The following document is an excerpt from General Terms and Conditions of Sale.
4 – PROTECTION OF PERSONAL DATA
Pursuant to art. 13, Legislative Decree. n. 196/03 and subsequent amendments and additions (“Privacy Code”), please be informed that your personal data will be processed, also via electronic means, by TOR by Anna Marconi – sole director, with registered office in Piazza della Repubblica 18, 20124 Milan (MI), Italy, VAT number, 08551130969 and REA: MI-2087780, in the person of the legal representative Marconi Anna as the data controller for the purposes of the carrying out of contracts, the supplying of requested articles and the provision of the services requested, as well as for the fulfilment of obligations under national and/or EU laws and regulations.
Failure to complete the mandatory fields marked with an asterisk [*] will make it impossible for TOR to continue providing the services you have requested. With regard to this aim, you will be asked to give your consent to the relative processing.
Please be informed that you can at any time exercise the rights referred to in Article 7 of the Privacy Code by sending an e-mail to firstname.lastname@example.org
We would in any case invite you in any case to update your data in the case of changes, as well as to read the full text of the code below.
Transcription of the art. 13 of Legislative Decree 30 June 2003, n. 196
1 The person in question or the person whose personal data is collected shall be informed in advance orally or in writing about:
1.1 the purposes and methods of the data processing;
1.2 the mandatory or optional nature of the provision of data;
1.3 the consequences of a possible refusal to respond;
1.4 subjects or categories of subjects to whom personal data may be communicated or who may become aware of them through their positions as managers or employees, and the scope of the communication of said data;
1.5 the rights referred to in Article 7;
1.6 the identification details of the proprietor and, if designated, of the representative in the territory of the state pursuant to article 5 and of the person in charge. When the proprietor appoints new managers, at least one of them is indicated, indicating the site of the communication network or the methods through which the updated list of data processors may be easily consulted.
When a person has been appointed to reply to the interested party in the case of their exercising the rights referred to in Article 7, this person will be indicated.
2 The information referred to in paragraph 1 also contains the elements required by specific provisions of this code and may not include the elements already known to the person providing the data or whose knowledge may hinder in practice the performance, by a public entity, inspection or controls carried out for the purposes of defence or security of the State or for the prevention, detection or prosecution of crimes.
3 The Italian Data Protection Authority can identify with its own provision simplified procedures for disclosure provided in particular by telephone assistance and information services to the public.
4 If personal data is not collected from the interested party, the information referred to in paragraph 1, including the categories of processed data, is to be provided to the subject when registering the data or, when their communication is expected, not after the first communication.
5 The provision referred to in paragraph 4 does not apply when:
5.1 the data is processed on the basis of an obligation established by law, by a regulation or by community legislation;
5.2 the data is processed for the purpose of conducting defensive investigations pursuant to the law of December 7, 2000, n. 397, or, in any case, to assert or defend a right in court, provided that the data is processed exclusively for such purposes and for the period strictly necessary for their carrying out;
5.3 disclosure to the interested party involves the use of means that the Italian Data Protection Authority, prescribing any appropriate measures, declares manifestly disproportionate to the protected right, or is revealed, in the opinion of the Italian Data Protection Authority, impossible.
Transcription of article 7 (Legislative Decree 30 June 2003, n.196)
4.2 – Right of access to personal data and other rights
1 The interested party has the right to obtain confirmation of the existence or otherwise of personal data concerning them, even if they have not yet registered, and the eventual communication of that data in an intelligible form.
2 The interested party has the right to obtain the indication:
2.1 of the origin of personal data;
2.2 of the purposes and methods of processing;
2.3 of the logic applied in case of processing carried out with the aid of electronic instruments;
2.4 of the identification details of the owner, of the managers and of the designated representative pursuant to article 5, paragraph 2;
2.5 of the subjects or categories of subjects to whom the personal data may be communicated or who may learn about them as appointed representative in the territory of the State, managers or agents.
3 The interested party has the right to obtain:
3.1 the updating, rectification or, when desired, integration of data;
3.2 the cancellation, transformation into an anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
3.3 the attestation that the operations referred to in a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which this is shown to be impossible or involves a use of means manifestly disproportionate to the protected right.
4 The interested party has the right to object, in whole or in part:
4.1 for legitimate reasons to the processing of personal data concerning him or her, even if pertinent to the purpose of the collection;
4.2 to the processing of personal data concerning him or her for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communications.
4.3 – Security of browsing and entry of personal data
To ensure total security during browsing and the entry of personal data which precede the actual transaction, TOR uses SSL (Secure Socket Layer) technology.
This technology encrypts and protects data sent over the internet.
When the SSL protocol is activated, the address bar will become green and a padlock icon will appear in it: clicking on this will provide information on the registration of the SSL digital certificate.
The URL will also begin with with “https” instead of “http”: this ensures data protection for the page the customer is browsing.