Privacy policy

Information on the processing of personal data. Effective from 20 February 2024.

1. Nature of data processed and purpose of processing. Data Controller

Alessi UK Ltd, with registered office in 17 Grosvenor Street, Mayfair London W1K 4QG (VAT No. 744335632, Corporate ID Number 03851912), in relation to personal data provided by users when accessing and/or registering to the website www.uk.alessi.com (Website) or purchasing products offered for sale on the latter. The Data Controller is Alessi UK Ltd, e-mail: privacy@alessi.com

2.Purpose of processing.

Alessi UK Ltd shall process personal data provided by users for the following purposes:

(a) to allow registration on the Site and use of the services reserved for registered users, as well as to allow compliance with obligations arising from the law or regulations in force, in particular, in the fields of administration, accounting, public security. The legal basis for the processing is the need for Alessi UK Ltd to execute pre-contractual measures requested by the data subject or to comply with a legal obligation;

(b) in the case of placing an online purchase order, to enable the conclusion of the purchase contract and the proper execution of the transactions connected therewith (and, where required under the relevant legislation, to fulfil tax obligations). The legal basis for the processing is the obligation of Alessi UK Ltd to perform the contract with the person concerned or to fulfil legal obligations;

(c) with the user’s consent, for the analysis of their consumption choices and purchasing habits ("profiling"), by Alessi UK Ltd through the detection of the type and frequency of purchases made online in order to send information and/or advertising material (including newsletters) of specific interest as well as to carry out market research also aimed at assessing the degree of user satisfaction (customer satisfaction), by email and/or postal service and/or SMS (in this last case also through messages sent by autodialer). The legal basis for the processing is the consent of the data subject;

(d) limited to the email addresses provided by the user in the context of the purchase of a product offered on the Site, to allow the direct sale of similar products without the need for the user's prior express consent and provided that the user does not exercise the right to object in the manner described in Article 3 below ('soft spamming'). The legal basis for the processing is the legitimate interest of Alessi S.p.A to send this type of communications. This legitimate interest can be considered equivalent to the interest of the person concerned in receiving 'soft-spam' communications;

(e) to respond to user requests. The legal basis of the processing is the legitimate interest of Alessi UK Ltd to execute the user's requests;

(f) in the event that a user who has not logged in to the Site abandons the purchase process without completing the order, to send an email and/or SMS reminding the user of the possibility of completing the purchase. The legal basis for the processing is the execution of pre-contractual measures;

(g) to share personal data necessary to enable interaction with social networking platforms, such as Facebook, Pinterest and Instagram. The legal basis for the processing is the legitimate interest of Alessi UK Ltd in carrying out this type of activity.

Sensitive data

Sensitive or judicial data of users are not processed by Alessi UK Ltd.

IP Addresses and Log Files

Alessi UK Ltd will keep, within the terms of the law, the log files and IP addresses used when making an online purchase, in order to prevent and ascertain possible frauds in online transactions.

3.Provision of data and consequences in the event of failure to consent to processing

The provision of data for the purposes set out in points (a) and (b) of Article 2 above is purely optional. However, since this processing is necessary to allow registration on the Site and the execution of the online purchase service, any refusal by the user to provide this data will result in the impossibility of registering on the Site and concluding an online purchase.

With reference to the purposes of the processing referred to in point (c) ('profiling' purposes) of Article 2 above, consent to the processing of personal data is merely optional. Failure to consent will not have any consequence on the possibility to register to the Site and/or to make purchases on the latter, but will only imply the impossibility for Alessi UK Ltd to detect the type and frequency of online purchases made by the user in order to send him or her information and/or advertising material - including the newsletter - of his/her specific interest, as well as to carry out market research also aimed at assessing the degree of user satisfaction (customer satisfaction), by email and postal service SMS (in this last case also through messages sent by autodialer).

The provision of data for the purposes set forth in point (e) of art. 2 is merely optional, but failure to provide such data will prevent Alessi UK Ltd from responding to the user’s requests.

The provision of data for the purpose indicated in letter (g) of Article 2 is merely optional, but failure to do so will not allow the user to interact with the relevant social networking platforms via the Site.

Without prejudice to the foregoing, it is understood that Alessi UK Ltd may use the user's personal data for the sole purpose of correctly fulfilling the obligations provided for by applicable laws and the obligations deriving from the contractual relationship existing between the user and Alessi UK Ltd.

The user may, in any case, revoke any consent given for the purposes described in point (c) ('profiling' purposes), or object to processing for the purposes described in point (d) ('soft spamming') and (f):

- by contacting Alessi UK Ltd at the addresses listed in Article 1 above;

- via the link at the bottom of any promotional e-mail sent by Alessi UK Ltd. Dissent expressed in this manner also extends to the sending of communications by postal service and SMS.

4.Treatment modalities

The processing of the user's personal data will mainly be carried out with the aid of electronic or otherwise automated means, in the manner and with the tools suitable to guarantee their security and confidentiality in accordance with the GDPR.

The information acquired and the manner in which it is processed will be relevant and not excessive in relation to the type of services rendered. Data will also be managed and protected in environments where access is under constant control.

5.Scope of data communication

The personal data provided by the user, for the purposes described in Article 2 above, may be brought to the attention of or communicated to the following entities:

- employees and/or collaborators of Alessi UK Ltd for the performance of administration, accounting and IT and logistic support activities who act as data processors and persons in charge of the processing, respectively;

- to persons handling online payment transactions through the Site;

- to all those public and/or private entities, natural and/or legal persons (legal, administrative and tax consultancy firms), if the communication is necessary or functional for the proper fulfilment of contractual obligations undertaken in relation to the services provided through the Site, as well as obligations arising from the law;

- to all those entities (including public authorities) who have access to the data by virtue of regulatory or administrative measures;

- companies or persons in charge of printing, enveloping, shipping and/or delivery services and/or collection of products purchased through the Site;

- to the company that sends the newsletter and/or SMS and other informative communications on behalf of Alessi UK Ltd.

All personal data provided by users in connection with registration on the Site and/or purchase via the Site are not subject to dissemination. The updated list of data processors and persons in charge of processing may be consulted at the Data Controller's head office.

6.Data Retention

The user's data will only be stored for as long as is necessary to ensure the proper provision of the services offered and in any case no longer than is required by law.

Personal data will be stored according to the following logics:

-for profiling purposes, until consent is revoked. For inactive users, personal data will be deleted after one year from the sending of any last viewed email and/or SMS;

-for the purpose of executing the sales contract, for 10 years from the date of receipt of the purchase order;

-for purposes of defence in court, until the judgment becomes final;

-for the purpose of compliance to law, for as long as necessary for that purpose;

-for the purpose of performing any service requested through the Site, for the time necessary to execute the request.

In the event that the Website account is closed at the user's initiative, the data in it will be retained for a period not exceeding one quarter, without prejudice to any specific legal obligations on the retention of accounting documents or for public security purposes.

7.Right of access to personal data

The user has the right to:

a) obtain confirmation as to whether or not personal data concerning him/her exist and communication of such data in intelligible form; and to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation;

 (b) obtain indications:

- about the origin of the personal data, the purposes and methods of processing, the logic applied in case of processing by electronic means;

- on the identification details of the Data Controller;

- on the subjects or categories of subjects to whom the data may be communicated or who may become aware of the data in their capacity as designated representative in the territory of the state, as managers or appointees;

(c) obtain:

- updating, rectification or integration of data concerning him/her;

- the cancellation, transformation into anonymous form or blocking of data processed in breach of the law, including data whose retention is necessary in relation to the purposes for which the data were collected or subsequently processed;

- certification to the effect that the operations referred to in the preceding points have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, unless this proves impossible or involves the use of means manifestly disproportionate to the right protected;

- data portability;

(d) object in whole or in part:

- for legitimate reasons, to the processing of data concerning him/her, even if pertinent to the purpose of collection;

- the processing of personal data concerning him/her for the purposes of commercial information or sending advertising or direct sales material or for carrying out market research or commercial communication.

The above-mentioned rights may be exercised by making a request to the Data Controller, at the addresses listed in Section 1.

8.Modifications

Alessi UK Ltd reserves the right to make changes to this policy at any time, giving appropriate publicity to the users of the Site and ensuring in any case an adequate and similar protection of personal data. In order to view any changes, the user is invited to consult this notice regularly.

appropriate publicity to the users of the Site and ensuring in any case an adequate and similar protection of personal data. In order to view any changes, the user is invited to consult this notice regularly.