Updated on July 10, 2024

Introduction

Stoic Couture (hereafter, “Company”), as the Data Controller, informs your company and its personnel (hereafter, “Data Subjects”), according to Art. 13 of the European Regulation 679/2016 (hereafter, “Regulation”), and applicable national legislation, that the personal data you provide during contractual relationships and negotiations with the Company will be processed in compliance with legal and contractual provisions as detailed below.

Definitions

Processing: Any operation performed on personal data, such as collection, recording, organization, storage, alteration, retrieval, use, disclosure, alignment, restriction, erasure, or destruction.

Personal Data: Information relating to an identified or identifiable natural person.

Data Controller: The entity that determines the purposes and means of processing personal data (in this case, the Company).

The Data Controller

The Data Controller is Stoic Couture, located at Piazza Einaudi 4, Milan, represented by its Legal Representative.

The Data Protection Officer

The Data Protection Officer (DPO) can be reached at DPO@versace.it.

Purposes of Processing

We process personal data provided during pre-contractual and contractual relationships for the following purposes:

  • To manage negotiations and pre-contractual relationships
  • To define and execute contract terms, manage services, billing, and administrative activities
  • To comply with legal obligations and protect the Company’s rights in court

Nature of Data Submission

Providing data is necessary to fulfill the above purposes. Refusal to provide data will prevent the Company from fulfilling contractual commitments and legal obligations.

Methods of Processing

Personal data will be processed using both electronic and non-electronic systems, ensuring fair, lawful, and transparent processing in accordance with the Regulation. We adopt suitable security measures to prevent data loss, unauthorized access, and other risks.

Data Retention

Personal data will be stored for as long as necessary to fulfill the purposes for which it was collected. Data may be retained longer for compliance with legal obligations. Generally, data will be kept for 10 years plus 1 year from the document’s execution date.

Legal Basis

The legal basis for processing personal data is the performance of a contract and compliance with legal obligations.

Communication and Transfer of Data

Personal data may be disclosed to third parties appointed as external Data Processors or independent Data Controllers for executing contractual relationships and fulfilling regulatory obligations. Data may also be transferred to entities outside the EU, ensuring adequate protection levels according to applicable rules.

Rights of Data Subjects

Data Subjects have the following rights regarding their personal data:

  • Right of access
  • Right to rectification
  • Right to be forgotten and right to restriction of processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent
  • Right to lodge a complaint with the Supervisory Authority

These rights can be exercised by contacting the DPO at support@stoiccouture.com or by postal mail to {Address Here}

Privacy Notice Modifications

New regulations or service updates may require changes to this privacy notice. Any changes will be communicated to Data Subjects using their contact details.

Data Protection Details

Providing data in order to follow the above purposes is strictly necessary and any refusal will prevent the Company from fulfilling the undertaken contractual commitments as well as performing the legal obligations.

Communication and Transfer of Data

The processing of Data Subjects’ personal data is carried out by internal subjects of the Company appointed for this purpose as Data Managers or Authorized Persons to process the personal data.

Personal data will be disclosed to third parties for the execution of the contractual relationship with the Company, appointed as external Data Processors, as well as independent Data Controllers and for the fulfilment of regulatory obligations.

In particular, Data Subjects’ personal data will be disclosed to:

  • Subjects, companies or professional firms, which provide assistance, consultancy or collaboration to the Company in accounting, administrative, legal, tax and financial activities;
  • Subjects delegated and/or authorized to process personal data by the Company, for the performance of the activities or part of the activities related to the fulfilment of the contractual services;
  • Public entities to whom the data must be provided to comply with legal obligations, any Authority that would legitimately request it, Public Administrations for the performance of the institutional functions within the limits established by law or regulations.

Some of the subjects to whom the data are disclosed, could be established in countries outside the European Union (“EU”). In some cases, the third countries are deemed appropriate based on a decision by the European Commission; in other cases, the Company ensures the existence of adequate guarantees for the transfer on the basis of contractual clauses between the Company and the recipient of personal data in the third country. A copy of these documents is available at the registered office of the Company. In any case, the Company undertakes to guarantee adequate levels of protection according to the applicable rules, including the provision of technical and organizational security measures.

Rights of the Data Subjects

About processing of personal data, the Data Subject can exercise the rights of the Regulation (Art. 15-21), including:

  • To obtain from the Data Controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data (right of access)
  • To update, amend and/or rectify inaccurate personal data concerning him or her (right to rectification);
  • To obtain from the Data Controller the deletion or restriction of processing of personal data concerning him or her when it violates the law, including when the personal data are no longer necessary, in relation to the purposes for which they were collected or otherwise processed (right to be forgotten and right to restriction of processing);
  • To object to processing of personal data (right to object)
  • To receive an electronic copy of data regarding and ask that said data be transmitted to another data controller (right of data portability).
  • To withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal;
  • To lodge a complaint with the Supervisory Authority in case of violation of Data protection law.

Data subjects can ask to exercise their rights by email to support@stoiccouture.com or by postal mail to the Company {Address Here}.