Privacy Policy

This Privacy Policy is provided pursuant to Art. 13 of European Regulation No. 679/2016 and applies exclusively to all data collected through this Website. This Privacy Policy, together with the Cookie Policy, establishes the bases on which the personal data of the User will be processed.

Data Controller

The Data Controller of the data collected by this website is Hasamia Srl (hereinafter: the “Company”) with registered office in Corso Carducci, 90 58100 GROSSETO – VAT number IT01743840538 – E-mail: info@hasamia.it

Methods of Processing of Personal Data

The personal data provided or acquired through navigation on this Website will be processed based on the principles of correctness, lawfulness, transparency and protection of confidentiality in accordance with current regulations.

The Data Controller processes the personal data of Users by adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or destruction of personal data. The processing is carried out using IT and/or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.

Types of data collected

The data we collect from all visitors:

  • Technical information on the use of the site, the type and version of the browser, the operating system
  • IP Address
  • Usage data

Usage data is collected automatically when you use the website and may include information such as your device’s Internet Protocol address (e.g. IP address), the type of browser, the version of the browser, the pages of our website that you visit, the time and date of your visit, the time spent on those pages and other diagnostic data.

The data we may collect:

  • When you access the Website from or through a mobile device, we may automatically collect certain information, including, but not limited to, the type of mobile device you use, the unique ID of your mobile device, the IP address of your mobile device, the type of mobile Internet browser used, unique device identifiers and other diagnostic data.
  • Your social media account IDs and information shared with us through your social media accounts.
  • The status of third-party authentication if you visit the site from a mobile application (for example, if you are currently logged in to Facebook or other social media accounts).

Categories of personal data processed

Among the personal data processed by this Website, independently or through third parties, there are: Cookies, usage data, E-mail, Name, Surname, telephone number. Personal data may be collected independently by the Data Controller or through third parties. Personal data may be provided voluntarily by the User when using the Website, by completing the Contact Form, when communicating with the Owner via email and/or telephone. Further personal data collected may be indicated in other sections of this Privacy Policy or through information texts displayed at the same time as the data is collected.

The optional, explicit and voluntary sending of e-mails via the Contact Form or by means of the addresses indicated on this Website, entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered in the e-mail. Consent to the provision of data by the User is necessary to be included in the databases of the Owner and for the purposes of establishing and correctly carrying out what is offered by the same to its Users, as well as to third parties for the fulfillment of the individual activity requested. Failure to provide it therefore prevents registration in the Data Controller’s databases, the completion of any contracts, as well as the execution of the same and any other possible activity.

Tools used for the processing of personal data

Contact Form

By filling in the contact form with their data, the User consents to their use to respond to requests for information, or any other purpose indicated by the header of the form. Personal data collected through the contact form: E-mail, Name and Surname.

Fluent Form is a Form creation and management service that allows this website to integrate such content within its pages. Personal Data collected: Email and Name. Various types of Data as specified in the Privacy Policy of the service.

Statistical

Statistics services allow the Data Controller exclusively to monitor and analyze traffic data and serve to keep track of the User’s behavior. This Website uses:

Google Analytics (Google Ireland Limited) Google Analytics is an analytics service provided by Google Ireland Limited. Google uses the Personal Data collected for the purpose of tracking and examining the use of this Website, compiling reports and sharing them with the other services developed by Google. Google may use Personal Data to contextualize and personalize ads from its advertising network. Google may also transfer this information to third parties where this is required by law or where such third parties process the aforementioned information on behalf of Google. The IP address anonymization function is active on this site. The IP address transmitted by the browser for purposes related to Google Analytics will not be incorporated into other data already held by Google.
At this link ( https://tools.google.com/dlpage/gaoptout?hl=it ) the browser add-on for deactivating Google Analytics is made available by Google. Personal data collected: Cookies and Usage data. Place of processing: Ireland – Privacy Policy https://policies.google.com/privacy?hl=it

Interaction with social networks

These services allow you to interact with social networks or other external platforms directly from the pages of this Website. The interactions and information acquired by this Website are in any case subject to the privacy settings of the User relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the User does not use the service, it collects traffic data relating to the pages on which it is installed.

Facebook (Facebook Ireland Ltd.)

Facebook buttons are interaction services with the Facebook social network, provided by Facebook Ireland Ltd. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy
https://www.facebook.com/privacy/explanation

Instagram (Facebook Ireland Ltd.)

Instagram buttons are interaction services with the Instagram social network, provided by Facebook. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy
https://help.instagram.com/519522125107875/?maybe_redirect_pol=0

X (Twitter Internationl Unlimited Company)

The X buttons are interaction services with the X social network provided by Twitter International Unlimited Company. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy
https://twitter.com/en/privacy

Address management and email sending

These services allow you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. These services may also allow the collection of Data relating to the date and time of viewing of messages by the User, as well as the User’s interaction with them, such as information on clicks on links inserted in messages.

Registration on the platform

With the registration service, the User allows this Website to identify him and give him access to dedicated services. Registration and authentication services can also take place with the help of third parties. In this case the application will be able to access some data stored by the third-party service used for registration and identification.

Content on external platforms

These services allow you to view content hosted on external platforms directly from the pages of this Website and interact with them. If a service of this type is installed, it is possible that, even if Users do not use the service, it collects traffic data relating to the pages on which it is installed.

Data usage

We use the personal information we collect to provide you with the service you request, innovate our technology and optimize your browsing experience. We may use the personal data of all site visitors to administer and improve the site and optimize its infrastructure.

Purpose of the Processing of Personal Data and Legal basis

Personal data may be collected independently by the Data Controller or through third parties. In this case, the computer systems and software procedures used to operate this Website acquire some personal data of Users, of a technical-IT nature (e.g. the IP address, the type of browser used, the operating system, the name of domain and the addresses of websites from which access or exit was made, etc.), the transmission of which is inherent to the normal functioning of the internet. These data may be processed for the sole purpose of obtaining anonymous statistical information on the use of the site and/or to check its correct functioning and will be deleted immediately after processing.

The data that the User chooses to provide spontaneously is collected to allow the Website to provide its services, as well as for the following Purposes:

(a) fulfil the obligations arising from the contract concluded between the User and the Owner for the sale of the Products on the Website and to provide the information requested by the User. This processing is mandatory for the execution of the contract of which the User is a party, for the execution of pre-contractual measures or to fulfill a legal obligation to which the Data Controller is subject;

(b) “Cart” procedure in which to enter your personal data. The data is processed to execute the stipulated Contract, to contact the User in relation to the Contract and for its management, for the management of requests for assistance, requests for withdrawal, management and termination of the Contract itself. This processing is mandatory for the execution of the contract to which the User is a party.

(c) to fulfil any type of obligation contemplated and provided for by current laws, regulations, related regulations and commercial usage, in particular, in tax/tax matters. This processing is mandatory to fulfill a legal obligation to which the Data Controller is subject;

(d) other purposes ancillary to or related to those indicated above and in any case falling within the scope of the activities of the Website;

(e) follow up on specific requests addressed to the Owner by the User for communications of an informative nature relating to the Services of the same Owner, via e-mail messages or by filling in the Contact Form and other communication tools such as telephone. This processing is optional and based on the User’s consent, however failure to communicate one or more data will make it impossible to respond to the request for information and use the services offered by the Owner;

(f) carry out statistical analyses on aggregated and anonymous data to analyse the behaviour, of the User to improve the products and services provided by the Owner as well as to meet the expectations of the User himself.

Communication of data

In addition to the Owner, in some cases, they may have access to the data:

(a) Data Processors, specially trained for this purpose involved in the organisation of the Website (administrative, commercial, marketing, legal, system administrators staff).

(b) External parties (such as third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Data Controller pursuant to art. 28 GDPR. The updated list of Managers, if appointed, can always be requested from the Data Controller.

(c) Public or private entities that can access the data in compliance with legal obligations;
(d) persons performing ancillary and instrumental tasks with respect to the activities of the Controller.

Place of Data Processing and Transfer Abroad

The Data is processed at the Data Controller’s operational headquarters. For further information you can contact the Data Controller. The Data may be processed by natural persons and/or legal entities operating on behalf of the Data Controller and pursuant to specific contractual constraints and based in EU or non-EU member countries. In the event that the Data is transferred outside the EEA, the Data Controller will take any appropriate contractual measures to ensure adequate protection of the Data.

Duration of treatment

As expressly provided for in Art. 5 (1) (e) of the GDPR, the data are kept for the time necessary to Process them in relation to the performance of the service requested by the User or required by the Purposes described in this document and in particular:

(a) Data collected for contractual obligations shall be kept for the time necessary to carry out the aforementioned purposes and in accordance with the provisions of the law.

(b) Data collected for fiscal /administrative obligations or for contractual obligations shall be kept for the time necessary to carry out the aforementioned purposes and as required by law.

(c) The data collected for Purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied.

(d) Data collected based on User Consent may be retained until such Consent is revoked

(e) The data may be retained by the Data Controller for a longer period in compliance with legal obligations or by order of an authority.

The User can obtain further information regarding the legitimate interest pursued by the Owner by contacting the Owner.
At the end of the retention period, personal data will be deleted and therefore the rights of access, cancellation, rectification and portability of the data can no longer be exercised.

How to update and edit data

For users in the European Union, the European Economic Area and Switzerland, there is also the right to:

a. of access to personal data;

b. to obtain rectification or cancellation of the same or limitation of processing concerning him;

c. to object to the processing;

d. to data portability;

e. to revoke consent, where applicable: the revocation of consent does not affect the lawfulness of the processing based on the consent given before the revocation. Withdrawal of consent includes the option to unsubscribe from our email list at any time or to contact us to request that you be excluded from our text message lists.

f. to lodge a complaint with the supervisory authority (www-garanteprivacy.it).

For your protection we can only share and update the personal data associated with the e-mail address you use to send us your request and we may need to verify your identity before doing so. We will respond to such requests in a reasonably timely manner. Please do not send sensitive personal information, passwords or credit card information via email.

Cookie

This Website uses cookies. Cookies are small text files that can be used by websites to make the user experience more efficient and to personalize content and ads, provide social network functions and analyze traffic.

For information on the Cookies present on this Website, consult our Cookie Policy (insert link to the cookie policy)

Security measures adopted

This Website, to secure the moment in which Personal Data is entered, has an SSL certificate and uses the HTTPS protocol. With the use of this protocol, the transactions and data that are transmitted in the websites take place with maximum security and the content of the communication is not read or manipulated in any way by third parties.

Changes to the Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by advertising them to Users on this page. Please therefore consult this page often, taking as reference the date of last modification indicated at the bottom.

In case of non-acceptance of the changes made to this Privacy Policy, the User is required to cease using this website and may request the Data Controller to remove their personal data.

Unless otherwise specified, the previous Privacy Policy will continue to apply to personal data collected up to that point.

Privacy Policy updated in April 2024