Furla Privacy Policy
FURLA PRIVACY POLICY
1. Data Controller
This privacy policy explains how Furla S.p.A., a company incorporated under Italian law with registered office at Via Bellaria 3/5, 40068 San Lazzaro di Savena (Bologna), Italy (“Furla” or the “DataController”), processes the personal data of data subjects – i.e. the natural persons to whom the personal data refer – in accordance with the European Regulation 2016/679 (the “GDPR”) and with the data protection law applicable in your country, territory, or location (together with the GDPR, the “Privacy Laws”).
Furla attaches particular importance to the confidentiality, security and protection of data subjects’ personal data and is committed to offering personalised services based on the preferences of each individual.
The personal data of data subjects may also be processed by subsidiaries or affiliates of Furla which are integrated into our CRM (i.e. the customers’ database) as autonomous data controllers for specific purposes established by local legislation, for sales and billing, and for analysis and/or commercial initiatives reserved for them as a result of business decisions taken worldwide by Furla (“Affiliates” – whose company details are indicated in the chart below). Information on this processing is available at the following link: www.furla.com/privacy.
2. Processed data
Depending on the purposes of the processing, the Data Controller may collect and process different categories of the personal data of data subjects (collectively the “Data” or “Personal Data”). Data includes:
personal details such as name, surname, date of birth, home address, country of residence, nationality and gender (“Identification Data”);
contact details such as email address and telephone number (“Contact Data”);
data on purchases such as products purchased, place, date, time and store of purchase, purchase history, delivery details, payment and invoicing methods, as well as any personal data contained in communications between the data subject and the Data Controller concerning products purchased or of interest to the customer (“Purchase Data”);
browsing data such as IP address, information on the browser used by the data subject, pages visited, date, time and duration of each visit, other parameters related to the data subject’s operating system and computer environment, as well as any other information on the data subject’s activity in Distance Selling Channels (as defined below) – for example: products viewed, frequency of viewing, purchasing habits and how the data subject interacts with our website, etc. – which will be collected via cookies and/or scripts, and also via buttons or widgets1 (“Browsing Data”)2;
profiling data such as the information collected: (i) following an analysis of the personal data of data subjects regarding, for example, their interests and preferences, as indicated directly by the data subject; and/or (ii) an analysis of other personal data on the data subject such as, for example, Personal Data, Browsing Data and Purchase Data – both in aggregate and individual form (“Profiling Data”).
3. Methods of acquiring personal data
The Data Controller may collect the Personal Data of data subjects – in paper form or in electronic form, e.g. via tablets – through the following channels:
a) the website (the “Website”) following: (i) registration of the data subject on the e-commerce; (ii) registration for the newsletter; (iii) the completion of a purchase in “guest” mode; and/or (iv) their browsing activity;
b) the distance sales channels adopted by the Data Controller that enable the data subject to purchase Furla products at any time – for example, instant messaging applications, etc. – (“Distance Selling Channels”); and
c) our stores and/or franchisees (“Stores”) and/or Affiliates – including through specific apps provided to sales assistants.
4. Purpose of processing
Furla wishes to process the Personal Data of data subjects for different purposes. Each purpose involves the processing of different categories of personal data and is legitimised on a different legal basis.
In particular:
a) fulfilment of legal obligations: fulfilment of obligations relating to product liability or warranty, together with obligations of a taxation, contributory and consumer obligations;
b) purchase of products and related services3: the fulfilment of obligations strictly related to the purchase of a product and any related service such as, for example, the creation of an account on the Website, the management and monitoring of a wishlist and orders, home or in-store delivery of goods, the “book an appointment” service, virtual shopping (through various channels, such as instant communication apps), warranty and assistance in the event of loss of payment receipts, returns and repairs management, customer support (including support for order completion and payment for online purchases), reminders of products in the online shopping cart, and after-sales support;
c) profiling: analysis of the behaviour of data subjects on Distance Selling Channels, on the Website and at Stores and Affiliates, the processing of information and its comparison against KPIs on the preferences and purchasing habits of data subjects, the viewing by sale assistants of purchase history, preferences and, in general, the results of processing by our IT systems of information collected on the data subject in order to: (i) offer the data subject personalised offers and products that are always suited to their needs and interests; (ii) ensure a unique and customised shopping experience and customer care; and (iii) offer the option to participate in events that Furla believes may be of interest to them; data subjects may always change their preferences for contact channels by writing to privacy@furla.com;
d) marketing: the implementation of commercial, advertising, promotional and general marketing initiatives such as, for example, the sending of the newsletter with information on products, offers and discounts offered by Furla; the sending of relational communications (also) via instant messaging, social media, text message and telephone communication, including the sending of greeting messages to the data subject (e.g. on the data subject's birthday and anniversary at Furla) and invitations to special events organised by Furla; data subjects may always change their preferences for contact channels by writing to privacy@furla.com, or through the unsubscribe function included in the marketing communication;
e) profiled marketing: the sending of specific marketing communications that reflect the interests and preferences of each data subject following profiling - for example the sending of communications aimed at raising awareness of the world of Furla and fostering interest in the brand; clienteling activities (such as the sending of personalised offers for products suited to the data subject’s needs), guaranteeing a unique and personalised shopping and customer care experience and offering the chance to participate in events aimed exclusively at individual data subjects, or that Furla considers to be of interest to them; data subjects may always change their preferences for contact channels by writing to privacy@furla.com, or through the unsubscribe function included in the profiled marketing communication;
f) legal defence: the safeguarding of legal defence requirements in relation to any disputes that may arise with the data subject following the execution of the contract or use of the Distance Selling Channels, and in general the requirement to protect Furla, including through enforcement of its terms of online payments and fraud prevention.
5. Legal basis of the processing and period of retention
The following chart sets out the processed Data, the legal basis and the retention period for each of the purposes of processing described above.
6. Methods of processing
Personal Data may be processed electronically or in paper form. Furla has taken appropriate organisational, physical, legal and technical measures to ensure that the Personal Data is kept secure, confidential and used only for the purposes indicated in this policy statement, and to enable the data subject to fully exercise the rights guaranteed by the GDPR and the other applicable Privacy Laws.
Subject to the retention periods set out above for each purpose of processing, Personal Data will be retained for a period not exceeding which is strictly necessary for such purposes and, in any event, not exceeding the legal terms provided for by applicable statute of limitation, or by the terms indicated in specific relevant administrative provisions. Following such periods, the data will be destroyed or anonymised.
As it is not possible to guarantee the security of online data transmission or the data storage system with 100% certainty, you are advised not to send any information in addition to what is required by Furla for the purposes described above, as such information will be deleted.
It is your responsibility to protect your login credentials to accounts created on the Website, as set out in the relevant terms and conditions. Furla will never ask you to provide such information.
Further information on the processing of Browsing Data can be found in the cookie policy at the following link www.furla.com/cookie-policy.
Mandatory or optional nature of Data provision
The provision of certain Data is necessary to make a purchase of products and/or use services related them. Failure to provide such Data will result in it being impossible to proceed with the execution of contracts and the fruition of relevant services.
The provision of Data for the purposes indicated in letters c), d) and e) of Article 4 above (marketing, profiling and profiled marketing) is optional. In such cases, failure to provide Data will not have any negative consequences and will not in any way preclude the purchase of Furla branded products or the fruition of the related services.
Consent given may be revoked at any time by contacting Furla at privacy@furla.com. Processing carried out prior to the revocation of your consent will remain valid.
Automated processing
Personal Data may also be processed by automated means for the purposes indicated in letters c), d) and e) of Article 4 above (marketing, profiling and profiled marketing).
Using profiling tools, the Data Controller is able to cross-reference and re-process Personal Data in order to create groups of customers grouped together on the basis of: (i) purchasing attitudes and behaviour (e.g. spending and frequency of purchases); and (ii) interests and types of products and services purchased and/or viewed.
The inclusion of the data subject in a certain group enables Furla to offer her/him – if consent has been given, where required by the applicable Privacy Laws – types of products and services that are in line with the data subject’s purchasing preferences (for example products that he/she usually views or purchases) and the characteristics of the group to which he/she belongs.
In compliance with the GDPR, a specific impact assessment has been conducted on the automated processing described herein, in order to confirm the lack of significant risks to the rights and freedoms of data subjects and to ensure that processing takes place impartially, effectively, and without harmful consequences for the data subject. You can always request a copy of the impact assessment summary by contacting Furla at privacy@furla.com.
In any event, Furla may perform internal market analysis activities, in aggregate form, aimed at obtaining information on the performance of its business, that of its Affiliates and Stores and, in general, aimed at managing and planning its business. To this end, Furla will adopt appropriate technical and organisational measures to guarantee a level of security adequate to the risk (such as, for example, the pseudonymisation and/or anonymisation of Personal Data collected on the data subject as well as Data deriving from profiling activities). Therefore, since this form of analysis concerns information that can no longer be traced back to any data subject, it will not involve the processing of personal data.
7. Place of processing and Data sharing
The Data will be processed by parties to whom the Data Controller has given appropriate operational instructions, particularly with regard to the security measures adopted. Furla will not disclose, transmit and/or communicate the Personal Data to third parties that are not appointed as data processors, with the exception of companies providing consultancy services that require a wide margin of operational autonomy and public authorities that may request access to the Personal Data and which process the Personal Data as autonomous controllers.
Furla may share the Data with specialist companies to which Furla entrusts, as data processors, tasks of a technical and organisational nature necessary to manage customer relations. These include companies that provide service, payment, shipping or storage services for the purchase of products or customer relationship documentation, and companies that assess service quality and customer satisfaction, or that perform marketing and profiling tasks, including profiled marketing, sometimes on a local basis, on behalf of Furla.
The Purchase Data necessary to finalise payment, such as credit card details, will be processed by external providers acting as autonomous data controllers or data processors duly appointed by Furla, depending on the service offered.
Data relating to communications exchanged with the points of sale may be processed by the communication service provider, as an independent data controller, to improve its service, perform checks provided by law (e.g. anti-fraud, anti-spam etc.), as well as to prevent illegal activities. The supplier's privacy policy is available at the following link: https://messagebird.com/en/legal/privacy.
The Personal Data of the data subject will be entered into the Furla CRM database, processed in accordance with the purposes described above and stored for the period necessary to achieve them. The servers on which the data present in the CRM is stored are located in Ireland in a Microsoft Azure environment. Through CRM, Furla will share Personal Data with Affiliates and/or Stores that are integrated in our CRM system and which are appointed as processors or will process data as controllers, depending on the relationship with Furla. Such Affiliates and/or Stores may be located within and outside your country of residence and within and outside the EEA, as Furla offers customers the option to receive offers in line with their interests and needs in all countries where Furla operates. In particular, Personal Data can be accessed by personnel of Affiliates and/or sales assistants at the Stores in accordance with the access segregation policy adopted by Data Controller (for example, if you visit a Furla store in a country other than your country of residence, the Data will also be accessible at that store).
Where Personal Data is sent to states other than your country of residence or to states outside the EEA, the Personal Data shall be protected by appropriate security systems which are continually updated and maintained in accordance with applicable Privacy Laws (for example, specific data processing agreements are in place and non-EEA data processors have signed the European Commission's Standard Contractual Clauses).
A list of the entities with which Personal Data is shared can be found at the following link www.furla.com/privacy. You can always request a copy of the Standard Contractual Clauses of the European Commission or other applicable data transfer safeguards by sending an email to privacy@furla.com or by consulting the European Commission website.
8. Rights of data subjects
According to the GDPR, as well as to any relevant Privacy Laws, each data subject is entitled to access his/her data and in particular to obtain confirmation that Personal Data processing has or has not taken place and to know its content, origin, and the processing in progress at any time. You also have the right to verify its accuracy or to request that it be supplemented, updated, rectified, restricted or deleted, and that it not be subject to automated decisions without review by a natural person at the request of the data subject.
In addition, each data subject has the right to request data portability, to lodge a complaint with a competent Data Protection Authority, to object at any time to the use of Personal Data for the purposes indicated in letters c), d) and e) of Article 4 of this privacy policy (marketing, profiling and profiled marketing) and to revoke at any time the relevant consent, if given.
To exercise these rights, you can contact Furla by sending a request to the following email address: privacy@furla.com. Furla will provide information on action taken on a request to the data subject without undue delay and in any event within one month of receipt of the request.
For any matter related to the processing of Personal Data and/or the exercise of rights, the Data Protection Officer of Furla S.p.A. Dr. Eufemia Marvulli can be contacted at the following contact details: Via San Raffaele, 5 - 20121 Milan; email: dpo@furla.com.
Privacy policy updated on February 1st, 2022
AFFILIATES INTEGRATED INTO FURLA CRM
FURLA S.P.A. | Via Bellaria 3/5 40068 San Lazzaro di Savena, Bologna IT |
KENT SA FURLA | Space num 41 Maasmechelen Village Zatellan 100, Maasmechelen Belgium |
FURLA UK LTD | 114 St Martin’s Lane. Covent Garden, London WC2N 4BE |
FURLA ESPANA SL | C/Pau Claris, 97, 4°1 - 08009 Barcellona |
FURLA IRELAND ACCESSORIES LTD | 6th floor, South Bank House, Barrow Street, Dublin 4, Ireland |
FURLA GERMANY GMBH | Theatinerstrasse. 30 80333 - Munchen |
FURLA FRANCE SAS | 68 Rue Faubourg Saint Honoré 75008 – Paris |
FURLA AUSTRIA GMBH | Designer Outlet Strasse 1 Parndorf A-7111 Austria |
FURLA HOLLAND B.V. | Stadsweide 438, Unit 320, 6041TP Roermond, The Netherlands |
FURLA POLSKA Sp. Z.o.o. | Ul. Floriańska 2 - 03-707 Warszawa, Poland |
FURLA SWITZERLAND SA | c/o Fidinam SA, succursale di Mendrisio Via Franco Zorzi 18 |
FURLA PRAGUE S.R.O. | Jindřišská 937/16, Praha 1 - Nové Město, CZ |
FURLA PORTUGAL, LDA | Rua Rodrigo da Fonseca, n.º 82, 1.º direito, 1250-193 Lisboa |
FURLA SAN MARINO S.R.L. | Strada degli Angariani n. 41 47891 san Marino |
FURLA (USA) INC. | 530 7th Avenue, Floor M1- New York, NY 10018 |
FURLA JAPAN CO. LTD | Jingumae Tower Bldg., 5-8, Jingumae 1-Chom, Shibuya -ku, Tokio, Japan |
FURLA AUSTRALIA PTY LTD | Level 10, 379 Collins Street Melbourne Vic 3000 |
POINTS OF SALE IN FRANCHISING INTEGRATED INTO FURLA CRM
MENDINO & CO. SRL | Via Italia, 37/3 – 20900 Monza |
ASAR | Viale Libia, 203/205 – 00199 Roma |
LOOK BOUTIQUE DI LYUBCHENKO OLGA | Contrada della Pieve – 47890 San Marino |
TOMANI SRLS | Corso Vittorio Emanuele, 44 – 33170 Pordenone |
LIFESTYLE | P.za della Cisterna, 16 – 53037 San Gimignano |
RO-RO | San Marco, (S. Salvador) 4833 – 30124 Venezia |
CALZABELLA | Via Mazzini, 55 / Vic. 3 Marchetti,16 - 37100 Verona |
1 Social media buttons/widgets: these are special ‘buttons’ showing social network icons (e.g. Instagram, Facebook, TikTok, YouTube, LinkedIn) which enable you to reach and interact with social networks with one click. By clicking on social media buttons/widgets, the social network collects data on the user's visit to the website. Apart from these cases, the Controller does not share or disseminate browsing information or user data with any social network.2 Further information on the collection of Browsing Data is provided in the cookie policy, as specified below.3 The terms of individual services related to the purchase will be made known from time to time by Furla through its Distance Selling Channels or at its Stores.