Privacy Policy
By sharing the Privacy Policy for Natuzzi S.p.A., its affiliates and subsidiaries (collectively, the “Company”, “Natuzzi”, “we” or “us”), we hope to help you understand how information can create new opportunities for you, our customer, as well as to reassure you that we respect and honour customer requests to restrict and protect personal information. If you reside in a country that is part of the EU and/or EEA, you’ll find references to EU Regulation within the text of this Policy. If you reside in California, please see California Consumer Privacy Act Addendum Rights. If you reside in Nevada, please see Nevada Privacy Law Addendum Rights. These sections provide information regarding the rights afforded to individuals residing in these jurisdictions under applicable law.
Privacy and the protection of personal data are very important to Natuzzi S.p.A., its affiliates and subsidiaries. Therefore, the purpose of this Privacy Policy is to inform you about the type of data we collect and the way we handle your data, for the ultimate purpose of improving your experience with our website and participation within the Natuzzi Community.
1. What kind of data we collect Natuzzi may collect, retain and use personal details and contact information you provide when - you make a purchase in one of our stores, on https://natuzzi-editions.sg or our mobile apps (collectively, “Websites”),
- you request a quote or information about our products,
- you register yourself with the Natuzzi Community,
- you sign up for our newsletters, or
- you engage with us on our social media platforms (here in after collectively, “Data”).
In order to be able to request information and/or complete the process of registering with the Natuzzi Community, all the data indicated with an asterisk in the respective forms must be provided
2. Additional data
When you visit our Websites, we (or our third-party service providers) collect information about your use of the Websites: your Internet service provider’s address, your location as determined by your Internet Protocol (“IP”) address, the name of the website or advertisement directing you, your user agent, as well as your clicks and activity on our Websites. We use this information to understand how to make our Websites more available and user-friendly to our customers, as well as to provide you with advertising that may be of interest to you. To learn how you can opt out of such advertising click here. We do not serve interest-based advertising to users we identify as using our Websites from EU IP addresses.
With your consent, we may also collect the following data: optional information that you may convey to use through order forms, quote requests and the Natuzzi Community registration form; information that we may obtain by examining how you interact with us, through emails and newsletters, as well as our websites and apps; to do so, we may use tools that are developed either by us or third parties (for more information, we invite you to consult their Privacy Policies); your purchasing preferences, including information relating to purchases made by you and quotes requested by you from Natuzzi; information shared by you through the social networks you are registered with.
3. Why do we use your data and what legal basis we adhere to?
Once your consent is granted, we may use your data for some, or all, of the following purposes:
- a) to send you newsletters, information about products and services we offer, special promotions and surveys. For example, we might send you emails, instant messages (e.g., via SMS and WhatsApp), and promotional material via regular mail or have one of our representatives contacting you over the phone.
- b) to analyse your preferences and the way you interact with us. More specifically, in order to better understand your tastes and interests with regard to our products and services, we may examine – also using automated systems and third party service providers – the information you provide to us in order forms and quote requests, the items you purchased at Natuzzi stores in the last ten years, your level of interest in emails, advertising and newsletters we send you, the frequency of your visits to our websites, the way you use our apps and your engagement with our social media profiles (e.g. Facebook, Instagram and Pinterest). For more information about the Data we may obtain as a result of you browsing our internet websites and/or using our apps, please consult the relevant privacy documents. Finally, we may supplement your profile with information of statistical nature that we lawfully obtain from other sources: this could be related to where you live (e.g., demographic information, geo-referencing data etc.) or what electronic devices you use to interact with us.
In any case, this kind of activity should not have any legal consequences for you, or significantly impact you personally. Moreover, in the event that you have filled in a form for the request for information, we will use your Data:
- c) to provide you with the information requested;
And, in the event you have completed the Natuzzi Community registration form, we will use your Data for the following purpose, including through the use of electronic means:
- d) to manage your participation within the Natuzzi Community. Your Data will be used to give you discounts and other benefits, which may be made available from time to time. More generally, they will be used to satisfy all related contractual and administrative requirements.
Registration with the Natuzzi Community is optional and neither registration nor the information request is in any way dependent on you granting your consent for the data processing purposes set out at (a) and (b).
These activities allow us to provide you with our online and in-store retail and design services, process your transactions more efficiently, expedite shipping, offer you promotions, contests and other opportunities and, ultimately, give you a higher caliber of customer service.
4. Who is the data controller?
The Data Controller is Natuzzi S.p.A., whose contact details are listed here below.
5. How long do we keep your Data for?
We will only store your Data for the period of time necessary to pursue the various data processing purposes. You can request that we delete your personal information at any time by simply submitting this online request . For details about your rights to deletion under California law, please see below section titled “California Consumer Privacy Act Addendum”.
With regard to the Natuzzi Community, your Data will not be stored for longer than the time necessary to manage your participation in the Natuzzi Community. In the event that you decide to leave the Natuzzi Community, your Data will be deleted within 30 days.
We retain your information after you request such deletion for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights for certain business requirements. For example, when we process your payments, we will retain this data for longer periods of time as required for tax or accounting purposes. See below for specific reasons we would retain some data for longer periods of time:
- Security, fraud & abuse prevention – to protect you, other people, and us from fraud, abuse, and unauthorized access.
- Financial record-keeping – when you make a payment to us we are often required to retain this information for a long period of time for purposes of accounting, dispute resolution and compliance with tax, anti-money loundering, and other financial regulations (information relating to your purchases will be stored for processing for no longer than 10 years from the date of collection).
- Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process, or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.
- Direct communication with us – if you have directly communicated with us, through a customer support channel, feedback form or a bug report, we may retain reasonable records of those communication (in any case, for no longer than 12 months from the date of collection).
6. To whom we disclose your Data
For administrative purposes, we may communicate your Data to our service suppliers (e.g., IT services). If you are registered with the Natuzzi Community, we may communicate your Data to companies – including foreign companies – who manage the stores participating in the Natuzzi Community initiative, as well as to authorities, agencies, public bodies and law enforcement, when we are legally obliged to do so.
A full list of our third-party service providers and stores participating in the Natuzzi Community initiative will be made available to you upon sending a written request to the contact details listed below.
7. How will the transfer of your Data to non-EU countries be regulated?
Some of the third parties service providers mentioned before, may be located in countries outside the European Union. In case of transfer of your Data to foreign countries that do not guarantee the same level of data protection of the EU, we will ensure that the transfer is carried out in compliance with applicable laws, meaning collecting your previous consent when necessary, or through the adoption of any other measure to ensure an equivalent level of protection of transferred data, including the execution of standard contractual clauses according to the European Commission template, introduced by European Commission Decision 2010/87/CE
https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1728496.
8. Your rights under GDPR Regulation (EU, EEA and UK)
Any organization offering goods or services to a resident of an EEA (European Economic Area) country is subject to GDPR - Regulation (EU) 2016/679. If you are a resident of an EEA country (or UK), you have the right to
- access the Data to request the amendment or cancelation of the Data,
- request that data processing be limited,
- object to our use of your Data, and
- request that a copy of your Data be sent to you.
9. Rights of the interested party
Right of access
You have the right to obtain confirmation as to whether your personal data is being processed or not. If it is, you have the right to access your personal data and receive the information contained in this Privacy Policy.
Right of amendment
You have the right to obtain – without undue delay – the amendment of any incorrect personal data regarding you.
Right of cancellation
You have the right to obtain – without undue delay – the cancellation of personal data regarding you for any of the following reasons:
- a) the personal data is no longer necessary as per the purposes for which they were collected or processed;
- b) you have revoked your consent to data processing and there are no other legal grounds for data processing;
- c) you have opposed data processing and there is no other legitimate motive to proceed to data processing;
- d) your personal data has been processed unlawfully;
- e) your personal data must be deleted to comply with a legal obligation.
Right to limit data processing
You have the right to obtain the limitation of data processing in the following scenarios:
- a) if you inform us that your personal data is incorrect, we will limit data processing for the period needed for the data controller to check your personal data;
- b) if data processing is illegal and you oppose the deletion of your personal data and instead request that its use be limited;
- c) even though the data controller no longer needs your personal data for data processing purposes, your personal data may still be needed to check, exercise or defend a right in a legal proceeding;
- d) if you have opposed data processing and are awaiting verification that we have legitimate reasons for this.
Right of opposition
You have the right to oppose – at any time – the processing of your personal data for direct marketing purposes, including any profiling activities linked to marketing.
Right to data portability
You have the right to obtain a copy of the personal data we have regarding you in a well-structured, intuitive format that can be viewed on an automatic device. You also have the right to pass this data to another data controller without the consent of the data controller that supplied you with it, in the event that:
- a) data processing is based on consent or a contract; and
- b) data processing is carried out using automated means.
You have the right to obtain the direct transfer of your personal data to another data controller, provided this is technically possible and only by request.
10. How can you change your preferences or revoke consent?
You can – at any time – check, modify or revoke your consent for the data processing purposes as set out in Section 3, letters (a) and (b). You may also declare that you no longer wish to receive commercial information via email and/or instant messaging services. You can decide to leave the Natuzzi Community at any time. In order to do so, simply contact Natuzzi S.p.A. or the Data Protection Manager at the address privacy@natuzzi-editions.sg.
11. How can you contact the Data Controller and Data Protection Manager to exercise your rights?
You can exercise your rights by writing to the Data Controller and/or Data Protection Manager at the following addresses:
Data Controller:
Natuzzi S.p.A.
Via Iazzitiello, 47
70029 Santeramo in Colle (BA)
Italy
Email: natuzzi@legalmail.it
Natuzzi S.p.A. Data Protection Manager:
Protection Trade Srl
Via Giorgio Morandi, 22
04020 Itri (LT)
12. How to file a complaint with competent authorities
If your rights under GDPR legislation have been subject to delay, limitation or exclusion by the Data Controller, you can file a complaint with the competent supervisory authority or directly contact the authority to the following address:
Garante per la Protezione dei Dati Personali [Personal Data Protection Authority]
Piazza di Montecitorio n. 121
00186 Rome
Italy
Fax: (+39) 06.69677.3785
Tel: (+39) 06.696771
Email: garante@gpdp.it
Certified email address: protocollo@pec.gpdp.it
13. Changes to this Privacy Policy
We may update or modify this Privacy Policy, either completely or partially, at any time. However, your rights should not be affected by any changes. In case of modifications that might limit the protection of your personal data or restrict your rights as set out in the current version, we will use the contact details provided by you to inform you of this before your Data is processed according to the new policy. Your right to leave the Natuzzi Community and modify your consent and preferences will be guaranteed.
In any case, we invite you to consult the up-to-date Privacy Policy on the website from time to time.
Last updated: March 8, 2022
Cookies
Information briefing
This information briefing is provided in accordance with the European Regulation 679/2016 regulating the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter also referred to as the Regulation), for users of services offered on our Websites. The information briefing only applies to Natuzzi S.p.A., its affiliates and subsidiaries, and their respective websites and apps. Natuzzi is not in any way responsible for other websites you may be redirected to by clicking on links available on its Websites.
The Data Controller
The Data Controller of the personal data processed following consultation of our website is Natuzzi S.p.A. (hereinafter, also referred to as Natuzzi), with registered office in Via Iazzitiello, 47 – Santeramo in Colle (BA).
The Data Protection Manager
The Data Protection Manager is Protection Trade S.r.l. with registered office in Via Giorgio Morandi – 22, Itri (LT), contact email address: privacy@natuzzi-editions.sg
Place, purpose and communication regarding the data processing
The processing connected to the web services of our Websites takes place at the aforementioned office of the Company, by Natuzzi’s employees and representatives duly appointed to carry out the process. The data derived from the Website may be communicated to the subjects that manage the Website, or to IT partners used by the Data Controller to deliver the services requested by the users, as well as to subjects who have the right to access to the data under legal provisions and/or secondary regulations. The personal data provided by users who submitted requests for information about products (information requests, responses to questions etc.) or other communications are used for the sole purpose of performing the service requested and are communicated to third parties only in the event that it is necessary for this purpose.
Type of data processed
Navigation data. As you navigate through and interact with our Websites, we may use automatic data collection technologies to collect information about your equipment, browsing actions and patterns, including: (a) details of your visits to our Websites and other communication data and the resources that you access and use on the Websites; and (b) information about your computer and internet connection, including your IP address, operating system and browser type, addresses in URI notation (Uniform Resource Identifier) of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful outcome, error etc.). The information we collect automatically is often statistical data and does not include personal information, but we may maintain it or associate it with personal information we collect in other ways or receive from third parties. It helps us to improve our Websites and to deliver a better and more personalized service, including by enabling us to store information about your preferences, allowing us to customize our Websites according to your individual interests and recognize you when you return to our Websites. In addition, this data may be used to ascertain responsibility in case of cyber-crimes to the detriment of the Websites.
Data provided voluntarily by the user
The optional, explicit and voluntary sending of emails to the addresses indicated on this Website leads to the subsequent acquisition of the address of the sender, as it is required in order to respond to the requests, as well as any other personal data entered in the communication.
Specific summary information briefings shall progressively be reported or displayed on the pages of the website for particular services on request.
Cookies Policy
This website uses cookies and similar technologies in order to ensure the proper functioning of the procedures and to improve the user experience of the online applications. Cookies are textual elements that are inserted on the computer’s hard disk. The function of cookies is to streamline the analysis of web traffic or to indicate when a specific website is visited and enable web applications to send information to individual users. Detailed information is given below on the use of cookies and similar technologies, how they are used by Natuzzi and how to manage them.
Natuzzi uses the following types of cookies:
- “technical” cookies:
These cookies are functional to navigation and guarantee the secure and efficient exploration of the website. In addition, Google Analytics cookies are used solely to collect information in aggregate form on the number of users and how they visit the website. These are third-party cookies collected and managed in anonymous form in order to monitor and improve the performance of the host website (performance cookies). (For further information on Google cookies policy, refer to the following link: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html)
- third-party cookies regarding “social plugins”:
By visiting a website, cookies may be received both from the site visited (“proprietary”), and by websites managed by other organisations (“third-party”). Third-party cookies are those regarding the “social plugins” for Facebook, Twitter and Google. These are parts of the page visited that are generated directly by the aforementioned websites and integrated in the page of the host website. The most common use of social plugins is aimed at sharing content on the social networks. The presence of these plugins leads to the transmission of cookies to and from all the websites managed by third parties. The management of the information collected by “third parties” is governed by the respective information briefing to which you should refer. To ensure greater transparency and convenience, the web addresses of the various information briefings and methods for managing cookies are given below.
Facebook information briefing: https://www.facebook.com/help/cookies/
LinkedIn information briefing: https://www.linkedin.com/legal/privacy-policy
YouTube information briefing: http://www.google.it/intl/it/policies/technologies/cookies/
Instagram information briefing: https://instagram.com/legal/cookies/
- “Remarketing” cookies:
These cookies are persistent, that is, fragments of information that last longer and that are entered on the hard disk of the user’s computer to remain there until the “cookie” is deleted. “Persistent cookies” only record that an unidentified visitor has navigated the internet site and has accepted, or otherwise, the short information briefing. The website uses other persistent third-party cookies for monitoring visits regarding the digital activities carried out. The Remarketing cookies used are those of Google.
The user can decide whether or not to accept cookies by using the settings of their browser.
Click here to type and list of cookies
Total or partial disabling of cookies
The total or partial disabling of technical cookies may compromise the use of the functions of the website reserved to registered users. Public content, on the contrary, can be used even after completely disabling cookies. Disabling “third-party” or profiling cookies is not in any way detrimental to navigability. The settings can be specifically defined for different websites and web applications. Indeed, the best browsers enable different settings to be defined for “proprietary” and “third-party” cookies. We indicate below how to disable cookies through certain browsers.
Google Chrome
Select the icon from the Chrome menu. Select settings. In the lower part of the page, select Show advanced settings. In the “Privacy” section, select Content settings. Select Prevent sites from setting data. Select End.
Safari
Go to the Safari menu (icon in the top right of the browser) and select Preferences. In the pop-up window that opens, select the Security icon (in the shape of a padlock). Under the item “Accept cookies”, select the “Never” button.
Firefox
Click on the button of the menus and select Options. Select the Privacy panel. In the History item: select Use custom settings. To activate cookies, mark the item Accept cookies from websites; to deactivate them, remove the tick from the item.
Explorer
Go to the Explorer menu and click on the Settings button and then on Advanced Options. Click on the Cookies tab and move the slider up to block all cookies or down to enable all cookies, then click on OK.
Optional nature of granting data
Unless specified for navigation data, the user is free to provide personal data to request the services offered by the company. Failure to grant the data may make it impossible to obtain the requested service.
Methods of processing and retaining the data
Personal data are processed with manual and automatic instruments in compliance with the provisions of the Regulation. The data shall be retained only for the time necessary to attain the purpose for which they were collected, except in the case of other requirements deriving from legal obligations. Thereafter, the personal data shall be deleted.
A user who accepts remarketing cookies may be profiled for a maximum period of 90 days. The personal data subject to processing shall be retained in such a way as to reduce to a minimum, by means of adopting suitable preventive security measures, the risks of destruction or loss, including accidental, of the data, unauthorised access or processing that is not allowed or does not conform with the purposes of the collection.
The legal basis for the processing of the data is the provision of a service or the response to a request in favour of the interested parties.
rights of the interested parties
With regard to the processing of personal data, an interested party can apply to the Data Controller or Data Protection Manager by writing to the email address: privacy@natuzzi-editions.sg to assert their rights as laid down by the Regulation: specifically, they can request access, correction, updating, blocking, revocation of the consent in compliance with the applicable regulations, limitation of the processing, the portability of the data and their deletion.
Finally, we remind you that you have the right to complain to the Control Authority.
California Customer Privacy Act (CCPA) Addendum (for California Residents)
Your CCPA rights are described below. You can make a “Request to Know” or a “Request to Delete” under CCPA by submitting this form.
Request to Know
You have the right to request the following information about the personal data we have collected about you in the past 12 months:
- the categories and specific pieces of personal information we have collected about you;
- the categories of sources from which we collected the personal information;
- the business or commercial purpose for which we collect personal information;
- the categories of third parties with whom we share the information; and
- the categories of personal information about you that we disclosed for a business purpose, and the categories of third parties to whom we disclosed that information for a business purpose.
If you make a request more than twice in a 12-month period, you may be required to pay a small fee for this service.
Request to Delete
You have the right to request that we delete any personal information about you that you have provided to us. We will delete any personal information that is not necessary for our normal business operations from our records and direct all of our service providers to do the same. We consider information to be necessary for our business operations if it is used to:
- provide goods or services to you
- detect and resolve issues related to security or functionality
- comply with legal obligations
Right to Opt Out
You have the right to opt out of the sale of your personal information. We do not sell any information that identifies you, such as your name or contact information. However, we use ad networks to serve interest-based ads to our Websites visitors. To do this, we allow ad networks to collect information about your electronic activity while on our Websites (such as what product you view or add to your cart). They do this through third party cookies and similar tracking technologies placed on our Websites. We use this information to advertise to you after you leave our Websites. If you do not want us to provide this information to our advertisers, you may opt out by following this link
Right to Non-Discrimination
If you exercise your CCPA consumer rights:
- We will not deny goods or services to you
- We will not charge you different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties
- We will not provide a different level or quality of goods or services to you
Request Verification
Before we can respond to any CCPA requests, we will need to verify that you are who you say you are. Verification is important for preventing fraudulent requests and identify theft. The verification process depends on which type of request you make and how you make it. Typically, identity verification will require you to confirm certain information about yourself based on information we have already collected. For example, we will ask you to verify that you have access to the email address we have on file for you that is associated with your name. If we cannot verify your identity, we cannot fulfil your CCPA request.
In some cases, we may have no reasonable method by which we can verify a consumer’s identity. For example, if a consumer submits a request but we have not collected any personal information about that consumer, we cannot verify the request; if the only data we have collected about a consumer is gathered through website cookies (i.e., the consumer has visited our website but had no other interaction with us), we are unable to reasonably associate a requester with any data collected; therefore, we cannot verify the request.
Authorized Agent
A California resident’s authorized agent may submit a Request to Know or a Request to Delete under the CCPA. Requests submitted by an authorized agent will still require verification of the person who is the subject of the request according to the process described above. An authorized agent that has the power of attorney pursuant to California Probate Code section 4000 to 4465 must submit proof of statutory power of attorney, but consumer verification is not required.
Nevada Privacy Law Addendum (for Nevada Residents)
Under Nevada privacy law, Nevada residents have a right to submit a verified request directing certain operators of Internet websites and online services not to sell their personal information, as “sell” is defined in Nevada law. We do not sell personal information of Nevada residents. If you have any questions regarding our data privacy practices, please contact privacy@natuzzi-editions.sg
This sharing of information may be considered a “sale” of information under the California Consumer Privacy Act (CCPA). California residents have the right to opt-out of this sharing by submitting a Request to Opt-Out using the Digital Advertising Alliance (DAA) tool
Privacy and the protection of personal data are very important to Natuzzi S.p.A., its affiliates and subsidiaries. Therefore, the purpose of this Privacy Policy is to inform you about the type of data we collect and the way we handle your data, for the ultimate purpose of improving your experience with our website and participation within the Natuzzi Community.
1. What kind of data we collect Natuzzi may collect, retain and use personal details and contact information you provide when - you make a purchase in one of our stores, on https://natuzzi-editions.sg or our mobile apps (collectively, “Websites”),
- you request a quote or information about our products,
- you register yourself with the Natuzzi Community,
- you sign up for our newsletters, or
- you engage with us on our social media platforms (here in after collectively, “Data”).
In order to be able to request information and/or complete the process of registering with the Natuzzi Community, all the data indicated with an asterisk in the respective forms must be provided
2. Additional data
When you visit our Websites, we (or our third-party service providers) collect information about your use of the Websites: your Internet service provider’s address, your location as determined by your Internet Protocol (“IP”) address, the name of the website or advertisement directing you, your user agent, as well as your clicks and activity on our Websites. We use this information to understand how to make our Websites more available and user-friendly to our customers, as well as to provide you with advertising that may be of interest to you. To learn how you can opt out of such advertising click here. We do not serve interest-based advertising to users we identify as using our Websites from EU IP addresses.
With your consent, we may also collect the following data: optional information that you may convey to use through order forms, quote requests and the Natuzzi Community registration form; information that we may obtain by examining how you interact with us, through emails and newsletters, as well as our websites and apps; to do so, we may use tools that are developed either by us or third parties (for more information, we invite you to consult their Privacy Policies); your purchasing preferences, including information relating to purchases made by you and quotes requested by you from Natuzzi; information shared by you through the social networks you are registered with.
3. Why do we use your data and what legal basis we adhere to?
Once your consent is granted, we may use your data for some, or all, of the following purposes:
- a) to send you newsletters, information about products and services we offer, special promotions and surveys. For example, we might send you emails, instant messages (e.g., via SMS and WhatsApp), and promotional material via regular mail or have one of our representatives contacting you over the phone.
- b) to analyse your preferences and the way you interact with us. More specifically, in order to better understand your tastes and interests with regard to our products and services, we may examine – also using automated systems and third party service providers – the information you provide to us in order forms and quote requests, the items you purchased at Natuzzi stores in the last ten years, your level of interest in emails, advertising and newsletters we send you, the frequency of your visits to our websites, the way you use our apps and your engagement with our social media profiles (e.g. Facebook, Instagram and Pinterest). For more information about the Data we may obtain as a result of you browsing our internet websites and/or using our apps, please consult the relevant privacy documents. Finally, we may supplement your profile with information of statistical nature that we lawfully obtain from other sources: this could be related to where you live (e.g., demographic information, geo-referencing data etc.) or what electronic devices you use to interact with us.
In any case, this kind of activity should not have any legal consequences for you, or significantly impact you personally. Moreover, in the event that you have filled in a form for the request for information, we will use your Data:
- c) to provide you with the information requested;
And, in the event you have completed the Natuzzi Community registration form, we will use your Data for the following purpose, including through the use of electronic means:
- d) to manage your participation within the Natuzzi Community. Your Data will be used to give you discounts and other benefits, which may be made available from time to time. More generally, they will be used to satisfy all related contractual and administrative requirements.
Registration with the Natuzzi Community is optional and neither registration nor the information request is in any way dependent on you granting your consent for the data processing purposes set out at (a) and (b).
These activities allow us to provide you with our online and in-store retail and design services, process your transactions more efficiently, expedite shipping, offer you promotions, contests and other opportunities and, ultimately, give you a higher caliber of customer service.
4. Who is the data controller?
The Data Controller is Natuzzi S.p.A., whose contact details are listed here below.
5. How long do we keep your Data for?
We will only store your Data for the period of time necessary to pursue the various data processing purposes. You can request that we delete your personal information at any time by simply submitting this online request . For details about your rights to deletion under California law, please see below section titled “California Consumer Privacy Act Addendum”.
With regard to the Natuzzi Community, your Data will not be stored for longer than the time necessary to manage your participation in the Natuzzi Community. In the event that you decide to leave the Natuzzi Community, your Data will be deleted within 30 days.
We retain your information after you request such deletion for longer periods for specific purposes to the extent that we are obliged to do so in accordance with applicable laws and regulations and/or as necessary to protect our legal rights for certain business requirements. For example, when we process your payments, we will retain this data for longer periods of time as required for tax or accounting purposes. See below for specific reasons we would retain some data for longer periods of time:
- Security, fraud & abuse prevention – to protect you, other people, and us from fraud, abuse, and unauthorized access.
- Financial record-keeping – when you make a payment to us we are often required to retain this information for a long period of time for purposes of accounting, dispute resolution and compliance with tax, anti-money loundering, and other financial regulations (information relating to your purchases will be stored for processing for no longer than 10 years from the date of collection).
- Complying with legal or regulatory requirements – to meet any applicable law, regulation, legal process, or enforceable governmental request, as required to enforce our terms of service, including investigation of potential violations.
- Direct communication with us – if you have directly communicated with us, through a customer support channel, feedback form or a bug report, we may retain reasonable records of those communication (in any case, for no longer than 12 months from the date of collection).
6. To whom we disclose your Data
For administrative purposes, we may communicate your Data to our service suppliers (e.g., IT services). If you are registered with the Natuzzi Community, we may communicate your Data to companies – including foreign companies – who manage the stores participating in the Natuzzi Community initiative, as well as to authorities, agencies, public bodies and law enforcement, when we are legally obliged to do so.
A full list of our third-party service providers and stores participating in the Natuzzi Community initiative will be made available to you upon sending a written request to the contact details listed below.
7. How will the transfer of your Data to non-EU countries be regulated?
Some of the third parties service providers mentioned before, may be located in countries outside the European Union. In case of transfer of your Data to foreign countries that do not guarantee the same level of data protection of the EU, we will ensure that the transfer is carried out in compliance with applicable laws, meaning collecting your previous consent when necessary, or through the adoption of any other measure to ensure an equivalent level of protection of transferred data, including the execution of standard contractual clauses according to the European Commission template, introduced by European Commission Decision 2010/87/CE
https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1728496.
8. Your rights under GDPR Regulation (EU, EEA and UK)
Any organization offering goods or services to a resident of an EEA (European Economic Area) country is subject to GDPR - Regulation (EU) 2016/679. If you are a resident of an EEA country (or UK), you have the right to
- access the Data to request the amendment or cancelation of the Data,
- request that data processing be limited,
- object to our use of your Data, and
- request that a copy of your Data be sent to you.
9. Rights of the interested party
Right of access
You have the right to obtain confirmation as to whether your personal data is being processed or not. If it is, you have the right to access your personal data and receive the information contained in this Privacy Policy.
Right of amendment
You have the right to obtain – without undue delay – the amendment of any incorrect personal data regarding you.
This Privacy Policy describes how Royal Interiors Pte Ltd (the “Site” or “we”) collects, uses, and discloses your Personal Information when you visit or make a purchase from the Site.
Collecting Personal Information
When you visit the Site, we collect certain information about your device, your interaction with the Site, and information necessary to process your purchases. We may also collect additional information if you contact us for customer support. In this Privacy Policy, we refer to any information that can uniquely identify an individual (including the information below) as “Personal Information”. See the list below for more information about what Personal Information we collect and why.
Device information
- Examples of Personal Information collected: version of web browser, IP address, time zone, cookie information, what sites or products you view, search terms, and how you interact with the Site.
- Purpose of collection: to load the Site accurately for you, and to perform analytics on Site usage to optimize our Site.
- Source of collection: Collected automatically when you access our Site using cookies, log files, tags, or pixels.
- Disclosure for a business purpose: shared with our processor Shopify.
Order information
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers, bank details), email address, and phone number.
- Purpose of collection: to provide products or services to you to fulfill our contract, to process your payment information, arrange for shipping, and provide you with invoices and/or order confirmations, communicate with you, screen our orders for potential risk or fraud, and when in line with the preferences you have shared with us, provide you with information or advertising relating to our products or services.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify.
Customer support information
- Examples of Personal Information collected: name, billing address, shipping address, payment information (including credit card numbers, bank details), email address, and phone number.
- Purpose of collection: to provide customer support.
- Source of collection: collected from you.
- Disclosure for a business purpose: shared with our processor Shopify.
Sharing Personal Information
We share your Personal Information with service providers to help us provide our services and fulfill our contracts with you, as described above. For example:
- We use Shopify to power our online store. You can read more about how Shopify uses your Personal Information here: https://www.shopify.com/legal/privacy.
- We may share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.
Behavioural Advertising
As described above, we use your Personal Information to provide you with targeted advertisements or marketing communications we believe may be of interest to you. For example:
- We use Google Analytics to help us understand how our customers use the Site. You can read more about how Google uses your Personal Information here: https://policies.google.com/privacy?hl=en.You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
- We share information about your use of the Site, your purchases, and your interaction with our ads on other websites with our advertising partners. We collect and share some of this information directly with our advertising partners, and in some cases through the use of cookies or other similar technologies (which you may consent to, depending on your location).
For more information about how targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by:
- FACEBOOK – https://www.facebook.com/settings/?tab=ads
- GOOGLE – https://www.google.com/settings/ads/anonymous
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/.
Using Personal Information
We use your personal Information to provide our services to you, which includes: offering products for sale, processing payments, shipping and fulfillment of your order, and keeping you up to date on new products, services, and offers.
Lawful basis
Pursuant to the General Data Protection Regulation (“GDPR”), if you are a resident of the European Economic Area (“EEA”), we process your personal information under the following lawful bases:
- Your consent;
- The performance of the contract between you and the Site;
- Compliance with our legal obligations;
- To protect your vital interests;
- To perform a task carried out in the public interest;
- For our legitimate interests, which do not override your fundamental rights and freedoms.
Retention
When you place an order through the Site, we will retain your Personal Information for our records unless and until you ask us to erase this information. For more information on your right of erasure, please see the ‘Your rights’ section below.
Automatic decision-making
If you are a resident of the EEA, you have the right to object to processing based solely on automated decision-making (which includes profiling), when that decision-making has a legal effect on you or otherwise significantly affects you.
We do not engage in fully automated decision-making that has a legal or otherwise significant effect using customer data.
Our processor Shopify uses limited automated decision-making to prevent fraud that does not have a legal or otherwise significant effect on you.
Services that include elements of automated decision-making include:
- Temporary denylist of IP addresses associated with repeated failed transactions. This denylist persists for a small number of hours.
- Temporary denylist of credit cards associated with denylisted IP addresses. This denylist persists for a small number of days.
Your rights
GDPR
If you are a resident of the EEA, you have the right to access the Personal Information we hold about you, to port it to a new service, and to ask that your Personal Information be corrected, updated, or erased. If you would like to exercise these rights, please contact us through the contact information below.
Your Personal Information will be initially processed in Ireland and then will be transferred outside of Europe for storage and further processing, including to Canada and the United States. For more information on how data transfers comply with the GDPR, see Shopify’s GDPR Whitepaper: https://help.shopify.com/en/manual/your-account/privacy/GDPR.