This section contains information on how to manage the ‘Mollaian S.r.l. site, with reference to the processing of the data of users who consult it. This information is also valid for the purposes of art. 13 of the EU Regulation n. 2016/679 (hereinafter ‘GDPR’), relating to the protection of individuals with regard to the processing of personal data as well as the free circulation of such data, for subjects who interact with ‘Mollaian Srl’ and can be reached at the address corresponding to page: https://www.mollaianrugs.com/privacy-policy
The information is provided only for the ‘Mollaian S.r.l. and for its own connected sites (identified and reachable also via links from this site, but not for other websites that may be consulted by the user through links not attributable to ” Mollaian S.r.l. ‘. The purpose of this document is to provide information on the methods, timing and nature of the information that the Data Controller must provide to users when connecting to the web pages, regardless of the purpose of the connection itself, according to Italian legislation and European. The information may undergo changes over time, also due to the introduction of new regulatory provisions in this regard, the user is therefore invited to periodically check this page. If the user is under the age of 14, pursuant to paragraph 1 of art. 2-quinquies of the new ‘Privacy Code’ pursuant to Legislative Decree 101/2018, will have to legitimize your consent, where required, through the authorization of the parents or guardian.
Owner of the data processing
The Data Controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data, as well as takes care of the security profiles.
In particular, the Data Controller is ‘Mollaian S.r.l.’, with registered office in Viale Cavour 113, 44121 Ferrara – VAT number 01405520386
For any clarification or exercise of the user’s rights, it will be possible to contact the Data Controller at the following addresses: email: firstname.lastname@example.org – PEC: email@example.com
Types of data processed and purposes of the processing
The Data Controller processes the following categories of personal data while browsing the site and using the related functions or services:
a) information and data relating to navigation on the site (eg. information about the pages and sections of the site visited, the User’s activities on the Site, the time spent on individual pages and sections of the site, etc.);
b) information and data relating to the devices used by the User to navigate the site and use its functions and services (e.g. IP address, browser used, type of device used, data relating to the geographical position, information from cookies or
c) if the User intends to register or is already registered in a reserved area of the site, the personal data required for the purpose of creating the account (e.g. name, surname, e-mail address, password, VAT number ) and information relating to the activities carried out within
of the site once logged in (e.g. use of services reserved for registered users), or within the Reserved Area;
d) if the User intends to conclude a commercial transaction at the e-Commerce (Shop) section of the site, personal data and information relating to the transaction (eg identification and contact data, contact details for the shipment of products, payment, billing data, data necessary to manage requests for withdrawal from the contract);
e) if the User intends to contact the Data Controller using the forms on the site (contact and request for a quote) or communications to the Data Controller’s e-mail contacts, also for sending Curriculum vitae, or again by using the Assistance Ticket service, personal data e
the information required therein to manage communications;
f) the User’s e-mail address indicated when finalizing the commercial transaction on the site, for sending communications relating to news, promotions and offers relating to the products or services involved in the transaction, or similar products and services;
g) the User’s contact details, if he intends to receive communications of a commercial nature from the Data Controller (eg newsletter), subject to the provision of express consent through the relevant checkboxes;
h) in case of recourse, by the User, to the possibilities of interaction between the contents of the site and the User’s profiles on social networks (eg. “like”, “tweet” buttons), data and related information will also be processed to said profiles.
The personal data referred to in categories a) and b) are automatically collected by the Data Controller during the User’s navigation on the site; personal data belonging to all other categories are provided directly and voluntarily by the User himself.
Consequences of failure to provide data
The processing of personal data referred to in categories a) and b) of the previous section is necessary for the Owner in order to guarantee the User the best possible browsing experience and to provide all the functions and services offered through the site. However, it is possible to limit the processing of such personal data by using certain features made available by the site or by the device or browser / navigation application. In this case, navigation on the site may be limited and some of its functions / services may be inaccessible.
The processing of personal data referred to in categories c), d), e) of the previous section is necessary in fulfillment of contractual obligations (i.e., to allow the User to access and use specific functions / services of the site, such as by way of example and the Reserved Area is not exhaustive) and legal (with reference to the execution of regulatory obligations for the Data Controller): the User is consequently obliged to provide such personal data in order to use the related services offered, since on the contrary will be able to access it.
The processing of personal data referred to in categories f), g), h), i), j), k) of the previous section is necessary to allow your interactions with the Data Controller, due to the different purposes indicated: the User it therefore has no obligation to provide such data, failure to provide it will only make it impossible to access the related function or service.
Methods of data processing and data storage
The personal data will be processed by means of IT / telematic tools for purposes strictly necessary for the consultation of the ‘Mollaian S.r.l. site, as well as for purposes connected and / or instrumental to the consultation itself. Furthermore, the data collected by the site may be used for
any further purposes of: contact management and request for information on the activities, products and services of the Data Controller information and promotional newsletter activities on the Controller’s activities, products and services; managing the sending of Curriculum Vitae and Portfolio for the potential establishment of a relationship with ‘Mollaian S.r.l.’; direct purchase of products through the shop / e-commerce section of the ‘Mollaian S.r.l.’ website. The data transmitted will not in any way be alienated or transferred, for any reason, to third parties, except with the prior and express consent of the interested party.
Data retention will be carried out for the period strictly necessary to achieve the aforementioned purposes or until any request for cancellation or withdrawal of consent, where applicable, by the user (always without prejudice to the regulatory obligations imposed on the Owner).
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The navigation data, computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data, the transmission of which is implicit in the use of internet communication protocols.
This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
This is information that is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow the user to be identified.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used for security purposes (for example, blocking attempts to
damage to the site, or ascertainment of responsibility in the event of computer crimes against the site) and will therefore be kept for the time strictly necessary to achieve the aforementioned purpose.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Any sending of Curriculum Vitae will be managed in compliance with the provisions of Legislative Decree 101/2018 on Privacy.
Legal basis and lawfulness of the processing
The processing of personal data, where necessary as it is functional to allow consultation of the ‘Mollaian S.r.l.’ site, does not require the user’s consent.
The personal data provided by users who submit information requests, CVs, newsletter subscription requests or product orders are used for the sole purpose of responding to the request to perform the requested service. Where necessary with respect to the specific purposes, in compliance with current legislation, the specific consent of the user will be requested and collected for the processing of data.
Nature of the provision and consequences of refusal
Apart from that specified for navigation data, the user is free to provide ‘Mollaian S.r.l.’ with the personal data contained in the application forms or indicated in contacts with ‘Mollaian S.r.l.’ for communications. However, any refusal to provide mandatory data (for example for the completion of shop / e-commerce purchases, or simply to respond to a request for information) will make it impossible for ‘Mollaian S.r.l.’ to pursue the specified processing purposes and to satisfy the request.
With reference to the hypotheses of necessary request, by ‘Mollaian Srl’, of the user’s consent for the processing of personal data for specific purposes, the user himself will be free not to give consent, however this will prevent the Data Controller from managing the request and to carry out the related activity or desired service.
Place of data processing
The treatments connected to the web services of the site take place at the aforementioned headquarters of ‘Mollaian S.r.l.’ and are handled by persons within the organization of the Owner, as well as by any external persons authorized to carry out management, maintenance and assistance operations or otherwise involved
in the organization itself (such as third party technical service providers, hosting providers, IT companies, communication agencies). No data deriving from the web service is normally disclosed to third parties.
Transfer of data outside the EU
This site may share some of the data collected with services located outside the European Union area (eg. WordPress, Google, Facebook and Twitter through social plugins and the Google Analytics service). The transfer is authorized and strictly regulated by Article 45, paragraph 1 of the GDPR, so no further consent is required. The Owner undertakes not to transfer data to countries
third parties who do not comply with the conditions set out in Article 45 et seq. of the GDPR.
The user, as an interested party, has the right to lodge a complaint, pursuant to art. 77 GDPR, to the Supervisory Authority (Guarantor for the Protection of Personal Data – www.garanteprivacy.it).
It can also exercise, if and as applicable, the rights listed below, recognized by the GDPR; for a more in-depth examination of individual rights, consult the aforementioned articles of EU Reg. 2016/679 – GDPR:
a) the right to obtain from the Data Controller confirmation as to whether or not personal data concerning the data subject is being processed and, in this case, to obtain access to the personal data and information provided for by art. 15 of the GDPR and in particular those relating to the purposes of the processing, to the categories of personal data in question, to the recipients or categories of recipients to whom
the personal data have been or will be communicated, to the retention period, etc .;
b) the right to obtain, where inaccurate, the correction of personal data concerning the interested party, as well as the integration of the same where considered incomplete, always in relation to the purposes of the processing (Article 16 of the GDPR);
c) right to delete data (“right to be forgotten”), where one of the cases referred to in art. 17 GDPR;
d) right to limit the processing, in the cases provided for by art. 18 GDPR;
e) right to data portability pursuant to art. 20 GDPR;
f) right to object to processing pursuant to art. 21 GDPR;
g) the right to withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal, only for the purposes whose legal basis is consent (Article 7 of the GDPR).
These rights may be asserted at any time by sending a specific written request to the Data Controller (by return receipt at the indicated office – or by email at: firstname.lastname@example.org or PEC at the address: primaveraian @ pec .it) and / or to external managers. Requests can be prepared by the user without formalities or, alternatively, using the model provided by the Guarantor for the Protection of Personal Data (available on the website www.garanteprivacy.it).
The exercise of rights by the interested party is free of charge pursuant to art. 12 GDPR; however, in the case of manifestly unfounded or excessive requests, also due to their repetition, the Data Controller may charge the interested party a reasonable fee, in light of the administrative costs incurred to manage the request, or deny the satisfaction of the request itself.
With regard to the cookies used by this site, users are invited to consult the page relating to the EXTENDED INFORMATION ON COOKIES.
Changes to this document
Since changes or updates may occur over time, users are invited to periodically consult this page to be always updated. The document was revised on 14/10/2019 to comply with current regulations, in particular with
EU Regulation 2016/679 – GDPR.