Privacy policy

Information notice pursuant to Art. 13 of the Regulation (EU) 2016/679 (“GDPR”)

PROCESSED PERSONAL DATA

Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (such as name, last name, date of birth, address, email, telephone number).
 

Browsing data: during their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties. This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.

Data provided voluntarily by the user: the optional and voluntary disclosure of personal data (e.g.: sending of emails to the email addresses indicated on this website and/or the completion of a data collection form on this website) entails the collection and processing of the voluntary disclosed user’s data, necessary to reply to the request, as well as other personal data included in the email message (such as name, last name, address, telephone number, email address).

COOKIES

To get more info on cookies used in this website please read our Cookie Policy.

DATA CONTROLLER

Data Controller, pursuant to art. 4 and art. 24 of the Regulation (EU) 2016/679 is ONIRO Group s.r.l., with registered address in Via Montesolaro, 14/b – 22063 Cantù (CO), represented by the legal representative pro tempore. You can contact the Controller at any time at the following contacts: email privacy@onirogroup.it.
 

PURPOSES, LEGAL BASIS, DATA RETENTION, NATURE OF DATA PROVISION

PURPOSESLEGAL BASISDATA RETENTIONNATURE OF DATA PROVISION
Browsing on this websiteController’s legitimate interestSee cookie policyThe provision of data is necessary for the navigation of the website.
Use of cookies and similar technologies.For non-technical cookies, processing is based on consentSee cookie policy

For technical cookies, the provision of cookies is necessary to enable browsing.

For non-technical cookies, optional; failure to consent will not affect navigation on the site

In addition to navigation, personal data will be processed for:

PURPOSESLEGAL BASISDATA RETENTIONNATURE OF DATA PROVISION
A) Request for informations – contactsController’s legitimate interest1 yearThe provision is optional. Failure to provide personal data may only result in the impossibility of obtaining the information or services requested provided through this website.
B) Soft-spam: direct marketing through newsletters to promote the data controller's products or services similar to those already purchased by the data subjectController’s legitimate interestUntil opt outThe provision is necessary to provide communications related to products purchased by the data subject.
C) Subscription to newsletter's service for brands Jumbo Collection, Roberto Cavalli Home Interiors, Gianfranco Ferré Home, ETRO Home Interiors, JCP Universe (direct marketing)ConsentWithdrawal of consent – opt outThe provision is optional. Failure to provide personal data may result in the impossibility of receiving marketing communications.
D) Transmission of personal data of the user, who has contacted the Data Controller through social networks, to the commercial department responsible to provide assistance and/or support activities (for example, a quotation)Contract1 yearThe communication of the data is necessary for the performance of a contract. The lack communication of the personal data will involve in the impossibility to provide support and assistance.

PERSONAL DATA RECIPIENTS

The personal data provided will be communicated to recipients, who will process the data as processors (Article 28 of the GDPR), as persons acting under the authority of the Controller and Processor (Article 29 of the GDPR) or autonomous Data Controllers, for the purposes listed above. Precisely, the data will be communicated to: -other companies part of Oniro Group; parties that provide services for the management of the information system and telecommunications networks used by the Data Controller (including email, the web platform, newsletter platform); studies or companies in the context of assistance and consultancy relationships; competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request.

The list of Data Processors is constantly updated and available by writing to privacy@onirogroup.it or at the data controller's registered office.

DATA TRANSFER TO A THIRD COUNTRY AND / OR AN INTERNATIONAL ORGANIZATION AND GUARANTEES

The personal data provided will be not transferred outside EEA.

For personal Data processed by social network, is possible that there will be extra EEA transfers; for further information about any transfers, please refer to the privacy policy of the social network.

AUTOMATED DECISION MAKING Personal data will undergo traditional manual, electronic and automated processing. It should be noted that fully automated decision-making processes are not carried out
 

DATA SUBJECT’S RIGHTS | COMPLAINT TO SUPERVISORY AUTHORITY

You may exercise your rights pursuant to article 15 et seq. of the GDPR, contacting the Data Controller at privacy@onirogroup.it. In particular, you have the right, at any time, to request the Data Controller to access your personal data and receive the information concerning their processing and to amend or delete your data or limit their processing. With reference to the art. 6(1) point (a) (consent), you have the right to withdraw the consent given at any time. Furthermore, you have the right to object, at any time, to processing of your personal data pursuant to art. 6(1) point (f) GDPR (Data Controller’s legitimate interest). If your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data for this purpose, by sending an e-mail to the address privacy@onirogroup.it or by clicking on automatic removal link present in the individual communications that you received. In exercising your right to data portability. In the event that you believe that the processing of personal data violate the provisions of GDPR, you have the right to lodge a complaint to the supervisory authority or to appeal the judge.

CHANGES TO THIS PRIVACY POLICY

The Controller reserves the right to amend, update, supplement or remove parts of this Privacy Policy at its own discretion and at any time. We encourage you to periodically review our Privacy Policy. For your convenience, when we post changes, we will revise the “last update” date of the Privacy Policy.

Last update: 28/09/2022

Registered user

New user?

Create an account in order to access the reserved contents.