This page describes how to manage the site in relation to the processing of personal data of users who use it.
This general information yields – also under ‘art. 13 d.lg. n. 196 of 2003 “Code regarding the protection of personal data” – to those who interact with the web services offered by STEP S.R.L. for the protection of personal data accessible electronically from the address:www.stepcosmetici.com corresponding to the homepage of the commercial site of the company STEP S.R.L.
The following information is only relevant for the site of the company STEP S.R.L and not for other sites accessed via links.
The information is also based on Recommendation no. 2/2001 that the European authorities for the protection of personal data gathered by the Group established.
29 of Directive n. 95/46 / EC, adopted on 17 May 2001 to establish minimum requirements for collecting personal data online, and, in particular, the manner, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose.
Following consultation of this site may be processed data on persons identified or identifiable.
The “owner” of this data processing is the company STEP S.R.L, with its legal representative pro tempore Gianfranco Buzzoni, who is based in Castel San Giovanni (PC) via Fratelli Bandiera 48B – Italy.
The company STEP S.R.L has been designated as controller in accordance with art. 29 of the Code regarding the protection of personal data, as responsible for the maintenance of the technological side of the site.
PLACE OF DATA PROCESSING
Treatment related to web services of this site are managed by technical personnel appointed by the companySTEPS.R.L and in the specific treatment. If necessary, the data related to the newsletter service can be processed by the staff of the company that is responsible for the maintenance of the technological side of the site, Serverplan Srl – Via G.Leopardi, 22 – 03043 Cassino (FR) Italy (data controller in accordance with art. 29 of the Code regarding the protection of personal data), at the headquarters of that company.
TYPES OF DATA
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected to be associated with identification, but by their very nature could, through processing and associations with data held by third parties, identify users. In this category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, time of request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. This data is used only to obtain anonymous statistics on site usage and to check it is functioning correctly.
The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this possibility, the data on web contacts for more than 120 days.
Data provided voluntarily by The optional, explicit and voluntary e-mail addresses listed on this site involves the subsequent acquisition of the sender, necessary to respond to requests, and any other personal data included in the message.
The information thus collected is used for purposes strictly related to the registration on the site, the provision of services offered through the site (by way of example purchases or account management) and to comply with legal or regulatory requirements. In this context the data and information collected can be disclosed:
• to third parties whose products or services are offered or sold through the Site;
• couriers or agents of the shippers delivery of products purchased through the Site;
• to banks and the companies that manage national or international payment networks through which online payments are processed for products purchased on the site; in particular for the payment by credit card personal data is transmitted to the circuits responsible for the transactions. For the safety of the buyers the data of the credit card is never stored;
• consultants or professionals in charge of the installation, maintenance, updating and, in general, the management of the hardware and software of the site;
• to public or private entities (for example legal offices, administrative and fiscal, judicial offices, Chambers of Commerce, Chambers and Offices of Labour) if such disclosure is necessary or appropriate for the proper fulfillment of the contractual obligations towards the customer and the obligations under the law. Prior express consent, to be rendered at the time of registration or when an order is placed, personal data and information collected can be used for commercial purposes, including using e-mail or phone messages of SMS type.
For these purposes the agreement is optional and any refusal has no consequences on the possibility to make purchases through the site. Without prejudice at all times there is the possibility, for the end user, to declare that they no longer want to receive further messages of this type.
For this purpose it is sufficient if the user sends an e-mail to firstname.lastname@example.org specifying their desire not to receive any type of messages.
Cookies No personal user data is acquired from the site.
The use of C.D. Session cookies (which are not stored permanently on the user’s computer and disappear when the browser is closed) is strictly limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to allow safe exploration of an efficient site.
The SO-CALLED Session cookies used on this site avoid the use of other techniques potentially prejudicial to the privacy of the users and do not allow the acquisition of personal identification data.
OPTIONAL ‘OF DATA
Apart from that specified for navigation data, the user is free to provide or not their personal data or information about themselves. The failure to provide data or information may make it impossible to fulfill the request.
METHOD ‘OF TREATMENT Personal data is processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent the loss of data, illegal or incorrect use and unauthorized access.
Personal data is transmitted after the registration of the client to the website and entering a password or entering an order.
The data is encoded with SSL (Secure Socket Layer) which is used as a standard form at Wolford whenever it is necessary to transmit sensitive data. Occasionally each client receives a request to confirm your identity before you have access to confidential information.
Those to whose personal data refer have the right at any time to obtain confirmation of the existence or otherwise of these data and to know its content and origin, verify its accuracy or request its integration, updating or rectification as provided by art. 7 of the Code regarding protection of personal data.
According to that provision every user has the right to request cancellation, transformation into anonymous form or blocking of data processed unlawfully, and to oppose in any case, for legitimate reasons, their treatment.
Requests should be addressed: – Via e-mail at: email@example.com – or by ordinary postal service to STEP s.r.l. Castel San Giovanni (PC) – Street Fratelli Bandiera, 48B – Italy.