Login

Cart

Your cart is empty

Privacy policy

The purpose of this privacy policy is to provide all the information on the processing of personal data carried out by OFF Basic S.r.l. when the user registers on the "LNDV Digital Drawer™" (as indicated below).

1. INTRODUCTION - WHO WE ARE

OFF Basic S.r.l. with registered office in Via Lentasio 9, 20122 Milan, Italy, Tax Code/VAT No. 11560290964 (hereinafter, the "Data Controller"), owner of the website https://lndv.com (hereinafter, the "Website"), in its capacity as data controller in relation to users’ personal data using the Website (hereinafter, the "Users") hereby provides the privacy policy pursuant to art. 13 of the Regulation EU 2016/679 of the Council of 27 April 2016 (hereinafter, the "Regulation", or the "Applicable Law").

2. HOW TO CONTACT US?

The Data Controller takes the utmost account of its Users’ right to privacy and protection of personal data. For any information related to this privacy policy, Users may contact the Data Controller at any time, using the following methods:

  • By sending a registered letter with return receipt to the registered office of the Data Controller in: Via Lentasio 9, 20122 Milan, Italy.
  • By sending an e-mail message to the address: privacy@offbasic.com

The Data Controller has not identified a Data Protection Officer (DPO), as he is not subject to the obligation provided for in Article 37 of the Regulation.

3. WHAT DO WE DO? - PURPOSES OF PROCESSING

By browsing the Website, the User can register to the "LNDV Digital Drawer™" by creating an account in order to get benefits linked exclusively to membership of the aforementioned service, such as, for example the possibility of purchasing products on the Website at competitive prices, the possibility of enjoying free delivery for the products purchased on the Website, acquiring loyalty points (i.e. "Loyalty Points") and saving on future purchases (hereinafter, "Service").

In relation to the activities that may be carried out through the Website, the Data Controller collects Users’ personal data.

This Website and the services that may be offered through it are reserved for individuals who are at least eighteen years old. Therefore, the Data Controller does not collect personal data relating to persons under 18 years of age. Upon Users’ request, the Data Controller will promptly delete all personal data unintentionally collected relating to persons under 18 years of age.

The Users’ personal data will be lawfully processed for the following purposes:

a) Contractual obligations and provision of the Service: to allow browsing of the Website or to allow the User to register on the LNDV Digital Drawer™ and use the Service; to fulfil specific User requests. The User's data collected by the Data Controller for the purposes of the creation of the account and registration to the LNDV Digital Drawer™ include: name, surname, e-mail, date of birth, mobile phone number. By subscribing to the "LNDV Digital Drawer™" the User agrees to receive communications via e-mail containing offers and promotions relating to the products that can be purchased on the Website.
Unless the User gives the Data Controller a specific and optional consent to the processing of his/her data for further purposes provided for in the following paragraphs, the User's personal data shall be used by the Data Controller for the exclusive purpose of ascertaining the identity of the User (also by validating the email address), thus avoiding possible fraud or abuse, and contacting the User for service reasons only (e.g. sending communications relating to the services offered with the subscription to the "LNDV Digital Drawer™"). Without prejudice to what is provided for elsewhere in this privacy policy, under no circumstances shall the Data Controller make Users' personal data accessible to other Users and/or third parties;

b) administrative-accounting purposes, i.e. to carry out activities of organisational, administrative, financial and accounting nature, such as internal organisational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;

c) legal obligations, i.e. to comply with obligations imposed by law, an authority, a regulation or European legislation.

The provision of personal data for the above-mentioned processing purposes is optional but necessary, since failure to provide such data will make it impossible for the User to subscribe to the Service offered through the Website.

If you do not register to the Service, your ability to browse the Website and purchase products through the e-commerce platform offered by the Website will not be affected in any way.

4. FURTHER PURPOSES OF PROCESSING

Marketing (sending of advertising material and commercial communications)

Some of User's personal data (i.e. name, surname, mobile phone number) may also be processed by the Data Controller for marketing purposes (sending advertising material and commercial communications), i.e. so that the Data Controller can contact the User by mobile phone, with automated call or call communication systems with/without the intervention of an operator and/or SMS and/or Messaging Apps (i.e. Whatsapp) to send the User with offers, promotions and commercial opportunities relating to the purchase of products and/or services offered by the Data Controller itself and/or by third party companies.

If consent is not given, the possibility of subscribing to the service offered by the Website will not be affected in any way.

In the case of consent, the User may revoke it at any time by making a request to the Data Controller in the manner indicated in the following paragraph 8.

If the User wishes to withdraw his/her consent to the sending of promotional communications by telephone, please send a request to the Data Controller in the manner indicated in the following paragraph 8.

The Data Controller hereby informs you that, following the exercise of the right to object to the sending of promotional communications via SMS/Messaging Apps (i.e. Whatsapp) or by phone call, it is possible that, for technical and operational reasons (e.g. formation of contact lists already completed shortly before the Data Controller receives the request for objection), the User will continue to receive some further promotional messages. Should the User continue to receive promotional messages after 24 hours from the exercise of the right to object, please report the problem to the Data Controller, using the contacts indicated in the following paragraph 8.

5. LEGAL BASIS

Contractual obligations and provision of the Service (as described in par. 3, lett. a)): the legal basis consists in art. 6, paragraph 1, lett. b) of the Regulation, i.e. the processing is necessary for the performance of a contract to which the User is party or for the performance of pre-contractual measures taken at the User's request.

Administrative-accounting purposes (as described in paragraph 3, letter b) above): the legal basis is Article 6, paragraph 1, letter b) of the Regulation, as the processing is necessary for the performance of a contract and/or the implementation of pre-contractual measures taken at the request of the User.

Legal obligations (as described in para. 3 letter c) above): the legal basis is Art. 6(1)(c) of the Regulation, as the processing is necessary to comply with a legal obligation to which the Data Controller is subject.

Further processing purposes: for the processing relating to marketing activities (as described in paragraph 4.1 above), the legal basis is Article 6, paragraph 1, letter a) of the Regulation, i.e. the provision by the data subject of consent to the processing of his/her personal data for one or more specific purposes. For this reason, the Data Controller asks the User to provide a specific free and optional consent, in order to pursue such processing purpose.

6. PROCESSING METHODS AND DATA RETENTION PERIODS

The Data Controller shall process the Users' personal data by means of manual and computerized tools, with logic strictly related to the purposes thereof and, in any case, in such a way as to guarantee the security and confidentiality of the data.

The personal data of the Website's Users will be stored for the time strictly necessary to fulfil the primary purposes described in paragraph 3 above, or in any case as long as necessary to protect the interests of both the Users and the Data Controller under civil law.

In the case of paragraphs 4. 1 above, the User's personal data will be stored for the time strictly necessary to fulfil the purposes described therein and, in any case, until the User withdraw his consent.

In any event, any retention periods provided for by law or regulations are not affected.

7. SCOPE OF COMMUNICATION AND DISSEMINATION OF DATA

The User's personal data may be transferred outside the European Union and, in this case, the Controller will ensure that the transfer is carried out in accordance with the Applicable Law and, in particular, in accordance with Articles 45 (Transfer on the basis of an adequacy decision) and 46 (Transfer subject to adequate safeguards) of the Regulations.

The personal data of the Users may be disclosed to the employees and/or collaborators of the Data Controller in charge of managing the Website and the Users' requests. These subjects, who have been instructed in this sense by the Data Controller pursuant to art. 29 of the Regulations, will process the User's data exclusively for the purposes indicated in this information notice and in compliance with the provisions of the Applicable Law.

Users' personal data may also be disclosed to third parties who may process personal data on behalf of the Data Controller in their capacity as Data Processors, such as, by way of example, suppliers of IT and logistical services functional to the operation of the Website, suppliers of outsourcing or cloud computing services, professionals and consultants.

The Data Controller has identified the Shopify platform as the software infrastructure for the supply and management of the e-commerce platform on the Website. The platform's privacy policy can be consulted at the following link https://www.shopify.com/legal/privacy/

Users have the right to obtain a list of any data processors appointed by the Controller by making a request to the Controller in the manner indicated in paragraph 8 below.

8. RIGHTS OF THE DATA SUBJECTS

Users may exercise the rights guaranteed to them by the Applicable Law by contacting the Data Controller in the following ways:

  • By sending a registered letter with return receipt to the registered office of the Data Controller in: Via Lentasio 9, 20122 Milan, Italy.
  • By sending an e-mail message to the address: privacy@offbasic.com

The Data Controller has not identified a Data Protection Officer (DPO), as he is not subject to the designation obligation provided for in Article 37 of the Regulation.

Pursuant to the Applicable Law, the Data Controller informs that the Users have the right to obtain information on (i) the origin of the personal data; (ii) the purposes and methods of the processing; (iii) the logic applied in case of processing carried out with the aid of electronic instruments; (iv) the identification details of the data controller and of the data processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them as data processors or persons in charge of the processing.

In addition, Users have the right to obtain:

a) access, update, rectify or, where interested therein, supplement the data;
b) the cancellation, transformation into anonymous form or restriction of data processed in breach of the law, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.

In addition, Users have:

a) the right to withdraw consent at any time where the processing is based on their consent;
b) the right (where applicable) to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format);
c) the right to object:
i) in whole or in part, for legitimate reasons to the processing of personal data concerning them, even if relevant to the purpose of collection.
ii) in whole or in part, to the processing of personal data concerning them for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication;
iii) where personal data are processed for direct marketing purposes, at any time, to the processing of their data carried out for such purpose, including profiling insofar as it is related to such direct marketing.
d) if they consider that the processing of their personal data is in breach of the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State in which they have their habitual residence, in the Member State in which they work or in the Member State in which the alleged breach has occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, with its seat in Piazza Venezia n. 11, 00187 - Rome (http://www.garanteprivacy.it/).

____________


The Data Controller is not responsible for updating all the links displayed in this Policy, therefore whenever a link is not working and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by that link.