Privacy Policy

PRIVACY POLICY

This Privacy Policy is defined on the basis of art. 13 of EU Regulation n. 679/2016 and applies only to all data collected through the fabrick.com website. This Privacy Policy is subject to updates that will be posted on the website on time. The present Privacy Policy, and the Cookie Policy, establishes the basis on which the user’s personal data will be processed.

Data Controller

The Data Controller of the Data collected from this Website is Fabrick Spa, with Headquarter in Biella, Piazza Gaudenzio Sella no. 1, P.IVA 02654890025

Data Protection Officer

The Data Protection Officer (“DPO”), can be contacted at the following addresses:

postal address: Fabrick S.p.A. – Piazza Gaudenzio Sella n. 1, 13900, Biella – DPO;
e-mail address: privacy@fabrick.com

Methods of personal data processing

The personal data provided or acquired are subjected to a treatment based on principles of correctness, lawfulness, transparency and protection of privacy pursuant to current legislation. The Data Controller processes the user’s personal data adopting appropriate security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of personal data. Data are processed by means of IT and/or telematics tools, by implementing organizational methods and strategies that are connected to the purposes of the activity.

Purposes for processing the collected data and legal basis

Personal data can be collected autonomously by the Data Controller or by third party. In this case, the computer systems and software used by the website acquire certain user’s personal data, IT related (for example, the IP address, the browser used, the operative system, the domain name and the websites addresses from which you have accessed or exit, etc.), whose transmission is inherent to the correct functioning of Internet. Such data can be processed for the sole purpose of obtaining anonymous statistical information on the use of the website and/or controlling its correct functioning; after their processing, they are immediately erased. The data the user choses to provide spontaneously are collected to allow the website to provide its services and for the following purposes:

a) to fulfil any kind of obligation required by current laws, regulations, associated regulations, commercial use and taxation/fiscal subjects. This processing is necessary for compliance with a legal obligation to which the Data Controller is subject;

b) for other additional purposes or related to that indicated above and falling within the sphere of the activities of the website;

c) to act on specific requests made by the user to the Data Controller for informative communications related to the Data Controller’s services by e-mail or filling in contact forms and using other communication tools like phone or instant messaging services like WhatsApp Business, Messenger live etc. This processing is optional, and it is based on the user’s consent, nevertheless, the non-reporting of one or more data will cause the impossibility of responding to the information request and of using the services offered by the Data Controller;

d) for sending information and promotional and commercial offers also through newsletter service, e-mail, mailbox or SMS. This processing is based on the consent freely expressed by the user;

e) for soft spam purposes to allow the Data Controller to send the user via e-mail promotional communication concerning Products and/or Services purchased without the need for the express and prior consent of the user, as required by art. 130, paragraph 4, Code of Privacy, and provided that the user does not exercise the right of opposition. This processing is based on art. 130, paragraph 4 of the Code of Privacy as told by Legislative Decree no.101 of 2018;

f) for carrying out statistical analysis on aggregated and anonymous data to analyze the user’s behaviour, improve the products and services provided by the Data Controller and meet the user’s expectations;

g) for profiling activities for marketing purposes. This processing is based on the consent freely expressed by the user;

Category of personal data processed

Among the personal data processed by this website, autonomously or by third party, there are common data like: Cookies, usage data, name, email, phone, tax data useful for purchasing and personal data useful for the delivery of the purchased product. The optional, explicit or voluntary transmission of emails by Contact Form or by the addresses specified on this website entails the successive acquisition of the sender’s address, which is necessary to answer the requests, and of any other personal data included in the email. The user’s consent to the provision of data is necessary to be inserted in the Data Controller’s database and in the interest of the establishment and correct functioning of what offered to users, as well as third party for the fulfilment of the single activity required. Therefore, failure to provide it will hinder the registration in the Data Controller’s database, the refinement of any contract, as well as their execution and that of any other activity.

Data communication

In some cases, in addition to Data Controller, may have access to data:

a) categories of persons specifically trained involved in the organization of the website (administrative staff, commercial staff, marketing staff, lawyers, system administrators);

b) external parties (like third party technical service providers, hosting provider, IT companies, communication agencies) also appointed as Data Processors by the Data Controller ex art. 28 GDPR. The updated list of Data Processors, if appointed, can always be requested from the Data Controller;

c) public or private entities that can access the data in compliance with legal obligations;

d) subjects that perform instrumental tasks with respect to the activity of the Data Controller;

e) subjects who perform accessory and instrumental tasks with respect to the activity of the Owner;

Processing time

As expressly stipulated by art. 5, co. 1, lett. e) of the GDPR, data are stored for a period of time necessary to provide the service requested by the user, or for the time required for the purposes described in this document, particularly:
– The data collected for contractual obligations will be stored for the time necessary for the accomplishment of the mentioned purposes and in accordance with current legislation;
– The data collected for tax / administrative obligations will be stored for the time necessary for the accomplishment of the mentioned purposes and in accordance with current legislation;
– The data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is met; the user can obtain more information regarding the Data Controller’s legitimate interest contacting him/her;
– The data collected based on the user’s consent can be stored until the withdrawal of the consent;
The Data Controller can store the data for a longer time in accordance with a legal obligation or by order of an authority.
At the end of the storing time, personal data will be deleted and consequently access rights, deletion rights, rectification rights and data portability rights can no longer be exercised.

Cookies

This website uses Cookies. They are small text files that may be used by websites to make the user’s experience more efficient, to customize contents and advertisements, to provide the functions of the social networks and analyse the traffic. Cookie Policy

Place of processing and transfer of data abroad

The data are processed at the Data Controller’s operating office. For more information, contact the Data Controller. The data can be processed by natural persons and/or legal entities acting on behalf of the Data Controller, under specific contractual obligations and located in UE or non-UE countries. If the data are transferred outside the EEA, the Data Controller will adopt any contractual measure suitable to ensure an adequate data protection.

Tools used for personal data processing

CONTACT FORM

The user, filling in the contact Form with his/her data, agrees to their use to answer any request of information or any other purpose indicated by the form header. Personal data collected by the contact Form: email, name and surname.

HubSpot (HubSpot Ireland Limited)

HubSpot is a service offered by HubSpot Ireland Limited to create contact Forms. Personal data collected via contact Forms: email, name and surname.
Place of processing: Ireland – Privacy Policy

EMAIL ADDRESSES MANAGING

These services permit to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the user. Furthermore, these services could permit to collect data related with user’s date and time of viewing of messages, as well as track user’s interaction with them, such as information on clicks on the links included in the messages.

Newsletter

By subscribing to the newsletter, the user’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this website may be transmitted. The user’s email address might also be added to this list as a result of signing up to this website or after making a purchase. The user can choose at any time to unsubscribe from the newsletter by clicking on a specific button he/she will find within the emails. After clicking the button, the user’s data will be immediately deleted by the “email marketing” software. Personal data collected: email and name. This website uses the newsletter service offered by:

Mailchimp (The Rocket Science Group)

Mailchimp is a service that organizes and analyses the newsletter distribution. If a user does not want his/her data managed by Mailchimp, it will be necessary to unsubscribe from the newsletter. In this regard, a link is provided in every sent newsletter. Personal data collected: email and name.
Place of processing: the USA – Privacy Policy

HubSpot

HubSpot is a service offered by HubSpot Ireland Limited that allows the sending of newsletter. Personal data collected via newsletter: email, name and surname.
Place of processing: Ireland – Privacy Policy

SECURITY MEASURES ADOPTED

This website has an SSL certificate and uses the HTTPS protocol to secure the moment your personal data is entered. By using this protocol, the transactions and the data transmission to the websites take place with maximum security and the content of the communication is not read or manipulated by third parties anyway.

reCAPTCHA

This website uses reCAPTCHA, a service subject to the privacy and Google terms and conditions.

STATISTICS

Statistics services allow the Data Controller only to monitor and analyse the traffic data and keep track of the user’s behaviour. This website uses the following services:

Hotjar (Hotjar Ltd)

Hotjar is a statistical service that allows the Data Controller to monitor the conversions of her/his customers and register sessions. At the following link https://www.hotjar.com/privacy/do-not-track/ Hotjar provides the browser add-on for Do not track. Personal data collected: Cookies and usage data.
Place of processing: Malta – Privacy Policy

HubSpot

HubSpot is a service offered by HubSpot Ireland Limited that allows the statistics and uses the collected personal data with the aim of tracking and examining the use of this website.
Place of processing: Ireland – Privacy Policy

Linkedin Insight Tag(LinkedIn Ireland Unlimited Company)

This Website uses a script called ‘LinkedIn Insight Tag’. The LinkedIn Insight Tag allows for statistics and uses the Personal Data collected for the purpose of tracking and reviewing the use of this Website. Personal Data collected: Cookies and Usage Data.
Place of Processing: Ireland – Privacy Policy

INTERACTION WITH SOCIAL NETWORKS

These services allow to interact with social networks directly from the website pages. The interactions and information acquired by this website are subject to the user’s Privacy Policy of each social network. If a service for interaction with social networks is installed, the site may collect traffic data about the pages, even if users do not use the service.

LinkedIn (LinkedIn Ireland Unlimited Company)

The LinkedIn buttons are services for interaction with LinkedIn, offered by LinkedIn Corporation. Personal data collected: Cookies and usage data.
Place of processing: Ireland – Privacy Policy

Twitter (Twitter International Company)

IThe Twitter buttons are services for interaction with Twitter, offered by Twitter, Inc. Personal data collected: Cookies and usage data.
Place of processing: Ireland – Privacy Policy

REMARKETING E RETARGETING

These services allow this website to communicate, optimize and serve advertising based on the past use of this website by the user. This activity is carried out by tracking of usage data and the use of Cookies. This website uses the following services:

Insight Tag LinkedIn (LinkedIn Ireland Unlimited Company)

This website uses a script called “LinkedIn Insight Tag”. LinkedIn Insight Tag adds a cookie to the users’ browser every time they visit this website. Thanks to this tool the owner can register when a LinkedIn member carries out a certain action on the website (like book a service or leave the email). This tool is used for collecting statistical data that allow to measure paid advertising effectiveness. Thanks to LinkedIn Insight Tag we can understand the actions people perform on this website. Data are used for: making sure the ads are shown to the right people; creating public groups to use advertisements for; exploiting the additional advertising tools of the platform on which advertising is made. This website uses LinkedIn Insight Tag to carry out “Remarketing” and “Retargeting” activities; due to these activities, cookies left by the user on this website are used, without identifying him. Personal data collected: Cookies and usage data.
Place of processing: Ireland – Privacy Policy

CONTENTS HOSTED ON EXTERNAL PLATFORMS

These services allow to display contents hosted on external platforms directly from this website pages and to interact with them. If a service for interaction with social networks is installed, the website may collect traffic data about the pages, even if users do not use the service.

This website uses

Youtube (Google Ireland Limited)

YouTube is a video contents viewing service managed by Google that allows this website to integrate such content within its pages. Personal data collected: Cookies and usage data.
Place of processing: Ireland – Privacy Policy

Spotify (Spotify AB)

Spotify is a service provided by Spotify AB that hosts the services of the Data Controller. Personal data collected: different kinds of data as specified in the privacy policy of the service.
Place of processing: Sweden – Privacy Policy

Exercise of the rights of the data subject

The data subject may exercise the rights as described in the art. 7, 15-22 of the EU Regulation 679/2016. In particular, the right to withdraw his/her consent in any time and, simply asking the Data Controller, he/she may request access to personal data, receive the personal data provided by the Data Controller and, where possible, transmit them to another Data Controller of the processing without impediment (c.d. portability), obtain the update, the limitation of the processing, the rectification of data and the deletion of that processed in contrast with current legislation. The data subject has the right, for legitimate reasons, to oppose the processing of personal data concerning him/her the processing for purposes of sending advertising materials, direct selling and market research. The interested party also has the right to lodge a complaint with the Privacy Authority in its quality of supervisory authority. The data subject may exercise the rights by emailing the owner at: privacy@fabrick.com

Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to users on this page. Therefore, it is recommended to consult this page very often, taking as reference the date of last modification indicated at the bottom. In case of non-acceptance of the changes made to this Privacy Policy, the user is required to cease the use of this website and may request the Data Controller to remove their personal data. Unless otherwise specified, the previous Privacy Policy will continue to apply to personal data up to that date collected moment. The Data Controller is not responsible for the update of the links displayable in this Privacy Policy, therefore, every time a link does not work and/or is not updated, users acknowledge and accept that they must always refer to the document and/or the section of the linked websites.