The personal data of the Users are controlled by Milostore P.Iva IT03326530924, with registered office in via Grazia Deledda 23, 09127 Cagliari (CA), hereinafter referred to as the Data Controller .
In compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 n. 196, Code regarding the protection of personal data, and subsequent amendments) and European (European Regulation for the protection of personal data n. 679/2016, GDPR), this site respects and protects the privacy of visitors and users, putting in place every possible and proportionate effort not to infringe the rights of users.
Milostore does not publish advertisements, does not use data for the purpose of sending advertising, but makes use of third-party services in order to improve the use of the site, third parties that may collect user data and then use them to send personalized advertisements on other sites. This site also uses social plugins to make it easier to share articles on social networks. These plugins are configured so that they send cookies (and therefore possibly collect data) only after the user has clicked.
When a User visits or makes reservations on the xMilordx Site, Milostore may use the information provided to offer services, personalize the user experience and send updates and communications related to such services.
You are given the option to exercise various rights, including accessing, modifying or removing your personal data, or changing your marketing preferences (including the right to withdraw your consent at any time).
Types of Data collected
Among the types of Personal Data that this Website collects, by itself or through third parties, there are: Cookies; Usage data; email.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Website and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
Processing of Collected Data
The Data Controller, in compliance with the obligations deriving from national legislation (Legislative Decree 30 June 2003 n. 196, Code regarding the protection of personal data, and subsequent amendments) and European (European regulation for the protection of personal data n. 679 / 2016, GDPR), adopts the appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, the Data may be accessed by other parties involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third-party technical service providers, mail carriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Owner. The updated list of Data Processors can always be requested from the Data Controller.
Legal basis of the processing
The Data Controller processes Personal Data relating to the User if one of the following conditions exists:
- the User has given consent for one or more specific purposes; Note: in some jurisdictions the Owner may be authorized to process Personal Data without the User’s consent or another of the legal bases specified below, until the User objects (“opt-out”) to such processing. However, this is not applicable if the processing of Personal Data is governed by European legislation on the protection of Personal Data;
- the processing is necessary for the execution of a contract with the User and / or the execution of pre-contractual measures;
- the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- the processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Data Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
However, it is always possible to request the Data Controller to clarify the concrete legal basis of each treatment and in particular to specify whether the processing is based on the law, provided for by a contract or necessary to conclude a contract.
The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, contact the Data Controller. The User’s Personal Data may be transferred to a country other than the one in which the User is located. To obtain further information on the place of processing, the User can refer to the section on the details on the processing of Personal Data.
The User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization of public international law or consisting of two or more countries, such as the UN, as well as about the security measures adopted by the Data Controller to protect the Data.
The User can check if one of the transfers described above takes place by examining the section of this document relating to the details on the processing of Personal Data or request information from the Data Controller by contacting him at the details indicated at the beginning.
The Data are processed and stored for the time required by the purposes for which they were collected.
- Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
- Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
When the processing is based on the User’s consent, the Data Controller may keep the Personal Data longer until such consent is revoked. In addition, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Purpose of the Processing
The Data concerning the User is collected to allow the Owner to provide the Service, comply with legal obligations, respond to enforcement requests, protect its rights and interests (or those of Users or third parties), detect any malicious or fraudulent activity, as well as for the following purposes: Analytics, Content commenting, Interaction with external social networks and platforms, Contacting the User, Displaying content from external platforms, Commercial affiliation, Heat mapping and session recording, Remarketing and behavioral targeting, User database management and Tag management. To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User can refer to the section “Detailed information on the processing of Personal Data”.
Personal Data is collected for the following purposes and using the following services:
Contacting the User
Managing User Databases
Heat mapping and session recording
Interaction with external social networks and platforms
Remarketing and behavioral targeting
Viewing content from external platforms
Users can exercise certain rights with reference to the Data processed by the Data Controller.
In particular, the User has the right to:
- withdraw consent at any time. The User can revoke the consent to the processing of their Personal Data previously expressed.
- oppose the processing of their Data. The User can object to the processing of their Data when it takes place on a legal basis other than consent. Further details on the right to object can be found in the section below.
- access your Data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
- verify and request rectification. The User can verify the correctness of their Data and request its updating or correction.
- obtain the limitation of the treatment. When certain conditions are met, the User may request the limitation of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than their conservation.
- obtain the cancellation or removal of your Personal Data. When certain conditions are met, the User can request the cancellation of their Data by the Owner.
- receive your Data or have them transferred to another holder. The User has the right to receive their Data in a structured format, commonly used and readable by automatic device and, where technically feasible, to obtain its transfer without hindrance to another holder. This provision is applicable when the Data are processed with automated tools and the processing is based on the User’s consent, on a contract of which the User is a party or on contractual measures connected to it.
- propose a complaint. The User may lodge a complaint with the competent personal data protection supervisory authority or take legal action.
Details of the right to object
When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or to pursue a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.
Users are informed that, if their Data are processed for direct marketing purposes, they can oppose the processing without providing any reason. To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.
How to exercise your rights
To exercise the Rights of the User, Users can direct a request to the contact details of the Owner indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.
Cookies consist of portions of code installed within the browser that assist the Data Controller in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User’s consent.
When the installation of Cookies takes place on the basis of consent, this consent can be freely revoked at any time by following the instructions contained in this document.
Cookies allow you to store information on visitors’ preferences, are used in order to verify the correct functioning of the site and to improve its functionality by customizing the content of the pages according to the type of browser used, or to simplify navigation by automating procedures (eg Login, site language), and finally for the analysis of the use of the site by visitors.
This site uses the following categories of cookies:
– analysis cookies , used to collect information, in aggregate form, on the number of users and how they visit the site. They are assimilated to technical cookies if the service is anonymized.
– profiling and marketing cookies , used exclusively by third parties other than the owner of this site to collect information on the behavior of users while browsing, and on interests and consumption habits, also in order to provide personalized advertising.
In addition to what is indicated in this document, the User can manage the preferences relating to Cookies directly within his browser and prevent – for example – that third parties can install them. Through the browser preferences it is also possible to delete the Cookies installed in the past, including the Cookie in which the consent to the installation of Cookies by this site is eventually saved. The User can find information on how to manage Cookies with some of the most popular browsers for example at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.
Notwithstanding the foregoing, Users are informed of the possibility of using the information provided by YourOnlineChoices (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services. With these services you can manage the tracking preferences of most advertising tools. The Owner, therefore, advises Users to use these resources in addition to the information provided by this document.
Defense in court
The User’s Personal Data may be used by the Owner in court or in the preparatory stages for its possible establishment for the defense against abuse in the use of this Website or related Services by the User. The User declares to be aware that the Owner may be obliged to disclose the Data by order of public authorities.
System logs and maintenance
For needs related to operation and maintenance, this Website and any third-party services used by it may collect system logs, i.e. files that record interactions and that may also contain Personal Data, such as the User IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
If the changes affect treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.