As provided for by the European Union Regulation no. 679/2016 (hereinafter referred to as the “Regulation”), and in particular art. 13, below we provide the user (“Data Subject”) with the information required by law regarding the processing of personal data.
Owner of the Treatment
The company that will process your Personal Data and that, therefore, will play the role of Data Controller according to the Regulation, Art. 4 at point 7), “the natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data” is:
Visibilia Editore SpA (hereinafter the “Data Controller”) with registered office in Via Privata Giovannino De Grassi 12-12/a – 20123 Milan – enrolled in the Register of Companies of Milan, Tax Code and VAT No. 05829851004
For some processing operations, the Data Controller will be assisted by the following companies, which will act as co-processors in accordance with Article 26 of the Regulations:
- Visibilia Editore Holding Srl – Via Privata Giovannino De Grassi 12-12/a – 20123 Milan – enrolled in the Register of Companies of Milan, Tax Code and VAT No. 08541030964
- Visibilia Concessionaria Srl – Via Privata Giovannino De Grassi 12-12/a – 20123 Milan – enrolled in the Register of Companies of Milan, Tax Code and VAT No. 10826570961
The Data Controller, for some processing operations (in particular advertising operations), acts as a Data Processor as provided for by article 28 of the Regulations:
- Adasta Media S.r.l. – Via Privata del Gonfalone 3 – 20123 Milano – [email protected] – registered in the Register of Companies of Milan, Tax Code and VAT number 10128870960
Pursuant to Articles 26 and 28 of the Regulations, the Joint Holders have entered into an agreement, whereby they have undertaken to determine and, where necessary, to define jointly:
- certain purposes and methods of processing your Personal Data;
- clear procedures for providing timely feedback should you wish to exercise your rights, including data portability, as provided for in Articles 15, 16, 17, 18, 20 and 21 of the Regulation.
- this Policy in the parts of common interest indicating all the information required by the Regulation.
Data Protection Officer and Contact Details
The Regulation provides, in some specific cases, for the appointment of a control and support figure who may also act as a point of contact between the Data Subject and the Data Controller and/or the Joint Data Controllers. The Data Subject is the “identified or identifiable natural person” to whom the Personal Data refer in accordance with article 4, point 1) of the Regulation.
Visibilia Editore SpA has adopted the figure of “data protection officer”, i.e. a figure of control, support and also a point of contact between the data subject and the Data Controller and/or the Joint Data Controllers. The figure identified and appointed in accordance with Article 37 of the Regulation is Mr Francesco Maggioni (hereinafter the “DPO”).
The DPO, pursuant to and for the purposes of Article 39 of the Regulation, is called upon to perform the following activities:
- informing and advising the controller or processor as well as the employees carrying out the processing about the obligations arising from this Regulation as well as from other provisions of the Union or of the States
- monitoring compliance with this Regulation, other Union or Member State provisions on data protection and the policies of the controller or processor on the protection of personal data, including the assignment of responsibilities, awareness raising and training of staff involved in processing operations and related monitoring activities
- cooperate with the competent Data Protection Authority
As provided for in Article 38 of the Regulation, “Data subjects may contact the Data Protection Officer for all matters concerning the processing of their personal data and the exercise of their rights under this Regulation.” Should you wish to exercise your rights as provided for in the Regulation, you may freely contact the DPO:
- Through e-mail: [email protected] and/or
- By mail: Data Protection Officer at Visibilia Editore Spa – Via Privata Giovannino De Grassi 12-12/a – 20123 Milano.
At any time, you may consult the “Privacy” section of the Website, in which you will find all the updated information concerning:
- use and processing of your Personal Data
- contacts and communication channels made available to all Data Subjects by the Data Controller
Purposes of the processing
The Data Controller needs to collect some of your Personal Data as indicated in the respective forms in order to allow:
- registration to its websites, where applicable, and/or
- the use of contact forms to send you information, and/or
- subscription to the newsletter service
The websites of the Data Controller for which this Information Notice is issued are:
The Processing of your Personal Data will be carried out by the Data Controller to enable you to:
- any access to your profile
- participation in web initiatives
- receipt of newsletters
- requesting/sending information
- access and use of other services offered within the web pages you are browsing or by the services you are registered to
The processing of your Personal Data will therefore be based on what you have accepted in the conditions of participation in the Websites. The data marked with the symbol “*” are compulsory in order to allow the Data Controller to carry out the Processing activities for the above purposes. In the absence of even one of the marked data, it will not be possible to process your Personal Data and, therefore, to complete your registration on the Websites and/or benefit from the services provided by the same for which the provision of Personal Data is required.
The Personal Data required for the purposes of Processing will be those indicated in the registration and/or contact form and indicated below by way of example but not limited to: e-mail address.
If you access the Websites through the use of your social profile, where applicable, your Personal Data will be collected by the Data Controller from third parties, i.e. from the manager of the social network used. In this case, you will be able to view this Policy in the Privacy section of each of the Sites.
The Data Controller, together with the Joint Data Controllers, subject to your express, free and unequivocal consent in accordance with article 6, paragraph 1, point a) of the Regulation, may process your Personal Data for the following additional processing purposes: Marketing purposes, promotional and/or marketing activities on behalf of the Data Processors and/or on behalf of third parties: promotion of products, services, sold and/or provided by the Data Controller, the Data Processors and/or third parties with which the Data Processors have legal relationships without there being any communication of data in this case.
For the above purposes, it is necessary to obtain your consent, which must necessarily comply with the conditions set out in Article 7 of the Regulation, thus determining the lawfulness of the Processing of your Personal Data.
The methods of contact for the above-mentioned purposes may be automated (i.e. by e-mail).
You may in any case revoke your consent, even partially, as better specified below.
Services of LiveRamp, Inc
When you enter your e-mail address on our website (by logging in, registering for a newsletter or other similar action), we may share personal data or other information about you, such as your e-mail address (hashed, in a pseudonymized form), IP address or other information about your browser and operating system, with our partner LiveRamp, Inc. and its group companies.
LiveRamp uses this information to create an online identification code in order to recognize you on your devices. This code does not contain any personal data that directly identifies you and will not be used by LiveRamp to re-identify you.
Your Personal Data may be disclosed to specific entities considered recipients of such Personal Data. Article 4 point 9) of the Regulation defines “recipient” of Personal Data as “the natural or legal person, public authority, service or other body that receives communication of personal data, whether or not it is a third party” (hereinafter the “Recipients”).
Therefore, with regard to the Processing activities necessary to pursue the purposes set out in this Policy, the following Recipients may be in a position to process your Personal Data:
- Third Parties: pursuant to Article 4, point 8) of the Regulation, “the natural or legal person, public authority, service or other body that processes Personal Data on behalf of the Controller” (hereinafter the “Controller”);
- Individuals, employees and/or collaborators as defined in Article 4 at point 10) of the Regulation, “persons authorised to process Personal Data under the direct authority of the Controller or the Processor” (hereinafter the “Authorised Persons”);
- Public Authorities: where required by law under Article 4(9) of the Regulation, “public authorities which may receive disclosure of Personal Data in the context of a specific investigation in accordance with Union or Member State law shall not be considered as Recipients”.
Personal Data Retention Period and Criteria Used
In order to determine this period, as defined in Article 5(1)(e) of the Regulation which states “Personal Data shall be kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which they are processed; Personal Data may be stored for longer periods provided that they are processed solely for archiving purposes in the public interest or for scientific or historical research or statistical purposes in accordance with Article 89(1), without prejudice to the implementation of appropriate technical and organisational measures required by this Regulation to protect the rights and freedoms of the Data Subject.
In light of this principle, your Personal Data will be processed by the Data Controller only to the extent necessary for the purposes described in this notice. In particular, your Personal Data will be processed for a period of time equal to the minimum necessary, as indicated by Recital 39 of the Regulation, i.e. until the termination of the existing contractual relationship between you and the Data Controller, without prejudice to an additional storage period that may be imposed by law as also provided by Recital 65 of the Regulation.
Rights of the data subject
As provided for in Article 15 of the Regulations, the following is a list of the rights of the data subject that may be exercised at any time, vis-à-vis the Data Controller and/or the Joint Data Controllers:
Right of access: you shall have the right, pursuant to Article 15(1) of the Regulation, to obtain from the Data Controller confirmation as to whether or not any Processing of your Personal Data is taking place and, if so, to obtain access to such Personal Data and to the following information:
- the purposes of the Processing
- the categories of Personal Data concerned
- the recipients or categories of recipients to whom your Personal Data have been or will be disclosed, in particular if they are recipients in third countries or international organisations
- where possible, the expected period of retention of Personal Data or, if this is not possible, the criteria used to determine that period;
- the existence of the right of the Data Subject to request from the Data Controller the rectification or erasure of Personal Data or the restriction of the Processing of Personal Data concerning him/her or to object to the Processing of Personal Data
- the right to lodge a complaint with a supervisory authority
- if the Personal Data are not collected from the Data Subject, all available information about their origin
the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4) of the Regulation and, at least in such cases, meaningful information about the logic used, as well as the importance and expected consequences of such Processing for the Data Subject
All the information indicated here can be found within this Information Notice, in the Privacy section of each of the Websites.
Right of rectification: you may obtain, pursuant to article 16 of the Regulation, the rectification of your Personal Data that is inaccurate. Moreover, taking into account the purposes of the Processing, you may obtain the integration of your Personal Data that are incomplete, including by providing a supplementary declaration.
- the Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed
- the data subject has withdrawn the consent on which the Processing of your Personal Data is based and there is no other legal basis for the Processing of your Personal Data
- you object to the Processing pursuant to Article 21(1) or (2) of the Regulation and there are no longer any overriding legitimate reasons for processing your Personal Data
- your Personal Data has been unlawfully processed
- the Personal Data must be erased in order to comply with a legal obligation imposed by Union or Member State law to which the data controller is subject;
As provided for in Article 17(3) of the Regulation, the Data Controller is entitled, in certain cases, not to provide for the erasure of your Personal Data:
- for the exercise of the right to freedom of expression and information
- for compliance with a legal obligation which requires processing provided for by Union or Member State law to which the controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
- for reasons of public interest in the area of public health in accordance with Article 9(2)(h) and (i) and Article 9(3);
- for archiving purposes in the public interest, scientific or historical research or statistical purposes in accordance with Article 89(1), insofar as the right referred to in paragraph 1 is likely to make it impossible or seriously impair the achievement of the objectives of such processing; or
- for the establishment, exercise or defence of legal claims
Right to restrict processing: you may obtain the restriction of Processing, pursuant to Article 18 of the Regulation, if one of the following cases occurs:
- the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of the personal data
- the processing is unlawful and the data subject objects to the erasure of the personal data and requests instead that their use be restricted;
- although the data controller no longer needs the personal data for processing purposes, the personal data are necessary for the establishment, exercise or defence of legal claims
- the data subject has objected to the processing pursuant to Article 21(1), pending verification as to whether the legitimate reasons of the controller prevail over those of the data subject
Where processing is restricted, such personal data shall be processed, except for storage, only with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or a Member State.
Right to data portability: based on Article 20 paragraph 1 of the Regulation, the data subject has the right to receive in a structured, commonly used and machine-readable format personal data concerning him or her that has been provided to a data controller and has the right to transmit such data to another data controller without hindrance. It will be your responsibility to provide the exact details of the new controller to whom you intend to transfer your Personal Data and, your written authorisation.
Right to object: Pursuant to Article 21(2) of the Regulation and Recital 70, you have the right to object at any time, on grounds relating to your particular situation, to the processing of Personal Data relating to you under Article 6(1)(e) or (f), including profiling on the basis of those provisions.
Right to lodge a complaint with the supervisory authority: the data subject, without prejudice to your right to appeal in any other administrative or judicial forum, may lodge a complaint with the competent Data Protection Authority if you consider that the Processing of your data is in breach of the Regulation and/or the applicable legislation.
To exercise all of your rights as identified above, simply contact the Data Controller and/or the Joint Data Controllers in the following ways:
- by writing to the Visibilia Editore Spa Privacy Office, Via Privata Giovannino De Grassi 12-12/a – 20123 Milan
- by sending an e-mail to the [email protected] mailbox, to the kind attention of the Visibilia Editore Spa Privacy Office.
We would remind you that, at any time, you may also contact the DPO of Visibilia Editore Spa:
- There is an e-mail address: [email protected] and/or
- Mail address: Data Protection Officer at Visibilia Editore Spa – Via Privata Giovannino De Grassi 12-12/a – 20123 Milano.
Withdrawal of consent
As provided for by the Regulation, if you have given your consent to the Processing of your Personal Data for one or more of the purposes for which you have been requested, you may, at any time, withdraw it in whole and/or in part without prejudice to the lawfulness of the Processing based on the consent given before the withdrawal.
It is sufficient to contact the Data Controller and/or the Joint Data Controllers and/or the DPO using the contact channels indicated in this Policy. Moreover, for the sake of simplicity, in the event of e-mail advertisements that are no longer of interest to you, simply click on the unsubscribe button at the bottom of them to stop receiving any further communication.
Countries where your data will be processed
Your Personal Data will be processed by the Data Controller and/or the Joint Data Controllers within the territory of the European Union.
If for technical and/or operational reasons it is necessary to use entities located outside the European Union, on the basis of Article 28 of the Regulation, such entities will be appointed as Data Processors and the transfer of Personal Data to such entities will be regulated in accordance with Chapter V of the Regulation. All necessary precautions will therefore be taken to ensure the most complete protection of your Personal Data based on such transfer:
- on adequacy decisions of the receiving third country by the European Commission
- on adequate safeguards given by the third country recipient in accordance with Article 46 of the Regulation
- on the adoption of binding corporate rules
In any case, you may request further details from the Data Controller and/or the Joint Data Controllers.
This site collects anonymous statistical data on navigation, by means of cookies installed by authorised third parties, respecting the privacy of your personal data and in accordance with the rules laid down by law.
Here is a list of the cookie providers we use and their policies:
- Adasta Media S.r.l.
- Google Ad Manager (Google Ireland Limited)
With the present document, in accordance with Articles 13 of the Regulations and 122 of Legislative Decree 196/2003 (“privacy code”), as well as with the provisions of the General Measure of the Privacy Authority of 8 May 2014, Visibilia Editore S.p.A., the data controller, provides users of the site www.stiledesign.it with some information on the cookies used.
What are cookies
A ‘cookie’ is a small text file that is placed on your computer when you access a particular website for the purpose of storing and transporting information. Cookies are sent by a web server (which is the computer running the website you are visiting) to your browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on your computer; they are then sent back to the website on subsequent visits.
What are cookies used for?
Technical cookies allow user preferences to be saved and are necessary to optimise and improve site navigation. For example, they facilitate certain procedures when you shop online, when you log into restricted areas or when a website automatically recognises the language you use.
The Analytics Cookies are used to collect information, in aggregate form, on the number of users who connect to the site and how they interact within it, and thus process general statistics on the service and its use.
The Profiling Cookies are used to monitor and profile users while they are browsing, to study their web consultation or consumption habits (what they buy, what they read, etc.), in order to send “profiled” promotional messages based on the research they have carried out and the data collected.
Lastly, third-party cookies come from other sites and are contained in various elements hosted on the page itself, such as advertising banners, social sharing icons, images, videos, etc.
For more information:
Typologies of cookies used by this website
The www.stiledesign.it website uses technical cookies, in respect of which, pursuant to Article 122 of the Privacy Code and the Provision of the Guarantor of 8 May 2014, no consent is required from the data subject. As mentioned, this type of cookie allows the user’s preferences to be saved and is necessary to optimise and improve site navigation.
Third Party Cookies
Services provided by Google (Google Inc.)
Types of cookies used: https://www.google.it/intl/it/policies/technologies/types/
Cookie Management: http://www.google.it/intl/it/policies/technologies/managing/
Google Maps widget
Google Maps is a map display service operated by Google Inc. that enables this website to integrate such content into its pages.
Personal data collected: Cookies and usage data.
Place of processing: USA
Disabling cookies via browser plug-in: https://tools.google.com/dlpage/gaoptout
Social network buttons and widgets
Social buttons allow users who are browsing to interact with social platforms (e.g. Facebook and Twitter) directly from the website. Interactions and information acquired by this website are in any case subject to the User’s privacy settings for each social network. Therefore, the User is invited to view the privacy policies of the specific platforms used, listed below:
Facebook (Facebook Inc.)
The Facebook “Like” button and social widgets are services for interaction with the Facebook social network, provided by Facebook Inc.
Configuring Privacy Settings: https://www.facebook.com/settings/?tab=privacy&privacy_source=privacy_lite
Twitter (Twitter Inc.)
The Tweet button and Twitter social widgets are services for interacting with the social network Twitter, provided by Twitter Inc.
Configuration of privacy settings: https://twitter.com/settings/security
Disabling cookies via your browser settings
Without prejudice to what has been indicated above with regard to the technical cookies that are strictly necessary for browsing, the user can eliminate the other cookies through the function made available for this purpose by the Controller in this information notice or directly through his/her browser. Each browser has different procedures for managing the settings. Below are the procedures for the most commonly used browsers:
- Start the Chrome browser
- Click on the menu on the browser toolbar next to the url entry window
- Select Settings
- Click on Show Advanced Settings
- In the “Privacy” section, click the “Content Settings” button
- In the “Cookies” section you can change the following cookie settings:
- Allowing local data storage
- Modify local data only until the browser is closed
- Prevent sites from setting cookies
- Block third-party cookies and site data
- Manage exceptions for certain websites
- Deleting one or all cookies
For more information, visit https://support.google.com.
- Run the Mozilla Firefox Browser
- Click on the menu on the browser toolbar next to the url entry window for browsing
- Select Options
- Select the Privacy panel
- Click Show Advanced Settings
- In the “Privacy” section, click the “Content Settings” button
- In the “Tracking” section you can change the following cookie settings:
- Ask the sites not to do any tracking
- Notify sites of your willingness to be tracked
- Do not communicate any personal data tracking preferences
- From the “History” section, you can:
- Enable “Use custom settings” and select to accept third-party cookies (always, from the most visited sites or never) and to keep them for a specified period
- Remove individual stored cookies
For more information visit https://support.mozilla.org.
- Start Internet Explorer browser
- Click on the Tools button and choose Internet Options
- Click on the Privacy tab and in the Settings section change the slider to the desired cookie action:
- Block all cookies
- All cookies allowed
- Selecting sites to get cookies from: move the slider to an intermediate position so as not to block or allow all cookies, then click on Sites, in the Website Address box enter a website and then click on Block or Allow
For more information visit http://windows.microsoft.com.
- Start Safari Browser
- Click on Safari, select Preferences and click on Privacy
- In the Block Cookies section, specify how Safari should accept cookies from websites
- To see which sites have stored cookies click on Details
For more information visit https://support.apple.com.
It is also possible to deactivate third-party cookies using the methods made available directly by the third-party company responsible for such processing, as indicated in the links in the “third-party cookies” paragraph
Rights of the interested party