Privacy Policy

PRIVACY POLICY
Sito Web Missoni S.p.A.
Privacy policy pursuant to Art.13 of Regulation (EU) 2016/679 of the European Parliament and of the Council (“GDPR”)

Dear User,
the following explains how personal data collected automatically or provided by you through the navigation or use of the website https://www.missoni.com/it (hereinafter, the “Website”) is processed.

1. DATA CONTROLLER

The Data Controller is Missoni S.p.A., in the person of its legal representative, with its registered office in Via Luigi Rossi 52, 21040, Sumirago (VA) (hereinafter “Missoni”, “Company” or “Data Controller”).

2. DATA PROTECTION OFFICER

Due to the processing activities carried out, the Company has deemed it necessary to appoint a Data Protection Officer, who can be contacted at dpo@missoni.com, Via Amedei 8, Milan or at the email address privacy@missoni.it.

3. TYPES OF DATA PROCESSED

In order to allow you to use our Website and its services, including the possibility to make purchases, register and create your personal account, contact us through customer service, as well as obtain a return of a purchased product or a refund (hereinafter, the “Services”), the Data Controller needs to collect and process some of your personal data.

Data voluntarily shared by the user
In order to let you to purchase our products, Missoni needs to know your first name, last name, address, telephone number, email address and payment information.
In addition, in order to let you to create an account to make your purchases easier, Missoni needs to know your gender, first name, last name, email address and date of birth.
Moreover, in order to allow you to get in touch with Missoni through the customer service, the Data Controller needs to process your name, surname, email, telephone number, order number and any other personal data contained in the message you send.
Lastly, in order to allow you to return purchased products or request refunds, Missoni needs to collect your order number, name, surname, email, address and payment details.
The optional, explicit, and voluntary sending of mail involves the collection of your name, your surname, your email address, as well as other personal data included in the requests you submit.

Browsing data The computer systems and software procedures used for the Website operations acquire, during their normal functioning, some personal data whose transmission is implicit in the use of Internet communication protocols.
This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment.
This data, necessary for the use of the Website, is processed for the sole purpose of obtaining statistical information on the use of the Services (most visited pages, number of visitors per hour or day, geographical areas of origin, etc.) and to check the correct functioning of the Services offered.
The navigation data does not persist for more than seven days and is deleted immediately after their aggregation, except for the possible need to ascertain crimes by the judicial authorities.

Cookie Policy

The Website uses the following types of cookies.

Technical Cookies Technical and session cookies are used. They are small text files containing a certain amount of information exchanged between your terminal or browser and the Website, which allow it to function correctly and to be used.

Analytics Cookies

This Website uses first and third-party analytics cookies. The analytics cookies are used to collect information on the use of the Website, in aggregate form, in particular on the number of users and how they visit the Website itself, also providing anonymous statistical analysis in order to improve the use of the Website and make the content more interesting and relevant to the users’ desires. To view links to the privacy policies of third parties, disable all or some of the mentioned cookies, please refer to the following link.



Profiling Cookies

This Website uses first and third-party profiling cookies. These cookies are not essential, but they help to personalize and improve your experience on the Website. For example, they help us to know and remember your preferences and show you relevant, personalized adverts. They also allow us to limit the number of times each ad is shown, measure the effectiveness of the ad campaign, remember your visit, and share the data we collect with third parties such as advertisers.
The deletion of these cookies, therefore, although it does not affect the use of the Website, may nevertheless result in a limitation of certain functionalities.
To view links to the privacy policies of such third parties, disable all or some of the aforementioned cookies, please refer to the following link.

Options regarding the use of cookies by the Website via browser settings The provision of all cookies can however be disabled by changing the settings of your browser. It should be noted, however, that intervening on these settings could make the site unable if you block the cookies that are essential for the provision of our Services. In any case, each browser has different settings for disabling cookies. Below you will find links to instructions for the most common browsers: Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox, Opera.

Further details of the cookies used on the Site are as follows:

4. PURPOSES, LEGAL BASIS AND NATURE OF THE PROVISION

	Purpose	Legal Basis	Nature
A.	Use of the Website Content and Services(iii) and ensuring network and information security(iv). This purpose includes the possibility to make purchases, register and create your personal account, contact us through customer service, as well as obtain a return of a purchased product or a refund through the Website. In addition, this purpose includes the processing of traffic personal data to the extent strictly necessary and proportionate to ensure network and information security.	(i) Performance of a contract to which you are party (ii) Compliance with legal obligations (iii) Legitimate interest	The provision of your personal data is mandatory. Failure to authorize its processing would make it impossible to use the contents and Services of the Website. Furthermore, failure to authorize its processing would make it impossible to guarantee network and information security.
B.	Subscription to the newsletter and receive information of commercial nature(i) and of soft spam(ii). This purpose includes the possibility to subscribe to our newsletter and receive communications and information of commercial, direct marketing and soft spam nature on our Services and offers, on discounts and on any other promotional and loyalty initiative adopted, both through traditional and fully automated contact systems, such as, through the use of your email address.	(i) Consenso espresso (ii) Legittimo interesse	The provision of your data is optional. Failure to authorize the processing of your data, while not preventing you in any way from using the Website, may not allow you to take full advantage of the benefits we offer to our community through information of advertising, commercial, direct marketing and soft spam nature.
C.	Receive offers, discounts and other benefits based on profiling(i). This purpose includes the possibility of receiving offers, discounts and any other benefit and promotional initiative modeled on your specific needs and propensity to purchase, including participation in loyalty programs, which provide for the purpose of their operation, the recording, identification and profiling of data relating to your purchase volumes, habits and consumption choices.	(i) Express consent	The provision of your data is optional. Failure to authorize the processing of your data, while not preventing you in any way from using the Website, may not allow us to send you communications that are personalized on your browsing habits and choices.

5. DATA RETENTION PERIOD

The navigation data and that is acquired through the use of the Website will not be kept for more than seven days.
Regarding the processing of your personal data for direct marketing purposes, the Company has established that it will automatically delete your personal data or transform them into anonymous data in a permanent and non-reversible manner, within 7 years from the registration of the data collected.
With regard to the processing activities of your personal data for profiling purposes, in compliance with regulatory requirements and provided that they have been explicitly authorized by you, the Company has established to provide for the automatic cancellation of your personal data, or their transformation into anonymous form in a permanent and non-reversible way, 7 years after the registration of that used for profiling purposes.
Regarding the other personal data processed, not being able to predetermine accurately their retention period, the Data Controller commits as of now to inspire its processing to the principles of adequacy, accuracy, and minimization of data, as required by the GDPR, checking annually the need for its retention. This, except in the case where it is necessary to maintain such data to fulfill regulatory obligations, or to ascertain, exercise or defend a right in court.

6. CATEGORIES OF RECIPIENTS OF PERSONAL DATA

The personal data processed will not be disclosed to third parties, but may, however, be shared in relation to the purposes of processing set out above to the following subjects:

• those who can access the personal data according to legal provisions provided by the law of the European Union or the law of the Member State to which the Data Controller is subject;
• data controllers belonging to our business group or entities linked to a central body exclusively for internal administrative purposes;
• subjects that perform ancillary purposes to the activities and services referred to in paragraph 4, i.e. companies that offer advertising, marketing and communication services, companies that offer IT infrastructures and IT assistance and consultancy services as well as design and implementation of software and websites, companies that offer services useful to customize and optimize our services, companies that offer data analysis and development services (including those related to user interactions with our services), service centers, companies or consultants responsible for providing further services to the Data Controller, within the limits of the purposes for which they were collected.

In addition, your personal data may also be disclosed to our employees, provided that they are previously appointed as acting under the authority of the Data Controller pursuant to Article 29 of the GDPR, as well as System Admistrator.

7. TRASFER OF PERSONAL DATA EXTRA-EU

The Data Controller may transfer your personal data to third countries outside the European Union, for the purpose of managing Missoni database. Such transfer is always subject to an adequacy decision, under article 45 of the GDPR, or to the Standard Contractual Clauses, under article 46 of the GDPR. For more information about the rules for transferring data to countries outside the European Union, including the mechanisms on which we rely, you can visit the European Commission’s website here. To request a copy of the Standard Contractual Clauses signed by the Data Controller you can send an email to privacy@missoni.it.

8. AUTOMATED DECISION-MAKING PROCESSING

Missoni does not use automated decision-making processes without your consent, including profiling as referred to in Article 22, paragraphs 1 and 4 of the GDPR. If you consent to profiling, the data you provide may be used to analyze or predict your likes and dislikes in order to customize the content of marketing communications and offer you personalized products and services. In particular, the analysis may include the number, type, value and regularity of product purchases made over a 7-year period. As a result of this analysis, which may also be carried out automatically, you may be classified in one or more groups with different characteristics and receive communications that Missoni considers personalized to your tastes and preferences. For example, if you purchase, within a 7-year period, only certain types of products for a certain value, you may receive future marketing communications about similar products in a similar price range. Conversely, you may receive fewer communications and promotions about other types of products if you have not purchased them during the relevant period, as the system assumes that these are not products that you can be interested to. On this data processing, prior to its commencement, Missoni has conducted a specific data protection impact assessment to ensure that profiling is carried out with neutrality, accuracy, efficiency and without harmful consequences for the data subject. As required by Article 22, paragraph 3, of the GDPR, the Data Controller implements all the most appropriate measures to protect your rights and freedoms also in case of profiling, in addition to any further and legitimate right as better explained within the following paragraph 9 (“Data Subjects’ Rights”) of this Privacy Policy. 9. DATA SUBJECTS’ RIGHTS Regarding the processing of your personal data, you, as a data subject, have the right to withdraw your consent at any time and to obtain from the Company access to your personal data. You may also request the Company to rectify or erasure your personal data. Furthermore, you have the right to obtain the restriction of the processing of personal data concerning you, as well as the right to data portability. In addition to the above, you have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out pursuant to Article 6 para. 1, letter e) or f), including profiling on the basis of these provisions, as stated in Article 21 of the GDPR. In addition, where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you carried out for such purposes, including profiling insofar as it is related to such direct marketing. Finally, you have the right to lodge a complaint with a supervisory authority or take legal action if you believe that the processing of your data is in breach of the GDPR. To exercise any of your rights, you may contact the Data Controller, in the person of the legal representative, by addressing a communication to the registered office in Via Luigi Rossi 52, 21040, Sumirago (VA), or by sending an email to privacy@missoni.it

9. DATA SUBJECTS’ RIGHTS

Regarding the processing of your personal data, you, as a data subject, have the right to withdraw your consent at any time and to obtain from the Company access to your personal data. You may also request the Company to rectify or erasure your personal data. Furthermore, you have the right to obtain the restriction of the processing of personal data concerning you, as well as the right to data portability. In addition to the above, you have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out pursuant to Article 6 para. 1, letter e) or f), including profiling on the basis of these provisions, as stated in Article 21 of the GDPR. In addition, where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you carried out for such purposes, including profiling insofar as it is related to such direct marketing. Finally, you have the right to lodge a complaint with a supervisory authority or take legal action if you believe that the processing of your data is in breach of the GDPR. To exercise any of your rights, you may contact the Data Controller, in the person of the legal representative, by addressing a communication to the registered office in Via Luigi Rossi 52, 21040, Sumirago (VA), or by sending an email to privacy@missoni.it.

Supplemental Privacy Policy for California Residents

This Supplemental California Privacy Notice (“Privacy Notice”) only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). This Privacy Notice supplements the information contained in the privacy policy (“Privacy Policy”) of Missoni S.p.A. (“Missoni”) above and applies solely to California residents in connection with the collection, use, and storage of their “Personal Information” provided when filling in the Client Card (hereinafter the “Form”) or using our Site and Services to the extent it would apply.

WHAT INFORMATION WE COLLECT

Missoni collects personally identifiable information, namely information identifying, relating to, describing, referring, being capable of being associated with, or that could reasonably be linked, directly or indirectly, with you or your device (“Personal Information”). In particular, we may collect the following categories of Personal Information:

	Category	Examples
A.	Identifiers and Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e).	The information on the Client Card, including name, signature, address, telephone number.
B.	Commercial information.	Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies
C.	Inferences drawn from any collected personal information to create a profile	Products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies.

Missoni obtains the categories of Personal Information listed above directly from you. For example, Personal Information that you provide to us when filing in the Form.

USE OF YOUR PERSONAL INFORMATION

We may use your Personal Information for one or more of the following business purposes:

1. to customize and improve your user experience with our products and Services; or
2. for our internal purposes such as auditing, data analysis, marketing, fraud prevention and research so that we can enhance our products, Site, and Services; or
3. to fulfill your requests for our programs, and services, to respond to your inquiries about our offerings; or
4. to issue the Client Card and manage the relationship with you; or
5. to offer you other products, programs or services that we believe may be of interest to you; or
6. to fulfill a request by you for an online newsletter; or
7. to provide offers, discounts and any other benefits and promotional initiative tailored to your specific needs and propensity to purchase; or
8. to contact you about your account with us; or
9. to respond to a law enforcement agency’s request; or,
10. to transfer such information to a successor of Missoni or any person or entity that acquires ownership or control of Missoni via any means.
In such event, you recognize that such successor, person or entity may make changes or modifications to this Privacy Notice, and you can unsubscribe or withdraw your consent any time.

SHARING YOUR PERSONAL INFORMATION

Missoni may disclose your Personal Information listed hereunder to a third party for a business purpose to the following categories of third parties:

• our service providers or vendors, such as Salesforce.com Inc., mailing houses, marketing service providers, or customer service vendors, which may store your Personal Information or may share such Personal Information with other third parties as strictly necessary to fulfill our business purposes. If you believe that such service providers or vendors are using your disclosed Personal Information for prohibited commercial purposes or for a purpose different from that for which such information have been disclosed, please notify us by submitting a specific Verified Consumer Request (as defined below);
• authorized employees who need to know or have access to your Personal Information in order to operate, develop, or improve our products and Services;
• law or government enforcement officials to comply with law, in response to subpoenas, warrants, or court orders, or in connection with any legal process or cooperate with such officials or private parties;
• third parties in order to investigate, prevent or take action as deemed reasonably necessary regarding suspected illegal activities, suspected fraud, our legal rights and/or property, reputation, safety or property of us, you or other California Residents, violation of our Terms of Use, this Privacy Policy or
• other usage guidelines set by us or as otherwise required by law.

All third parties who have access to Personal Information collected by Missoni are required to protect such Information and not collect, sell, or use such information except as necessary to perform the business purpose for which such information have been disclosed. Although we take appropriate measures to safeguard against unauthorized disclosures of the Personal Information by the third parties above identified, we cannot assure you that Personal Information that we collect will never be used by such third parties in a manner that is inconsistent with our Privacy Policy and this Privacy Notice because we have no control over them and the interception or assessment of unlawful uses of such information is out of our reasonable control. If you believe that your interaction with us is no longer secure, please notify us using the contact details below.

SALES OF PERSONAL INFORMATION

We do not sell your Personal Information for any reason

CERTAIN ASSURANCES

We will not engage in any of the following activities without providing you with prior written notice:

• collect additional categories of Personal Information other than those listed above; or
• use the Personal Information we collected for materially different, unrelated, or incompatible purposes contemplated herein; or
• disclose Personal Information we collected to any third parties other than those listed above.

YOUR RIGHTS

The CCPA provides California Residents with specific rights regarding their Personal Information (“CCPA Rights”).

Right to Know and the Right to Data Portability

You have the right to request that we disclose certain information to you about our collection and use of your Personal Information. Once we receive and confirm your Verifiable Consumer Request (as defined below), we will disclose to you:

• the categories of Personal Information we collected about you;
• the categories of sources for the Personal Information we collected about you;
• our purpose for collecting or using that Personal Information;
• the categories of third parties with whom we share that Personal Information;
• the specific pieces of Personal information we collected about you.

Right to Delete

You have the right to request that we delete any of your Personal Information that we collected. Once we receive and confirm your Verifiable Consumer Request (as defined below), we will delete, and direct our service providers to delete, your Personal Information from our records. We may deny your deletion request in certain circumstances in accordance with the CPPA.

Right to Non-Discrimination

Unless permitted by CCPA, we will not discriminate against you because you exercise or intend to exercise any of your CCPA rights described above, including without limitation to:

• denying you goods or services.
• charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
• providing you a different level or quality of goods or services.
• suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.

How to Exercise your Rights

To exercise one of the CCPA Rights described above, please submit a Verifiable Consumer Request (“VCR”) to us by either:

• calling us at Missoni Customer Service Center 18554635078; or
• visiting www.missoni.com and submitting the Inquiry Form thereon available here. A VCR shall comply with the following conditions:


• only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a VCR related to your Personal Information. You may also make a VCR on behalf of your minor child. You may only make a VCR for access or data portability twice within a 12-month period.
• a VCR must:


• -provide sufficient information that allows us to verify the applicant is currently residing in California and the person about whom we collected Personal Information or an authorized representative. We cannot respond to your request or provide you with Personal Information if we cannot verify your residence, identity or authority to make the request and confirm the Personal Information relates to you. We will only use Personal Information provided in a VCR to verify the requestor’s identity or authority to make the request.
• describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.

Please note that we may not accept a VCR that is not sent in accordance with the above described conditions.

Response Timing and Format

We endeavor to respond to a VCR in compliance with the conditions set forth above within 45 days of its receipt. We may extend such time period up to 90 days if reasonably necessary and we will inform you of the reason and extension period in writing within the first 45-day period. We will deliver our response in a readily usable format by mail or electronically, at your option. Please note you do not have to register an account with us to submit a VCR. Any disclosures we provide will only cover the 12-month period preceding the VCR’s receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. We do not charge a fee to process or respond to your VCR unless it is excessive, repetitive, or manifestly unfounded. If we determine that such VCR requires a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.

CHILDREN’S PRIVACY

As provided in our Privacy Policy, we may limit the use of some of our Services only to persons age 18 and older who may legally enter into contracts. We will inform you when a Service is limited to persons age 18 or older. We do not sell Personal Information collected from children under the age of 16. When we collect your Personal Information, we ask you whether you are 16 years old or older. If we have actual knowledge that we (1) have collected Personal Information of a person under the age of 16 or (2) such person has otherwise provided us with his or her Personal Information, we provide notice to him or her of such collection or provision of Personal Information as well as clear instructions on how to request and obtain the deletion or removal of such Personal Information by calling Missoni Customer Service Center XXXX or visiting www.missoni.com or writing an email to our Data Protection Officer at dpo@missoni.it.

QUESTIONS CONCERNING THIS PRIVACY NOTICE

If you have any questions about this Privacy Notice, please feel free to contact our Data Protection Officer at dpo@missoni.it.

UPDATE/MODIFICATION OF THIS PRIVACY NOTICE

Missoni may make changes to this Privacy Notice at its discretion and at any time. Such changes will be in compliance with the CCPA and other California privacy laws. When Missoni makes changes to this Privacy Notice, it will notify you the update, the effective date and the last reviewed date.
Effective Date: November 25th, 2020
Last Reviewed on: September 27th, 2021