PRIVACY AND COOKIE POLICY

updated to EU Regulation 2016/679
(European Regulation on the protection of personal data)

Lancio srl takes your privacy seriously and is committed to respecting it. This privacy policy (“Privacy Policy”) describes the personal data processing activities carried out by Lancio srl through the website www.lancioshoes.com (Site) and the related commitments undertaken in this regard by the Company. Lancio srl may process your personal data when you visit the Site and use the services and features on the Site. In the sections of the Site where your personal data is collected, a specific information notice is normally published pursuant to art. 13/15 of EU Reg. 2016/679.

Where required by EU Reg. 2016/679, the user's consent will be requested before proceeding with the processing of his/her personal data. If the user provides personal data of third parties, he/she must ensure that the communication of the data to Lancio srl and the subsequent processing for the purposes specified in the applicable privacy policy complies with EU Reg. 2016/679 and applicable legislation.

This Privacy Policy also:

• is intended for the present site www.lancioshoes.com (hereinafter: "the Site") which is managed by the Owner;
• forms an integral part of the Site and the services we offer;
• it is also to be understood as information provided pursuant to art. 13/15 of EU Reg. 2016/679 to those who interact with the web services of this Site;

***The Data Controller informs you that the processing of your personal data will be based on the principles of correctness, lawfulness, transparency and protection of your privacy and your rights. Your personal data will therefore be processed in accordance with the regulatory provisions and the confidentiality obligations set forth therein.

INDEX

1. Identification details of the data controller and data processor

Following the consultation and use of the site's services, data relating to identified or identifiable natural persons may be processed. The identifying details of the Data Controller and manager of the Site are as follows:
Lancio srl, with registered office in Via Friuli n.10 - 63812 - Montegranaro (FM), VAT number: 02197420447 - REA FM n. 198437, email: support@lancioshoes.com.

Your personal data may be disclosed to employees or collaborators of the Data Controller, belonging to the categories of administrative, commercial, legal, accounting or IT system administrators, depending on the processing, who, operating under the direct authority of the latter, are appointed as data controllers or processors pursuant to EU REGULATION 679/2013 and receive adequate operating instructions in this regard.

The updated list of any data controllers is available from the Data Controller and can be requested by email at the following email address: support@lancioshoes.com.

2. The personal data subject to processing

Visiting and consulting the Site does not generally involve the collection and processing of the user's personal data except for navigation data and cookies as specified below. In addition to the so-called "navigation data" (see below), personal data voluntarily provided by the user may be processed when the user interacts with the Site's features or requests to use the services offered on the Site. In compliance with the Privacy Code, Lancio srl may also collect the user's personal data from third parties in the course of its business.

2.a Browsing data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) ​​addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. These data are used to obtain anonymous statistical information on the use of the site and to check its correct functioning, to allow - given the architecture of the systems used - the correct provision of services, for security reasons and to ascertain responsibility in the event of hypothetical computer crimes against the Site or third parties.

2.b Data provided voluntarily by the user

The Site offers users the possibility of voluntarily providing personal information through, for example, registration on contact forms, requests for services, information or quotes, the optional, explicit and voluntary sending of electronic mail to the addresses indicated on the Site, etc.

2.c Cookies and navigation data

The Site uses “cookies”. By using the Site, the user consents to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the hard disk of the user's computer. There are two macro-categories of cookies: technical cookies and profiling cookies. Technical cookies are necessary for the correct functioning of a website and to allow the user to navigate; without them the user may not be able to correctly view the pages or use some services.
Profiling cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the user during navigation. Cookies can also be classified as:

• “session” cookies, which are deleted immediately when the browser is closed;
• “persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site, facilitating authentication operations for the user;
• “proprietary” cookies, generated and managed directly by the manager of the website on which the user is browsing;
• “third party” cookies, generated and managed by parties other than the manager of the website on which the user is browsing.

2.d Cookies used on the site

The Site uses the following types of cookies:

1. own cookies, session and persistent, necessary to allow navigation on the Site, for internal security and system administration purposes;
2. third-party cookies, session and persistent, necessary to allow the user to use multimedia elements present on the Site, such as images and videos;
3. third-party cookies, persistent, used by the Site to send statistical information to the Google Analytics system, through which Lancio srl can perform statistical analysis of accesses / visits to the Site. The cookies used pursue exclusively statistical purposes and collect information in aggregate form. Through a pair of cookies, one persistent and the other session (expiring when the browser is closed), Google Analytics also saves a log with the times of start of the visit to the Site and exit from it. You can prevent Google from detecting data via cookies and the subsequent processing of data by downloading and installing the browser plug-in from the following address: http://tools.google.com/dlpage/gaoptout?hl=it
4. third-party cookies, persistent, used by the Site to include in its pages the buttons of some social networks (Facebook, Twitter and Google+). By selecting one of these buttons, the user can publish on his personal page of the relevant social network the contents of the web page of the Site he is visiting

The Site may contain links to other sites (so-called third-party sites). Lancio srl does not perform any access or control over cookies, web beacons and other user tracking technologies that may be used by third-party sites that the user can access from the Site; Lancio srl does not perform any control over content and materials published by or obtained through third-party sites, nor over the related methods of processing of the user's personal data, and expressly declines any related liability for such eventualities. The user is required to verify the privacy policy of third-party sites accessed through the Site and to inform themselves about the conditions applicable to the processing of their personal data. This Privacy Policy applies only to the Site as defined above.

2.e How to disable cookies in browsers

For more information on how to set preferences on the use of cookies through your browser, you can consult the relevant instructions:

• Internet Explorer
  https://support.microsoft.com/it-it/products/internet-explorer
• Chrome
  https://support.google.com/chrome/answer/95647
• Safari
  https://support.apple.com/kb/ph21411?locale=it_IT
• Firefox
  https://support.mozilla.org/it/kb/Manage Cookies
• Opera
  http://help.opera.com/Windows/12.00/en/deleteprivate.html
• Android (mobile device)
  https://support.google.com/chrome/answer/95647?hl=it&co=GENIE.Platform%3DAndroid&oco=1
• Safari (mobile device)
  https://support.apple.com/it-it/HT201265
• Windows Phone (mobile device)
  https://support.microsoft.com/it-it/help/10635/windows-phone-change-privacy-and-other-browser-settings
• Blackberry (mobile device)
  https://help.blackberry.com/it/blackberry-classic/10.3.1/help/mwa1334238823957.html

For more information on cookies and to manage cookie preferences (first and/or third party), users are also invited to visit the platform www.youronlinechoices.com . However, please remember that disabling navigation or functional cookies may cause the Site to malfunction and/or limit the service offered by the Site.

Useful links:

• Google Analytics Security and Privacy Principles:
  https://www.google.com/analytics/learn/privacy.html?hl=it
• Google Analytics Privacy and Data Protection Policy:
  https://support.google.com/analytics/answer/6004245?hl=it
• Google Terms of Service:
  https://www.google.com/analytics/terms/it.html
• If you want to prevent Google Analytics cookies from being installed on your terminal, you can install this add-on in your browser:
  https://tools.google.com/dlpage/gaoptout?hl=it
• Control the information Google uses to show you ads:
  https://adssettings.google.com/authenticated?hl=it
• Facebook Cookie Policy:
  https://www.facebook.com/policies/cookies/

3. Storage of personal data

Personal data are stored and processed through computer systems owned by Lancio srl and managed by Lancio srl or by third party technical service providers; for further details please refer to the section “Scope of accessibility of personal data” below. data is processed exclusively by specifically authorised personnel, including personnel in charge of carrying out extraordinary maintenance operations.

4. Purposes and methods of data processing

Lancio srl may process the user's common and sensitive personal data for the following purposes: use by users of services and features on the Site, management of requests and reports from its users, sending newsletters, management of applications received through the Site, etc.
Furthermore, with the additional and specific optional consent of the user, Lancio srl may process personal data for marketing purposes, i.e. to send the user promotional material and/or commercial communications relating to the Company's services, to the contact details indicated, both through traditional methods and/or means of contact (such as, paper mail, telephone calls with an operator, etc.) and automated methods and/or means (such as, communications via the Internet, fax, e-mail, text messages, applications for mobile devices such as smartphones and tablets - so-called APPS -, social network accounts - e.g. via Facebook or Twitter -, telephone calls with an automatic operator, etc.).
Personal data are processed both in paper and electronic form and entered into the company information system in full compliance with EU Regulation 2016/679, including security and confidentiality profiles and inspired by the principles of correctness and lawfulness of processing. In compliance with EU Regulation 2016/679, the data are stored and preserved for 5 years.

5. Security and quality of personal data

Lancio srl is committed to protecting the security of your personal data and complies with the security provisions set forth by applicable law in order to avoid data loss, illegitimate or illicit use of data and unauthorized access to the same, with particular reference to the Technical Regulations regarding minimum security measures. Furthermore, the information systems and computer programs used by Lancio srl are configured in such a way as to minimize the use of personal and identifying data; such data are processed only for the achievement of the specific purposes pursued from time to time. Lancio srl uses multiple advanced security technologies and procedures designed to promote the protection of users' personal data; for example, personal data is stored on secure servers located in places with protected and controlled access. The user can help Lancio srl to update and maintain correct personal data by communicating any changes relating to their address, qualification, contact information, etc.

6. Scope of communication and access to data

Your personal data may be communicated to:

• all subjects whose right to access such data is recognised by virtue of regulatory provisions;
• to our collaborators, employees, within the scope of their respective duties;
• to all those natural and/or legal persons, public and/or private, when communication is necessary or functional to the performance of our activity and in the ways and for the purposes illustrated above;

7. Nature of provision of personal data

The provision of some personal data by the user is mandatory to allow the Company to manage communications, requests received from the user or to contact the user to follow up on his request. This type of data is marked with an asterisk [*] and in this case the provision is mandatory to allow the Company to follow up on the request which, in its absence, cannot be processed. On the contrary, the collection of other data not marked with an asterisk is optional: failure to provide them will not entail any consequences for the user.
The provision of personal data by the user for marketing purposes, as specified in the section "Purposes and methods of processing" is optional and refusal to provide them will have no consequences. The consent given for marketing purposes is intended to be extended to the sending of communications carried out through both automated and traditional methods and/or means of contact, as exemplified above.

8. Rights of the interested party

• 8.a Art. 15 (right of access), 16 (right of rectification) of EU Reg. 2016/679
  The interested party has the right to obtain from the data controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • the envisaged period for which the personal data will be stored, or, if that is not possible, the criteria used to determine that period;
  • the existence of the right of the data subject to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning him or her or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.
• 8.b Right pursuant to art. 17 of EU Reg. 2016/679 - right to erasure ('right to be forgotten')
  The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:
  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • the data subject withdraws consent on which the processing is based according to Article 6, paragraph 1, letter a), or Article 9, paragraph 2, letter a), and where there is no other legal ground for the processing;
  • the data subject objects to the processing pursuant to Article 21(1) and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);
  • the personal data have been unlawfully processed;
  • the personal data must be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
  • personal data have been collected in relation to the offer of information society services referred to in Article 8, paragraph 1 of EU Reg. 2016/679
• 8.c Right under art. 18 Right to restriction of processing
  The interested party has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:
  • a) the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  • b) the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • c) although the data controller no longer needs them for the purposes of the processing, the personal data are required by the data subject for the establishment, exercise or defence of legal claims;
  • d) the interested party has opposed the processing pursuant to Article 21, paragraph 1, EU Regulation 2016/679 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
• 8.d Right under art.20 Right to data portability
  The data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format and shall have the right to transmit those data to another controller without hindrance from the controller.

9. Revocation of consent to processing

The interested party has the right to revoke consent to the processing of his/her personal data by sending a registered letter with return receipt to the following address: Via Friuli n.10 - 63812 - Montegranaro (FM) or by sending an email via certified e-mail to the following email address: lanciasrllanciotti@legalmail.it accompanied by a photocopy of his/her identity document, with the following text: "revocation of consent to the processing of all my personal data". At the end of this operation, your personal data will be removed from the archives as soon as possible.

If you wish to have more information on the processing of your personal data, or exercise the rights referred to in the previous point 8, you can send a registered letter with return receipt to the following address: Via Friuli n.10 - 63812 - Montegranaro (FM) or send an email via PEC to the following email address: lanciasrllanciotti@legalmail.it. Before we can provide you with, or modify any information, it may be necessary to verify your identity and answer some questions. An answer will be provided as soon as possible.