Because your privacy is so important to us, we provide you with this Policy, explaining how we collect, use and share your personal data, so that you can make informed choices, about the use of your data.
A. DATA CONTROLLER
Seiseta S.r.l. is the controller for the personal data we process. Data Controller is the company, which decides how and why your personal data is processed.
You can contact us by email: firstname.lastname@example.org
Our postal address is: Via San Francesco a Patria ZONA ind. ASI - 80014 - Giugliano in Campania (NA) - Italy
B. WHAT PERSONAL DATA DO WE COLLECT
This website collects personal data in two ways:
Data provided voluntarily: by filling in the contact form or by registering for a newsletter or creating an account, for example, email address, telephone number, first and last name, hairstylist licence.
Data collected automatically (cookies): through the Website, which collects them independently or on behalf of third parties, e.g. usage data and cookies.
Seiseta also collects personal data offline, for example at trade shows or in other lawful ways, for example during a negotiation with a customer or supplier. This notice is also addressed to these data subjects
C. WHY DO WE USE YOUR PERSONAL DATA?
We use personal data collected for a number of purposes, including the following:
- To give feedback to your requests when you fill out the appropriate contact form.
- To sell our products or buy services and products. We also use personal data for related internal administrative or legal purposes - such as our accounting and records - and to make you aware of any changes to our services.
- To send marketing communications about our products.
D. LEGAL GROUNDS
- Compliance with law: In some cases, we may have a legal obligation to use or retain your personal data.
- Performance of a contract with you (or in order to take steps prior to entering into a contract with you); for example, to register a personal account.
a) with reference to third-party profiling cookies. The user gives consent in the banner provided by the Cookie Law. Seiseta does not use its own profiling cookies.
b) to receive both paper, email, and telephone marketing communications.
c) for offline collection of personal data, e.g. at trade fairs, in order to do direct marketing. In this case, as well as in the case of legitimate interest for soft marketing purposes, at the expiry of the second year, the controller, if it still intends to process data for marketing purposes, must ask the data subject for a new consent.
- Our legitimate interests and in particular:
a) if it is necessary to promote our products (direct marketing);
b) to perform soft data profiling as allowed by the Guidelines of the Working Group ex art. 29, for example, if we need to understand the sales trends of certain products in a determinate area. In this type of profiling, the data controller does not carry out invasive processing and does not cross-profile. Moreover, the data controller does not make automated decisions.
E. WHAT ARE THE POSSIBLE CONSEQUENCES OF FAILURE TO PROVIDE PERSONAL DATA?
Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether the data subject is obliged to provide the personal data, if you don’t provide personal data, we will not be able to enter into the contract.
F. WHO WILL WE SHARE YOUR PERSONAL DATA WITH?
Normally we don’t share personal data with third parties.
However, there are circumstances when we are likely to share data with other public authorities and organizations where there is a legal ground for doing so, which might include:
- Public authorities
- Tax authorities
- Judicial/investigative authorities such as the police, public prosecutors, courts on their express and legal request.
- our accountant
- our lawyer.
G. WHERE DO WE STORE AND PROCESS YOUR PERSONAL DATA?
We primarily store and process your personal data in the EU/European Economic Area (“EEA”). If we transfer your personal data outside the EEA, we will have a legal ground to do so.
Some examples of grounds your data may be processed outside of the EEA include:
- Order fulfillment
- Technical support services.
If your personal data cannot be processed within the EEA, we will comply with all other data protection principles.
Where possible, we will be in a country that is on the list of the EU Commissions’ countries that provide adequate protection for the rights and freedoms of data subjects.
In all other cases, subject to article 49 GDPR we make sure that:
- the transfer is necessary for the performance of a contract between the data subject and the controller or the implementation of pre-contractual measures taken at the data subject's request;
- the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the data subject between the controller and another natural or legal person;
H. DATA PROCESSOR
To the extent of responsibility, we have appointed, as data processors, external professional managers or service companies for the administration and business management who work on behalf of our company, for example, with regard to tax obligations, our accountant.
You can receive the updated list of the subjects above by contacting the data controller.
I. HOW DO WE PROCESS YOUR PERSONAL DATA?
We implement serious security measures to grant the best protection to your personal data against unauthorized access, modification, disclosure or deletion. Your data is protected by our highly sophisticated security systems.
We actively implement data loss prevention systems against leakage, theft, and data breach in order to ensure that our site and the entire IT infrastructure related to it are updated against the latest network security vulnerabilities. Our site incorporates the most advanced security technologies available in order to ensure the best safety of its users and the safekeeping of their related information.
L. HOW LONG DO WE RETAIN YOUR PERSONAL DATA?
We will retain your personal data as long as it’s necessary to fulfill the purposes for which it is collected.
In any case, for tax purposes we will retain data for no longer than ten years after the termination of our contractual relationship.
For marketing purposes, we will retain personal data for no longer than two years.
M. WHAT ARE YOUR RIGHTS?
- Right of access - you have the right to request a copy of the information that we hold about you.
- Right to rectification - you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten - in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing - where certain conditions apply, you have a right to restrict the processing.
- Right to data portability - you have the right to have the data we hold about you transferred to another organization.
- Right to object - you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling - you also have the right not to be subject to the legal effects of automated processing or profiling.
- Right to lodge a complaint with a supervisory authority.
If you want to exercise any of the above rights, please mail us: email@example.com
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
N. CALIFORNIA CONSUMER PRIVACY ACT DISCLOSURES
This California Consumer Privacy Act disclosure page ("Disclosure") implements the Seiseta Privacy Notice and it is effective from 7 December 2021
These additional disclosures are required by the California Consumer Privacy Act:
O. Categories of personal information collected.
The personal information that Seiseta collects, or has collected, from consumers in the twelve months prior to the effective date of this Disclosure, fall into the following categories established by the California Consumer Privacy Act, depending on which Seiseta is used:
- identifiers such as your name, alias, address, phone numbers, email or IP address, hairstylist licence;
- personal information, such as a credit card number;
- age, gender, or other protected classifications;
- commercial information;
- Internet activity information, such as content downloads;
- geolocation data, such as the location of your device or computer;
- professional information, for example, data you may provide about your business;
- information about your purchase preferences.
P. Categories of personal information disclosed for a business purpose.
The personal information that Seiseta disclosed to the third parties (identified in the “WHO WILL WE SHARE YOUR PERSONAL INFORMATION WITH?” section of the Seiseta Privacy Notice about consumers) for a business purpose in the twelve months prior to the effective date of this disclosure fall into the following categories established by the California Consumer Privacy Act, depending on which Seiseta is used:
- identifiers such as your name, address, phone numbers, email or IP address, for example if we use a third party carrier to deliver your order;
- personal information, such as a credit card number, for example, if we use a third-party payment processor;
- commercial information, such as the details of a product you purchased if a third-party service provider is assisting to provide that product to you;
- geolocation, such as the location of your device or computer; if we need to undestand purchasing trends in a certain area;
- professional information, for example, if we provide your account details to a service provider for verification as part of enrollment for a Seiseta account.
Q. Right to Request Access to or Deletion of Personal Information.
You may have the right under the California Consumer Privacy Act to request information about the collection of your personal information by Seiseta, or access to or deletion of your personal information.
If you wish to do any of these things, please contact Seiseta at the following email address: firstname.lastname@example.org
No sale of personal information.
In the twelve months prior to the effective date of this disclosure, Seiseta has not sold any personal information of consumers, as those terms are defined under the California Consumer Privacy Act.
Seiseta will not discriminate against any consumer for exercising their rights under the California Consumer Privacy Act.
Annual Reporting for 2021.
In 2020, Seiseta didn’t exist.
Cookies or markers are small text files (in practice, packets of information) that are automatically placed on the surfer's PC or DEVICE within the browser (Google Chrome, Mozilla Firefox, Microsoft Edge Safari) and automatically sent back to the server each time the site is accessed.
They contain basic information about Internet navigation and are recognized by the browser each time the user visits the site.
They enable this website to check whether you have already visited www.seiseta.com.
In particular, cookies allow us to determine which pages of the website are most popular, as they show which pages are visited and for how long.
We use this data to make the website more responsive to your needs and easier to navigate.
In turn, cookies are divided into three categories:
Technical cookies: they are a package of information that is necessary to view the website. By law, these cookies don’t require consent.
Analytical cookies: by law, these cookies are the same as technical cookies, and therefore, in this case too, consent is not required; they can be the site's own cookies (used, for example, to find out the number of pages visited on the site) or third-party cookies (i.e. generated by other sites to provide content on the site visited by users).
Users/visitors can in any case inhibit the use of Google Analytics and prevent it from being stored on their own devices by using the specific Browser add-on for deactivating Google Analytics, made available by Google at https://tools.google.com/dlpage/gaoptout.
In order to activate this component, which inhibits the system from sending information on the user/visitor's visit, it will be sufficient to install it by following the instructions on the screen, close and reopen the Browser.
Profiling cookies: these are aimed solely and exclusively at understanding the preferences of individual users so as to provide them with targeted content during navigation that may be of interest to them.
This site does not release first-party profiling cookies, however, third parties may release this type of cookies: for example, you may receive this type of cookie using youtube embed videos, the Facebook like button, through Google Analytics, or even using the interactive maps provided by Google Maps.
Most popular browsers provide the possibility to block only third-party cookies.
To disable this type of cookie, simply follow the instructions on the following pages:
for Microsoft Edge: https://support.microsoft.com/it-it/help/4027947/windows-delete-cookies
for Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
for Apple Safari: https://support.apple.com/it-it/HT201265
Google Ireland Ltd
Google Analytics: used to analyze how users use the site, to compile reports on-site activity and user behavior, to see how often users visit the site, how the site is tracked, and which pages are visited most frequently.
The information is combined with information collected from other sites in order to create a comparative picture of the use of the site in relation to other sites in the category.
Data collected: browser identifier, date and time of interaction with the site, page of origin, IP address. Place of data processing: European Union being active anonymisation of the service.
When they are anonymized, as in the case of this site, the Data Protection Authority has clarified that they are comparable to technical cookies and therefore do not require the user's consent.
The data collected do not allow personal identification of users and are not cross-referenced with other information relating to the same person. They are processed in aggregate form and anonymized (truncated to the last octet).
Google Ireland (the data controller) is prohibited from cross-referencing this data with data obtained from other services on the ground of a specific agreement (DPA).
Further information on Google Analytics cookies can be found on the page Google Analytics Cookie Usage on Websites: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage.
The user can selectively disable (opt-out) the collection of data by Google Analytics by installing the appropriate component provided by Google on his browser (opt-out) which can be downloaded from the following page: https://tools.google.com/dlpage/gaoptout
Youtube: platform, owned by Google, for sharing videos. The cookies are set when the page containing the embed is accessed, and when the video is started, and do not allow the User to be identified unless he or she is already logged into the Google profile.
For the videos present on the site, the "because of advanced privacy (no cookies)" option has been activated, which ensures that YouTube does not store information on visitors unless they voluntarily play the video.
Data collected: number and behavior of users of the service, IP address, information linking visits to the site to the Google account for users who are already logged in, preferences on viewing videos. Place of data processing: USA.
Social Network Plugins
This site also incorporates plugins and/or buttons to enable easy sharing of content on your favorite social networks.
When you visit a page on our website that contains a plugin, your browser connects directly to the servers of the social network from which the plugin is loaded, which server can track your visit to our website and, where appropriate, associate it with your social network account, particularly if you are logged in at the time of your visit or if you have recently browsed one of the websites containing social plugins.
If you do not want the social network to record data relating to your visit to our website, you must log out of your social network account and, probably, delete the cookies that the social network has installed in your browser.
On this site, plugins are installed with advanced privacy protection functions for Users, which do not send cookies or access the cookies present on the User's browser when the page is opened, but only after the plugin is clicked. The collection and use of information by these third parties is governed by their respective privacy policies, to which you should refer.
In addition, according to the GDPR, each website must offer the possibility to deactivate and/or inhibit Cookies in a simple and immediate manner, even when they are anonymous, i.e. do not involve the recording of personal identification data such as IP addresses.
As already specified in the "legal ground" paragraph, the use of profiling cookies is permitted or can be disabled by expressing your preference by clicking on the dedicated banner that appears when you access on the website.