Change Country & Language
Europe
a) Who we are and our contacts:
Coin S.p.a., with its registered and administrative office in Venice - Mestre (VE), via Maderna n.11, 30174, c.f. and p.iva: 04391480276, email: ecommerce@coin.it (hereinafter "COIN") is the company that, as Data Controller, collects and processes your personal data and pursuant to Article 13 of the EU Regulation 679/2016 General Data Protection Regulation provides you with the following information.
(b) Why we collect your data:
The data you provide us from the "Contact" area will be used to respond to your report or request for information.
(c) Your consent and legal basis for processing:
The processing is necessary in order to handle your report or request for information and does not require your consent (pursuant to Article 6(b) of the Regulations).
(d) What data are required:
The data indicated with an asterisk (*) are mandatory and in their absence it will not be possible to send the request. On the other hand, failure to indicate the other data does not entail any consequences.
Through the "Contact" area you are free to describe your requests for information or needs but we ask you not to indicate data that refer to your particularly intimate and private situations (e.g. referring to your health status, religious orientation, etc.).
(e) How we process your data:
Your data will be processed mainly by computer in order to handle your request and to be able to contact you again.
The data will be processed in accordance with current legislation and, in any case, in such a way as to ensure its security and confidentiality and prevent its unauthorized disclosure or use, alteration or destruction.
(f) How long we keep your data:
Your data will be processed for as long as is necessary to properly handle your request, and thereafter will be deleted or stored anonymously.
(g) By whom your data are processed:
Your data will not be disseminated and may come to the attention, for the management of your report/request, of the persons authorized to process it by the Marketing & Digital Transformation Department, and by the competent company Departments according to the object of your request, as well as, in the capacity of External Data Processor, (i) the companies that provide us with services useful for the management of our information systems and our Website and app, and (ii) the companies in charge of the management of our customer service. The names of all External Data Processors can be requested by writing to ecommerce@coin.it
(h) Transfers outside the European Union:
Data collected through the Site and related platforms will reside on servers located within the European Union.
Where necessary to enable proper management of our Site and related services, Data may be transferred to countries outside the European Union/European Economic Area. The transfer of your data to third countries will take place in full compliance with the guarantees, measures and rights as provided by the applicable legislation (Art. 45 ff. Regulation). By simple request to be sent to the references indicated in paragraph b), above you may receive more information on the transfer of your dai and the guarantees provided for their protection.
(k) What are your rights:
By sending a communication to Coin at the e-mail ecommerce@coin.it, you may at any time exercise the rights referred to in Articles 15 to 22 of the Regulation, including knowing what data we are processing, how and for what purposes we use it, modify the data you have provided to us or delete it, ask us to restrict the use of your data, request to receive or transmit your data to another data controller (a detailed list of rights is set out below).
(i) To whom you can turn to propose a complaint:
We remind you that if you believe that the processing that concerns you violates the provisions set forth in the Regulations, you can always propose a complaint to the Data Protection Authority(www.garanteprivacy.it), or to the Data Protection Authority of the country where you usually reside, work, or where the alleged violation occurred.
(l) How to contact the Data Protection Officer:
The Data Protection Officer can be contacted at e-mail dpo@coin.it.
Privacy rights:
Articles 15 to 22 of the Regulations recognize the following rights:
-Right of access: the data subject may request what data concerning him or her are being processed, the purposes of the processing, the categories of data processed, the recipients to whom the personal data have been or will be communicated, the possible transfer of data outside the European Union, the storage period of the data, the existence of automated decision making (including profiling), and the origin of the data if they are not collected from the data subject himself or herself (Art. 15 of the Regulations).
-Right to rectification: the data subject may request the correction or updating of inaccurate data or, taking into account the purpose of the processing, the integration of incomplete personal data (Art. 16 of the Regulations).
-Right to erasure (oblivion): (where applicable) the data subject has the right to obtain the erasure of personal data concerning him or her, for example when the personal data are no longer necessary for the purpose for which they were collected. However, it will not be possible to request the deletion of data if it is necessary to comply with a legal obligation (e.g. bookkeeping, security, etc.) or for the establishment, exercise or defense of a legal claim (Art. 17 of the Regulations).
-Right to restriction: the data subject may request that data processing be restricted, for example when the accuracy of personal data is contested, for the period necessary to verify the accuracy of such data (Art. 18 of the Regulation).
-Right to notification: the data subject has the right to be informed of any rectification or erasure or restriction of processing carried out in relation to personal data concerning him or her, and of the recipients to whom it has been communicated (Art. 19 of the Regulation).
-Right of portability: (where applicable) the data subject has the right to receive data concerning him or her in a structured, commonly used and machine-readable format (e.g. in .excel, .csv format). However, this right is limited to data processed by automated means and on the basis of a contract with the data subject, or the data subject's consent. If technically feasible, it will be possible to request the transmission of data directly to another data controller (Art. 20 of the Regulation).
-Right to object: (where applicable) the data subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of personal data concerning him or her carried out, for example, in pursuit of a legitimate interest of the data controller or a third party (including profiling). He or she may also always object to the processing of data carried out for direct marketing purposes, including profiling related to such direct marketing (Article 21 of the Regulation).
-Right not to be subjected to automated decisions, including profiling: where applicable) the data subject has the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or her or significantly affects him or her, except in cases where the automated decision is necessary (i) for the conclusion or performance of a contract between the data subject and a data controller, (ii) is provided for by law, subject to measures and safeguards, (iii) is based on the data subject's explicit consent (Art. 22 of the Regulation).
Coin S.p.A.