Access to your Reserved Area to send your request
Version dated 8th October 2021
Cap Design S.p.A., in its capacity of data controller, hereby wishes to inform its B2B clients, dealers, retailers and other contractual counterparties of the Controller, as part of a different commercial relationship, of the processing methods of their personal data, in conformity with Italian Legislative Decree No. 196/2003 as amended and supplemented, and the European General Data Protection Regulation No. 679/2016 (hereinafter, "European Regulation").
1. Controller and data protection officer
a) B2B clients, dealers, retailers and other contractual counterparties of the Controller, in the case of natural persons or sole proprietorships; and
b) legal representatives, shareholders (natural persons), directors, attorneys, members of the board of statutory auditors, members of the supervisory body, technical managers, other natural persons vested with powers of representation and/or management and/or control, as well as the employees and contract staff of B2B clients, dealers, retailers and other contractual counterparties;
(hereinafter jointly referred to as the "Data Subjects").
3. Which Data are processed?
The Controller collects the personal data relating to the Data Subject directly from the latter - if the Controller's contractual counterparty is a natural person or sole proprietorship - or from the company/entity to which the data subject belongs for registration to the event in which the Data Subject intends to participate, for registration to the Cappellini interactive digital platform or during events, shows, work meetings and in the phase of negotiation and/or conclusion and/or execution and/or termination of the contract entered into with the Controller. Furthermore, the Controller may collect the personal data relating to the Data Subject from lists, registers and other publicly accessible sources - such as, for example, data contained in the chamber of commerce company report of the company to which the Data Subject belongs - as well as databases of organisations that provide information on the commercial reliability of entrepreneurs and managers.
Depending on the purposes and the time of collection, the Controller processes the following types of personal data relating to the Data Subject:
a) personal details, contact data, identity document and role covered at the company/entity to which the Data Subject belongs;
b) company name, address of the main office and any secondary offices, VAT number and/or tax code, details bank account or accounts of the Data Subject, if the latter is a natural person or sole proprietorship;
d) other personal data relating to the Data Subject that may be collected by the Controller during the phase of negotiation and/or conclusion and/or execution and/or termination of the contract entered into with the Controller;
(hereinafter, jointly, the "Data").
4. For what purposes are the Data processed?
The Controller processes the Data of Data Subjects to:
a) carry out negotiations and perform the contract of which the Data Subject is a party during an online purchase or at the showroom, for registration to one of the events organised by the Controller or for registration to the interactive digital platform of the Controller (hereafter "Contractual Purposes");
b) comply with obligations deriving from applicable legislation, therein including tax legislation (hereafter "Legal Purposes"); and
c) if the Controller's contractual counterparty is a company, pursue the legitimate interest of the Controller in holding negotiations and performing the contract of which the company/entity to which the Data Subject belongs is a party;
d) pursue the legitimate interest of the Controller in verifying the commercial and financial security and reliability of its B2B clients, dealers, retailers and other contractual counterparties, to prevent fraud, to guarantee management solidity and the correct execution of commercial relationships between the Controller and its B2B clients, dealers, retailers and other contractual counterparties;
e) exercise and defend its rights, also as part of credit recovery procedures, in relation to the Data Subject or third parties in any dispute;
f) carry out activities functional to sales of businesses and business branches, acquisitions, mergers, demergers or other transformations and for performing those operations;
g) send to potential professional purchasers of the Controller's products and services communications of commercial nature on collections, exhibitions and events relating to the Controller. We will send these communications periodically, indicatively no more than twice a month or on the occasion of particular initiatives (e.g., Salone del Mobile Furniture Fair) by email to the addresses of the Data Subject indicated each time within the contractual relationship between the Controller and the company/entity to which the Data Subject belongs;
h) communicate to other companies of the group to which the Controller belongs the contact information of potential professional purchasers of the products and services of the companies of the Controller's group so that the same can send commercial information on collections, exhibitions and events, even by way of newsletters, in relation to their products and services (the group companies are: Poltrona Frau, Cappellini, Cassina, Ceccotti, DZine, Karakter, Janus et Cie, Luminaire, Luxury Living Group. The updated list of group companies can be requested to the Controller by sending an email to the address indicated in paragraph 11) below. The group companies will send these communications periodically, indicatively no more than once a month or on the occasion of particular initiatives (e.g., Salone del Mobile Furniture Fair) by email to the addresses of the Data Subject indicated each time within the contractual relationship between the Controller and the company/entity to which the Data Subject belongs. Furthermore, in order to limit those communications to what is strictly necessary, the Data Subject will receive emails only subject to evaluating the commercial opportunity by the group company that has registered the contact. This evaluation will be based upon two criteria:
(i) the type of clientele to which the Data Subject belongs (therefore, for example, promotional communications will not be sent to suppliers of Cappellini, which, by virtue of the commercial relationship in place or for which negotiations are in progress with the latter, are considered unlikely to be interested in purchasing products or participating in events of the Controller, while they will always be sent to potential professional purchasers of the products or services of the companies of the group to which the Controller belongs, so that they are made aware of all commercial opportunities with the Group companies); and
(ii) the sector of activity of the Data Subject (for example, if the Data Subject's activity does not involve outdoor furniture, communications relating to Janus et Cie will not be sent).
In this way, communications are not sent indiscriminately and in a potentially inappropriate manner, but rather considering the immediate benefit for both the Data Subjects (which receive all and only the communications they are potentially interested in) and for the Controller. Each Data Subject will in any case be free to request directly from each group company the transmission of promotional material; in that case the evaluation of the company with which he/she originally had contact will not be necessary;
(the purposes indicated in letters c) to h) are known jointly as the "Legitimate Interest Purposes").
5. On what basis are the Data processed?
The processing of Data is necessary with reference to the Contractual Purposes and the Legal Purposes referred to in paragraph 4, letter a) and b), in order to allow you to participate in the event, to register to the platform, to negotiate, enter into, perform and/or terminate the contract between the Controller and the Data Subject, as well as to adhere to the provisions of applicable legislation. Any failure to provide the Data for those purposes will make it impossible for the Controller to allow you to participate in the event, to register to the platform or to perform the aforementioned contract.
6. How are the Data processed?
In relation to the purposes indicated above, the Data will be processed both using IT or automated tools and on paper, and they will be protected by way of appropriate measures to guarantee the confidentiality and security of the personal data. In particular, the Controller adopts appropriate organisational and technical measures to protect the Data in its possession against loss, theft, as well as unauthorised use, disclosure or modification of the Data.
7. To whom are the Data communicated?
For the purposes stated in paragraph 4, the Controller may communicate - in whole or in part - the Data of the Data Subjects to the following categories of entities:
a) employees of the Controller or of the entities indicated below, as persons in charge of the processing, as part of their respective duties and within the limits established by law;
b) providers of services instrumental to or in support of those performed by the Controller and therefore, by way of example but without limitation, legal, administrative and tax consultants, banking institutions for the management of receipts and payments deriving from the execution of the contract between the Controller and the Data Subject or the company/entity to which he/she belongs, auditing companies, events management companies, companies instructed to send marketing newsletters, providers of technological services, in the capacity of autonomous data controllers or processors;
c) end customers which may request the name or contact of the Data Subject in order to receive the services provided by the latter or by the company/entity to which the Data Subject belongs;
d) sub-suppliers and/or subcontractors engaged in activities connected to the performance of the contract between the Controller and the Data Subject or the company/entity to which he/she belongs, in the capacity of external processors;
e) other companies belonging to the group of which the Controller is part, situated in Italy and abroad, as data controllers for their own marketing purposes;
f) retailers or commercial partners of the Controller or companies of the group to which the Controller belongs which perform services on behalf of the Controller, including the collection of data to be entered in the client relationship management system "CRM". Those entities will act in the capacity of processors;
g) public entities and/or judicial and/or control authorities whose right of access to the data of the Data Subject is envisaged by applicable legislation, in the capacity of autonomous data controllers; and
h) transferees of businesses or business branches, companies resulting from mergers, demergers or other transformations of the Controller, as autonomous controllers.
Some of the entities listed above may be situated in countries outside the European Union or the European Economic Area. More specifically, the Data entered in the CRM database, whose servers are located in the territory of the European Union, will be shared with entities that may, however, be located both inside and outside the EEA, as the Controller offers its products and services to customers and commercial partners in all countries in which it is present.
AUTONOMOUS CONTROLLERS FOR MANAGEMENT OF SALES AT THE SHOWROOMS
Company Name: Poltrona Frau UK Ltd.
VAT no.: GB 766218904
With registered office at: 150 St. John Street - London EC1V 4UD
E-mail: [email protected]
Company Name: Poltrona Frau Group North America, Inc.
VAT no.: non-existent
With registered office at: 151 Wooster Street, 2nd floor - New York NY 10012
E-mail: [email protected]
Access to your Reserved Area to send your request