Privacy Policy

Information on the processing of personal data. Effective from 05 December 2022.

1. Nature of data processed and purpose of processing. Data Controller

Alessi S.p.A., with registered office in Crusinallo (VB), via Privata Alessi n. 6 (VAT No. IT00465840031), share capital of Euro 5,400,000.00 i.v., CEM: alessispa@legalmail.it, in relation to personal data provided by users when accessing and/or registering to the website www.alessi.com (Website) or purchasing products offered for sale on the latter. The Data Controller is Alessi S.p.a., e-mail: privacy@alessi.com

2.Purpose of processing.

Alessi S.p.A. shall process personal data provided by users for the following purposes:

(a) to allow registration on the Site and use of the services reserved for registered users, as well as to allow compliance with obligations arising from the law or regulations in force, in particular, in the fields of administration, accounting, public security. The legal basis for the processing is the need for Alessi S.p.A. to execute pre-contractual measures requested by the data subject or to comply with a legal obligation;

(b) in the case of placing an online purchase order, to enable the conclusion of the purchase contract and the proper execution of the transactions connected therewith (and, where required under the relevant legislation, to fulfil tax obligations). The legal basis for the processing is the obligation of Alessi S.p.A. to perform the contract with the person concerned or to fulfil legal obligations;

(c) subject to the user's express consent, for Alessi S.p.A. to send informative and promotional communications (including newsletters) about the products offered for sale on the Website as well as to carry out market research also aimed at assessing the degree of user satisfaction (customer satisfaction),by email and/or postal service ("marketing" purposes). The legal basis for the processing is the consent of the data subject;

(d) with the user’s consent, for the analysis of their consumption choices and purchasing habits ( "profiling"), by Alessi S.p.A. through the detection of the type and frequency of purchases made online in order to send information and/or advertising material of specific interest to the user in the manner described in point (c) above. The legal basis for the processing is the consent of the data subject;

(e) limited to the email addresses provided by the user in the context of the purchase of a product offered on the Site, to allow the direct sale of similar products without the need for the user's prior express consent and provided that the user does not exercise the right to object in the manner described in Article 3 below ( 'soft spamming'). The legal basis for the processing is the legitimate interest of Alessi S.p.A to send this type of communications. This legitimate interest can be considered equivalent to the interest of the person concerned in receiving 'soft-spam' communications;

(f) to respond to user requests. The legal basis of the processing is the legitimate interest of Alessi S.p.A. to execute the user's requests;

(g) in the event that a user who has not logged in to the Site abandons the purchase process without completing the order, to send an email reminding the user of the possibility of completing the purchase. The legal basis for the processing is the execution of pre-contractual measures;

(h) to share personal data necessary to enable interaction with social networking platforms, such as Facebook, Pinterest and Instagram. The legal basis for the processing is the legitimate interest of Alessi S.p.A. in carrying out this type of activity.

Sensitive data

Sensitive or judicial data of users are not processed by Alessi S.p.A..

IP Addresses and Log Files

Alessi S.p.A. will keep, within the terms of the law, the log files and IP addresses used when making an online purchase, in order to prevent and ascertain possible frauds in online transactions.

3.Provision of data and consequences in the event of failure to consent to processing

The provision of data for the purposes set out in points (a) and (b) of Article 2 above is purely optional. However, since this processing is necessary to allow registration on the Site and the execution of the online purchase service, any refusal by the user to provide this data will result in the impossibility of registering on the Site and concluding an online purchase.

With reference to the purposes of the processing referred to in point (c) ('marketing' purposes) of Article 2 above, consent to the processing of personal data is merely optional. Failure to consent will not have any consequence on the possibility to register to the Site and/or to make purchases on the latter, but will only imply the impossibility to receive, from Alessi S.p.A., informative and promotional communications relating to the products offered for sale on the Site - including the newsletter - in relation to its own or third party products and services, as well as to carry out market research also aimed at assessing the degree of user satisfaction (customer satisfaction), by email and postal service.

The user's consent to the processing of data for profiling purposes is purely optional. Failure to consent to the processing of personal data for the purposes set forth in art. 2, letter (d) above ("profiling" purposes) will make it impossible for Alessi S.p.A. to detect the type and frequency of online purchases made by the user in order to send him or her information and/or advertising material of his/her specific interest.

The provision of data for the purposes set forth in point (f) of art. 2 is merely optional, but failure to provide such data will prevent Alessi S.p.A. from responding to the user’s requests.

The provision of data for the purpose indicated in letter (h) of Article 2 is merely optional, but failure to do so will not allow the user to interact with the relevant social networking platforms via the Site.

Without prejudice to the foregoing, it is understood that Alessi S.p.A. may use the user's personal data for the sole purpose of correctly fulfilling the obligations provided for by applicable laws and the obligations deriving from the contractual relationship existing between the user and Alessi S.p.A..

The user may, in any case, revoke any consent given for the purposes described in points (c) ('marketing' purposes) and (d) ('profiling' purposes), or object to processing for the purposes described in point (e) ('soft spamming') and (g):

- by contacting Alessi S.p.A. at the addresses listed in Article 1 above;

- via the link at the bottom of any promotional e-mail sent by Alessi S.p.A.. Dissent expressed in this manner also extends to the sending of communications by postal service.

4.Treatment modalities

The processing of the user's personal data will mainly be carried out with the aid of electronic or otherwise automated means, in the manner and with the tools suitable to guarantee their security and confidentiality in accordance with the GDPR.

The information acquired and the manner in which it is processed will be relevant and not excessive in relation to the type of services rendered. Data will also be managed and protected in environments where access is under constant control.

5.Scope of data communication

The personal data provided by the user, for the purposes described in Article 2 above, may be brought to the attention of or communicated to the following entities:

- employees and/or collaborators of Alessi S.p.A. for the performance of administration, accounting and IT and logistic support activities who act as data processors and persons in charge of the processing, respectively;

- to persons handling online payment transactions through the Site;

- to all those public and/or private entities, natural and/or legal persons (legal, administrative and tax consultancy firms), if the communication is necessary or functional for the proper fulfilment of contractual obligations undertaken in relation to the services provided through the Site, as well as obligations arising from the law;

- to all those entities (including public authorities) who have access to the data by virtue of regulatory or administrative measures;

- companies or persons in charge of printing, enveloping, shipping and/or delivery services and/or collection of products purchased through the Site;

- to the company that sends the newsletter and other informative communications on behalf of Alessi S.p.A..

All personal data provided by users in connection with registration on the Site and/or purchase via the Site are not subject to dissemination. The updated list of data processors and persons in charge of processing may be consulted at the Data Controller's head office.

Data Retention

The user's data will only be stored for as long as is necessary to ensure the proper provision of the services offered and in any case no longer than is required by law.

Personal data will be stored according to the following logics:

-for marketing and profiling purposes, until consent is revoked. For inactive users, personal data will be deleted after one year from the sending of any last viewed email;

-for the purpose of executing the sales contract, for 10 years from the date of receipt of the purchase order;

-for purposes of defence in court, until the judgment becomes final;

-for the purpose of compliance to law, for as long as necessary for that purpose;

-for the purpose of performing any service requested through the Site, for the time necessary to execute the request.

In the event that the Website account is closed at the user's initiative, the data in it will be retained for a period not exceeding one quarter, without prejudice to any specific legal obligations on the retention of accounting documents or for public security purposes.

7.Right of access to personal data

The user has the right to:

a) obtain confirmation as to whether or not personal data concerning him/her exist and communication of such data in intelligible form; and to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation;

 

(b) obtain indications:

- about the origin of the personal data, the purposes and methods of processing, the logic applied in case of processing by electronic means;

- on the identification details of the Data Controller;

- on the subjects or categories of subjects to whom the data may be communicated or who may become aware of the data in their capacity as designated representative in the territory of the state, as managers or appointees;

(c) obtain:

- updating, rectification or integration of data concerning him/her;

- the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose retention is necessary in relation to the purposes for which the data were collected or subsequently processed;

- certification to the effect that the operations referred to in the preceding points have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, unless this proves impossible or involves the use of means manifestly disproportionate to the right protected;

- data portability;

(d) object in whole or in part:

- for legitimate reasons, to the processing of data concerning him/her, even if pertinent to the purpose of collection;

- the processing of personal data concerning him/her for the purposes of commercial information or sending advertising or direct sales material or for carrying out market research or commercial communication.

The above-mentioned rights may be exercised by making a request to the Data Controller, at the addresses listed in Section 1.

8.Modifications Alessi S.p.A. reserves the right to make changes to this policy at any time, giving appropriate publicity to the users of the Site and ensuring in any case an adequate and similar protection of personal data. In order to view any changes, the user is invited to consult this notice regularly.

appropriate publicity to the users of the Site and ensuring in any case an adequate and similar protection of personal data. In order to view any changes, the user is invited to consult this notice regularly.

 

 

NOTICE REGARDING PROCESSING OF PERSONAL DATA pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)

 

Foreword

This information is provided by Alessi S.p.A., with registered office in Crusinallo (VB), via Privata Alessi n. 6 (VAT no. IT00465840031), and fully paid-up share capital of Euro 5,400,000.00.

In this policy, Alessi S.p.A. acts as Data Controller, pursuant to Art. 13 of the GDPR.

Definitions in the singular include those in the plural, and vice versa.

***

In compliance with the GDPR, the Data Controller hereby informs you that the company shall process the personal data provided through this platform (Platform) under the following conditions.

Art. 1. Purpose and legal basis of processing. Mandatory or optional provision. Consequences of refusal to process.

Personal data shall be processed through the Platform for the following purposes:

a. subject to the user's express consent, for sending information and promotional material (including the newsletter) about products offered for sale by the Data Controller, and conducting market surveys aimed at assessing the degree of user satisfaction (customer satisfaction), by email and/or sms and/or post (marketing purposes). The legal basis for processing is the consent of the data subject;

b. subject to the user's consent, for the Data Controller to analyse his or her consumption choices and purchasing habits ( 'profiling') by determining the type and frequency of purchases made, the purpose of which is to send information and/or advertising material of interest to the user by email and/or sms and/or post. The legal basis for processing is the consent of the data subject.

Consent to the processing of your data for marketing and profiling purposes is purely optional. Failure to consent will only entail the consequences described below.

Failure to consent to the processing of data for marketing purposes will make it impossible for you to receive advertising material related to the products of the Data Controller, for the Data Controller to conduct market surveys, including those aimed at assessing the degree of user satisfaction, and to send you newsletters.

Failure to consent to the processing of your personal data for profiling purposes will make it impossible for the Data Controller to determine the type and frequency of purchases made by the user, the purpose of which is to send the latter information and/or advertising material of interest to him/her.
We remind you that you may also object to the processing of your personal data via the link at the bottom of any promotional emails sent by the Data Controller and/or by replying with the word "STOP" to the communication sent by the Data Controller.

Sensitive/judicial data

The Data Controller does not process sensitive or judicial data.

Art. 2. Means of processing

The processing of your personal data will be mainly carried out with the aid of electronic or otherwise automated means, in an appropriate manner and with the appropriate tools to ensure their security and confidentiality in accordance with the GDPR.

The information acquired and the means of processing will be relevant and not excessive in relation to the type of services provided. Data will also be managed and protected in environments where access is under constant control.

Art. 3. Disclosure and dissemination of data

Your data may be disclosed:

- to all entities (including public authorities) that have access to personal data by virtue of regulatory or administrative measures;

- to employees and/or associates of the Data Controller who may be entrusted with installing, maintaining, updating and, generally speaking, managing the hardware and software of the Data Controller or the hardware and software that the latter uses to provide its services;

- to employees and/or associates of the Data Controller

- to the company that sends newsletters on behalf of the Data Controller;

- to all public and/or private entities, and natural and/or legal persons (legal, administrative and tax consultancy firms, judicial offices, Chambers of Commerce, Chambers and Labour Offices, etc.) to whom communication of the data is necessary or useful in ensuring that legal obligations are adhered to.

Data concerning you will not be disclosed, except in anonymous and aggregate form, for statistical or research purposes.

Art. 4. Point of contact

The Data Controller can be contacted at the following email address: privacy@alessi.com.

 

Art. 5. Retention of personal data

The Data Controller will keep your data:

a. for marketing and profiling purposes, until consent is withdrawn. For inactive users, personal data will be deleted one year after the last email that may have been viewed was sent.

b. or the time necessary to fulfil the user's requests.

c. for defence in court, until a final judgement is made.

d. to comply with the law, and for the time necessary for such purpose.

In any event, the Data Controller will retain your personal data for the other purposes outlined in this policy to the extent permitted by law.

Art. 6. Rights of the data subject 

Pursuant to Art. 13 of the GDPR, the Data Controller informs you that you have the right:

- to request, from the Data Controller, access to and rectification or erasure of personal data, to request that the processing of data concerning you is restricted, to object to such processing altogether, and to data portability;

- to withdraw consent from the Data Controller at any time, without prejudice to the lawfulness of processing based on consent given before such withdrawal;

- file a complaint with a supervisory authority (e.g. the Italian Data Protection Authority).

In particular, the right to data portability means that you have the right to receive in a structured, commonly used and machine-readable format the personal data concerning you that you have provided to the Data Controller, and you have the right to transfer such data to another data controller without hindrance from the Data Controller.

Art. 7. Changes

The Data Controller reserves the right to make changes to this policy at any time, giving adequate notice to the users of the Platform and ensuring, in all cases, adequate and similar protection of personal data. To see any changes, you are invited to consult this policy on a regular basis.