MISS SIXTY VIP PROGRAMME
This document (information notice) refers expressly to the Miss Sixty brand VIP programme and intends to inform the customer (data subject) how the company processes his or her personal data in regards to this specific initiative.
The Data Controller is Sixty Distribution Srl, with registered office in Rome, Lungotevere de’ Cenci n. 9, and administration and operating headquarters in Milan in Milano, Via Durini n. 24. To request information on the processing and to exercise one's rights, the data subject can send an email to firstname.lastname@example.org or, if preferred, send a letter addressed to Ufficio Privacy di Miss Sixty, Via Durini n. 24, 20122 Milan.
To ensure compliance with the provisions regulating such activity, Sixty Distribution Srl has appointed a Data Protection Officer who can be contacted by email at email@example.com.
WHAT DATA WE USE AND WHERE WE COLLECT IT FROM
To become a member of the Miss Sixty VIP programme, the customer is required to complete a card providing general contact data (Name, Surname, Address, Date of Birth, email, mobile phone) and authorises Sixty Distribution Srl to record all purchases, converted into loyalty points, in the card database which has a unique code that identifies the customer. The data is processed to reward customers who appreciate the Miss Sixty products and grant them increasing discount incentives on their next purchases. The date of birth is required to gift the customer with an additional discount on his or her birthday,
HOW AND WHY WE PROCESS YOUR DATA
The data related to the loyalty programme are required to assign incentives and send communications regarding the loyalty programme (dedicated events, reserved promotions, points balance, birthday gift discounts etc,). Upon granting explicit consent to the processing of such data for marketing purposes (refusal does not compromise the main relationship) as seen on the card, such data shall also be used to send general commercial communications, invitations to meetings and events and other general promotions. The personal data of our customers shall be processed by authorised and fully trained operators to guarantee that only strictly necessary data is processed, along with the security of the same, using suitably protected IT systems and hard copy archives. The management of certain processing activities may be outsourced by the Data Controller, under the direct control and responsibility of the latter.
The legal bases of the processing are, to join the VIP programme, the contractual relationship established (also for the preliminary phases) and, for the management of the data for marketing purposes, the consent of the data subject. There is also the legitimate interest of the Data Controller to process the data of purchases made by customers for inventory and production organisation purposes. It is, however, always possible to request further information on the legal basis and processing methods from the Data Controller. Processing shall terminate together with the promotion initiative, except where foreseen otherwise by the laws in force. In cases where the consent is granted for marketing purposes, the processing shall continue until revoked by the data subject or until the purpose of the initiative is revoked by the Data Controller.
COMMUNICATION AND DISSEMINATION
The VIP programme data are exclusively of a common nature, belonging to adults (no minors) and are not destined for dissemination. The Data Controller does not request, and has no interest in collecting or processing data classified as “particular” (health, genetic, biometric etc.) or “criminal” data.
Personal data may be disclosed to third parties to fulfil obligations arising from laws or regulations (Institutions, Police, Judicial Authorities etc.) or for activities directly or indirectly connected to the relationship.
Data may be disclosed to subjects operating within the European Union, or countries that guarantee the same level of protection foreseen by Regulation (EU) 679/2016 and Legislative Decree no. 196/2003 where applicable. The updated list of the Data Processors, appointed for the purpose, is available at the registered office of the Data Controller or at Via Lungotevere de’ Cenci no. 9.
WHAT ARE YOUR RIGHTS
Customers are entitled to revoke, at any moment in time, their consent to the processing of their data, to obtain rectification, updating, anonymisation, restrict all or partial use, request portability and erasure, notwithstanding the rights of the Data Controller, third-parties and legal obligations. The data subject is entitled to be informed on the origin of the data, the processing logics and any recipients of the communication.
All rights can be exercised within the limits where such processing is not mandatory and imposed by the law or regulations in force. Applications to exercise such rights can be addressed to the Data Controller by email to firstname.lastname@example.org and the Data Protection Officer, for the aspects falling within the competence of the same, by email to email@example.com.
If you are not satisfied with the response to your requests, you are entitled to lodge a complaint with the Italian Supervisory Authority Data Protection Supervisor, with headquarters in Rome Piazza Venezia no. 9 (http:www.garanteprivacy.it/). A European and non Italian citizen can lodge a complaint with the Supervisory Authority in his or her own country or the country in which the breach took place.