Data Controller

D TRADE DI DOMINICI LUCA – Via Salvo d’Acquisto, 3 – 61048 Sant’Angelo in Vado (PU)

Owner’s email address: info@eyeriseshop.it

Types of Data collected

Among the Personal Data collected by EYERISESHOP.IT (hereinafter Eyerise), independently or through third parties, there are: Cookies, Usage Data, IP, System Log, Name, Surname, contact details, Phone number, VAT number, Company name, Address, Country, State, Province, Email and Postcode.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific information texts displayed before the data is collected.

Eyerise may collect your personal information when you register on the website, use the website, make a purchase, attend an event or contact Eyerise directly.

Personal Data can be freely provided by the User or, in the case of Use Data, collected automatically during the use of ascdaan.it.

Unless otherwise specified, all Data requested by Eyerise are required. If the User refuses to provide this information, it may be impossible for Eyerise to provide the Service. In cases where Eyerise specifies certain Data as optional, Users are free to refrain from disclosing such Data, without this having any effect on the availability of the Service or its operation.

Users who have any doubts about what Data is required are encouraged to contact the Owner.

Any use of Cookies – or other tracking tools – by Eyerise or the owners of third party services used by Eyerise, unless otherwise stated, is intended to provide the Service requested by the User, in addition to the additional purposes described in this document and in the Cookie Policy.

The User assumes the responsibility of the Personal Data of third parties obtained, published or shared through Eyerise and guarantees to have the right to communicate or disseminate them, freeing the Owner from any responsibility towards third parties.

Method and place of treatment of the collected data

Methods of treatment

The Data Controller shall take appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The processing is carried out by means of computer and/or telematic tools, with organisational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organisation of the company’s work (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed also, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Managers may always be requested from the Data Controller.

Legal basis of the treatment

The Controller, processes Personal Data relating to the User in case of one of the following conditions:

  • The User has given consent for one or more specific purposes; Note: In some jurisdictions the Owner may be authorized to process Personal Data without the User’s consent or any other of the legal bases specified below, until the User objects (“opt-out”) to such treatment. This does not apply, however, if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
  • The processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures;
  • The processing is necessary to fulfil a legal obligation to which the Holder is subject;
  • Processing is necessary for the performance of a task in the public interest or for the exercise of official authority vested in the Data Controller;
  • Processing is necessary for the legitimate interest of the Data Controller or of a third party.

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

Place

The Data are processed at the operating offices of the Holder and in any other place where the parties involved in the processing are located. For further information, please contact the Data Controller.

The User’s Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the place of processing, the User may refer to the section on the details of the processing of Personal Data.

You have the right to obtain information about the legal basis for the transfer of Data outside the European Union or an international organisation governed by public international law or consisting of two or more countries, such as the UN, and about the security measures taken by the Controller to protect the Data.

If one of the transfers described above takes place, the User may refer to the respective sections of this document or request information from the Holder by contacting him at the details given in the opening.

Storage period

Data are processed and stored for the time required for the purposes for which they were collected.

Therefore:

  • Personal Data collected for purposes related to the execution of a contract between the Holder and the User will be retained until the execution of such contract is completed.
  • Personal Data collected for purposes related to the legitimate interest of the Holder will be retained until such time as such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Holder in the relevant sections of this document or by contacting the Holder.

When processing is based on the User’s consent, the Holder may retain the Personal Data for longer until such consent is revoked. In addition, the Holder may be obliged to retain Personal Data for a longer period in accordance with a legal obligation or by order of an authority.

At the end of the retention period the Personal Data will be deleted. Therefore, upon expiry of this period, the right of access, deletion, rectification and portability of the Data may no longer be exercised.

Purpose of processing of collected data

User Data are collected to allow the Holder to provide its Services, as well as for the following purposes: Interaction with social networks and external platforms, Statistics and display of content from external platforms, Contact the User, Access to accounts on third-party services, Hosting and back-end infrastructure, Content commentary, Advertising, Remarketing and behavioral targeting, Managing contacts and sending messages and Commercial affiliation.

To obtain further detailed information on the purposes of the processing and on the Personal Data specifically relevant for each purpose, the User can refer to the relevant sections of this document.

Details on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

 

Commercial affiliation

This type of service enables Eyerise to display advertisements for goods or services offered by third parties. The advertisements can be displayed either in the form of advertising links or as banners in various graphic forms.

 

Interazione con social network e piattaforme esterne

This type of service allows you to interact with social networks, or other external platforms, directly from the pages of Eyerise.

The interactions and information acquired by Eyerise are in any case subject to the User’s privacy settings for each social network (such as Facebook, LinkedIn, YouTube, Google+).

If a service of interaction with social networks is installed, it is possible that, even if Users do not use the service, it collects traffic data relating to the pages on which it is installed.

 

Commentary on contents

Commentary services allow users to make their own comments about the content of Eyerise and make them public.

Depending on the settings decided by the Holder, Users may also comment anonymously. If the Personal Data provided by the User includes an email, it may be used to send notifications of comments regarding the same content. Users are responsible for the content of their comments.

If a commenting service provided by third parties is installed, it is possible that, even if the Users do not use the commenting service, it collects traffic data relating to the pages where the commenting service is installed.

Commentary system (third-party plagins)

Eyerise has a content commenting system.

Personal data collected: email and name.

 

Contact User

 

Contact Form (Third Party Plugins)

The User, by filling in the contact form with his/her Data, consents to their use to respond to requests for information, quotes, or any other nature indicated in the header of the form.

Personal data collected: zip code, surname, email, address, country, first name, telephone number, VAT number, province, company name and state.

 

Managing contacts and sending messages

This type of service allows you to manage a database of email contacts, telephone contacts or any other type of contacts used to communicate with you.

These services may also allow you to collect data relating to the date and time of display of messages by the User, as well as the User’s interaction with them, such as information on clicks on links placed in messages.

 

Mailing list or newsletter (via MailChimp platform or direct mailings or other mailing software)

By registering for the mailing list or newsletter, the User’s email address is automatically included in a list of contacts to which email messages containing information, including commercial and promotional information, relating to Eyerise may be sent. The User’s email address may also be added to this list as a result of registration on the Ascdaan.it website or after making a purchase.

The possibility of indicating that you no longer wish to receive direct marketing material is also given in any electronic communication that will be sent by Eyerise.

Personal data collected: name, surname, email, telephone number, physical address.

 

Hosting and backend / backup infrastructure
These services are designed to host data, files that allow Eyerise to function, allow its distribution and provide a ready-to-use infrastructure to deliver specific key features and components, making it possible to deliver specific functions from a single platform. These platforms provide the Holder with a wide range of tools such as analytical tools, user registration management, comment and database management, e-commerce, payment processing, etc. The use of such tools involves the collection and processing of Personal Data. This type of service allows the storage and management of backups of this Application on external servers managed by the service provider. These backups may include both the source code and contents of the same and the data provided to this Application by the User. Some of these services operate through servers located geographically in different locations, making it difficult to determine the exact location where Personal Data is stored.

 

WordPress.com (Automattic Inc.)

WordPress.com is a platform provided by Automattic Inc. that allows the Holder to develop, operate and host this Application.
Personal Data Collected: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.

Backup to Dropbox (Dropbox, Inc.)
Dropbox is a backup management and rescue service provided by Dropbox Inc.
Personal Data Collected: Various types of Data as specified in the service’s privacy policy.
Place of Processing: United States – Privacy Policy. Subject adhering to the Privacy Shield.

Backup to Google Drive (Google Inc.)
Google Drive is a backup management and rescue service provided by Google Inc.
Personal Data Collected: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy. Subject adhering to the Privacy Shield.

Publicity

 

This type of service allows the User Data to be used for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User’s interests.

This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.

Some of the services listed below may use Cookies to identify you or use the technique of behavioral retargeting, ie display ads customized according to your interests and behavior, also detected outside of Eyerise. For more information about this, we recommend that you check the privacy policies of the respective services.

 

Google AdSense (Google Inc.)

Google AdSense is an advertising service provided by Google Inc. This service uses the “Doubleclick” cookie, which tracks your use of Eyerise and your behavior in relation to the advertisements, products and services offered.

The User can decide at any time not to use the Doubleclick cookie by deactivating it: google.com/settings/ads/onweb/optout.
Personal Data Collected: Cookies and Usage Data.

Place of processing: USA – Privacy Policy – Opt Out.

 

Remarketing and behavioral targeting

This type of service enables Eyerise and its partners to communicate, optimize and serve advertisements based on the User’s past use of Eyerise.

This activity is carried out through the tracking of Usage Data and the use of Cookies, information that is transferred to the partners to whom the activity of remarketing and behavioral targeting is linked.

In addition to the opt-out options offered by the following services, the User may opt out of receiving cookies relating to a third party service by visiting the opt-out page of the Network Advertising Initiative.

 

Remarketing with Google Analytics for display advertising (Google Inc.)

Google Analytics for display advertising is a remarketing and behavioral targeting service provided by Google Inc. that links the tracking activity performed by Google Analytics and its Cookies with the advertising network Adwords and the Doubleclick Cookie.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy – Opt Out.

 

AdWords Remarketing (Google Inc.)

AdWords Remarketing is a remarketing and behavioral targeting service provided by Google Inc. that links Eyerise’s business with the Adwords advertising network and the Doubleclick Cookie.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy – Opt Out.

 

Facebook Remarketing (Facebook, Inc.)

Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that links the activity of this Application with the Facebook advertising network.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: United States – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.

 

Facebook Custom Audience (Facebook, Inc.)

Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this application with the Facebook advertising network.

Personal Data Collected: Cookies and Emails.

Place of processing: United States – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.

 

Statistics

The services contained in this section allow the Data Controller to monitor and analyse traffic data and are used to keep track of the User’s behaviour.

 

Google Analytics (Google Inc.)

Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of Eyerise, compiling reports and sharing them with other services developed by Google.

Google may use your Personal Data to contextualize and customize ads in its advertising network.

Personal Data Collected: Cookies and Usage Data.
Place of treatment: USA – Privacy Policy – Opt Out.

 

Google Tag Manager (Google Inc.)

Google Tag Manager is a statistics service provided by Google Inc.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy.

 

Google Fonts (Google Inc.)

Google Fonts is a font viewing service operated by Google Inc. that allows Eyerise to integrate such content into its pages.

Personal Data Collected: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service.

Place of treatment: USA – Privacy Policy.

 

Display Advertisers extension for Google Analytics (Google Inc.)

Google Analytics on Eyerise may use advertising based on Google’s interests, third-party audience data and information from the DoubleClick cookie to extend statistics with demographic data, interests and data on interactions with advertisements.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy – Opt Out.

 

User ID extension for Google Analytics (Google Inc.)

Google Analytics on Eyerise uses a function called User ID. This allows more accurate tracking of users by assigning each user a unique ID for multiple sessions and devices, but in a way that does not allow Google to personally identify an individual or permanently identify a specific device.

The User ID extension also allows you to connect Data from Google Analytics with other User Data collected by Eyerise.

The Opt Out link provided below allows you to disable tracking for the device you are using, but does not exclude further tracking activities performed by the Owner. To deactivate the latter, please contact the Holder via the contact email address.

Personal Data Collected: Cookies.

Place of treatment: USA – Privacy Policy – Opt Out.

Monitoring conversions of Google AdWords (Google Inc.)

Google AdWords conversion tracking is a statistics service provided by Google Inc. that links data from the Google AdWords ad network with actions taken within Eyerise.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy.

 

Google Analytics with Anonymous IP (Google Inc.)

Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of Eyerise, compiling reports and sharing them with other services developed by Google.

Google may use your Personal Data to contextualize and customize ads in its advertising network. This integration of Google Analytics makes your IP address anonymous. Anonymization works by abbreviating your IP address within the member states of the European Union or other countries that are parties to the Agreement on the European Economic Area. Only in exceptional cases will the IP address be sent to Google’s servers and abbreviated within the United States.

Personal Data Collected: Cookies and Usage Data.

Place of treatment: USA – Privacy Policy – Opt Out.

 

Analysis of User Data and Forecasts (“profiling”)

The Holder may process the usage data collected through this Application to create or update user profiles. This type of processing enables the Holder to evaluate the choices, preferences and behavior of the User for the purposes specified in the respective sections of this document.

User profiles may also be created by automated tools, such as algorithms, which may also be offered by third parties. For further information on the profiling activity, the User can refer to the respective sections of this document.

The User has the right to object to this profiling activity at any time. To find out more about the User’s rights and how to exercise them, the User can refer to the section of this document relating to Users’ rights.

 

User Rights

Users may exercise certain rights with regard to the Data processed by the Owner.

In particular, the User has the right to:

  • Revoke consent at any time. You may revoke your consent to the processing of your personal data as expressed above.
  • Oppose the processing of data. The user may object to the processing of his/her data when it takes place on a legal basis other than consent. Further details on the right to object are indicated in the section below.
  • Access your data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the processing and to receive a copy of the data processed.
  • Verify and request correction. The user may verify the correctness of his/her data and request that it be updated or corrected.
  • Obtain treatment limitation. When certain conditions are met, the user may request that the processing of his/her data be limited. In this case, the owner will not process the data for any other purpose than their storage.
  • Obtain the cancellation or removal of your personal data. When certain conditions are met, the user may request the cancellation of his/her data by the owner.
  • Receive their data or have them transferred to another holder. The user has the right to receive his data in a structured format, commonly used and readable by automatic device and, where technically feasible, to obtain the transfer without hindrance to another owner. This provision is applicable when the data is processed by automated means and the processing is based on the user’s consent, on a contract to which the user is a party or on contractual measures connected to it.
  • Make a complaint. The user can make a complaint to the competent personal data protection supervisory authority or act in court.

 

Details of the right to opposition

When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.

Users are reminded that, if their Data is processed for direct marketing purposes, they may object to the processing without giving any reason. To find out if the Owner processes data for direct marketing purposes, Users can refer to the respective sections of this document.

 

How to use the rights

In order to exercise the User’s rights, Users may address a request to the Owner’s contact details indicated in this document. Requests are filed free of charge and processed by the Holder as soon as possible, in any case within one month.

 

Cookie Policy

Eyerise uses cookies. For more information and to view the detailed information, the User may refer to the Cookie Policy.

 

More information about the treatment

 

Defense in court

The User’s Personal Data may be used by the Holder in court or in the preparatory stages for its possible establishment to defend against abuse in the use of Eyerise or related Services by the User.
The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.

 

Specific information

At your request, in addition to the information contained in this privacy policy, Eyerise may provide you with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

 

System log and maintenance

For needs related to operation and maintenance, Eyerise and any third party services it uses may collect system logs, which are files that record the interactions and that may also contain Personal Data, such as the User IP address.

Information not contained in this policy

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.

 

Response to “Do Not Track” requests

Eyerise does not support “Do Not Track” requests.

To find out if any third party services you use support them, please refer to their privacy policies.

 

Modifications to this privacy policy

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on Eyerise and, where technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. Please consult this page regularly, referring to the date of the last change indicated at the bottom.

If the changes involve processing operations for which the legal basis is consent, the Holder will seek the User’s consent again, if necessary.

 

Definitions and legal references

 

Personal Data (or Data)

Personal data are any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

 

Usage Data

This is the information automatically collected through Eyerise (also by third party applications integrated in Eyerise), including: IP addresses or domain names of computers used by the User who connects with Eyerise, addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to forward the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.).) the country of origin, the characteristics of the browser and operating system used by the visitor, the various time connotations of the visit (for example, the time spent on each page) and details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the operating system and the User’s computer environment.

 

User

The individual using Eyerise who, unless otherwise specified, is the same as the Interested Subject.

 

Interested

The natural person to whom the Personal Data refers.

 

Controller (or Responsible)

The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Holder, as set forth in this privacy policy.

 

Data Controller (or Holder)

The natural or legal person, public authority, agency or other body which alone or jointly with others determines the purposes and means of processing personal data and the instruments adopted, including the security measures relating to the operation and enjoyment of Eyerise. Unless otherwise specified, the Data Controller is the owner of Eyerise.

 

Eyerise (or this Application)

The hardware or software tool through which User Personal Data is collected and processed.

 

Service

The Service provided by Eyerise as defined in the relevant terms (if any) on this site/application.

 

European Union (or EU)

Unless otherwise stated, any reference in this document to the European Union shall be deemed to extend to all current Member States of the European Union and the European Economic Area.

 

Cookie

Small portion of data stored within the User’s device.

 

Legal references

This privacy policy has been drawn up on the basis of a number of legislative systems, including Articles 13 and 14 of Regulation (EU) 2016/679.Unless otherwise stated, this privacy policy applies exclusively to Eyerise.

 

Last modified: 04 September 2019