With this note, Coin S.p.A. wishes to inform users visiting the website “www.coin.it" (hereinafter the "Site") of the Policy adopted regarding Personal Data Protection, emphasising its commitment and focus on protecting the privacy of visitors to the Site.

Visitors may browse the website freely and are not obligated to register, except in certain areas of the same, in which the user can freely and expressly provide a series of personal data in order to access services for which their specific consent is required. Therefore, where visitors wish to provide their personal data to gain access to additional services, they will be expressly informed pursuant to article 13 of the EU Regulation 2016/679 - General Data Protection Regulation, specifying (by way of example) the purposes and methods of use of the data by Coin S.p.A., as well as the right request at any time the erasure of the data or their updating.

Privacy policy on the protection of personal data 
 

Pursuant to and by effect of EU Regulations 2016/679 - General Data Protection Regulation (hereinafter referred to as the "Regulation"), Coin S.p.A. provides the following information.

1. Data Controller and Data Protection Officer 
 

The Data Controller for the processing of personal data is Coin S.p.A., with registered office in Mestre (Venice), via Maderna No.11, POSTAL CODE 30174 (hereinafter referred to as "COIN"). The Data Protection Officer, for the management of the Site, is salesforce.com Italy S.p.A., Via Copernico, 36-42 20125 Milan - Italy. You may request the name of the Data Protection Officer, as well as the complete list of the Data Protection Officers by sending a request to the addresses specified in point 10.

2. Types of personal data processed 
 

To access the Site, you do not need to sign-up. However, some sections in the Website do require you to sign-up or to use a username and password (e.g. to complete the online purchase process), or there are also certain services for which you must provide your data should (e.g. your data may be required if you wish to access the Newsletter services, contact us, share your “Wish List” with a friend, etc.). 

Click here for more information.

With reference to the browsing data within the Site, also refer to point 6 below regarding the Profiling Tools used by the Site. 

3. Purpose and legal basis for the processing

The data are collected and processed for purposes strictly related to the use of the Site and its services. The purposes for which the data are used are specified in detail in each privacy policy provided by the Site in all cases of data collection. Therefore, we ask you to read the privacy policies that from time to time describe the type of data processing that will be carried out by COIN (e.g. to sign-up to the website, to subscribe to the Newsletter, etc.).

Your data will be processed in full compliance with the privacy regulation.

4. Optional provision of personal data 
 

The provision of personal data is generally optional. Only in certain cases, failure to provide data may make it impossible to access specific services and obtain what may be requested (e.g. sign-up is necessary to proceed with the purchase of products online); failure to provide such data may therefore prevent COIN from allowing access to the services offered on the Site or to fulfil users' requests.

The data required from time to time are indicated in the data collection forms on the Site - e.g. by marking them with an asterisk (*) - and the consequences of not providing them are reported in the specific privacy policy on the pages where the data are collected.

5. Methods of data processing and scope of the communication 
 

The data will be processed both on electronic and paper media. COIN guarantees that the personal data provided via the Site will be processed lawfully and correctly, in full compliance with the legislation in force, and will maintain the strictest confidentiality regarding the data provided during registration. All the information collected is transmitted through a secure connection so as to prevent it from being intercepted by strangers. Site security is guaranteed and certified by a leading provider of Internet security services. 

The data will not be communicated or disclosed to third parties except within the limits and conditions expressly indicated in the privacy policy from time to time provided to the user and only upon the user's prior authorization (e.g. to companies that provide product shipping services). The data will be processed by personnel expressly authorized to manage the Site of the E-commerce Department. .

Exclusively for organizational and practical purposes, we have appointed a few service providers necessary for the management of the Site as external Data Protection Officers for purposes strictly connected and related to the provision of the services required, among these providers is OVS S.p.A., with registered office in Mestre (VE), via Terraglio No. 17, Data Protection Officer for the management of our information systems. A complete list of external Data Protection Officers can be requested by contacting https://www.coincasa.it/SERVIZIOCLIENTI

6. Links to other sites 
 

This note is only applicable to the Coincasa Website and is not valid for any other websites that may be browsed by the user via links on the same. COIN cannot be held responsible for the personal data provided by the users to external parties or to any other websites that may be linked to this site.

7. “Profiling” and/or customisation tools
 

COIN does not carry out any promotional communication and/or advertising activities without the user’s prior explicit consent. 

The Site uses "cookies", both technical cookies (that is to facilitate browsing and use of the Site) and profiling cookies (that is to analyse users and their behaviour and preferences, and to send to them customized advertising).

For a detailed explanation of the cookies used on the Site and how to disable them, please read our Cookie Policy.

8. Data Processing Location
 

The data processing related to the services provided by the Site are carried out at the COIN offices listed in point 1 above and are carried out by the persons in charge of the processing in the E-commerce Department.  The data may also be disclosed to the persons in charge of the Information Technology Department of OVS S.p.A., appointed as external Data Protection Officer pursuant to art. 28 of the Regulation. 

9. Data Storage Period

Your data will be processed for the time established in the specific privacy policies provided at the time of the collection (e.g. sign-up to the Coincard program, use of the contact service, etc.). Please read more details here.

Concerning storage time for the data collected through the use of profiling tools (e.g. cookies), please refer to our Cookie Policy.

10. Right of the interested party 
 

By sending a message to Coin to the e-mail addressecommerce@coin.it or by using the form found on www.coincasa.it/servizio-clienti you may at any time exercise the rights established in articles from 15 to 22 of the Regulation, including: which data are being processed, which methods are used for the processing and for what purposes we use your data, change the data that you provided or erase them, ask us to limit the use of your data, request to receive or transfer your data without prejudice to the possibility of revoking any consent (that you may have provided). In addition, you can always oppose the processing of your data, in particular for processing performed for marketing purposes or to analyse your personal preferences.

11. Complaint

We would like to remind you that, if at any time you believe that the processing of your data violates the provisions of the Regulation, you can always file a complaint to the Data Protection Authority (www.garanteprivacy.it), or to the Guarantor of the Privacy in the country in which you usually reside, work or of the place where the alleged violation occurred.

12. Data protection officer

The Data Protection Officer can be contacted at the email address: dpo@coin.it.

13. Applicable law
 

This Privacy Policy is governed by the EU Regulation 679/2016 which guarantees that the processing of your personal data is carried out in full respect of fundamental rights and freedoms, as well as of the dignity of the interested party, with particular reference to confidentiality, personal identity and the right to protect personal data.

14. Amendment Clause
 

COIN reserves the right to review, amend or simply update, in full or in part, at its sole discretion, in any manner and/or at any time, without advance notice, this Privacy Policy, as well as the other notes and communications included in this website, also in consideration of the amendments to laws or regulations concerning the protection of personal data. The changes and updates to the Privacy Policy will be notified to users on the Home Page of the Site as soon as they are adopted and they shall be binding as soon as published on the Site in this section. Therefore, we would like to invite you to access regularly this section to check the latest and most updated version of the Privacy Policy.

The full text of the EU Regulation 2016/679 - General Data Protection can be browsed on the Data Protection Authority website at www.garanteprivacy.it.