This information is provided in accordance with Article 13 of Regulation 2016/679 (GDPR), pursuant to Article 13 of Legislative Decree No. 196/2003 (Code on the Protection of Personal Data) to users who access the website www.ricambiamericani.com, www.usaspareparts.com and www.americanparts.com and relates to all personal data processed in the manner indicated below. The sites:
are owned and operated by ERISE SRL which guarantees compliance with the legislation on the protection of personal data (Legislative Decree 196/03)
The Data Controller.
The Data Controller of the personal data collected is Erise s.r.l. a socio unico, based in Cervarese Santa Croce (PD) via Roma n. 241. Within the company itself, the personal data collected are processed by employees who act as "appointees", following the specific instructions and indications given to them.
Place of data processing.
The processing operations connected to the web services of the ERISE SRL sites take place at the company's headquarters in Cervarese Santa Croce (PD), of the data controller and are carried out only by technical personnel of the Office in charge of processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disseminated (art. 90 GDPR). The personal data provided by users who forward requests to send informative material are used only to perform the service or provision requested and are communicated to third parties only if this is necessary for that purpose (art. 3 GDPR).
Object of processing.
Personal data processing constitutes any operation or set of operations, carried out even without the aid of electronic means, concerning the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, erasure and destruction of data, even if not registered in a database.
The personal data processed are collected as provided directly by the data subject or provided automatically.
Data provided directly by the data subject are all personal data that are provided to the Data Controller in any manner, directly by the data subject. Said data may be rectified by the data subjects at any time, as well as the data subjects may prevent their processing.
In particular, the following personal data are collected and processed: first name, last name, company name, tax code, address, telephone, email, date of birth, other information necessary to process your order (e.g. information about the products you have ordered, bank account information, iban and swift), related information and the history of any contacts with the customer service department. Personal data provided by users/visitors will be disclosed to third parties only if the disclosure is necessary to comply with the requests of those users/visitors.
The data collected automatically are browsing data. These data, although not collected in order to be associated with the identity of the user, could indirectly, through processing and associations with data collected by the Owner, allow its identification. In particular: list data collected IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment.
Following the sending of newsletters, the platform used allows the detection of the opening of a message and the clicks made within the newsletter itself, along with details related to the ip and browser/device used. The collection of this data is essential for the operation of the implicit renewal systems of the treatment (see the heading Modes of Treatment) and an integral part of the operation of the sending platform.
Purposes of Processing
Personal data provided by users who submit requests for sending information material are used only for the purpose of performing the requested service or performance or when the communication is imposed by legal obligations. The provision of the data being processed is mandatory in order for the user to access the service. For this reason, consent is mandatory and any refusal to process, or failure, inaccurate or partial provision of data could result in the impossibility of proper provision of the service.
The provision of data for the purpose of sending newsletters for promotional, informational or research purposes is optional and refusal to provide the relevant consent to the Treatment will result in the impossibility of being updated about commercial initiatives and / or promotional campaigns, to receive offers or other promotional material and / or to send the user personalized offers.
Erise srl does not provide any of the users' information to third parties without their consent, except where required by law. Personal data will be processed for the following purposes:
- 1. functional for the fulfillment of obligations under the law, regulation or provided for by EU legislation;
- 2. execution of the contract or to fulfill, prior to the execution of the contract, your specific requests in relation to the marketing and import/export of replacement products.
- 3. management of customers and any purchase orders and related administrative activities, with related processing, in accordance with the relevant regulations, invoicing and shipments.
- 4. preparation of measures aimed at protection against credit risk, including activities aimed at identifying the economic reliability/solvency of the Customer, before or during the contractual relationship. Erise srl may verify that the bank/postal data provided is correct;
- 5. relating to the performance of activities aimed at the elaboration of studies and market research, the performance of direct sales activities, including by telephone, for the sending of commercial information, as well as for the sending of advertising/information material, carried out with "traditional" methods ( by way of example, paper mail and/or call with operator) or through automated contact systems ( by way of example, SMS and/or MMS, telephone calls, e-mail, fax) pursuant to art. 130 c. 1 and 2 Privacy Code and Regulation (EU) 2016/679. The data subject may at any time object to the processing by sending a request to the mailbox email@example.com.
- 6. relating to the performance by third parties, business partners to whom Erise may communicate/assign the acquired data, for the performance of activities aimed at the elaboration of studies and market research, the performance of direct sales activities, including telephone sales, or product placement, for the sending of commercial information, including interactive, as well as for sending advertising/information material, carried out by "traditional" means (by way of example, paper mail and/or call with operator) or by means of "automated" contact systems ( by way of example, SMS and/or MMS, telephone calls, e-mail, fax) pursuant to art. 130 c. 1 and 2, Privacy Code" and EU Regulation 2016/679;
- 7. relating to the performance of activities aimed at the elaboration of studies and market research, the performance of direct sales activities, including by telephone, for the sending of commercial information, as well as for the sending of advertising/information material, carried out by "traditional" means (by way of example, paper mail and/or call with operator) or by means of "automated" contact systems ( by way of example, SMS and/or MMS, telephone calls e-mail, fax) pursuant to art. 130 co. 1 and 2 Privacy Code and EU Regulation 2016/679.The data subject may at any time object to the processing by sending a request to the mailbox firstname.lastname@example.org.
- 8. Related to the performance, by third parties, business partners, to whom ERISE SRL may communicate/assign the data acquired, for the performance of activities aimed at the elaboration of studies and market research, the performance of direct sales activities, including telephone, or product placement, for the sending of commercial information, including interactive, as well as for the sending of advertising/information material, carried out by "traditional" means (by way of example, paper mail and/or call with operator) or by means of "automated" contact systems ( by way of example, SMS and/or MMS, telephone calls, e-mail, fax) pursuant to art. 130 c. 1 and 2 Privacy Code" and EU Regulation 2016/679.
- 9. litigation management (contract defaults, warnings, settlements, debt collection, arbitrations, court disputes).
Cookies are small text strings that sites visited by the user send to the user's terminal, where they are stored in order to be retransmitted to the same sites the next time the same user visits. Cookies are used for various purposes: performing computer authentication, session tracking, storing information about specific configurations regarding users accessing the server, etc.
No use is made of cookies for the transmission of information of a personal nature, nor are so-called persistent cookies of any kind, i.e. systems for tracking users.
>a) Technical cookies.
. These are cookies necessary to enable secure and efficient exploration of the site and for authentication to access restricted areas.
These cookies are not used for further purposes and are installed directly by ERISE srl..
These cookies can be divided into navigation or session cookies, which ensure the normal navigation and use of the website; analytics cookies, assimilated to technical cookies if used directly by the operator of the site to collect information, in aggregate form, on the number of users and how they visit the site itself; functionality cookies, which allow the user to navigate according to a set of selected criteria (for example, language, products selected for purchase) in order to improve the service rendered to the same.
The use of c.d. session cookies (which are not stored persistently on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site.
The so-called session cookies used in this site avoid the use of other computer techniques potentially prejudicial to the privacy of users' browsing and do not allow the acquisition of personal identification data of the user.
This Site uses: analytics cookies, technical cookies, session cookies.
b) Profiling cookies.
. Profiling cookies are aimed at creating profiles related to the user and are generally used to send advertising messages in line with the preferences expressed by the user when browsing the web. Given the particular invasiveness that such devices can have within the private sphere of users, the legislation provides that the user must be adequately informed about the use of the same and thus express their valid consent.
This site does not use its own profiling cookies.
c) So-called "third-party" cookies.
. In the course of browsing, the user may also receive on his terminal equipment cookies that are sent by different sites or web servers (so-called "third parties"), on which some elements (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that the same is visiting may reside.
Social network integration services are services that allow you to interact with social networks or other third-party platforms. The interactions and information captured are subject to the privacy settings related to the social network or platform in question. In the event that a service for interaction with social networks is installed, it is possible that, even if you do not use the service, it will collect traffic data related to the pages where it is installed.
Manner of processing.
Personal data are processed using paper, computer, telematic, automated tools including profiling (art. 22 GDPR). Profiling can take place using individual or identifying data (ex. Master Data), or aggregated data derived from individual personal data. All in compliance with the guarantees of confidentiality and security measures provided by current legislation, with logic strictly related to the purposes of processing. Personal data is processed for as long as is strictly necessary to achieve the purposes for which it was collected, including the security of our processing procedure in accordance with regulatory and legal obligations (e.g., auditing, accounting, and legal retention periods), litigation management, and for the determination, practice, or defense of legal rights in those countries where we conduct business.
Special security measures are observed to prevent data loss, unlawful or incorrect use, and unauthorized access.
The Data Controller retains and processes personal data for as long as necessary to fulfill the stated purposes. The retention period may vary significantly depending on: purposes, type of data processed, legal obligations.
When it is no longer necessary to retain personal data, it may be securely deleted or destroyed in accordance with our policy.
Rights of data subjects
According to Articles 15 to 22 of the Regulation, the data subject has the right to obtain from the Data Controller the indication:
- of the origin of the personal data;
- of the purpose and methods of processing;
- of the logic applied in case of processing carried out with the aid of electronic/informatic instruments;
- the identification details of the owner, managers and designated representative;
- of the subjects and categories of subjects to whom the data may be communicated or who may become aware of the data in their capacity as designated representative in the territory of the State, managers or appointees.
In addition, the data subject has the right to obtain:
- the updating, rectification or integration of their data;
- the cancellation, transformation into anonymous form or blocking of data processed in violation of the law;
- access to one's own data, i.e., confirmation as to whether or not personal data concerning him or her are being processed;
- the restriction of processing, data portability, i.e. the right to receive in a structured format personal data concerning him/her;
- right to complain to the Supervisory Authority.
Finally, the data subject has the right to object, in whole or in part, on legitimate grounds, to the processing of personal data concerning him or her, even if pertinent to the purpose of collection. In particular, the interested party has the right to object to the processing of personal data concerning him/her for the purpose of sending commercial advertising material or direct sales or for carrying out market research or commercial communication. Requests under the above points should be sent via PEC email to email@example.com.
In addition to the employees of Erise srl, some processing of the user's personal data may also be processed by third parties, invi including companies to which Erise srl entrusts or may entrust certain activities functional to the consultation of the site. These subjects will operate as autonomous owners or as data processors In the latter case, the owner will give the processors adequate operating instructions with particular reference to the adoption of minimum security measures in order to be able to guarantee the confidentiality, integrity and security of the data. The user's data may also be communicated to the judicial, administrative or other public authorities entitled to request them, in the cases provided for by law. For the pursuit of the aforementioned purposes, Erise srl may communicate and have your personal data processed, in Italy and abroad, including countries outside the European Union, to third parties with whom it has dealings: the latter will only provide them with the information necessary to carry out the requested services taking all measures to protect your personal data (art. 44 GDPR). Personal data may, in addition, be known by employees, self-employed workers, project workers, occasional workers, consultants, temporary workers, collaborators of Erise srl, who have been specifically appointed/designated as Data Processors or persons in charge of the processing. accounting and invoicing staff, goods/services marketing staff, agents and representatives. The aforementioned data may be transferred and communicated to the following category of subjects: companies operating in the transport sector, our suppliers, our sponsors, the Italian Post Office and other correspondence delivery companies, banks and credit institutions, debt collection companies, law firms, insurance companies, professional firms and/or companies and/or associations of companies and entrepreneurs who provide us with certain accounting and/or tax services, social security institutions, etc.
Last updated September 2020..