Privacy and Cookie Policy

In accordance with Regulation (EU) 2016/679 of the European Parliament on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter “REGULATION”), this policy describes the processing methods for personal data of the users that visit the website www.amorecoro.com (hereinafter “WEBSITE”) owned by ACLL S.r.l. (hereinafter “COMPANY”).
The personal data are processed in compliance with the principles of lawfulness and fairness, and in compliance with all current applicable laws.

1. Definitions

“Personal data”: means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
“Processing” means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, storage, adaptation or alteration, consultation, use, disclosure by transmission, dissemination or otherwise making available, etc.
“Data controller” means the subject which, alone or jointly with others, determines the purposes and means of the processing of personal data.
“Data processor” means the subject which processes personal data on behalf of the data controller.

2. Data controller

The Company informs the user (hereinafter “USER”) that, as a result of accessing the Website, data relating to identified or identifiable natural persons may be processed.
The data controller is the company ACLL S.r.l. (VAT: IT03808020923), with registered office in Via San Benedetto 37, 09129 Cagliari, Italy.

3. Legal grounds for processing

The Websites processes data on the basis of consent. Accessing the Website, Users explicitly approve this Privacy Policy and consent to the processing of their personal data in relation to the methods and purposes described below.

4. Types of processed data and processing purposes

A) BROWSING DATA
The information systems and software procedures used by this Website acquire, in the course of normal operations, personal data whose transmission is implicit in the use of Internet communication protocols.
The website may acquire the following data: data regarding IP addresses, domain names of the computers used by the Users, uri/url addresses (uniform resource identifier/locator) of the requested resources, the time of the request, the method used to transmit the request to the server, the dimension of the file obtained in response, the numeric code indicating the response status of the server (successful, error, etc.), and other parameters related to the operating system and computing environment of the User.
This data is necessary for the fruition of the services offered by the Website and is processed also with the purpose of:
– obtaining statistical information about the use of the services (most visited pages, number of visitors in a certain day or time window, geographical areas, etc.)
– verifying the correct functioning of the services offered

The browsing data will be retained for 1 day (unless if needed by law enforcement for criminal investigations purposes).

B) DATA DIRECTLY PROVIDED FROM THE USER AND MANAGEMENT OF CONTACT REQUESTS
Data willingly provided by the User in contact forms or via email such as: name, last name, email address, phone number, date of birth etc. will be processed to carry out the requests of the User, including the possibility to create the Personal Account as defined in the Terms and Conditions which can be found at the following address https://www.amorecoro.com/terms-conditions/.
In this regard, the User will have the possibility to decide to give their consent to process their personal data to allow the Data controller to handle requests about products and/or business proposals, and the contact information found on the Website and in the Terms and Conditions. In reference to this purpose, User consent is necessary when submitting a request. If the User refuses to give consent to the processing of personal data, submitting a request will not be possible and the User will not be able to access the Website and its features.

C) DATA USED FOR STATISTICAL PURPOSES
The cookies collected for statistical purposes are treated anonymously and help the Data controller to understand how the Users, even those who are simply browsing the Website, interact with the Website.

D) DATA USED FOR ADMINISTRATION AND ACCOUNTING PURPOSES
The data will be collected solely to carry out activities related and necessary to manage the relations with the customers as, by way of example but not limited to, acquiring information preliminary to concluding a contract, carrying out operations based on obligations arising from contracts concluded with the Users, as well as fulfilling accounting activity concerning issuing invoices or arranging payments.

E) CREATING A PERSONAL ACCOUNT
Data is collected with the purpose of providing the User with a personal area where they can view their orders and complete their purchases.

F) SUBSCRITION TO THE NEWSLETTER
The data provided to the Company by the User may be used to send them promotional information and advertising material, if the User has explicitly consented to it.

5. Processing period

Data acquired with the consent of the User will be kept for the duration of the services requested from the User or for longer periods only if expressly permitted by law. The User is entitled to exercises their rights, as provided by the Regulation, by contacting the Data controller at the email address info@amorecoro.com

6. Data recipients

The Website may freely modify the data and information provided within it or through it by the User. This data and information may be transmitted to other companies that operate as External data processors and that assist the Data controller to manage the Website, process requests, and to solve commercial and IT issues.

Personal data may be transmitted and/or processed by:

  • Legal and natural persons that operate as external processing managers, in case the Company outsources such tasks, appointed by the Data controller or by the Company’s External data processors (including those entrusted to carry out communication, marketing, advertising, promotional and sales activities for products and/or services as well as advertisers, advertising agencies, IT services providers, Website managers, electronic platforms managers, partners, professional firms).
  • employees or freelancers working for the Data controller (including the system administrators) who, operating under the authority of the Data controller, will be authorized to process personal data.
  • employees or freelancers working for External data processors (including the system administrators) who, operating under the authority of the External data processors, will be authorized to process Users personal data.
  • Shipping couriers.
  • Banking institutions.

    Users personal data will not be disseminated nor transmitted to third parties, unless the Company needs to provide such data to consultants in order to protect its rights.

    The servers where data stations are located in Italy.

7. Rights of the data subjects

As provided by the Regulation, the Users must be aware of their rights to:

  • obtain from the Data controller confirmation of the existence of data processing activity relative to their personal data, even if they are not yet registered, and that this information is made available to them in intelligible form, as well as access to their personal data (obtaining a copy) and all related information (including the processing purposes, the categories and the origin of personal data, the categories of subjects that they have been or may be transmitted to, the retention period (when possible), the enforceable rights).
  • obtain from the Data controller the amendment of their personal data and the integration of incomplete data.
  • delete their personal account, if they have created one, by writing an email to info@amorecoro.com and, in any case, obtain from the Data controller the cancellation of related personal data without undue delay, even when personal data is no longer necessary for the purposes it was processed for and when there no longer is legal basis for processing it.
  • revoke their consent to process their personal data for any of the purposes it was given for.
  • obtain from the Data controller the modification of personal data in anonymous form or that they are blocked in case of violation of the law, including those for which storing is not necessary, in relation to the purposes that personal data was collected or processed for.
  • obtain from the Data controller the limitation of the processing of their personal data, including when their exactness is disputed or when the Users object to the processing, for the period of time necessary for the respective verifications.
  • receive their personal data in a format that can be read from automatic devices, as well as transmit or, if technically feasible, obtain direct transmission of such data to another Data processor without hindrance, in those cases where data processing is carried out by automated means and is based on consent or if necessary to perform a contract with the Users.
  • exercise their rights against the Company by writing to the email address info@amorecoro, or by sending a registered letter to: ACLL S.r.l., Via San Benedetto 37, 09129 Cagliari, Italy.

    In case a User withdraws their consent or demands data cancellation, the Company will no longer be able to correctly provide the requested service, unless the User grants a new authorization.

    In case the User believes that the treatment of their personal data was carried out in violation of the privacy regulations, they can file a complaint with the Data Protection Authority of their country of residence or of their workplace, or where the alleged violation took place, or they can contact the Authority to request further information about the exercise of their rights provided under privacy regulations.