Privacy Policy
Last Update: July 6, 2024
Preface
Please read our Privacy Policy carefully. Protecting your data is a high priority for Studio Gavari. The use of our website is possible without providing personal data; however, if a data subject wants to use special services via our website, processing of personal data could become necessary. If the processing of personal data is necessary and there is no statutory basis for such processing, we will obtain consent from the data subject.
The processing of personal data, such as the name, address, e-mail address, or telephone number, shall always comply with the General Data Protection Regulation (GDPR) and country-specific data protection regulations applicable to Studio Gavari. This privacy policy informs the general public of the nature, scope, and purpose of the personal data we collect, use, and process. Data subjects are also informed of their rights under this privacy policy.
As the controller, Studio Gavari has implemented numerous technical and organizational measures to ensure the complete protection of personal data processed through this website. However, Internet-based data transmissions may have security gaps, and absolute protection cannot be guaranteed. Therefore, every data subject is free to transfer personal data via alternative means, such as by telephone.
1. Definitions
The privacy policy of Studio Gavari is based on the terms used by the European legislator for the adoption of the General Data Protection Regulation (GDPR). Our privacy policy should be legible and understandable for the general public, as well as our customers and business partners. To ensure this, we first explain the terminology used.
- Personal Data: Any information relating to an identified or identifiable natural person (“data subject”).
- Data Subject: Any identified or identifiable natural person whose personal data is processed by the controller responsible for the processing.
- Processing: Any operation or set of operations performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination, or otherwise making available, alignment or combination, restriction, erasure, or destruction.
- Restriction of Processing: Marking stored personal data with the aim of limiting their processing in the future.
- Profiling: Any form of automated processing of personal data to evaluate certain personal aspects relating to a natural person.
- Pseudonymisation: Processing personal data in a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information.
- Controller: The natural or legal person, public authority, agency, or other body which determines the purposes and means of the processing of personal data.
- Processor: A natural or legal person, public authority, agency, or other body which processes personal data on behalf of the controller.
- Recipient: A natural or legal person, public authority, agency, or another body, to which the personal data are disclosed.
- Third Party: A natural or legal person, public authority, agency, or body other than the data subject, controller, processor, and persons who are authorized to process personal data.
- Consent: Any freely given, specific, informed, and unambiguous indication of the data subject's wishes by which they signify agreement to the processing of personal data.
2. Name and Address of the Controller
The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Member states of the European Union, and other provisions related to data protection is:
Studio Gavari
Legal Address: Via Giovanni Sercambi 37, 50133 Florence, Italy
Operating Address (Studio): Via Ponte alle Riffe 10R, 50133, Florence, Italy
Phone: +39 349 3466714
Email: hello@studiogavari.com
Website: www.studiogavari.com
3. Cookies
The Internet pages of Studio Gavari use cookies. Cookies are text files that are stored in a computer system via an Internet browser. Cookies help make websites more user-friendly and efficient. For detailed information on how we use cookies, please refer to our Cookie Policy.
4. Collection of General Data and Information
When you visit our website, we collect a series of general data and information. This general data and information are stored in the server log files. Collected may be (1) browser types and versions, (2) the operating system, (3) the referrer website, (4) sub-websites, (5) date and time of access, (6) IP address, (7) Internet service provider, and (8) any other similar data. This information is used to (1) deliver the content of our website correctly, (2) optimize our website, (3) ensure the viability of our IT systems, and (4) provide law enforcement authorities with necessary information in case of a cyber-attack.
5. Registration on Our Website
You have the option to register on our website with the indication of personal data. The personal data entered will be collected and stored exclusively for internal use by the controller and for their own purposes. The controller may request transfer to one or more processors that also use personal data for an internal purpose attributable to the controller.
6. Subscription to Our Newsletters
You can subscribe to our newsletter through our website. The input mask used determines what personal data are transmitted. We use a double opt-in process to confirm your subscription. You can unsubscribe at any time using the link provided in each newsletter.
7. Newsletter-Tracking
Our newsletters contain tracking pixels. This allows statistical analysis of the success or failure of online marketing campaigns. Based on these tracking pixels, we can see if and when an e-mail was opened and which links in the e-mail were clicked.
8. Contact via the Website
If you contact us by e-mail or via a contact form, the personal data transmitted by the data subject are automatically stored. Such personal data transmitted on a voluntary basis are stored for the purpose of processing or contacting the data subject.
9. Routine Erasure and Blocking of Personal Data
We process and store personal data only for the period necessary to achieve the purpose of storage or as long as granted by the European legislator or other legislators in laws or regulations to which the controller is subject.
10. Rights of the Data Subject
- Right of Confirmation: Confirmation as to whether or not personal data concerning them are being processed.
- Right of Access: Free information about personal data stored at any time and a copy of this information.
- Right to Rectification: Correction of inaccurate personal data concerning them without undue delay.
- Right to Erasure (Right to be Forgotten): Erasure of personal data concerning them without undue delay.
- Right of Restriction of Processing: Restriction of processing where one of the conditions applies.
- Right to Data Portability: Receive personal data concerning them in a structured, commonly used, and machine-readable format.
- Right to Object: Object to the processing of personal data concerning them.
- Automated Individual Decision-Making, Including Profiling: Not to be subject to a decision based solely on automated processing.
- Right to Withdraw Data Protection Consent: Withdraw consent to processing of their personal data at any time.
11. Data Protection for Applications and Application Procedures
We collect and process personal data of applicants for the purpose of processing the application procedure. If an employment contract is concluded, the data will be stored for processing the employment relationship in compliance with legal requirements.
12. Use of Social Media
We have integrated components of various social media services such as Facebook, Instagram, LinkedIn, and Twitter on our website. Each service has its own privacy policy, which can be accessed for more information on how they handle your personal data.
13. Use of Google Analytics and Other Services
We use Google Analytics and other services to analyze website traffic. Google Analytics uses cookies to help analyze how users use the site. More information about Google’s privacy practices can be found at Google Privacy Policy.
14. Use of Microsoft Clarity
We partner with Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
15. Payment Methods
For payments, we use ThriveCart, which integrates with several payment processors including Stripe, PayPal, and bank transfers. When you make a purchase, the payment processors will collect and process your payment information. They may collect your name, email address, payment information (such as credit card details), and other necessary information to complete the transaction. Each payment processor has its own privacy policy:
- Stripe Privacy Policy
- PayPal Privacy Policy
- ThriveCart ensures that all personal data is processed securely in accordance with GDPR.
16. Legal Basis for the Processing
Processing of personal data is based on the GDPR, specifically:
- Art. 6(1) lit. a: Consent
- Art. 6(1) lit. b: Performance of a contract
- Art. 6(1) lit. c: Legal obligation
- Art. 6(1) lit. d: Vital interests
- Art. 6(1) lit. f: Legitimate interests
17. Period for Which Personal Data Will Be Stored
The criteria used to determine the period of storage of personal data is the respective statutory retention period. After expiration of that period, the corresponding data are routinely deleted.
18. Provision of Personal Data as Statutory or Contractual Requirement
The provision of personal data may be required by law or contract. Non-provision of personal data may result in the inability to conclude a contract.
19. Existence of Automated Decision-Making
As a responsible company, we do not use automatic decision-making or profiling.
Updates to This Policy
Studio Gavari reserves the right to update this privacy policy at any time. The updated policy will be posted on our website with the effective date.
For any questions or concerns regarding this privacy policy, please contact us at:
Studio Gavari
Via Ponte alle Riffe 10R, Florence, Italy
Phone: +39 349 3466714
Email: hello@studiogavari.com
This Privacy Policy was last updated on July 6, 2024.