Privacy

 

Privacy policy site

Why the present document

The present document describes how personal data of users are processed in this website. Data are processed in compliance with lawfulness and fairness requirements, in compliance with  the applicable regulations and adopting proper security measures to protect data.

Data will be retained for the time required to achieve the purposes of the processing and in compliance with the applicable regulations. The contractual and fiscal data will be treated then until there are legal obligations, and the data treated for commercial purpose and for the registration will be treated until there is a cancellation request.

The applicable law is the Hong Kong one (Chap. 486 Personal Data (Privacy) Ordinance ) for the data treated in Hoong Kong (accounting data, navigation data, contractual data); the news letters will be sent from  Italy, so the applicable law is the Italian one (dlgs 196/03 till May, then UE regulation 2016/679 from May 2018).

From May 2018 all EU citizens will be treated according to the UE regulation 2016/679).

The legal basis is the consent, the law and the the legitimate interests.

This privacy policy is also intended as a summary notice, as required in EU directive 95/46/EC, in  GDPR (General Data Protection Regulation- UE 2016/679), in dlgs 196/03 (Italian law), and in Cap. 486 Personal Data (Privacy) Ordinance,  to users of web services of this website to protect personal data that may be accessed electronically on:

www.mazzucatowatches.com

the opening page of this website.

This privacy policy is strictly referred  to the present website, not for other websites that users may access by clicking on the relevant links. These websites are independent data controllers (save as for the Company websites) and therefore reference must be made to the relevant policy.

This privacy policy is also based on the recommendation n. 2/2001 that the European Data Protection Authorities – i.e. members of the Working Group set up in line with article 29 of the directive 95/46/EC – adopted on 17 May 2011 to identify a series of minimum standards on online collection of personal data, in particular procedures, time limits and nature of data. Data controller are required to provide users with the relevant information when they visit their web pages irrespective of the aims of the access.

In order to know where the server hosting the website is located at, you can write an email to Billionaireglobaltime@gmail.com

Please, read all relevant privacy policies in this website.

 

Type of processed data and processing procedures

We inform you that the data will always be processed by to comply with an obligation imposed by law, regulation or legislation and to enforce or defend a right of D-Lab. D-Lab may disclose data to public authorities, courts, police, lawyers/attorneys, post offices/shippers, if necessary.

 

Navigation Data

IT systems and software procedures of this website, in the framework of their regular operation, acquires some personal data whose transfer is implicit in the use of Internet communication protocols.

These data are not collected with a view to linking them to their holders. However, these are data that, by their very nature, with processing and cross-reference with data of third parties, may identify users.

This data category includes IP addresses or domain names of computers of users visiting the website, URI (Uniform Resource Identifier) addresses of required resources, the time of the request, the method used to send the request to the server, the size of the obtained file, the numeric code on the reply status of the server (sent, error, etc.) and other requirements of the operative system and the IT environment of users.

These data are used by D-Lab Limited with the exclusive aim of collecting anonymous statistical information on the website use and  to supervise its smooth operation, and they are deleted immediately after processing. Data may be used to determine any liability in the event of IT crimes against the website or, in general, against the Company.

Data may be processed on paper, manually, with IT and electronic means (therefore, D-Lab may file data both on paper and IT support).

 

Data that users provide on a voluntary basis

The optional, explicit and voluntary sending of communications to the addresses of D-Lab Limited (if there is not a special form that must filled out, including references to the relevant privacy policies) requires D-Lab Limited to acquire the sender's address for the relevant reply as well as other personal data included  in the communication (or in the relevant attachments). In this event (without forms that must filled out, including references to the relevant privacy policies), provision of data is not mandatory. However, should data or the relevant address not be provided, the relevant request cannot be fulfilled. By sending of communication, the sender authorises D-Lab Limited to process data with a view to fulfilling the relevant requests.

D-Lab Limited may process data, whether on paper or on IT support, both manually and with other IT or electronic means.

Depending on services requested, users are in any case advised to familiarise themselves with the contents of specific privacy statements as may be found in the various sections of the site

Data Controller and Data Processor and Rights of users

 

 

The Data Controller is D-Lab Limited Flat 2. 15/f Vanta Ind Ctr 21-23 Tai Lin Pai Rd Kwai Chung NT Hong Kong. E-mail info@mazzucatodesign.com

The Data Processor/referente whom you can contact for all matters concerning data processing, in particular in order to exercise your rights in accordance with the procedures and timeframes set by law, and to obtain a complete and current listing of all other Data Processors/referents is the Administrator to D-Lab Limited, whom you can contact for this purpose at D-Lab’s offices.

For any further information, please write to: e- mail info@mazzucatodesign.com

 

Right to Access Personal Data and Other Rights

1.     A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.

2.     A data subject shall have the right to be informed

a.     of the source of the personal data;

b.     of the purposes and methods of the processing;

c.     of the logic applied to the processing, if the latter is carried out with the help of electronic means;

d.     of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); 

e.     of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.

3.     A data subject shall have the right to obtain

a.     updating, rectification or, where interested therein, integration of the data;

b.     erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

c.     certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

4.     A data subject shall have the right to object, in whole or in part,

a.     on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;

b.     to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

 

A data subject to GDPR:

may ask for the erasure (right to be forgotten) of personal data or restriction, ask for the data pourtability according to the GDPR. It also may ask to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal, as expected by the GDPR. It may also exercise the right to be forgotten, as expected by the GDPR.

 

For any claims it’s possible to get in touch with:

-       the Guarantor Authority for the protection of the Italian personal data provided for the newsletter; the contact information are available at the website www.garanteprivacy.it ;

-       the Privacy Commissioner for the Hong Kong personal data; the contact information are available at the website https://www.pcpd.org.hk/

-       the own country’s Guarantor Authority from 25th of May, 2018, for the EU Citizens; the contact information are available at the website http://www.garanteprivacy.it/web/guest/home/footer/link.

 

 

Notice and Disclosure Scope

No data from the web service (i.e. the above navigation data) may be notified or disclosed (except for notification to the judiciary or the police, if required).

As for processing based on the relevant forms in the website (i.e. registration or form to buy), reference is hereby made to the relevant forms and any applicable rules.

The data are processed by persons in charge of data processing, specifically appointed by D-Lab (administrative staff, staff in charge of public relations also external to the Company, IT staff, also external to the Company, marketing staff also external to the Company, Data Processors and their staff, persons in charge of the specific area to which a request is made, site management staff also external to the Company) only when the processing is necessary for the performance of their duties doing only what is needed to perform the tasks).

Data may also be disclosed and processed by the Data Processors appointed by D-Lab. (including outsourcers, marketing, administration and maintenance of servers, website administration). These external companies may process the data through staff who can perform the same tasks and process data for the same purposes for which those responsible have been appointed by D-Lab.

With regard to persons in charge of data processing, please also refer to the specific information contained within the site depending on the required service.

The data provided by the user may be disclosed to the subjects for which there is an obligation pursuant to law or to assert a right of the company in the relevant jurisdiction; data may be disclosed to any carrier/freight forwarder for the dispatch of D-Lab material required; data may be communicated to the categories of persons eventually specified in the specific information in the various sections of the site.

Option to provide data and processing procedures

For a complete information on the processing of the data by i D-Lab, we invite you to take vision of all the information contained within the various areas of application of the data and all sections of this privacy policy.

COOKIES POLICY

Refer to specific cookies policy section.

 

 

Additional Information

D-Lab will not make illicit actions to obtain the data of the computer or electronic system and the illegal manipulation of computer or electronic system, as well as its damage. D-Lab  will not interfere with others' use of their name, and not use the same fraudulently or assume another's identity.

D-Lab  will not process the facts in order to openly denigrate another person or with the intent to cause damage to his reputation of substantial entity by means of offense or slander.

 

D-Lab  will not install on users computers MALWARE, not also FEATURE unnecessary without the consent of users.

D-Lab will safeguard the security of the information uploaded on users ("Information load").

 

D-Lab will not change or delete the information loaded without a legitimate reason.

 

Specific Notices

As already reported, this website includes other specific summary privacy policies in pages on services on request. Reference is hereby made to such privacy policies integrating this privacy policy.

 

 

PRIVACY POLICY CONTACTS

 

Privacy policy statement pursuant to article 13 of regulation (UE) 2016/679 (GDPR) and to Hong Kong privacy law

 

The undersigned company D-Lab Limited hereinafter also referred to as the "Company" or "D-lab.") hereby informs you that it will process the data you have provided in the form and later for the purposes listed in the following paragraphs. D-Lab may only require and process data which are instrumental to achieve the purposes of this privacy policy.

1.         Data may be processed on paper, manually, with IT and electronic means (therefore, D-Lab .may file data both on paper and IT support). D-Lab has implemented safety measures to prevent any data loss, illegal use of data, misuse or unauthorised access. Data will be retained and processed by D-Lab in compliance with its confidentiality requirements. D-Lab  has its offices (in compliance with the principles of fairness, lawfulness, transparency, and protection of the confidentiality and the rights of those concerned) strictly in line with the aims set forth in this privacy policy. Data will be processed by D-Lab exclusively to achieve the aims set forth in this privacy policy. Data will be filed at D-Lab  offices and at the appointed data processors/referents (as well as third parties who receive data as specified in point 4 of this privacy policy). Data will be entered in databases, including IT databases..

2.         D-Lab may process data for the following purposes:

A.         To respond to requests;

B.         D-Lab may also process data to comply with the requirements pursuant to the legislation in force, regulations or EU regulations and to assert or defend the rights of the Company in a court of law;

 

3.         The provision of data and consent for the purposes under point 2, letter A of this privacy policy are optional and the lack of them could make it impossible to be subject to the activities specified in this point.

The provision of data for the purposes under point 2, letter B of this privacy policy is necessary and the lack of them could make it impossible to be subject to the activities specified in this privacy policy.

 

4.         The collected and processed data may be communicated by D-Lab for the purposes described in point 2, letter B of this information to carriers / shippers, lawyers and legal advisors, public authorities, judicial bodies, for the purposes of point 2 letter A of this information data may be communicated to carriers / shippers. D-Lab will only communicate the personal data required for the pursuit of each purpose indicated in this information

 

5.         The data may be disclosed on behalf of D-Lab to all parties appointed as persons in charge of the processing by D-Lab (legal department staff also external to the Company, IT staff also external to the Company, consultants also external to the Company – for example IT technicians quality advisors, - staff in charge of the website also external to the Company, marketing staff also external to the Company, internal auditor, persons in charge of the specific area to which a request is made ) and external data processor/referents (appointed by D-Lab) also external to the Company (such as IT outsourcers, and more in general consultants performing instrumental activities) in addition to internal data processor/referent specified in point 8 of this privacy policy. External data processors/referents will process data either directly or through their providers which are in charge of  data processing on behalf of D-Lab, performing the same tasks as data processors as well as the administration/maintenance of processors/servers of external data processors hosting D-Lab data. Data processors and persons in charge of processing will retain data insofar it is necessary to perform the tasks assigned by D-Lab by only performing the actions needed to implement such tasks.

 

6.         Data will be retained and processed by D-Lab for the time required to achieve the purposes of the processing and in compliance with the applicable regulations. They will be kept for the necessary time according to the local law, as expressed on point 2 letter B and till the response as expressed on point 2 letter A. In order to assert or defend its rights in the relevant jurisdiction, the data will be retained for the time necessary for assert or defend the rights

 

7.         The Data Controller is D-Lab Limited, Flat 2. 15/f Vanta Ind Ctr 21-23 Tai Lin Pai Rd Kwai Chung NT Hong Kong. E- Mail info@mazzucatodesign.com

 

8.         The Data Processor/referent that you may contact for everything relating to the use of the data, and especially to exercise within the times and by the procedures envisaged the rights and to obtain the complete and updated list of the other Data Processors is the Administrator, who can be contacted for the purposes of this role at company’s addresses

9.         Please, note that some special rights are assigned to the holders of personal data. Rights are reported hereunder:

1)         A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.

2)         A data subject shall have the right to be informed

a)         of the source of the personal data;

b)         of the purposes and methods of the processing;

c)         of the logic applied to the processing, if the latter is carried out with the help of electronic means;

d)         of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); 

e)         of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.

3)         A data subject shall have the right to obtain

a)         updating, rectification or, where interested therein, integration of the data;

b)         erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

c)         certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

4)         A data subject shall have the right to object, in whole or in part,

a)         on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;

b)         to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

 

10.       A data subject to GDPR:

may ask for the erasure (right to be forgotten) of personal data or restriction, ask for the data pourtability according to the GDPR. It also may ask to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal, as expected by the GDPR. It may also exercise the right to be forgotten, as expected by the GDPR.

 

11.       For any claims it’s possible to get in touch with:

-           the Privacy Commissioner for the Hong Kong personal data; the contact information are available at the website https://www.pcpd.org.hk/

-           the own country’s Guarantor Authority from 25th of May, 2018, for the EU Citizens; the contact information are available at the website http://www.garanteprivacy.it/web/guest/home/footer/link.

12. The legal basis is the consent, the law and the the legitimate interests

 

 

PRIVACY POLICY NEWSLETTER

 

Privacy policy statement pursuant to article 13 of the Italian Legislative Decree 196/03 (D.Lgs. 196/03), to art  13 of regulation (UE) 2016/679 (GDPR) and to Hong Kong privacy law

 

The undersigned company D-Lab Limited hereinafter also referred to as the "Company" or "D-lab.") hereby informs you that it will process the data you have provided in the form and later for the purposes listed in the following paragraphs. D-Lab may only require and process data which are instrumental to achieve the purposes of this privacy policy.

 

1.         Data may be processed on paper, manually, with IT and electronic means (therefore, D-Lab .may file data both on paper and IT support). D-Lab has implemented safety measures to prevent any data loss, illegal use of data, misuse or unauthorised access. Data will be retained and processed by D-Lab in compliance with its confidentiality requirements. Just for Italy the necessary data for sending the newsletter will be treated through the company THE OTHERS, located in Milan, via Stendhal 72, that is responsible for it in Italy. D-Lab  has its offices (in compliance with the principles of fairness, lawfulness, transparency, and protection of the confidentiality and the rights of those concerned) strictly in line with the aims set forth in this privacy policy. Data will be processed by D-Lab exclusively to achieve the aims set forth in this privacy policy. Data will be filed at D-Lab  offices and at the appointed data processors/referents (as well as third parties who receive data as specified in point 4 of this privacy policy). Data will be entered in databases, including IT databases..

 

2.         D-Lab may process data for the following purposes:

A.         to carry out advertising communications/information on products-services-initiatives of D-Lab and its partners and market research and/or interviews for the evaluation of product-services of D-Lab, all by .D-Lab to the e-mail that you provided in the form or other contact details provided later (please note that the sending of e-mail will also be in electronically with the help of automated tools);

B.         D-Lab may also process data to comply with the requirements pursuant to the legislation in force, regulations or EU regulations and to assert or defend the rights of the Company in a court of law;

 

3.         The provision of data and consent for the purposes under point 2, letter A of this privacy policy are optional and the lack of them could make it impossible to be subject to the activities specified in this point. In addition, if you agreed to the data processing for the purposes described in this point, you may cancel your consent at any time by sending a notice to the D-Lab addresses specified in point 8 of this privacy policy. Other cancellation-opposition procedure may be further notified.

The provision of data for the purposes under point 2, letter B of this privacy policy is necessary and the lack of them could make it impossible to be subject to the activities specified in this privacy policy.

 

4.         The collected and processed data may be communicated by D-Lab for the purposes described in point 2, letter B of this information to carriers / shippers, lawyers and legal advisors, public authorities, judicial bodies, for the purposes of point 2 letter A of this information data may not be communicated. D-Lab will only communicate the personal data required for the pursuit of each purpose indicated in this information

 

5.         The data may be disclosed on behalf of D-Lab to all parties appointed as persons in charge of the processing by D-Lab (legal department staff also external to the Company, IT staff also external to the Company, consultants also external to the Company – for example IT technicians quality advisors, - staff in charge of the website also external to the Company, marketing staff also external to the Company, internal auditor) and external data processor/referents (appointed by D-Lab) also external to the Company (such as IT outsourcers, marketing companies and more in general consultants performing instrumental activities) in addition to internal data processor/referent specified in point 8 of this privacy policy. External data processors/referents will process data either directly or through their providers which are in charge of  data processing on behalf of D-Lab, performing the same tasks as data processors as well as the administration/maintenance of processors/servers of external data processors hosting D-Lab data. Data processors and persons in charge of processing will retain data insofar it is necessary to perform the tasks assigned by D-Lab by only performing the actions needed to implement such tasks.

 

6.         Data will be retained and processed by D-Lab for the time required to achieve the purposes of the processing and in compliance with the applicable regulations. They will be kept for the necessary time according to the local law, as expressed on point 2 letter B and till the cancellation request, as expressed on point 2 letter A. In order to assert or defend its rights in the relevant jurisdiction, the data will be retained for the time necessary for assert or defend the rights

 

7.         The Data Controller is D-Lab Limited, Flat 2. 15/f Vanta Ind Ctr 21-23 Tai Lin Pai Rd Kwai Chung NT Hong Kong. E- Mail info@mazzucatodesign.com

 

8.         The Data Processor/referent that you may contact for everything relating to the use of the data, and especially to exercise within the times and by the procedures envisaged the rights and to obtain the complete and updated list of the other Data Processors is the Administrator, who can be contacted for the purposes of this role at company’s addresses

 

9.         Please, note that some special rights are assigned to the holders of personal data. Rights are reported hereunder:

1)         A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.

2)         A data subject shall have the right to be informed

a)         of the source of the personal data;

b)         of the purposes and methods of the processing;

c)         of the logic applied to the processing, if the latter is carried out with the help of electronic means;

d)         of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); 

e)         of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.

3)         A data subject shall have the right to obtain

a)         updating, rectification or, where interested therein, integration of the data;

b)         erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

c)         certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

4)         A data subject shall have the right to object, in whole or in part,

a)         on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;

b)         to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

 

 

10.       A data subject to GDPR:

may ask for the erasure (right to be forgotten) of personal data or restriction, ask for the data pourtability according to the GDPR. It also may ask to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal, as expected by the GDPR. It may also exercise the right to be forgotten, as expected by the GDPR.

 

 

11.       For any claims it’s possible to get in touch with:

-           the Guarantor Authority for the protection of the Italian personal data provided for the newsletter; the contact information are available at the website www.garanteprivacy.it ;

-           the Privacy Commissioner for the Hong Kong personal data; the contact information are available at the website https://www.pcpd.org.hk/

-           the own country’s Guarantor Authority from 25th of May, 2018, for the EU Citizens; the contact information are available at the website http://www.garanteprivacy.it/web/guest/home/footer/link.

 

12. The legal basis is the consent, the law and the the legitimate interests

 

 

 

PRIVACY POLICY REGISTRATION

 

Privacy policy statement pursuant to article 13 of the Italian Legislative Decree 196/03 (D.Lgs. 196/03), to art 13 regulation (UE) 2016/679 (GDPR) and to Hong Kong privacy law

 

The undersigned company D-Lab Limited (hereinafter also referred to as the "Company" or "D-lab.") hereby informs you that it will process the data you have provided in the form and later for the purposes listed in the following paragraphs. D-Lab may only require and process data which are instrumental to achieve the purposes of this privacy policy.

 

Data may be processed on paper, manually, with IT and electronic means (therefore, D-Lab. may file data both on paper and IT support). D-Lab has implemented safety measures to prevent any data loss, illegal use of data, misuse or unauthorised access. Data will be retained and processed by D-Lab in compliance with its confidentiality requirements. Data used to send the newsletter will be treated by the company THE OTHERS in Italy, whose registered office is in Milan, via Stendhal 72, and who is the contact person in Italy and also responsible for processing.

 

1.         . D-Lab has its offices (in compliance with the principles of fairness, lawfulness, transparency, and protection of the confidentiality and the rights of those concerned) strictly in line with the aims set forth in this privacy policy. Data will be processed by D-Lab exclusively to achieve the aims set forth in this privacy policy. Data will be filed at D-Lab offices and at the appointed data processors/referents (as well as third parties who receive data as specified in point 4 of this privacy policy). Data will be entered in databases, including IT databases.

 

2.         D-Lab may process data for the following purposes:

A.         only in case of registration (by clicking on creating your account) in order to allow the registration to the web site so that you are recognized as registered user and your recording is managed (without the consent for such purposes you will be not signed). This consent is optional and only if the user wants to register.

B.         In order to send (to you user) advertising material/information and/or direct sales of products-services-initiatives of D-Lab by D-Lab and its partners, and commercial communications on products-services-initiatives of D-Lab and its partners, all listed in the e.mail specified in the form. Please note that the sending of e-mail will also be electronic, with the help of automated tools. Consent to processing and the provision for this purpose are entirely voluntary and you can purchase, register, also without consent to the processing for such purposes. The only consequence of the lack of provision and consent will therefore be that you will not be subject to the activities specified to in that section (point 2 lett. B of this information);

C.         where you shall purchase, in order to fulfill obligations arising from the purchase contract, and therefore also for administrative-accounting purposes and for the order management. As regards the credit card, data will be handled by the payment managing Entity only;

D.         to comply with the requirements pursuant to the legislation in force, regulations or EU regulations and to assert or defend its rights in the relevant jurisdiction.

For the purposes described in point 2 lett. B of this information, the consent is not necessary to register and purchase so the user can buy and register also without giving his consent to processing data for these purposes.

 

3.         The data will not be disclosed to third parties by D-Lab for the purposes specified in point 2 letter A and B of this information. The data may be communicated by D-Lab for the purposes specified in point 2 letter C of this information (communicating only data that are necessary for the pursuit of these purposes) abroad to: banks for payments, carriers and forwarding agents, post offices, distributors, lawyers and legal consultants. For the purposes specified in point 2 letter C and D of this information, data may be communicated (by communicating only the data that are necessary for the pursuit of these purposes) by D-Lab to judicial authorities, tax police and public security and public bodies if there is an obligation to this disclosure, also to law firms and legal advisers and to post offices (being able to see the address for sending any written notices). The data may be disclosed on behalf of D-Lab to all parties appointed as persons in charge of the processing by D-Lab if necessary for the performance of the tasks assigned to them by the Company, only carrying out on the data the operations necessary for the performance of the said tasks (administrative staff also external to the Company, transport and correspondence staff also external to the Company, marketing staff and site management staff also external to the Company, IT technicians and IT staff also external to the Company, public relations staff also external to the Company, legal department staff also external to the Company,) and any data processor/referents external to the Company (companies-professional studies who perform instrumental activities of D-Lab  such as marketing activities, shipping and enveloping, audit of accounts and management public relationships,) and internal to the company (for example, the data processor/referent specified in paragraph 7 of this information) always appointed by D-Lab External data processors will process data either directly or through their providers which are in charge of data processing on behalf of .D-Lab, performing the same tasks as data processors as well as the administration/maintenance of processors/servers of external data processors hosting D-Lab data. Data processors/referents and providers in charge of processing will retain data insofar it is necessary to perform the tasks assigned by D-Lab by only performing the actions needed to implement such tasks.

 

4.         Provision of data to D-Lab

A.         The provision of data on the registration form marked as mandatory (those marked with an asterisk) is necessary for the purposes specified in section 2 lett. C of this information and therefore the refusal to provide it in whole or in part may make it impossible for the Company to execute the contract and then buying products D-Lab. The indication of the product to purchase and the method of payment is necessary in order to purchase the product (and then again for purposes specified in section 2 lett. C of this information) and the lack of information will make it impossible to buy the product. As far as shipping information if is different from billing you see to section 4 lett. G of this information. With regard to other data contained in the optional fields see also as shown below. Whereas not otherwise specified in this information data in optional fields can optionally be provided and the failure does not lead to any result other than that not to use such information (which may still be useful for the purpose in object).

B.         The provision of data (tax code or VAT number, personal details and address, billing information and purchase, other data that may be necessary in pursuance of legal obligations and legislation or regulations to enforce or exercise a right of D-Lab in court) for the purposes specified in section 2 lett. D of this information is necessary and failure makes it impossible to register and/or to follow up the purchase contract.

C.         The provision of data specified as mandatory (those marked with an asterisk) in the registration form in order to register (section 2 lett. A of this information) is optional but the absence of data will make it impossible to register the same. As far as shipping information if is different from billing you see to section 4 lett. F of this information. With regard to data relating to VAT and company name will also see to section 4 lett. E of this information. As far as VAT data and Company name are concerned, please referr to section 4, lett. E. As far as credit card information see to section 4 lett. D of this information. As for other data not marked with an asterisk in the registration form and any other data provided, the provision is optional and failure to provide does not lead to any result but to disregard such data that may be useful in some cases to better manage the order.

D.         As far as credit card information is concerned, your provision is optional and its failure makes it impossible to pay by credit card.

E.         The provision of data requested in case of invoice (such as VAT and Company name) is optional, but without them it’s not possible to invoice, whereas required.

F.         The provision of data relating to alternative addresses to which to send the goods and/or a gift is optional but the missing data with an asterisk will make it impossible to ship the material to the address indicated. Please note that for these particular activities, the user agrees on its own responsibility to obtain the consent of the subject of which indicates the data, send the goods to him address or indicate him as holder of the gift. In addition, User engages for these activities to inform the subject of which he communicates data to D-Lab (subject to which to send the goods or holder of the gift) that he will communicate data D-Lab, so D-Lab can treat them (through persons in charge and data processors specified they must have knowledge to perform the tasks assigned by .D-Lab) in order to send the material to the address and also informing him that he will give specific information about processing of data, putting him still aware immediately on that he may disclose data to carriers and shippers, and that provision of data is optional and failure to make it impossible to ship the goods to the address and/or to indicate the subject as a holder of the gift. You agree to obtain consent (where due) to communicate the data to D-Lab and their processing (therefore also consenting to the recording in databases D-Lab.) by D-Lab for the purposes specified above in this section. User data will then be known even by those who receive the goods .      

G.         The consent to the data processing for the purposes specified in point 2 lett. B of this information and the provision of data for these purposes are optional and the lack of provision and consent involve only the impossibility for the Company to carry out the activities referred to these purposes (since there is therefore no effect on processing for other purposes and thus on the possibility of registering and buying) at the addresses indicated. Please note that you can always oppose (and thus withdraw consent requiring therefore not be subject to such activities) at any time to data processing for the purposes of sending advertising and information material or direct sales and commercial communications (even through one of the means indicated) by getting in contact, as provided by law, with the Data Processor/referent specified in point 7 of this privacy policy at the addresses of D-Lab. In the communications can always be indicated other procedures for withdrawal of consent and opposition to the processing.

 

5.         Data will be retained and processed by Billionaire Global Limited  for the time required to achieve the purposes of the processing and in compliance with the applicable regulations. So they will be retained for the time required by the law in order to achieve the purposes to the point 2 lett. C and D and until the deletion request for the purposes on point 2 lett.A and B. In order to assert or defend its rights in the relevant jurisdiction, the data will be retained for the time necessary for assert or defend the rights

Data Controller is D-Lab Limited, Flat 2. 15/f Vanta Ind Ctr 21-23 Tai Lin Pai Rd Kwai Chung NT Hong Kong. E-mail: info@mazzucatodesign.com

 

6.         Data Processor/referent that you may contact for everything relating to the use of the data, and especially to exercise within the times and by the procedures envisaged the rights and to obtain the complete and updated list of the other Data Processors is the Adminsitrator, who can be contacted for the purposes of this role at the addresses of the companies.

 

7.         Please, note that some special rights are assigned to the holders of personal data. Rights are reported hereunder:

1)         A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.

2)         A data subject shall have the right to be informed

a)         of the source of the personal data;

b)         of the purposes and methods of the processing;

c)         of the logic applied to the processing, if the latter is carried out with the help of electronic means;

d)         of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); 

e)         of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.

3)         A data subject shall have the right to obtain

a)         updating, rectification or, where interested therein, integration of the data;

b)         erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;

c)         certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

4)         A data subject shall have the right to object, in whole or in part,

a)         on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;

b)         to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

 

10- A data subject to GDPR:

may ask for the erasure (right to be forgotten) of personal data or restriction, ask for the data pourtability according to the GDPR. It also may ask to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal, as expected by the GDPR. It may also exercise the right to be forgotten, as expected by the GDPR.

 

11- For any claims it’s possible to get in touch with:

-           the Guarantor Authority for the protection of the Italian personal data provided for the newsletter; the contact information are available at the website www.garanteprivacy.it ;

-           the Privacy Commissioner for the Hong Kong personal data; the contact information are available at the website https://www.pcpd.org.hk/

-           the own country’s Guarantor Authority from 25th of May, 2018, for the EU Citizens; the contact information are available at the website http://www.garanteprivacy.it/web/guest/home/footer/link.

 

12. The legal basis is the consent, the law and the the legitimate interests

 

 

This privacy policy is updated as at 02/02/2018.