Privacy policy

Pursuant to EU Regulation no. 679/2016 - GDPR, this page describes the methods of processing the personal data of Users (identified or identifiable natural persons and, therefore, "Data Subjects" pursuant to the Regulation) who consult the SIDI SPORT SRL website accessible electronically at https://www.sidi.com 

To prevent the risk of identity theft and adequately protect Users, their interaction with the site for the purpose of transmitting their personal data is protected using a secure, encrypted "https" protocol. This solution, adopted by the Company, ensures compliance with important principles established by the GDPR, such as the integrity and confidentiality of processed data, according to which the Data Controller must implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, and the principle of privacy by design, according to which it is necessary to implement, from the design stage of any new processing operation, adequate technical and organizational measures to protect the personal data of Data Subjects, a requirement reiterated by the Italian Data Protection Authority (see https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/9817079 and https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9817058).

The information in this statement is provided only for this site and does not concern other sites, pages, or online services that may be accessible via hyperlinks published on the site but refer to resources outside the SIDI SPORT SRL domain. 

Without prejudice to any other information provided by the Company (e.g., Customers, Suppliers, Collaborators), this information also applies to personal data provided to the Company via email addresses (sidisport@sidisport.com or another company address) or through private messages sent by Users to the Company's social media profiles/pages.

The data controller is SIDI SPORT SRL (Via dei Rizzi 2/A, 31010 Maser TV VAT Email support@helpall0rder.com PEC support@helpall0rder.com.

 

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data from Users, the transmission of which is implicit in the use of Internet communication protocols. Each time a User accesses this site and each time they access its content, the access data is stored in the form of log files. Each log file consists of: the website from which our page was accessed; the User's IP address; the date and time of access; the client request; the HTTP response code; the amount of data transmitted; and the browser and operating system used. The personal data of Users collected during their navigation on the site includes, therefore, the IP addresses or domain names of the computers and terminals used by Users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User's operating system and IT environment. 

Data communicated by the User - Only the personal data necessary to provide the service requested by the User will be requested, such as, for example, the User's name and surname, company name, tax code and VAT number, telephone number and email address, billing and shipping address.  

Contacts  - Users of the website have the option to send their personal data to the Company (by completing and submitting the form on the website at https://www.sidi.com/it/contattaci). Sending this data entails the subsequent acquisition by the Company of the sender's address, which is necessary to respond to requests, as well as any other personal data included in the communications. 

E-commerce  - For online sales, the User/Customer provides personal and identification information, which is collected by the Company to provide the requested service, including order fulfillment. Creating an account (by providing an email address and password, which is optional and available at https://www.sidi.com/it/login?create_account=1) will facilitate your browsing experience on the site and allow you to track additional information, such as order history and details.

Newsletter and other marketing initiatives  – By providing their name, surname, and email address, the User has the option to receive the company newsletter and/or other informational or advertising materials relating to the Company's products and/or services (so-called email marketing). By providing additional information such as their telephone number and/or home address, the User may receive text messages and/or WhatsApp messages, or paper-based marketing mail.

 Cookies and other tracking systems 

The website uses technical cookies, which are small text files that are stored locally in the temporary memory of the user's browser—and therefore on their computer—to improve the website's user experience. According to the Italian Data Protection Authority (https://www.garanteprivacy.it/faq/cookie), technical cookies are those "used for navigation or to provide a service requested by the user. They are not used for other purposes and are installed directly by the website owner. Without these cookies, some operations could not be performed or would be more complex and/or less secure... technical cookies, which allow the user to be identified and maintained throughout the session, are therefore essential."

In addition to these cookies, the site also uses analytical/statistical cookies, which help the company that owns the website understand how visitors interact with the site, collecting and transmitting information anonymously. In this regard, the Italian Data Protection Authority (https://www.garanteprivacy.it/faq/cookie) in its "Guidelines on Cookies and Other Tracking Tools of June 10, 2021" clarified that "they can be treated as technical cookies if used for website optimization purposes directly by the website owner, who may collect aggregate statistical information on the number of users and how they visit the website. However, if the processing of such statistical analyses is entrusted to third parties, user data must be minimized beforehand and cannot be combined with other processing or transmitted to other third parties. Under these conditions, the same rules regarding information and consent as those for technical cookies apply to analytics cookies. In exceptional cases, both the first party performing the processing itself and the third party acting on the first party's behalf are permitted to produce statistics with data relating to multiple domains, websites, or apps attributable to the same owner or business group."

Regarding profiling activities carried out via cookies (so-called preferences), please refer to the cookie policy for further information. However, it should be noted from now on that their installation requires the User's consent.

Finally, regarding third-party cookies, as clarified by the Italian Data Protection Authority, "The party required to provide the information and request consent for the use of cookies is the owner of the website that installs the cookies. However, for third-party cookies installed via the site, the information and consent obligations apply to the third parties, but the site owner, as a technical intermediary between them and users, is required to include updated links to the third parties' information and consent forms in the "extended" information." The Cookie Policy of the SIDI SPORT SRL website therefore reports the privacy policies of third parties, and users are therefore encouraged to read it for further information. 

•  Browsing data: the log files and the data contained therein are processed by us for: 

a)  allow Users to use web services 

(legal basis pursuant to letter B of paragraph 1 of art. 6 of EU Regulation 679/2016)

b)  obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or day, geographical areas of origin, etc.) as well as check the correct functioning of the site and protect our systems, for example by identifying any attacks 

(legal basis pursuant to letter F of paragraph 1 of art. 6 of EU Regulation 679/2016)

•  Data communicated by the User: with regards to personal data provided voluntarily and explicitly by Users of the website, these may be processed for: 

c)  process and respond to User requests sent by completing and submitting the form at the link https://www.sidi.com/it/contattaci

In this case, the legal basis for the processing is the desire to respond to a request from the User (letter B of paragraph 1 of art. 6 EU Regulation 679/2016).

d)  carry out all operations related to and deriving from online sales, in particular processing orders placed by the User-Customer and invoicing (as well as any prior account creation). In this case, the legal basis is the execution of a contract to which the User-Customer, as the Data Subject, is a party (letter B of paragraph 1 of Article 6 of EU Regulation 679/2016).

e)  If you have given your consent to receive our newsletter and/or other marketing activities (e.g., via SMS, WhatsApp messages, or postal mail), your data (specifically, your email address) will be used to send you the company newsletter and/or other informative-commercial material containing information on the Company's products and/or services, advertising campaigns, and latest news. In this case, the legal basis for the processing is your express consent (Article 6, paragraph 1, of EU Regulation 679/2016). 

Regarding email marketing, however, the following is noted: Article 130, paragraph 4, of the Privacy Code provides that "if the Data Controller uses, for the direct marketing of its own products or services, the email address provided by the Data Subject in the context of the sale of a product or service, the Data Controller may waive the Data Subject's consent, provided that the services in question are similar to those being sold and the Data Subject, having been adequately informed, does not object to such use, initially or in subsequent communications. The Data Subject, at the time of collection and at the time of sending each communication for marketing purposes, is informed of the possibility of objecting to the processing at any time, easily and free of charge." For this reason, in accordance with the provisions of Article 130, paragraph 4, of the Privacy Code, the Data Subject is informed of the possibility of objecting to the processing at any time, easily and free of charge. 130 of the Privacy Code, the undersigned Company will use the Customer's personal data (specifically, the email address provided in the context of the sale of the product/service) to make known, by sending advertising and informational material by email, information regarding products and/or services offered by the undersigned and similar to those being sold/supplied, unless you object to the use of your email address for the aforementioned purpose (for example, by exercising your right to opt-out by contacting the Company at one of its contact details or, more easily, using the unsubscribe function at the bottom of the advertising emails).

With reference to all those so-called followers of company social media profiles/pages, we recall the provisions of the Italian Data Protection Authority's Guidelines on promotional activities of July 2013: in the event that a User has become a fan/follower of a specific company's page or brand/product/service, thus deciding to "follow" its events and news, the sending of promotional communications by the company to which the relevant page refers may be considered lawful, as it can be inferred that the Data Subject has thereby—that is, by becoming a fan/follower—declared his or her consent to receiving promotional messages from that specific company. However, if the Data Subject subsequently stops "following" that brand or product or, in any case, objects to any further promotional communications, the subsequent sending of promotional messages will become unlawful.

f)  if the User has created an account, the data provided will be used to facilitate subsequent browsing on the site (particularly on e-commerce, for example by keeping track of previous orders).

In this case, the legal basis for the processing is the implementation of a measure adopted at the User's request (letter B of paragraph 1 of art. 6 EU Regulation 679/2016).

•  Cookies As specified above, the Data Controller has installed technical cookies on its website. These cookies, being essential for the proper functioning of the website, do not require the User's consent. The legal basis for processing is the Data Controller's legitimate interest (letter F of Article 6, paragraph 1, of EU Regulation 679/2016). The legal basis for processing also lies in the Data Controller's legitimate interest, including for analytical and statistical cookies. Further information can be found in the cookie policy to which reference is made.

 

The data voluntarily and expressly communicated by Users for one or more of the purposes referred to in point 4, letters c, d, e, and f, are provided by Users on a completely voluntary basis. Failure to provide the aforementioned data will have the sole consequence of making it impossible to pursue the specific purpose (the Company's response to User requests; online sales; sending company newsletters and/or other informational-advertising materials; account creation).

 

•  Browsing data: browsing data does not persist for more than seven days and is deleted immediately after its aggregation (except in the event of the need for judicial authorities to ascertain crimes). 

•  Data communicated by the User: with regards to personal data provided voluntarily and explicitly by Users of the website processed: 

a)  to process and respond to User requests submitted by completing and submitting the form at https://www.sidi.com/it/contattaci. In this case, the data will be retained only for the time necessary to provide the requested service. They will be retained for a further period of ten years from any subsequent order placed, without prejudice to further data retention if necessary to fulfill a legal obligation or to ascertain, exercise, or defend a legal claim.

b)  to carry out all operations relating to online sales: in this case, the data will be retained for a period of ten years from the date of payment for the last order, without prejudice to further retention of the data if this is necessary to fulfill a legal obligation or to ascertain, exercise, or defend a right in court; 

c)  data provided to receive the company newsletter and/or other informational-advertising material: the email address used by the Company to send email marketing to the Data Subject will be retained only as long as the Company registers an interest from the recipient in forwarding such communications. After a period of 12 months has elapsed without the Data Subject viewing the forwarded emails, their email address will be deleted and, therefore, they will no longer receive advertising emails from the Company. Furthermore, the Data Subject retains the right to unsubscribe from the newsletter at any time. 

However, with regard to marketing activities carried out via SMS/Whatsapp messages and/or postal mail, the data (in particular: telephone number and/or residential/home address) will be used until consent is revoked, which can be exercised at any time. However, this does not affect the lawfulness of the processing based on consent given before its revocation.

d)  to create a User account: in this case, the data provided will be retained for the entire period in which the account is active. Registered Users may delete their account at any time, without prejudice to the Company's retention of their data for a period of ten years from the date of payment for the last order (if any), and without prejudice to further retention of data if necessary to fulfill a legal obligation or to ascertain, exercise, or defend a right in court;

•  Cookies: The storage of session cookies in terminals or browsers is under the User's control; on servers, at the end of HTTP sessions, information relating to cookies remains recorded in the service logs, with retention periods no longer than seven days, like other browsing data. For more information, see the cookie policy.

a)  Responsible

The recipient of the data collected following consultation of the website https://www.sidi.com is the entity designated by the Company, pursuant to Article 28 of the Regulation, as Data Controller, i.e., the provider of web platform development and maintenance services. 

With regard to the online shop, in the event of purchase of products from our Company, the User-Customer's data may also be disclosed to other parties such as the company responsible for managing the e-commerce and the shipping companies. 

Company newsletters and/or other commercial communications may be sent using automated email marketing system providers. The provision of this service, which involves the processing of personal data on behalf of the Data Controller, requires the owner of this platform to be appointed as the email marketing provider.

An updated list of any other parties, whether Data Processors or not, can be requested from the Company; the selected Data Processors have undertaken to implement appropriate technical and organizational measures to ensure that the processing meets the requirements of EU Regulation 679/2016 and guarantees the protection of the User's personal data; the Processors have also undertaken, with a specific and signed letter of appointment, to fulfill all the specific obligations set forth in Article 28 of EU Regulation 679/2016 and to act, pursuant to Article 29 of the same Regulation, under the authority of the Data Controller and upon its instructions, as well as to notify the Data Controller (pursuant to Article 33, paragraph 2, of EU Regulation 679/2016) of any breaches of the User's personal data.

b)  Officers

The personal data collected is also processed by Company personnel who act on the basis of specific instructions provided regarding the purposes and methods of the processing (so-called Data Processors or "persons authorized to process data").

If the Data Controller, in order to provide the service, deems it necessary to transfer the personal data being processed outside the EU (by "transfer outside the territory of the European Union" also meaning the use of services, for example, hosting, cloud and storage, based on saving data on systems located in non-EU countries), the Data Controller undertakes to adopt guarantees aimed at making the transfer secure and to ensure that the processing complies with the requirements of the Regulation despite being carried out outside the EU (adequacy decisions, contractual clauses, consent, etc.).

Interested parties have the right to obtain from the Company, where applicable, access to their personal data and the rectification or erasure of the same, the restriction of processing concerning them, or to object to the processing (Articles 15 et seq. of the Regulation). 

The request can be submitted by contacting the Company at one of the addresses indicated above.

Furthermore, we remind you that interested parties who believe that the processing of their personal data through this site violates the provisions of the Regulation have the right to lodge a complaint with the Data Protection Authority, pursuant to Article 77 of the Regulation, or to take appropriate legal action (Article 79 of the Regulation).

 

The Company requests that Users refrain from providing information that may fall within the categories of so-called sensitive personal data referred to in Article 9 of the GDPR (e.g., data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, biometric data, or data relating to health). 

In the event that the User discloses personal data belonging to third parties to the Company, the User assumes all legal obligations and responsibilities and undertakes to indemnify the Company against any dispute, claim, or request for compensation for damages that may be received from third parties whose personal data has been processed in violation of applicable data protection laws. In any case, if the User provides personal data of third parties, the User hereby guarantees that such processing is based on prior knowledge of the privacy policy and the third party's prior consent to the processing of their information. 

In this regard, and more specifically with regard to online sales, if the User-Customer opts for shipping to a different address and this address is the domicile or residence of a third party, it is recommended to obtain the prior consent of that third party for the use of their personal data for the purpose of delivering the products ordered by the User-Customer to that third party.

 

The Company reserves the right to modify and/or update the content of this Privacy Policy, in part or in full, for example following changes in applicable legislation. 

Any changes made to this Privacy Policy will be binding as soon as they are published on the website. The Company therefore invites Users to visit this section regularly to view the most recent and updated version of the Privacy Policy so as to always be informed about how their data is being processed.