General Data Protection Regulation for the services provided by Megar - MSR Rainone Simona & Co. s.a.s.

The new general data protection regulation

On 25 May 2018 the new general data protection regulation 2016/679 came into force, with this regulation the European Commission intends to standardize the legislation on the protection of personal data of citizens belonging to the European Union.

The regulation applies to all companies that process data of European citizens, even if they are not based within the Union. Megar - MSR Rainone Simona & Co. s.a.s. provides its services by undertaking to correctly apply the provisions of the new legislation (EU Regulation 2016/679).

Megar - MSR Rainone Simona & Co. S.a.s. - As data controller

Megar - MSR Rainone Simona & Co. s.a.s. operates as a "Data Controller" when they determining the purposes and means of processing personal data. This is the case where Megar - MSR Rainone Simona & Co. s.a.s. collects data for billing, service improvement, sales operations, requests for assistance, commercial management or when Megar - MSR Rainone Simona & Co. s.a.s. processes the personal data of its employees.

In this case, "your" data hosted on the services of Megar - MSR Rainone Simona & Co. sas, are not interested, unlike some information concerning you (for example information relating to the identity and contact details of your contact in Megar - MSR Rainone Simona & Co. sas as part of a Support request).

In these cases Megar - MSR Rainone Simona & Co. s.a.s. guarantees to:

  • Do not use personal data for purposes other than those for which they were originally collected;
  • Keep personal data for a limited period, that is, for the entire duration of the contract and the subsequent 36 months;
  • Do not transfer this data to third parties who are not part of the Group companies or who are not involved in the execution of the contract.

Place of data processing

I trattamenti connessi ai servizi web di questo sito hanno luogo presso:

  • HOST S.p.A. - Gruppo Welcome Italia
  • Corso Svizzera, 185
  • 10149 – Torino (TO)
  • P.I. IT08505460017
  • R.E.A. Torino n.978572
  • Tel: 800 943 944
  • E-Mail: info [at] host.it

Categories of processed personal data

The following categories of data are processed:

  • Name and surname;
  • Fiscal Code;
  • Residential or domicile and shipping address;
  • Contact details (telephone, e-mail address);
  • IP addresses (for logs).

In which cases Megar - MSR Rainone Simona & Co. s.a.s. can communicate and / or access to the hosted and stored customer data on your server?

For the execution of the request and for the fulfillment of legal obligations, Megar - MSR Rainone Simona & Co. s.a.s. may use and / or communicate personal data to the following categories of subjects:

  • To internal staff of the company to carry out the service requested by the customer (sale and shipping of leather items);
  • To persons who perform on behalf of Megar - MSR Rainone Simona & Co. s.a.s. technical services (eg website administrator);
  • To studies, consultants and companies in the context of assistance and consultancy relationships (eg accountant, etc ...);
  • To public authorities, where the conditions exist.

Privacy by Default and by Design

Our site was designed and built following the concept of "Data protection by Default and by Design".

Legal bases of the treatments

The legal basis on which the treatment is based is the purchase contract, as regards the processing of data for the purposes of the sale - this also includes the automatic registration of your own account registered on this site to the distribution of the list for "Service information" (Newsletter) useful to communicate to Customers only any service communications regarding actions on their account, changes and additions to the Privacy Policy, and for new requests for consent to services that may be offered in the future by Megar - MSR Rainone Simona & Co s.a.s.; while as regards the sending of communications of commercial offers and the sending of the Newsletter, the consent is collected directly from the Customer in separate mode, during the phase of registration of your Account, or in a mode and / or in subsequent phases.

In any case Megar - MSR Rainone Simona & Co. s.a.s. will not start any treatment, without having first collected the consent of the interested parties.

Integrity and data security

The data are managed directly by the customer, who is free at any time to view, correct, or delete them. In addition, if we believe we need to ensure greater data protection, we use AES-256 data encryption.

Privacy information

The "extended" and "short" privacy notices compliant with the directives of the GDPR 2016/679 regulation are available.

Log keeping according to law

We take care of keeping the access / modification / request / cancellation logs from the site in accordance with the law, for the period prescribed by the Italian legislation and by the GDPR 2016/679..

Export of data

Logs of accesses / modifications / requests / cancellations can be exported directly by the customer, through special tools made available to him at any time during the period of validity of the Customer's data processing.

From the personal area it is possible to export:

  • From the "User Profile" section: your profile;
  • From the "Newsletter" section: your subscriptions to the Newsletter.

Data deletion

Customers can delete their data at any time, directly from their profile page on the megar-pelletterie.it website. If, on the other hand, a request for definitive elimination should be sent (such as the cancellation of a Megar Account - MSR Rainone Simona & Co. sas), the data will be removed from any system within a maximum of 30 days, unless otherwise required by law.

Confidentiality of data

Encryption is available to protect data in transit. All Web services, Webmail, POP, IMAP, SMTP, FTP are accessible by default and / or preferentially via SSL / TLS protocols.

Vulnerability management

The server that hosts the megar-pelletterie.it domain uses tools developed internally by the Host.it company to detect any software vulnerabilities, carrying out periodic tests to check for possible violations.

Traffic analysis and website protection

The www.megar-pelletterie.it website analyzes in real time all traffic passing through its network in order to identify known attack patterns against the Framework application used for the development of E-Commerce. In addition, the server manager uses NSS Lab certified vendor tools.

Finally Megar - MSR Rainone Simona & Co. s.a.s. makes use of an annual site security update contract with:

Register of treatments

We have prepared the "Treatment Register", or a register of the processing activities carried out, available to the supervisory authority.

Staff training

All Megar collaborators - MSR Rainone Simona & Co. s.a.s. who have access to customers' personal data, have followed internal training courses relating to the provisions of the GDPR and are constantly updated and sensitized on the subject of security and confidentiality of the data we process.

What Megar customers from MSR Rainone Simona & Co. S.a.s. must do

This section will be updated according to the guidelines that will release the Privacy guarantor over time.

  • If necessary, consult an expert for legal advice regarding your position;
  • Keep your data updated in the personal area of the megar-pelletterie.it site, or if unable to do so personally, communicate to Megar - MSR Rainone Simona & Co. s.a.s. updated data. Megar - MSR Rainone Simona & Co. s.a.s. will undertake to update the data within 15 days of receipt of the same.

Faq

Who is the Data Controller:

The Data Controller is "the a natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data" (art. 4. par. 1, n.7 GDPR). In practice it is the one who processes the data without receiving instructions from others, the one who decides "why" and "how" the data should be processed.

Who is the Data Processor:

The data controller is the natural, legal, public administration or body that processes personal data on behalf of the data controller (art.4, par.1, n.8 GDPR).

Che cosa sono i dati personali?

I dati personali sono tutte le informazioni relative a una persona (in vita) identificata o identificabile; ne fanno parte anche le diverse informazioni che, raccolte insieme, possono portare all'identificazione di una determinata persona.

What are sensitive data?

Sensitive data are those which, if known, can reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, unions, associations or organizations of a religious, philosophical, political or union, health and sex life.

Example of personal data:

  • Name and surname;
  • Home address;
  • Email address, such as ;
  • Identity card number;
  • Location data (eg positioning function on a mobile phone);
  • An IP (Internet Protocol) address;
  • A cookie ID;
  • The advertising ID of your phone.

 

Examples of data not considered personal:

  • Company registration number of a company;
  • E-Mail address, such as ;
  • Data made anonymous.

What constitutes data processing?

By processing of personal data according to Italian law and GDPR 2016/679, we mean any operation or complex of operations, carried out even without the aid of electronic tools, concerning the collection, registration, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, cancellation and destruction of data, even if not recorded in a database.

Who is the owner of the data hosted and stored on Megar - MSR Rainone Simona & Co. s.a.s. services?

The data stored by the customer, which makes use of the Megar - MSR Rainone Simona & Co. s.a.s. services, remain in the property of the customer. Megar - MSR Rainone Simona & Co. s.a.s. accesses and uses these data only when it is necessary to process an order or a customer request.