PRIVACY POLICY - Le Naty - Luxury - Beachwear - Made in Italy - Collezioni , Bikini , Costumi da bagno , Swimwear , Swimsuits handmade and embroidered, Kaftans , Bags , Beach Couture , Moda Mare, Costumi da bagno lavorati e ricamati a mano, Collezione Spring-Summer, Moda Mare , Costumi mare , Costumi , Le Naty , Designer Swimsuits, Designer Swimwear , Designer Beachwear , Shop Online , Boutique Online , Resortwear , Luxury Dress ,

Go to content
PRIVACY
PRIVACY
This Privacy Policy provides users of  this site (the “Site”) with the fullest and clearest information on the  processing of their personal information through the Site under the  General Data Protection Regulation (GDPR) and the Personal Data  Protection Code.
Pursuant to statutory requirements, this Privacy Policy also indicates:
  • • The nature of the personal information processed;
  • • The purposes and means of the processing of personal information;
  • • The identity and contact details of the Data Controller(s);
  • • The contact details of the Data Protection Officer (DPO);
  • • Any third parties involved in the processing activities;
  • • The retention period of personal information;
  • • The security measures adopted to protect personal information;
  • • The privacy rights of users.

This Privacy Policy applies to the Site only and does not concern any website or platform to which the Site may link.
Users with fewer than 16 (sixteen) years  old are not allowed to consent to the processing of Personal information  without parental authorization.

DATA PROCESSOR AND CONTROLLER
Under the GDPR, the controller is the  subject that, alone or jointly with others, determines the purposes and  means of the processing of personal information.
The joint controllers for the data processing related to the activities of the Site are:
  • • LE NATY - GLITTER SISTERS S.R.L , VAT 05224520758Italy; contact: info@lenaty.it
  • (the "Controllers")
 
There is a designated Data Protection  Officer to ensure that the Site processes personal information in  compliance with the GDPR. The DPO can be contacted for any enquiries at  the following email address: info@lenaty.it
With respect to personal information of  non-registered users who have opted to receive newsletters and marketing  communications, Le Naty acts as the sole Controller, using  Le Naty as processor of these activities.

PERSONAL INFORMATION. PURPOSES OF PROCESSING.
“Personal information” means any  information relating to users and that identifies them personally,  either alone or in combination with other information.
Personal information is collected  automatically by the Site or received via multiple sources: forms, chat,  e-mail, apps, devices, social media and other means.
The Site processes personal information in various shapes for the following purposes:

• BROWSING DATA

The Site collects non-sensitive browsing  data by automatic means in order to enable and improve user navigation  (e.g., IP address, date/time of the visit and its length, any referring  URL, the pages visited on the Site, the device used and other  information).
The processing of such information allows  users to access the Site and fully enjoy its features and services.  Furthermore, browsing data may be used to verify that the Site is  functioning properly.
From time to time, browsing data are processed anonymously for statistical purposes.
Browsing data are unlikely to allow  identification of the relevant data subject. However, by their very  nature, browsing data may allow identification of the users if  associated with other information.
The browsing data described above are stored only temporarily in compliance with the applicable law.

• ORDERS

At checkout, the Site asks users to  provide personal information for the essential purpose of fulfilling  their purchase orders and comply with contractual obligations (e.g.,  name and surname, e-mail address, delivery address, etc.).
Such personal information is also  essential for the Customer Service to assist customers on enquiries and  for any related necessity, before or after the sale (for instance, with  respect to the order delivery status or on product returns).
Personal information related to orders  will be stored as long as required to comply with contractual  obligations and with the applicable tax and financial reporting  obligations.
The Site may also verify the payment  instruments used by customers to purchase on the Site (e.g. credit or  debit card, etc.) for the main purpose of preventing fraudulent  activities or pursuant to the applicable anti-money-laundering laws. As  full reliance for payment verification is given to third party payment  processors, the Controllers do not process or store any financial  information belonging to customers.
Failure to provide the personal information required at checkout will prevent users from completing an order on the Site.
Based on its legitimate interest to  improve its relationship with customers, the Site will send to the  latter email, communications with product suggestions, discounts,  feedback requests or other updates. Customers are always free to  unsubscribe from such email communications (for instance, by clicking on  the “unsubscribe link” at the bottom of each email).

• SITE REGISTRATION

When users opt to register a personal  Site account, they are asked to submit personal information (e.g., date  of birth, gender, etc.). The Site clearly indicates which personal  information is mandatory (or not) to set up a Site account.
Users must submit personal information  that is true and accurate at the moment of registration and are invited  to maintain their personal information up-to-date (if any modification  occurs) by logging into the personal account to make all relevant  changes.
Users who choose to enable or log in to  their Site account via social media, should be aware that when they  connect their Site account to a social media account, the Site collects  certain personal information the User has already provided to that  social media (for example, the email address and public profile on  Facebook).
The Controllers do not oversee or control  such social media services or the user’s profiles on these services,  and do not establish privacy settings or rules for how personal  information on those services will be used. Users are highly encouraged  to read all policies and information regarding the applicable social  media services to learn more about how they process personal  information.

• NEWSLETTER AND MARKETING COMMUNICATIONS

On the Site, users can opt to receive newsletters and commercial communications.
The Site always collects the explicit,  free and unambiguous consent of users prior to submitting newsletters  and marketing communications to these users or, more in general, before  undertaking electronic marketing initiatives dedicated to them.
In such cases, users may be invited to  submit personal information in addition to their e-mail address (e.g.,  gender, country of residence, etc.) for the purpose of having newsletter  and marketing communications tailored to the user profile.
Users can always easily withdraw their consent from receiving newsletters and commercial communications in the following ways:
  • • Through their account settings;
  • • By clicking on the ‘unsubscribe’ link in any of such email;
  • • By contacting our Customer service.
 
With respect to personal information of  non-registered users who have opted to receive newsletters and marketing  communications, Le Naty  acts as the sole Controller, using  Le Naty as processor of these activities.

• PROFILING

Under the explicit user’s consent,  newsletter and marketing communications may be tailored to the user  “profile”, based on the personal information the Site collects or  receives about the concerned user.
With respect to the customers of the  Site, it is in the Site’s legitimate interest to process personal  information to offer more interesting products, to improve the Site and  to personalize the products offered on the Site.
The main purpose of profiling is to  propose products, services and initiatives more responsive to the  tastes, shopping habits and interests of users and customers.
Personal information may be also used for  remarketing, retargeting or profiling purposes, including via third  parties (e.g., social networks, etc.).
Neither the Site nor the Controllers will ever carry out any profiling activities relating to children.


COOKIES
Information relating to the cookies used on the Site can be found at the following link: Cookie Policy.


SHARING AND TRANSFER OF PERSONAL INFORMATION

The Controllers may transfer personal  information of customers to primary third-party suppliers, acting as  “data processors” (the “Processors”), for the purpose of performing  business operations in order to fulfil their contractual obligations.
The Controllers will make their best  effort to ensure that all Processors will apply their industry best  practice to protect personal information and that they will not use  personal information for any other purposes than those agreed with the  Controllers.
For instance, the Controllers may share personal information with the following categories of Processors:
  • • Couriers and postal operators;
  • • Fulfilment centers and warehouses;
  • • Advertising, digital, marketing and social media agencies;
  • • IT service providers;
  • • Customer care service providers;
  • • Payment service providers;
  • • Persons, companies or professional firms that provide assistance  and advice to the Holders in accounting, administrative, legal, tax and  financial matters;
  • • Subjects, bodies or authorities to whom it is mandatory to  communicate personal data for purposes of compliance, abuse or fraud, or  by order of the Authorities.
 
In such cases, sharing personal  information with the Processors is necessary for the Controllers to  fulfil their contractual obligations and, also, to improve the Site’s  products and services.
Users can request an updated list of the  Processors involved in the processing of personal information relevant  to the Site’s activities by writing an email to:info@lenaty.it
The Controllers must always reserve the  right to disclose personal information about users as required by law  (for instance, in response to law enforcement requests), and where  needed to protect the rights of the Controllers or their affiliates or  third parties.
Moreover, personal information may be  disclosed to other companies within the same corporate group of each of  the Controllers, or to third parties in the event of a corporate  restructuring process, in full compliance with the applicable law.
In any other cases, the sharing of  personal information will be conditional upon the preliminary and  explicit consent of the user, unless processing is allowed under an  alternative legal basis.
The Controllers will not transfer  any personal information outside the European Economic Area (EEA),  unless the user has explicitly authorized such transfer or the transfer  of personal information outside the EEA is allowed by the GDPR on  another legal basis.


PROCESSING METHODS AND SECURITY MEASURES

Personal information of users is processed  by the Controllers with IT, automated and electronic tools and, in  limited cases, by using documentary means. In accordance with the GDPR,  specific security measures have been implemented to prevent data loss,  unlawful or improper use, and unauthorized access.
Only authorized employees of the  Controllers, and authorized employees of the third-party suppliers,  acting as Processors on behalf of the Controllers, have access to  personal information related to the Site activities. Data processing  agreements are in place with the Processors to ensure that they always  meet the level of security required by the GDPR while processing  personal information related to the Site activities.
While the Site adopts primary security  measures to prevent loss, destruction or dissemination of personal  information, at the same time it cannot exclude the safety risks that  are naturally involved by online transmission of data. The user accepts  the inherent risks of providing personal information over the internet  and will not hold the Site responsible for any breach of security,  unless this breach is due to the Site’s negligence or willful default.


RETENTION OF PERSONAL INFORMATION

The Controllers will store personal  information for as long as it is needed to provide users and customers  with the required services or to meet legal or tax obligations or for  the minimum period prescribed by the law.
In order to determine the appropriate  retention period for personal information stored by the Site under user  consent, the Controllers will take into account multiple factors to  ensure that personal information is not stored for longer than the  necessary or appropriate period. Such criteria will also include:
  • • The purpose for which the Site holds personal information;
  • • Legal, tax and regulatory obligations in relation to that personal information;
  • • The type of ongoing relationship with the concerned user or  customer (how often the user logs into their Site account, whether users  continue to receive marketing communications, how regularly they browse  or buy on the Site, etc.);
  • • Any specific user request in relation to the deletion of personal information;
  • • Legitimate business interests.
The Site will promptly delete or anonymize personal information that is no longer needed or retained according to the law.


CONNECTION TO THIRD-PARTY WEBSITES OR PLATFORMS

The Site may contain banners, advertising  messages and other links to third-party websites or platforms. The  Controllers cannot control or be held responsible for the conduct of  such third-party websites or platforms with respect to privacy law.  Users are encouraged to read their privacy policies to verify how they  collect and process personal information.


THE RIGHTS OF USERS

Users are entitled to receive confirmation as to whether the Controllers hold any personal information about them.
If this is the case, under the GDPR, users also hold the rights to:
  • • Be informed about the collection and use of their personal information;
  • • Access their personal information at no cost;
  • • Have inaccurate personal information rectified, or completed (when it is incomplete);
  • • Have personal information erased (“the right to be forgotten”);
  • • Under specific conditions, obtain the restriction or suppression of their personal information;
  • • Obtain and reuse their personal information for their own purpose  across different services when processing is based on a contract or on  consent, and the processing is carried out by automatic means (“the  right to data portability”);
  • • Under specific conditions, to object to the processing of their personal information;
  • • Object at any time to the use of personal information for “profiling” or “automated decision-making” purposes.
  • • The right to submit complaints related to the collection and  processing of personal information to the competent supervisory  authority;
  • • The right to withdraw consent to the processing of personal information at any time.
 
Users can contact the Site for any enquiry  and to exercise their privacy rights at the following email address:  info@lenaty.it


CHANGES TO THIS PRIVACY POLICY

Any future changes to this Privacy Policy  will be posted on the Site and, where appropriate, notified to users by  email. Users are encouraged to read this Privacy Policy frequently to  check for any updates or changes.


Last update: July 2019
Back to content