Privacy Policy & Cookie Policy - information on the processing of personal data

With this policy, the Data Controller provides visitors and users of the website www.ferrarigrowtech.com (hereinafter also only the "site") with information on the processing of their personal data collected through the site. This policy concerns this site and not other websites that may be consulted by the user by browsing the links on the site, for which reference should be made to the information provided by other sites regarding their privacy management.
The detailed information on the treatments is reported in the sections of the text for the individual services offered, with the aim of defining limits and methods of data processing for each service, on the basis of which the visitor can, if requested under the law, freely express your consent to authorize the collection and processing of your personal data.

 

Data Controller

Ferrari Growtech Srl
Strada Squadri 6, 46040 Guidizzolo (MN) Italy VAT, Tax Code. and Business Register IT02052290208 - REA MN 220338 - Share capital € 500.000
Telephone: +39 0376 819342 - e-mail: info@ferrarigrowtech.com

Ferrari Growtech Srl (hereinafter also referred to only as "Ferrari" or "Owner") is the Data Controller of the personal data collected and processed by this site. Pursuant to the legislation, art. 37 of Regulation (EU) 2016/679 (hereinafter "GDPR"), the Data Controller is not obliged to appoint the Data Protection Officer (RPD / DPO).

 

Data processed, conferment and processing purposes

The personal data provided voluntarily by users who use the site's features, who browse and visit the site, who forward requests for information through the site, are used for the sole purpose of performing the service or provision requested. With the exception of the technical service and navigation data processed automatically and the data collected through technical cookies for which consent is not required, the user is free to provide personal data to use the features and services offered by the site: failure to provide the requested data may make it impossible to obtain the requested service.

Technical navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols. This category of data includes: IP addresses, the type of browser used, the operating system, the domain name and the addresses of websites from which access or exit was made, information on the pages visited by users within the site, the time of access, the analysis of the internal path and other parameters relating to the operating system and the user's IT environment. These data are processed in an aggregate and non-identifying manner and could be used by the provider to ascertain responsibility in the event of hypothetical computer crimes against the site, by the Data Controller they can be used for the purpose of technical management of the services provided and anonymous statistical analysis. traffic generated and pages visited. These data will be kept for the time necessary to carry out the specified purposes.

Data provided by users through e-mail messages

The site publishes the contact email addresses of the Data Controller, to which each person can freely write: the provision of data is optional. The data will be processed for the purposes specified by the interested party who transmits them and will be kept, in compliance with the principles of lawfulness, purpose limitation and data minimization, for the time necessary to achieve the purposes specified by the interested party.

Data provided in the contact or information request forms

In the pages of the site the visitor can fill in the forms to send requests for information or other messages, only common personal data of contact and origin of the visitor are collected, together with any optional data on the interests inherent in the visitor's request; these data will be used to reply to the message and provide the requested information. The user, before sending his data, consents to the treatment in accordance with the law. The data will be kept for the time of achievement of the purposes or for the fulfillment of requests, if not already present in our archives for other purposes of managing the relationship with the interested party which provide for different and prolonged storage times.

Subscribe to the newsletter

On the site it is possible to subscribe to the periodic newsletter that Ferrari sends to subscribers, with commercial and technical information for updates on products and services, discounts and promotions, news on events and fairs. The evaluation of the mandatory data was made taking into account the principles of necessity and proportionality, relevance, lawfulness and limitation of processing prescribed by current legislation, only common personal data are collected, registration is optional and requires the specific consent of the interested party. The data will be kept for the period of validity of the user's registration and will be deleted following a request for cancellation by the user.

Unsubscribe from the newsletter

In the newsletter email sent to registered users there is a link to unsubscribe: the removal of the newsletter takes place within thirty days of the request. It is also possible to write a specific request to the generic email address present on the site on the contact page, specifying the request for cancellation from the newsletter with removal of personal data.

Data for registering the account and placing orders on the site

To register a user account to purchase on the site, only common personal data are required, no particular personal data is processed in any way as defined by art. 9 of the GDPR. For the issuance of legal documents for sale and shipping, the minimum data required by law and those necessary for delivery are required (for example, the shipping address may be different from the billing address). The data provided will be used for the following purposes:

  • Register and administer the user's account;
  • Allow user access to the reserved area, manage preferences and shipping addresses;
  • Manage the electronic shopping cart of the items the user wants to buy;
  • Manage and track purchase or return orders, payments and shipments;
  • Manage payment methods (NOTE: electronic payment card data are processed by the platform of the payment banking circuit chosen by the user, our site does not collect this data).

The legal basis for the processing is founded, pursuant to art. 6 par. 1 letter b) of the GDPR, on the execution of contractual agreements with the interested party or for the execution of pre-contractual measures at the request of the interested party.
The data will be stored in compliance with the principles of lawfulness, purpose limitation and data minimization, for the duration of the stipulated contract and the contractual relationships with the interested party, they will be deleted upon termination of the account or withdrawal from registration on the site and the user will no longer be able to access their own private area. Personal data relating to purchases, returns, payments, issuing of sales and transport documents, are kept for the time required by law for tax and accounting documents.

Retrieving the account credentials

The e-mail address indicated in the creation of the account will also be used for the management of the access credentials to the site, in the event of a lost or compromised password, a new temporary password will be sent to this address, which the user must change at the first access. with another of his choice.

Data transmitted for job applications

On the WORK WITH US page it is possible to send your job application together with the curriculum vitae and / or other information on education and skills: the provision is optional, the data transmitted to us by the interested party will be used to evaluate the person in relation to job positions available in our organization. The complete updated text of our information on the processing of personal data for job applications is available at this link https://www.privacylab.it/informativa.php?11777355834 .

Cookies

Our Cookie Policy is available at this address

Links to other sites

In the pages of the site there are links to visit other third-party websites, the use of these features leads the user to interact with the web services offered by third-party sites and involves the exchange of information with these sites, the visitor exits our site to access the third-party site, where the management of visitor information is carried out independently by the third party.

Social Media

The site contains links to visit the pages of our profiles on the various Social Networks such as Facebook, Youtube , Linkedin, Instagram, Twitter, or to view videos or other multimedia content found in these Social profiles. The use of these buttons and functions leads the user to interact with the web services offered by third-party sites and involves the exchange of information with such sites; the management of information and the methods for eliminating it is regulated by third parties. For example, when the link to our profile on the third-party site such as Facebook or others is visited on the site, the browser or app, as appropriate, will establish a direct link to the third-party site ("Social Plug- in ") and will then transmit the data directly to the third-party domain that deposits the cookie. Furthermore, if the user browses our site while logged in to his profile in the social network, he has already consented to the use of cookies conveyed through the social network and the collection and use of information obtained from third parties through the plugin. are governed by the respective privacy policies of the social networks, to which please refer.

 

Methods of processing and storage

Personal data are processed only by authorized and trained personnel in the context of the treatments of competence, for example for website maintenance or for the execution of administrative and commercial and customer assistance activities, they can be communicated to third parties designated as our Managers. for the treatments of competence pursuant to Art. 28 of the GDPR. The treatments take place with manual and computerized procedures, in compliance with the procedures set out in articles 6, 32 of the Regulation and through the adoption of adequate security measures to prevent the loss, destruction, alteration of data and unauthorized access to data. The data are kept for the time necessary for the purposes of the processing, subject to any retention times required by laws or regulations applicable to the data processed.
The data collected with the consent, for example those for the newsletter or for marketing, are kept until the request for cancellation by the user or until our processing purposes are exhausted.

 

Categories of subjects to whom personal data may be transmitted

For the pursuit of the different processing purposes, the Data Controller may communicate, by transmission, the personal data of the interested parties to third parties in the categories listed below:

  • subjects identified by law;
  • companies that perform banking services for the e-commerce platform and for the management of payments;
  • companies or professionals who provide services for the provision and management of the website and for the management of the Data Controller's information system;
  • companies or other subjects for shipping and transport services of purchased or returned goods;
  • subjects who provide customer assistance activities;
  • companies, professionals, consultants to support our activities;

The subjects belonging to the aforementioned categories will use the data received as independent Data Controllers, except in the case in which our Data Processors for their specific competence have been designated: the information on the list of managers may be provided to the interested parties in the exercise of their rights as required by the Regulations. The data will not be disclosed in any way and will not be transferred outside Europe.

 

Exercise of the rights of the interested party

Except for the limitations provided for by the same Regulation, the interested party may, at any time, exercise the following rights provided for in articles 15 to 22 of the GDPR:

  • access to personal data; rectification; cancellation; limitation of processing; opposition to processing; data portability;
  • withdrawal of consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the withdrawal;
  • information on the automated process relating to profiling.

To exercise their rights, the interested party must contact the Data Controller, at one of the two companies at the addresses indicated on this page in the chapter "Data Controllers and Managers". The interested party can also lodge a complaint, within the terms and methods provided, with the Guarantor Authority for the protection of personal data: please consult www.gpdp.it for more information.

 

Changes to the policy

This policy governs the methods of processing personal data processed by the Data Controller through the website. The possible entry into force of new sector regulations, as well as the constant examination and updating of services to the user, could lead to the need to change these methods. It is possible that our policy may change over time and we therefore invite the visitor to periodically consult this page. For this purpose, the policy document highlights the update date.

 

Revision December 2021