top of page

Privacy Policy

Information pursuant to Article 13 of the European Regulation 679/2016 and Consent

Dear Customer,

To comply with the current legislation on the protection of personal data introduced by Regulation (EU) 2016/679 (“GDPR”), Thermofits Srl (The Company) provides you with some information regarding the processing of your personal data as a “data subject” (the “Customer”).

Data Controller

The Data Controller is Thermofits Srl, in the person of its legal representative, with registered office in Bergamo.

The Data Processor is Marco Rossi, domiciled at the registered office of Thermofits Srl.

For the purposes of the legislation on the processing of data, the Data Controller and the Data Processor can be contacted by ordinary mail at the registered office of Thermofits Srl or by email at info@carbon-relax.com

Processing of Personal Data

The processing of personal data means any operation or set of operations which is performed on personal data or on sets of personal data, whether or1 not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.2

The Company acquires or already holds some data concerning the Customer, such as, by way of example but not limited to, personal identification data and data relating to purchases made by the Customer.

The Company does not process personal data belonging to special categories (“Sensitive Data”), such as those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership,3 as well as processing genetic data, biometric data intended to uniquely identify a natural person, data concerning4 health or data concerning a natural person's sex life or5 sexual orientation (Article 9 GDPR).

Use of Personal Data and Purposes of Processing

The Company collects the Customer's personal data (the “Data”):

  • directly from the Customer at points of sale or online through

  • automatically online through the Websites and uses “cookies” and other unique identification tools and obtains certain types of Data

The Data is processed lawfully for the following purposes:

  • to purchase and deliver products and services. It uses the Data to receive and manage orders, provide products and services, process payments, and communicate with the Customer regarding orders, products, services, and promotional offers;6

  • to provide and improve services and resolve any related issues;

  • to use the Data to suggest features, products, and services that may be of interest to the Customer, to identify preferences and personalize the experience;

  • to fulfill legal obligations;

  • to use the Data to communicate with the Customer regarding the services provided through various channels (for example, by phone, email, and chat);

  • to use the Data to show the Customer interest-based advertising related to features, products, and services of potential interest.

Furthermore, the Company may ask for consent to process the Data for specific purposes that will be communicated.

The consent given by the Customer may be withdrawn at any time, and in that case, the Company will cease to process the Data for the specified purpose.

Cookies

The Company uses cookies, pixels, and other technologies (collectively, “cookies”) to recognize the browser or device, learn more about the Customer's interests, and provide essential features and services, and also for other purposes, including:

  • recognizing the Customer when they log in;

  • keeping track of the Customer's specified preferences;

  • keeping track of items saved in the Customer's shopping cart;

  • conducting research and analysis to improve content, products, and services;

  • delivering content, including advertising, relevant to the Customer's interests on the Websites and also on third-party sites;

  • preventing fraudulent activities and improving security.

The Company authorizes third parties to set cookies when the Customer interacts with the Websites, such as search engines, social media, and advertising companies.

The Customer has the right to manage cookies through their browser settings.

You can manage browser cookies through your browser settings. This functionality

Processing Methods

The Data is processed by duly authorized personnel in environments where access is under constant control. The data processors may become aware of the Customer's Data exclusively for the aforementioned purposes.

All personal data is processed with the support of paper, computer, or electronic means in compliance with the provisions of the law for the purposes listed below. The Company is equipped with suitable technical, IT, organizational, logistical, and procedural security measures to ensure adequate standards of data protection.

The Data is used with methods and procedures necessary to provide the services, products, and information requested by the Customer, also through the use of fax, telephone (including mobile phone), email, or other remote communication techniques, as well as forms and questionnaires.

Recipients and Transfer of Data

Some Data may be disclosed, for the aforementioned purposes, to:

  • Third-party service providers. The Company uses other companies and individuals to perform certain activities on its behalf, for example, delivering products, processing payments;

  • professionals and companies designated as data processors who, on behalf of the Company, carry out accounting and tax management activities;

These third parties have access only to the Data necessary for the performance of their activities but will not be able to process the Data they become aware of for further purposes.7 Furthermore, these third parties are required to process the Data they become aware of in accordance with this Privacy Policy and the applicable regulations on the protection of personal data.

Rights of the Data Subject

Pursuant to the GDPR and national legislation on data protection, the Customer has the right to:

  • request the Data Controller to access the Data concerning them and information about the processing carried out on them;

  • the rectification of the Data or the erasure of the Data in the cases referred to in the GDPR and compatibly with other retention obligations by the Data Controller;

  • withdraw the consent previously given;

  • the restriction of processing in the cases referred to in the GDPR;

  • the portability of the Data, i.e., the right to receive the Data concerning them in a structured, commonly used, and machine-readable format, and the right to transmit those Data to another controller without hindrance from the controller8 to whom the Data have been provided, where the processing is based on consent, on a contract, or is carried out by automated means;

  • not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects9 them.

Any rectifications or erasures or restrictions of processing carried out at the request of the data subject – unless this proves impossible or involves a disproportionate effort – will be communicated by the Data Controller to each of the recipients to whom the10 Data have been transmitted. The Data Controller may communicate these recipients to the Customer if the data subject requests it. The Customer may make such requests by sending a communication to the Company addressed to the Data Controller, also by email to info@naimolisworld.com

The Company will respond to the Customer's requests if they comply with the applicable legislation and within the time limits provided by law. To ensure the protection of the Data, it may be necessary to verify the Customer's identity.

The Customer also has the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali)11 if they believe that their rights have not been respected, following the procedures and instructions published on the Authority's official website at www.garanteprivacy.it.

Exercise of the Right to Object by the Customer

In addition to the rights described above and according to the same methods of exercise, the Customer has the right to object, at any time, to the processing of Data concerning them if the processing is carried out for the pursuit of the legitimate interest of the Data Controller, by submitting the objection to the Data Controller, who will refrain from further processing the Data unless they demonstrate the existence of legitimate grounds for processing that override the interests or rights and freedoms of the data subject, or for the establishment, exercise or defense of legal12 claims.

Data Retention

The Company retains the Data to allow the Customer to continuously use its services for as long as necessary to pursue the purposes described in this Privacy Policy, as required by law, for example for tax and accounting purposes, or as otherwise communicated13 to the Customer. For example, the Company retains the transaction history so that the Customer can review the purchases made (and repeat orders if desired) and to which addresses they requested the orders to be shipped, as well as to improve the relevance of recommended products and content.

Contatti
bottom of page