability to log in the User.

SHARING

Sharing instead of the User.

DETAILS ON THE PROCESSING OF PERSONAL DATA

Personal Data is collected for the following purposes and using the following services:

• ACCESS TO ACCOUNTS ON THIRD PARTY SERVICES

  This type of service allows this Application to collect Data from your accounts on third-party services and perform actions with them.
  These services are not activated automatically, but require the express authorization of the User.

  Facebook account access (Meta Platforms, Inc.)

  This service allows this Application to connect with the User's account on the Facebook social network, provided by Facebook, Inc.

  Permissions requested: Access private data; Chat; Sharing.

  Place of processing: United States – Privacy Policy .

• CONTACT THE USER

  Contact form (this Application)

  By filling in the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other nature indicated by the form header.

  Personal Data processed: email address; first name; last name.

• STATISTICS

  The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to track User behavior.

  Google Analytics (Google LLC)

  Google Analytics is a web analysis service provided by Google LLC (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.
  Google may use Personal Data to contextualize and personalize the advertisements of its own advertising network.

  Personal Data processed: Usage Data; Tracking Tool.

  Place of processing: United States – Privacy Policy – ​​Opt Out .

USER RIGHTS

Users may exercise certain rights with reference to the Data processed by the Owner.

In case of higher protection, the User can exercise all the rights listed below. In any other case, the User can contact the owner to find out which rights are applicable in his case and how to exercise them.

In particular, the User has the right to:

• revoke consent at any time. The User may revoke consent to the processing of their Personal Data previously expressed.
• object to the processing of your Data. The User may object to the processing of their Data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below.
• access their Data. The User has the right to obtain information on the Data processed by the Owner, on certain aspects of the processing and to receive a copy of the Data processed.
• verify and request rectification. The User can verify the accuracy of their Data and request its updating or correction.
• obtain the limitation of the processing. When certain conditions apply, the User can request the limitation of the processing of their Data. In this case, the Owner will not process the Data for any purpose other than their conservation.
• obtain the deletion or removal of their Personal Data. When certain conditions apply, the User may request the deletion of their Data by the Owner.
• receive your Data or have it transferred to another owner. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to obtain the transfer without hindrance to another owner. This provision is applicable when the Data is processed with automated tools and the processing is based on the User's consent, on a contract to which the User is a party or on contractual measures connected to it.
• lodge a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.

DETAILS ON THE RIGHT TO OBJECT

When Personal Data is processed in the public interest, in the exercise of public authority vested in the Owner or to pursue a legitimate interest of the Owner, Users have the right to object to the processing for reasons related to their particular situation.

Users are hereby informed that, if their Data is processed for direct marketing purposes, they may object to the processing without providing any justification. To find out whether the Data Controller processes data for direct marketing purposes, Users may refer to the respective sections of this document.

HOW TO EXERCISE YOUR RIGHTS

To exercise User rights, Users may direct a request to the Owner's contact details indicated in this document. Requests are filed free of charge and processed by the Owner as soon as possible, in any case within one month.

APPLICABILITY OF THE HIGHER LEVEL OF PROTECTION

While most of the provisions of this document apply to all Users, some are expressly subject to the applicability of a higher level of protection to the processing of Personal Data.

This higher level of protection is always guaranteed when the processing:

• is performed by a Data Controller based in the EU; or
• concerns Personal Data of Users located in the EU and is functional to the offer of goods or services for a fee or free of charge to such Users; or
• concerns Personal Data of Users who are located in the EU and allows the Owner to monitor the behavior of such Users to the extent that such behavior takes place within the Union.

MORE INFORMATION ABOUT TREATMENT

DEFENSE IN COURT

The User's Personal Data may be used by the Owner in court or in the preparatory stages of its possible establishment for the defense against abuse in the use of this Application or related Services by the User.
The User declares to be aware that the Owner may be required to reveal the Data by order of public authorities.

SPECIFIC INFORMATION

Upon request of the User, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

SYSTEM LOGS AND MAINTENANCE

For needs related to operation and maintenance, this Application and any third-party services used by it may collect system logs, which are files that record interactions and may also contain Personal Data, such as the User's IP address.

INFORMATION NOT CONTAINED IN THIS POLICY

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.

RESPONSE TO “DO NOT TRACK” REQUESTS

This Application does not support “Do Not Track” requests.
To find out if any third-party services used support them, the User is invited to consult their respective privacy policies.

CHANGES TO THIS PRIVACY POLICY

The Data Controller reserves the right to make changes to this privacy policy at any time by giving notice to Users on this page and, if possible, on this Application and, if technically and legally feasible, by sending a notification to Users through one of the contact details in its possession. Please therefore consult this page frequently, referring to the date of the last modification indicated at the bottom.

If the changes affect treatments whose legal basis is consent, the Data Controller will collect the User's consent again, if necessary.