Privacy Policy

INFORMATIONS CONCERNANT LA COLLECTE DES DONNEES PERSONNELLES

This information is provided in accordance with the relevant provisions of the legislation on the processing of personal data which are dictated in Switzerland by the Federal Law on Data Protection (LPD) and in Europe by EU Regulation no. 2016/679 (GDPR).

Data controller.

This site (the « Site ») is managed by Im*media S.r.l., based in Italy, Palermo, Via Antonio Gagini n. 59 (c.a.p. I-90133), with VAT IT 04286410826, which is the owner of the processing of personal data of users who use it (the « Interested »).

The data controller (« Owner ») can be contacted at the above address or at the email [email protected].

The Data Controller has designated a data protection officer (DPO) in charge of monitoring compliance with data protection legislation and who keeps a register of personal data processing. The DPO can be contacted directly at [email protected].

Processed data.

The following types of personal data are processed through the Website: those provided by the Data Subject at the time of registration on the Website; those that are provided by the interested party at the conclusion of an order or the purchase of products or services sold by the Owner; those collected during navigation or the use of services offered on the Site.

In particular, these are the personal details of the interested party; of its contact details, including telephone and telematic ones. During navigation, navigation data is collected and cookies are installed on the devices used for navigation, these treatments are the subject of separate information, available at the address https://www.imgenesi.com/cookie-policy/.

In the event that the interested party purchases services offered by the Site, the payment data will be processed by Stripe Payments Europe, Ltd., as independent data controller and will not be processed by Im*media S.r.l. The information regarding the collection of personal data of Stripe Payments Europe, Ltd. can be found at the website https://stripe.com and https://stripe.com/privacy.

The provision of data is optional, however failure to provide the requested data may make it impossible to make purchases and establish or continue a relationship with the Owner.

Purpose of the treatment.

The Data Controller uses the data for the purposes and in the presence of the legal bases indicated below.

PurposeIcona di Verificata con communityLegal basisIcona di Verificata con community
conclude and execute the contract for the purchase of products and services sold on the Site; register on the Site and use the related services offered to registered users; provide the services offered on the Site; handle customer service inquiries; allow payments.need to execute a contract of which the interested party is a part or pre-contractual measures adopted at the request of the same.
fulfillment of legal obligations of a civil, accounting (invoicing, mandatory accounting entries and records) fiscal, tax nature.need to fulfill a legal obligation to which the Data Controller is subject.
analysis and statistical surveys to improve the commercial offer and services of the Site; prevention and repression of fraud, counterfeiting and abusive behaviour; ensure the correct technical functioning and security of the Site; protection of rights.legitimate interest of the Controller.

Processing methods and data storage time.

Data processing may take place both through IT systems and automated processes, and in paper form.

Personal data will be kept for a limited period of time, which varies according to the purpose of the processing, at the end of which they will be definitively canceled or in any case rendered anonymous in an irreversible way. The data collected during the purchase of the services will be processed until all the administrative and accounting formalities have been completed, then they will be archived in accordance with the applicable legislation for a maximum duration of ten years.

In the event of closure of the account, the Data Controller will keep the personal data provided only for administrative purposes starting from the termination of the contractual relationship up to a maximum of 10 years, except for any further needs for which their further maintenance is granted and / or required by specific legal provisions.

Categories of subjects to whom the data may be communicated.

For the purposes of data processing, the Data Controller makes use of duly trained and authorized personnel. The data will be communicated externally only when this is indispensable with respect to the processing purposes indicated above. As part of the execution of the services of the Site and to execute a sales contract, the data may be processed by suppliers of the Data Controller evaluated and chosen for their reliability and competence, who will process the data for the sole purpose of carrying out activities instrumental to the services requested and the purposes indicated above.

If the conditions are met and, where necessary, subject to consent and/or specific information, the data can be transmitted by the Data Controller to the following categories of recipients: e-mail service providers; Internet Service Providers; companies specializing in IT and telematic services; companies that provide customer support services; judicial authorities and subjects to whom the communication is mandatory by law.

The data will not be disclosed, unless the requested service requires it, and will not be transferred to countries outside the European Union. In this regard, the Federal Data Protection and Information Commissioner (FDPIC) stated that it can be assumed that a state that has ratified the Council of Europe Convention of 28.01.1981 for the protection of individuals with regard to automatic processing of data of a personal nature and that has signed the relevant additional protocol guarantees equivalent protection and this is the case for EU countries. The Swiss Federal Council has also included Italy among the states in which adequate data protection is guaranteed with the Data Protection Ordinance (OPDa) of 08.31.2022.

Categories of subjects to whom the data may be communicated.

For the purposes of data processing, the Data Controller makes use of duly trained and authorized personnel. The data will be communicated externally only when this is indispensable with respect to the processing purposes indicated above. As part of the execution of the services of the Site and to execute a sales contract, the data may be processed by suppliers of the Data Controller evaluated and chosen for their reliability and competence, who will process the data for the sole purpose of carrying out activities instrumental to the services requested and the purposes indicated above.

If the conditions are met and, where necessary, subject to consent and/or specific information, the data can be transmitted by the Data Controller to the following categories of recipients: e-mail service providers; Internet Service Providers; companies specializing in IT and telematic services; companies that provide customer support services; judicial authorities and subjects to whom the communication is mandatory by law.

The data will not be disclosed, unless the requested service requires it, and will not be transferred to countries outside the Euro