Privacy policy

Policy on personal data processing based on REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (GDPR)

Introduction

This privacy policy refers to the website “https://organicaestrusa.com”(Site). The data controller of your personal data is Leonardo Vignoli, with registered office in via San Gervasio 29, 50131, Firenze, registered with the Companies Register of Firenze with VAT number 07251440488; (Company).

The Company shall acquire and process your personal data to process your request to purchase through the Website.

The Company shall process the personal data provided by you to enable you to register with the Website and make use of the services restricted to registered users. If you provide your explicit consent, the Company shall process your personal data to send you promotional communications and/or newsletter regarding products offered for sale by the Company.

***

 

Pursuant to the GDPR, the Seller shall process the personal data provided by you as indicated in this privacy policy.

Article 1. Purpose of the processing. Legal basis. Mandatory or optional nature of data provision and consequences of any refusal.

The Company shall process the personal data provided by you for the following purposes:

1. to enable you to register with the Website and make use of the services restricted to registered users and for administrative/accounting purposes. The legal basis for the processing is Company’s commitment to be compliance with a legal obligation or to take steps at the request of the data subject prior to entering into a contract, as the case may be;
2. in the case of the execution of an online purchase order, to allow the conclusion of the purchase contract and the proper execution of transactions related to the same (and, where necessary, to fulfill tax obligations). The legal basis for the processing is Company’s commitment to be compliance with a legal obligation or to perform a contract to which the data subject is party;
3. if you provide your explicit consent, for the Company to send you newsletter or sms and for market research purposes also aimed at evaluating the level of customer satisfaction and to send you promotional communications in relation to the products of the Company (abandoned cart or Checkout, back in store products) and / or third-parties, by email or sms (marketing purposes); The legal basis for the processing is your consent;
4. in order to answer to your requests by email. The provision of data is purely optional. However, as the said processing is necessary in order to respond to your request, your refusal to provide the relevant data will prevent you from obtaining answer from the customer care of the Company. The legal basis for the processing is the Company's legitimate interest to perform these activities. This legitimate interest is equal to the user's interest to receive answer by the Company.

The provision of data for the purposes set out in at Point a) and b) is purely optional. However, as the said processing is necessary in order to provide the online purchasing your refusal to provide the relevant data will prevent you from completing an online purchase. Consent to marketing purposes is purely optional. Failure to consent to the processing of personal data for marketing purposes will prevent you to receive promotional communication and newsletter regarding products of the Company and/or third-parties and will prevent the Company to carry out market research purposes aimed at evaluating the level of customer satisfaction.

It is understood that the Company may use your personal data to comply with legal obligations and to perform the purchase contract. You may revoke your consent using the relevant link indicated in any promotional email sent by the Company.

Data collected through cookies

This website collects personal data of the user through the use of cookies. Some cookies (called technical cookies) are necessary for the proper navigation of the website (e.g. to save the items entered in the shopping cart, choose the language etc.). Other cookies (called tracking or profiling cookies), on the other hand, are used to track the actions performed by the user on the website and any purchases, in order to profile the user and send him or her targeted advertising based on his or her interests while browsing the Internet, including on other websites. Finally, other cookies are used to perform analytical activities, i.e. to generate (anonymous) statistics about users' browsing of the website.
Cookies are also divided into first-party cookies, which come from the organicaestrusa.com domain, and third-party cookies, which come instead from third-party domains (e.g. Google, Facebook etc.); these cookies can also perform technical, analytical or profiling functions.
See the footer to learn more specifically about the cookies installed on the organicaestrusa.com website.

Payment Card Data

In order to make a payment through one of the payment cards offered on the Website, you shall enter the data of the payment card directly on a page that will communicate through secure encryption protocol with the payment service provider (which will act as an independent data controller). These data will not pass through the server of the Company which, therefore, will not process such data in any way. To provide the above-indicated data is necessary to make purchases on the Website.

PayPal

You may make purchases using PayPal. In this event, you will be directed to a page outside the Website, where you must indicate the personal data requested by PayPal to complete the purchase process (PayPal will act as a data controller). These data will not pass through the server of the Company which, therefore, will not process such data in any way. To provide the above-indicated data is necessary to make purchases on the Website.

Article 2. Methods of Processing Personal Data

The processing of your personal data will be carried out by electronic or automated means, in the manner and with the appropriate tools to ensure the security and confidentiality in accordance with the GDPR. The information and methods of processing will be relevant and not excessive in relation to the type of services provided. Data will be managed and protected in environments where access is under constant control.

Article 3. Data Disclosure

For the purposes described in this privacy policy, the personal data provided by you may be disclosed or communicated to the following parties:

• to all those parties (including Public Authorities) that have access to the data by virtue of regulatory or administrative measures
• to third parties in charge of printing, enveloping, shipping and/or delivery and/or collection of products purchased through the Website
• to forwarding agents and to parties responsible for the delivery and/or collection of the products purchased
• to parties who process online payment transactions
• to companies, consultants or professionals in charge of the installation, maintenance, updating and the management of the Company's hardware and software or which the Company uses for the provision of its services
• to the companies that send the newsletters and/or other informative communications transmitted on behalf of the Company
• companies managing online payment transactions
• to all those public and/or private parties, natural and/or legal persons (legal, administrative and tax consultancy firms), where the communication is necessary or of practical use for the correct fulfillment of contractual obligations undertaken in relation to the services provided through the Website, and of legal obligations.

Your data may be disclosed only in anonymous and aggregated form for statistical or research purposes.

Article 4. Data Controller

You can contact the Company, as Data Controller :
- by telephone, calling: 3332558555
- by email, writing to: info@organicaestrusa.com
- by selecting the contact form on the Website.

Article 5. Data Storage

Your personal data will be stored and processed for for marketing purposes for 24 months. At the end of this period, the Company may ask you to renew your consent to the processing of your data or to make them anonymous and keep them only for statistical or historical purposes.

For all other purposes, personal data will be stored only as long as necessary to ensure the provision of the services offered. If you close your account, your personal data will be stored for administrative purposes for a period not exceeding 90 days, without prejudice to any legal obligations regarding the storage of accounting documents or for public security purposes.

Article 6. Rights of the Data Subject

Purstuant to GDPR (Article 13), you have the right to:

• request access to and rectification or erasure of personal data or restriction of processing or object to their processing, in addition to the right to data portability
• withdraw consent at any time without prejudice to the lawfulness of processing based on consent given prior to the withdrawal
• lodge a complaint before a supervisory authority (for instance, the Italian Data Protection Authority).

The above-mentioned rights may be exercised by making a request to at the contacts indicated above.

Article 7. Amendments

The Company reserves the right to change this privacy policy at any time, giving suitable notice to users and ensuring in any case an adequate and similar protection of personal data. In order to view any changes, you are invited to regularly consult this privacy notice.

***

 

Cookies Necessary for the Functioning of the Sites

 

Reporting and Analytics

 

Additionally, we use pixels and tags from the following third parties, which may in turn place cookies:

 

Reporting & Analytics

 

Advertising

 

Social Media & Content