Privacy Policy
(Information notice on the processing of personal data in accordance
with Art. 13 of Italian Legislative Decree 196/2003, and EU Regulation
679/2016)
Brunello Cucinelli S.p.A., as the Data Controller (hereinafter:
“Brunello Cucinelli” or “Data Controller”) in accordance with Italian
Legislative Decree 196/2003 (“Code”), and EU Regulation 679/2016
(hereinafter: “Regulation”) – considers the privacy and protection of
personal data to be one of the main objectives of its activity.
Therefore, we invite you, prior to communicating any personal data to
the Controller, to carefully read this Privacy Policy as it contains
important information on the protection of your personal data.
This Privacy Policy:
is considered applicable to the website www.brunellocucinelli.com, and
to the section thereof dedicated to Investors (hereinafter:
“Website”);
constitutes an integral part of the Website and of the services we
offer;
is issued in accordance with Art. 13 of the Code, as well as Art. 13 of
the Regulation, for anyone interacting with the web services of the
Website;
is not considered applicable to the section of the Website dedicated to
“Human Resources” or to “Online boutique” websites, for which reference
is made to the specific information notices contained
therein.
The processing of your personal data shall be based on the principles of
correctness, lawfulness, transparency, limitation of the aims and
storage, minimization and exactness, integrity and confidentiality, and
the principle of accountability in accordance with Art. 5 of the
Regulation. Your personal data shall therefore be processed in
accordance with the legislative provisions of the Regulation and the
confidentiality obligations envisaged therein.
Processing of personal data means any operation or set of operations,
performed with or without the aid of automated processes and applied to
personal data or sets of personal data such as the collection,
recording, organization, structuring, storage, adaptation or amendment,
extraction, consultation, use, communication through transmission,
disclosure or any other form of provision, comparison or
interconnection, limitation, deletion or destruction.
CONTENTS
The contents of the Privacy Policy are provided below, so that you can
easily find the information inherent to the processing of your personal
data affecting you.
- 1. DATA CONTROLLER AND PROCESSOR
- 2. PERSONAL DATA SUBJECT TO PROCESSING
- a. Navigation data
- b. Cookies
- 3. PROCESSING AIMS
- 4. LEGAL BASIS AND COMPULSORY OR VOLUNTARY NATURE OF
PROCESSING
- 5. PERSONAL DATA RECIPIENTS
- 6. TRANSFERS OF PERSONAL DATA
- 7. STORAGE OF PERSONAL DATA
- 8. RIGHTS OF THE INTERESTED PARTY
- 9. MODIFICATIONS
- 10. CONTACTS
1. DATA CONTROLLER AND PROCESSOR
The Data Controller is Brunello Cucinelli S.p.A. having its registered
office in Corciano (Perugia, Italy), frazione Solomeo, Viale Parco
dell’Industria n. 5, tax code and registration number with the Perugia
Companies Register 0188612054. The Data Protection Officer of Brunello
Cucinelli S.p.A. can be contacted at the headquarters of the Data
Controller at the address indicated above and by email at:
dpo@brunellocucinelli.it
2. PERSONAL DATA SUBJECT TO PROCESSING
We would like to inform you that the personal data subject to processing
may comprise an identification label such as the name, identification
number, data related to the location, an online ID or one or more
characteristic elements of your physical, physiological, psychological,
economic, cultural or social identity suitable to make the interested
party identified or identifiable, according to the type of services
requested (hereinafter “personal data”).
The personal data processed through the Website are as
follows:
a. Navigation data
During their normal process, the IT systems and software procedures in
place for the operation of the Website acquire some personal data whose
transmission is implicit in the use of internet communication protocols.
This refers to information that is not collected to be associated with
identified interested parties, but that by its very nature could,
through processing and association with data held by third parties,
allow the users to be identified. IP addresses or domain names of the
computers used by the users who connect to the Website, URI (Uniform
Resource Identifier) addresses of the requested resources, the time of
the request, the method used for making the request to the server, the
size of the file obtained in response, the numerical code indicating the
status of the response given by the server (successful, error, etc.)
and other parameters related to the operating system and the IT
environment of the user all fit into this category of data. These data
used for the sole purpose of gaining anonymous statistical information
on the use of the Website to control the correct operation thereof, to
identify any anomalies and/or abuse, are deleted straight after being
processed. The data could be used for ascertaining responsibility in the
event of any IT crimes that may damage the Website or third
parties.
b. Cookies
The information on the cookies served by the Website is available here.
3. PROCESSING AIMS
Your personal data shall be processed for the following
aims:
3.1. To allow navigation of the Website and the provision of the
services made available there by the Controller, including the
management of the Website security;
3.2. To fulfil any obligations envisaged by laws in force, regulations
or EU legislation or to comply with any requests from authorities;
3.3. To process statistics, without it being possible to trace your
identity.
Specific security measures are observed in order to prevent the loss of
data, illicit use or incorrect use and unauthorized access.
4. LEGAL BASIS AND COMPULSORY OR VOLUNTARY NATURE OF
PROCESSING
The legal basis for the processing of personal data for the aims
according to section 3.1 is Art. 6(1)(b) of the Regulation
([…]processing is necessary for the performance of a contract to which
the data subject is party or in order to take steps at the request of
the data subject prior to entering into a contract), since the
processing is necessary for the provision of services. The legal basis
for the processing of personal data for the aims according to section
3.2 is instead, Art. 6(1)(c) of the Regulation ([…]processing is
necessary for compliance with a legal obligation to which the controller
is subject). The provision of personal data for these purposes is
optional, but any failure to provide data could imply the impossibility
to activate the required services.
It is instead specified that the processing according to section 3.3 is
not performed on personal data and therefore can be freely performed by
the Controller.
5. PERSONAL DATA RECIPIENTS
Your personal data may be shared, for the purposes according to section 3
of this Privacy Policy, with:
5.1. Subjects who typically act as processors in accordance with
Articles 29 of the Code and 28 of the Regulation, i.e., subjects that
cooperate with the Data Controller for pursuing the above aims,
including subjects appointed to perform technical maintenance activities
(collectively “Recipients”);
5.2. Subjects, bodies or authorities to whom it is compulsory to
communicate your personal data on the basis of legal provisions or
orders of the authorities;
5.3. Persons authorized by the Data Controller, in accordance with
Articles 30 of the Code and 29 of the Regulation, to process the
personal data necessary for performing activities strictly connected
with the provision of services, who have committed to confidentiality or
who have a suitable legal confidentiality obligation.
The updated list of subjects who could process your personal data as
processors is available by sending a written request to the Data
Controller to the addresses indicated in the “Contacts” section of this
information notice.
6. TRANSFERS OF PERSONAL DATA
Some of your personal data may be shared with Recipients who are located
outside the European Economic Area. The Data Controller guarantees that
the processing of your personal data by these Recipients takes place in
compliance with Articles 43 and 44 of the Code, and with Articles 44 -
49 of the Regulation. More information is available by sending a written
request to the Data Controller to the addresses indicated in the
“Contacts” section of this information notice.
7. STORAGE OF PERSONAL DATA
The personal data processed for the aims according to section 3.1 shall
be stored for the amount of time strictly necessary to achieve such
purposes. However, since the processing is performed in order to provide
services, the Data Controller shall store the personal data for the
amount of time envisaged and permitted by Italian legislation for the
protection of its interests (Art. 2946 of the Civil Code et seq.).
The personal data processed for the aims according to section 3.2 shall
be stored for the amount of time envisaged by the specific obligation or
applicable legal standard.
More information related to the data storage period and the criteria
used to determine such period can be requested by sending a written
request to the Data Controller to the addresses indicated in the
“Contacts” section of this information notice.
This is notwithstanding the possibility for the Data Controller to store
your personal data for the period of time envisaged and permitted by
Italian law to protect his interests (Art. 2947(1)(3) of the Civil
Code).
8. RIGHTS OF THE INTERESTED PARTY
In accordance with Art. 7 of the Code, you have the right at any time to
obtain confirmation of the existence or not of your personal data and
to find out the contents and origin thereof, verify the accuracy or
request the addition, updating or correction thereof; you have the right
to request the deletion, transformation into anonymous format or
blocking of data processed against the law, or to oppose in any case,
for legitimate reasons, the processing thereof. Starting from 25 May
2018 you also have the right to request access to your data, to oppose
processing and to request the limitation of processing in the cases
envisaged by Art. 18 of the Regulation, where technically possible, and
to obtain in a structured format, of common use and legible by an
automatic device, the data regarding you, in the cases envisaged by Art.
20 of the Regulation.
Requests are to be sent in writing to the Data Controller to the
addresses indicated in the “Contacts” section of this information
notice.
You always have the right to lodge a complaint with the competent
control authority (Data Protection Authority) in accordance with Art. 77
of the Regulation, should you consider that the processing of your data
infringes legislation in force.
9. AMENDMENTS
Il Titolare si riserva di modificarne o semplicemente aggiornarne il
contenuto, in parte o completamente, anche a causa di variazioni della
normativa applicabile. Il Titolare La invita, quindi, a visitare con
regolarità questa sezione per prendere cognizione della più recente ed
aggiornata versione della Privacy Policy, in modo da essere sempre
aggiornato sui dati raccolti e sull’uso che ne fa Brunello Cucinelli.
10. CONTACTS
To exercise the above rights or for any other requests, please write to
the Data Controller at the physical address indicated above, or via the
dedicated contact
details, preferably inserting the wording
"request for exercise of privacy rights" in the subject field of the
communication.