Privacy Policy & Cookies



PRIVACY POLICY

pursuant to article 13 of Regulation (EU) 2016/679. General Data Protection Regulation
 

By means of this document (the “Privacy Policy Statement”), the Data Controller, as defined below, wishes to inform you concerning the purposes and procedures for the processing of your personal data during consultation of the website of Marazzi Group S.r.l. a socio unico, accessible on the Internet at www.ragno.it (the “Website”) and your rights under Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”).
 

1. Identity of the Data Controller
The Data Controller is Marazzi Group S.r.l. a socio unico (“Marazzi” or the “Data Controller”) with registered office at Viale Regina Pacis 39, 41049 Sassuolo (Modena), Italy, in the person of its current legal representative.

To exercise your rights, or for any information concerning them and/or this Privacy Policy Statement, you may contact the Data Controller at the email address: privacy@marazzigroup.com
 

2. Type of data processed, source of the data, purposes and type of processing, legal basis and consequences of a refusal
Marazzi will process personal data concerning you, which you have contributed directly, for the purposes specified below.
 

2.1. Browsing the Website  
During their normal operation, the IT systems and software procedures which operate this Website acquire some personal data, the transmission of which is implicit in the use of Internet communications protocols. Therefore, a hypothetical refusal to contribute these data would imply the impossibility of consulting the Website.

This category of data includes IP addresses or domain names of the PC’s and terminals used by users, as well as the URI/URL (Uniform Resource Identifiers/Locators) of the requested resources, the time of the request, the method utilized in presenting a request to the server, the size of the file obtained in response, the numerical code specifying the state of the response provided by the server (positive outcome, error, etc..) and other parameters concerning the operating system and the IT environment of the user.

These data, necessary for the use of web services, are also processed in order to:

  • obtain statistical information concerning the use of the services (most visited pages, number of visitors by time band or per day, geographical area of origin, etc.);
  • check that the services offered are operating correctly;

Navigation data are not retained for more than seven days and are erased immediately after their aggregation (unless required for the investigation of criminal offences by the Judicial Authorities).

The legal basis for the processing of your data for this purpose is the fulfilment of your request to browse the Website, pursuant to Article 6, comma 1, point b) of the GDPR, considered to be implicit simply through access to the Website; therefore, your consent is not necessary to authorise the processing.
 

2.2. Response to request for information
In the “Contact us” section of the Website and in the “Store locator”, you may voluntarily contribute some of your ordinary personal data (name, surname, email address, telephone number and address) in order to request the information you require.

If you decide to make use of this service, the Data Controller will process your personal data in order to respond to your request for information.  

The contribution of your personal data for the above purpose is optional. However, if you decide not to contribute your personal data, you will be unable to obtain the information you need. 

For this purpose, the Data Controller will process your personal data for the time necessary to respond to your request for information.

The legal basis for the processing of your data for this purpose is the fulfilment of your request, pursuant to Article 6, comma 1, point b) of the GDPR; therefore, your consent is not necessary to authorise the processing.
 

2.3. Registration on the Website to use specific services (“Wishlist”, “MTM”)
In specific sections of the Website (“Wishlist”, “MTM”), you may voluntarily contribute some of your ordinary personal data (name, surname, email address, password and telephone number) in order to access specific services provided by the Data Controller through these sections of the Website. 

If you decide to make use of these sections of the Website, the Data Controller will process your personal data in order to provide you with the relative services you have requested.

The contribution of your personal data for the above purpose is optional. However, if you decide not to contribute your personal data, you will be unable to access the services you have requested. 

For this purpose, the Data Controller will process your personal data until you decide to unsubscribe from the services by applying to the Data Controller at the contacts provided in point 1 above. Subsequently, your data will be stored, where relevant, only within the terms of the ten-year expiry requirement.

The legal basis for the processing of your data for this purpose is the fulfilment of your request, pursuant to Article 6, comma 1, point b) of the GDPR; therefore, your consent is not necessary to authorise the processing.
 

2.4. Dispatch of Newsletters
By compiling the form in the specific “newsletter” section on the Website, or by flagging the box provided in the “Wishlist”, “MTM”, “Contact us” and “Store locator” sections, you may contribute your ordinary personal data (name, surname, email address, professional title and address) in order to subscribe to the Ragno newsletter and be regularly updated with news of initiatives, activities and projects organised by Ragno.  

The Newsletter will be sent to the email address which you provided, in order to fulfil your request.

The contribution of your personal data for the above purposes is optional. However, in the event of refusal to contribute the data, the Data Controller will be unable to fulfil your request to subscribe to the Newsletter or to keep you up to date with the latest news from Ragno.  

The legal basis for the processing of your data for this purpose is the fulfilment of your request, pursuant to Article 6, comma 1, point b) of the GDPR; therefore, your consent is not necessary to authorise the processing. However, you may easily object to the sending of any further newsletters and unsubscribe from the newsletter service by applying to the Data Controller at the contacts provided in point 1 above.

Your personal data will be processed until you decide to cancel your subscription to the Newsletter service.
 

2.5. Marketing purposes
Further to the contribution of your personal data for information purposes, (point 2.2), for your registration on the Website for access to specific services (point 2.3), or for subscription to the Newsletter (point 2.4), the Data Controller assumes that you are potentially interested in being informed about Ragno’s activities, initiatives and products.

Therefore, given these circumstances, the Data Controller intends to use your personal data (name, surname, telephone number and email address) to send you marketing communications referring to Ragno’s initiatives and products, and invitations to events it has organised. These communications may be sent by traditional means (such as telephone calls) and/or by automated means (such as email, telefax, prerecorded telephone calls, SMS, MMS, instant messaging, etc.).

The use of your personal data for marketing purposes will require the issue of your specific consent, to be given by ticking the box offered to you when the data are contributed. On the other hand, the sending of marketing communications does not require your consent when it takes place using the personal data (e.g. email address) which you contributed during activities relating to the sale of similar products offered by the Data Controller, or if you are acting, as the contact for a legal person, in the context of business relations with the Data Controller; in these circumstances, the processing of your personal data is considered to be based on the prevalent legitimate interest of the Data Controller.

However, on receipt of any email, you may easily object to the sending of further communications by Ragno, by using the “If you are not interested in receiving our newsletter please click here” link in all e-marketing communications, or by contacting the Data Controller at the addresses provided in point 1 above.

Your personal data will be processed for this marketing purpose until you decide to withdraw your consent or to object to the processing, by contacting the Data Controller using the contacts provided in point 1 of this Privacy Policy Statement.

Participation in marketing initiatives is optional and your refusal will have no consequences with regard to the other purposes for which data are processed, as referred to in this privacy policy statement, but it will prevent Ragno from keeping you up to date with any further initiatives or events and about its projects and/or products.
 

2.6. Cookies and other tracking systems
The Website uses cookies; for further information kindly refer to our cookie-policy

3. Procedures for the processing of your personal data
Your personal data will be processed, in compliance with the provisions of the GDPR, by paper, IT and telematic means, for the stated purposes, and in all cases by procedures which guarantee the data’s security and confidentiality in accordance with the provisions of Article 32 of the GDPR.
 

4. The parties to whom your personal data may be disclosed, and who may gain knowledge of them
For the pursuance of the purposes described in point 2 above, the personal data processed will be known to Marazzi’s employees, contract staff and associates working in the capacity of authorised data users.

Moreover, for the pursuance of the purposes described in point 2 above, your personal data may be processed by third parties belonging, for example, to the following categories:

  1. parties which supply services for the management of the IT system, including server hosting and backup services;
  2. technical assistance service providers;
  3. other service providers;
  4. supervisory and controlling authorities and bodies, and public or private bodies in general with a public interest function;
  5. other companies belonging to the same group of companies as Marazzi, or linked to Marazzi or Mohawk Industries

In some cases, the entities in the aforesaid categories operate in complete independence as separate data controllers, while in other cases they operate as Data Processors specifically appointed by the Data Controller in accordance with article 28 of the GDPR.

Your consent is not required for the disclosure of your data to entities in the above categories operating in the capacity of independent data controllers, since it is based on the prevalent legitimate interest of the Data Controller, as the said disclosure is necessary for the pursuance of the purposes set out in point 2 above. 

The complete, updated list of the entities to which your personal data may be disclosed can be requested from the Data Controller at the email address privacy@marazzigroup.com
 

5. Transfer of personal data outside the European Union
For technical and organisational purposes, your data may be transferred to non-European Union member states: this transfer is, in any case, lawful since it is covered by adequacy decisions issued by the European Commission and/or standard data protection clauses based on the models adopted by the European Commission pursuant to art. 46 of the GDPR.

You may request a copy of your data which are transferred outside the EU, and information concerning the specific safeguards adopted for individual non-EU states, from the Data Controller by applying to privacy@marazzigroup.com.
 

6. Your rights as data subject
With regard to the data processing described in this Privacy Policy Statement, as data subject, on the conditions set forth by the GDPR, you may exercise the rights provided by articles 15 - 21 of the GDPR, in particular:

  • right of access - article 15 GDPR: right to obtain confirmation of whether or not personal data concerning you are being processed and, if this is the case, to obtain access to your personal data - including a copy of them - and communication, amongst other things, of the following information:
    1. purposes of the processing
    2. categories of personal data processed
    3. recipients or categories of recipients to whom they have been or will be disclosed
    4. data storage period or the criteria used
    5. rights of the data subject (rectification, erasure of personal data, restriction of processing and right to object to processing)
    6. right to lodge a complaint with the supervisory authority
    7. right to receive information on the origin of personal data if they have not been collected from the data subject
    8. the existence of automated decision-making, including profiling, and
    9. meaningful information about the logic involved, as well as the envisaged consequences of such processing for the data subject;
  • right to rectification- article 16 GDPR: right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the completion of incomplete personal data;
  • right to erasure (right to be forgotten) - article 17 GDPR: right to obtain, without undue delay, the erasure of personal data concerning you, when:
  1. the data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. you have withdrawn consent and where there is no other legal ground for the processing;
  3. you have successfully objected to the processing of the personal data;
  4. the data have been unlawfully processed;
  5. the data have to be erased for compliance with a legal obligation;
  6. the personal data have been collected in relation to the offer of information society services referred to in article 8, comma 1 of the GDPR.

The right to erasure does not apply to the extent to which the processing is necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller, or for the establishment, exercise or defence of legal claims.

  • right to restriction of processing - article 18 GDPR: right to obtain restriction of the processing, when:
  1. the accuracy of the personal data is contested by the data subject;
  2. the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  3. the data subject needs the personal data for the verification, exercise or defence of a right during judicial proceedings;
  4. the data subject has objected to processing pending the verification whether the legitimate grounds of the controller override those of the data subject.
  • right to data portability - article 20 GDPR: right to receive the personal data concerning you, which you have provided to the Data Controller, in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance, if the processing is based on consent and is carried out by automated means. In addition, the right to have your personal data transmitted directly by the Data Controller to the other controller, where technically feasible.
  • right to object - article 21 GDPR: right to object to the processing of personal data concerning you, unless there are legitimate grounds for the Data Controller to continue the processing;
  • right to lodge a complaint with the Italian Data Protection Supervisory Authority- Garante per la protezione dei dati personali, Piazza Venezia no. 11, 00187, Rome (Italy).

The above rights may be exercised in relation to the Data Controller using the contacts provided in point 1 above. The Data Controller shall examine your request and shall inform you, without undue delay and in all cases within no more than one month of its receipt, concerning the action taken with regard to your request.

The exercise of your rights as data subject is free of charge in accordance with article 12 of the GDPR. However, in the event of requests which are manifestly unfounded or excessive, in particular because of their repetitive character, the Data Controller may charge you a reasonable fee taking into account the administrative costs of dealing with your request, or refuse to act on the request.

Please also note that the Data Controller may request further information necessary to confirm the identity of the data subject.


 

Al hacer clic en «Enviar», declaro que soy mayor de 14 años y autorizo el tratamiento de mis datos personales para la suscripción al boletín de noticias conforme al art. 2.4 de lainformativa