Privacy Policy for Stokke AS
Powered by SIGNATU  
Published: a few seconds ago (March 25, 2021)
Who is responsible for processing your personal data?

Responsibility and role

We decide why and how your personal data are processed. We are responsible for processing your personal data.

  • Data protection officer

    We have a data protection officer.

    Contact

    The contact details are: dpo@stokke.com

  • Enterprise

    We are an enterprise.

Archived Privacy Policy versions
There are no prior Privacy Policy versions available.
What is new in our Privacy Policy?

Changes

Important changes in this Privacy Policy version are: Abbiamo aggiornato le sezioni seguenti: “Quali dati personali trattiamo, come e perché?”, “In quali situazioni trattiamo i vostri dati personali?", "Divulghiamo i vostri dati personali?”, “Trasferiamo i vostri dati personali fuori dall’Unione Europea o dallo Spazio Economico Europeo?” e “Potete scegliere le vostre impostazioni sulla privacy?”.

When is our Privacy Policy published and effective?

When

Our privacy policy is:

  • effective as of: 2021-2-1
What does our Privacy Policy cover?

Where and what

Our Privacy Policy applies to:

In which situations do we process your personal data?

Categories of individuals

We collect personal data:

  • of customers and/or clients.
  • utenti del nostro sito Web e/o destinatari della nostra newsletter.

Situation

We process your personal data in a situation that concerns:

  • una visita al nostro sito Web (cookie), acquisti, interazioni con il servizio clienti, servizi quali il portale garanzie, registrazione dell’account Stokke, iscrizione alla newsletter, interazioni con la newsletter, messaggi e attività di marketing quali promozioni e concorsi, e tutte le situazioni in cui richiediamo i vostri dati personali nell’ambito del nostro sito Web o delle nostre newsletter.

    Newsletter personalizzate:

    Nel nostro sito Web potete iscrivervi alla nostra newsletter. Per motivi di sicurezza, abbiamo scelto di avvalerci della procedura con doppio consenso esplicito. Tale procedura prevede che l’utente specifichi innanzitutto il proprio indirizzo e-mail nel campo dell’iscrizione, dando il consenso a ricevere la newsletter. In seguito, invieremo un link di conferma all’indirizzo e-mail fornito. L’indirizzo e-mail dell’utente verrà quindi aggiunto alla lista di distribuzione per l’invio della newsletter solo quando l’utente selezionerà il link di conferma. Se non desiderate più ricevere la newsletter, in ogni copia è riportato il link per annullare l’iscrizione. Facendo clic sul link revocate il consenso all’invio della newsletter, che pertanto non vi verrà più inviata.

    Se siete destinatari della newsletter, utilizziamo le informazioni seguenti per garantirvi l’invio di una newsletter personalizzata:

    • indirizzo e-mail
    • nome di battesimo
    • lingua di preferenza.

    Se siete clienti, vale a dire se avete acquistato un prodotto attraverso il sito stokke.com o avete registrato un prodotto sul portale garanzie, utilizziamo le informazioni seguenti per inviarvi una newsletter personalizzata:

    • indirizzo e-mail
    • nome di battesimo
    • lingua di preferenza
    • informazioni relative all’ordine
    • informazioni relative alla registrazione della garanzia.

    Inoltre, qualora ci abbiate fornito queste informazioni facoltative e abbiate indicato il vostro consenso esplicito al loro uso per l’invio di newsletter personalizzate, potremmo utilizzare a questo scopo le informazioni seguenti:

    • data presunta del parto
    • data del vostro compleanno
    • data del compleanno di vostro figlio
    • nome di vostro figlio.

    Se siete titolari di un account cliente Stokke, provvederemo anche al trattamento delle informazioni in esso memorizzate.

    Se avete indicato il vostro consenso esplicito all’uso dei cookie per finalità di marketing nel nostro sito Web, utilizzeremo anche queste informazioni allo scopo di inviarvi una newsletter personalizzata, per esempio per:

    • ricordarvi che il vostro carrello contiene degli articoli
    • offrirvi i vostri prodotti preferiti.

    Potete visualizzare la nostra informativa relativa ai cookie e gestire le relative preferenze dalla casella per il consenso all’uso dei cookie; il link alla casella è disponibile nel piè di pagina del nostro sito Web.

How do we collect your personal data?

How we collect

We collect your personal data in the following ways:

  • manually: eventi e fiere di marketing
  • electronically with the use of a web form: nel nostro sito Web e nella nostra newsletter
  • electronic tracking technologies: cookie e altre tecnologie di tracciamento quali pixel, tag di marketing e così via.
  • with: app di pagamento nei nostri negozi fisici.
From which source do we collect your personal data?

Source

We collect your personal data from the following sources:

  • directly from you: attraverso le nostre newsletter, il nostro sito Web ed eventi e fiere di marketing.

Whether you must provide personal data

These are the personal data you:

  • have permission to give us, and of your own free will give us (voluntary data): tutti i dati personali
What are our legal grounds for processing your personal data?

Regular and/or "sensitive" personal data

We process your:

  • regular personal data.
  • "sensitive" personal data.

Our legal ground for processing your regular personal data is:

  • un contratto di cui voi siete una parte contraente, e il vostro consenso.

    I dati personali che trattiamo in forza di tali fondamenti giuridici sono: Tutti i dati personali di cui alla sezione “Quali dati personali trattiamo, come e perché?”, ad eccezione della data presunta del parto.

The legal ground for our processing of your “sensitive” personal data is:

  • your explicit consent to the processing of personal data for the purposes that we specify.

    Personal data we process based on this legal ground is: Data presunta del parto

Do we perform automated decision-making and automated profiling?

Profiling

We use your personal data to automatically evaluate aspects of your personality.

This profiling:

  • can include analysis of your characteristics.
  • can include predictions of your behaviour.
  • are made solely by automated means are without a human influence.

No automated decision-making

We do not use your personal data to make automated decisions about you.

How long do we keep your personal data?

  • Storage limitation

    We limit the duration we store your personal data to what is necessary for our processing purposes.

Do we share your personal data?

Disclosure to recipients

We disclose your personal data to the following recipients: Potremmo rendere noti i vostri dati personali ai responsabili del trattamento dei dati. La divulgazione dei dati avviene unicamente se e per quanto necessario al fine di espletare le attività di elaborazione e per le finalità indicate alla sezione “Quali dati personali trattiamo, come e perché?” di cui sopra. Rendiamo noti i dati personali unicamente ai responsabili del trattamento dei dati e in conformità agli accordi in materia con essi stipulati. Al di fuori dei responsabili del trattamento dei dati e degli accordi di cui sopra, non rendiamo noti né divulghiamo a terzi i vostri dati personali.

Potremmo rendere noti i vostri dati personali a terzi ove richiesto dalle leggi vigenti in materia e/o da ordini emessi in tal senso dalle autorità o dai tribunali preposti.

Our legal grounds for disclosing your personal data to the recipients are:

  • il vostro consenso.
Do we transfer your personal data outside the EU or EEA?

Transfers to countries outside the EU and EEA

We transfer your personal data to:

  • countries outside the EU and EEA, or
  • an international organization.

The personal data are transferred to: Ogni eventuale trasferimento dei vostri dati personali avverrà unicamente ai sensi della Sezione 5 del Regolamento generale sulla protezione dei dati (GDPR). Qualora il trasferimento dei dati personali avvenga verso un Paese terzo non oggetto di una decisione di adeguatezza da parte della Commissione Europea (si veda l'art. 45 del GDPR), esso avrà luogo unicamente in presenza di adeguate garanzie, e con l'uso di norme vincolanti d'impresa o di clausole tipo di protezione dei dati (si veda l’art. 46, n. 2, lettere (b) e (c) del GDPR).

Per ulteriori informazioni circa il trasferimento dei dati personali ai sensi della presente informativa sulla privacy potete rivolgervi al nostro RPD.

Are your personal data secure?

Security

We secure your personal data:

  • with appropriate technical measures,
  • with appropriate organisational measures,
  • with an appropriate level of security,
  • against unauthorised processing,
  • against unlawful processing,
  • against accidental or unlawful loss,
  • against accidental or unlawful destruction, and
  • against accidental or unlawful damage. La nostra politica di sicurezza dei dati è disponibile all'indirizzo www.stokke.com

Measures to discover, document, contain security breaches

We have measures to:

  • discover security breaches.
  • document the cause of the security breaches.
  • document which personal data that are affected by the security breach.
  • document actions (and reasons for actions) to remedy the security breach.
  • contain the security breach.
  • recover personal data.
  • return to a normal state of processing personal data.

Actions when security breach is discovered

If we have a reasonable degree of certainty of a breach of the security of the processing of your personal data, then we will:

  • report the security breach to the management.
  • assign a person with responsibility to

    • assess whether the security breach can have unfavourable effects for you,
    • inform relevant persons in our organisation,
    • determine whether it is necessary to notify the Supervisory Authority of the security breach, and
    • determine whether it is necessary to communicate information about the security breach to you.
  • investigate the security breach.
  • seek to prevent that a breach of security leads to:

    • accidental or unlawful destruction of the personal data,
    • accidental or unlawful loss of control of the personal data,
    • accidental or unlawful loss of access to the personal data,
    • accidental or unlawful alteration of the personal data,
    • unauthorised disclosure of the personal data, or
    • unauthorised access to the personal data.
  • mitigate the immediate risk of a damage.
  • notify the Supervisory Authority about the security breach, if the personal data breach is likely to lead to a risk for your rights and freedoms.
  • notify you of the security breach

    • if the breach is likely to lead to a high risk for your rights and freedoms,
    • as soon as possible,
    • via appropriate contact channels, e.g. via email, SMS, prominent banners on our website, postal communications, prominent advertisements in media etc.

    We are not obliged to notify you directly if

    • we have taken measures that render your personal data unintelligible to any person who is not authorised to access them,
    • we immediately after the security breach took steps to ensure that the high risk to your rights and freedom no longer is likely to happen, or
    • it would involve disproportionate effort. In such a case, we will inform you via public channels.
What are your rights?

Promise to fulfil rights

You have specific legal rights relating to the personal data we collect from you.

We will respect your individual rights and will deal with your concerns adequately.

Where you have given consent for the processing of your personal data, you have the right to withdraw your consent at any moment.

Right to access

You may ask from us information regarding personal data that we hold about you, including:

  • information as to which categories of personal data we have in our possession or control,
  • what your personal data are being used for,
  • where we collect your personal data, if not from you directly, and
  • to whom your personal data have been disclosed, if applicable.

We will provide you with a copy of your personal data upon your request.

If you ask for further copies of your personal data, then we can charge you with a reasonable fee that we base on the administrative costs.

Right to rectification

You have the right to obtain from us rectification of your personal data, that are inaccurate or incomplete, in the latter case provided you supply the corrected or supplementary information.

Right to erasure

You have the right to request that we delete the personal data we process about you.

We must comply with this request if we process your personal data, and if:

  • the personal data is no longer necessary for the fulfilment of the purposes for which they have been collected;
  • you object to the processing based on our legitimate interest or withdraw your consent;
  • the personal data has been processed unlawfully;
  • the personal data must be deleted in order to observe a legal obligation incumbent on us.

We must not comply with this request your personal data is necessary:

  • for exercising the right of freedom of expression and information;
  • for compliance with a legal obligation that binds us;
  • for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes; or
  • for the establishment, exercise or defence of legal claims.

Right to restriction

You have the right to obtain from us restriction of processing of your personal data, if:

  • you contest the accuracy of your personal data, for the period we need to verify the accuracy,
  • the processing is unlawful and you request the restriction of processing rather than erasure of your personal data,
  • we no longer need your personal data but you require them for the establishment, exercise or defense of legal claims, or
  • you object to the processing while we verify whether our legitimate grounds override yours.

Right to object to direct marketing

You have the right to always object to the processing of your personal data for direct marketing that was based on our legitimate interest, regardless of any reason.

If the marketing was based on your consent, you can withdraw consent.

How can you exercise your rights?

Communication about rights available

We invite you to communicate with us about the exercise of your rights concerning the protection of your personal data.

Written requests

We only accept written requests since we cannot deal with verbal requests immediately without first:

  • analysing the content of the request, and
  • identifying you.

Describe right to exercise

Your request should contain a detailed, accurate description of which right you want to exercise.

Identification document

You must provide us with a copy of an identification document to confirm your identity, for example:

  • an ID card or
  • a passport.

The document should contain:

  • an identification number,
  • country of issue,
  • period of validity,
  • your name,
  • your address, and
  • your date of birth.

Any other data contained in the copy of the identification document such as a photo or any personal characteristics, may be masked out.

We will not accept other means of assuring your identity.

If you wish to propose alternatives, we will assess them on a case-by-case basis.

Our use of the information on your identification document:

  • is limited to verify your identity, and
  • will not be stored for longer than needed for this purpose.

Where send request

You can send your request that concerns the protection of your personal data to:

Answer to request

You receive our answer to your request that concerns the protection of your personal data at:

  • your postal address.
  • your email address.

Time to respond to request

We inform you of our handling of your request that we exercise your rights (regarding the protection of your personal) within:

  • a month of the reception of your request.
Do you have a right to complain?

Complain to a supervisory authority

You can lodge a complaint to a supervisory authority:

  • where you usually live in the EU and the EEA.
  • at the place of your work in the EU and the EEA.
  • at the place of the alleged infringement in the EU and the EEA.

The Supervisory Authority should within a reasonable period inform you of:

  • the progress of the complaint, and
  • the outcome of the complaint.

Mandate an organization to complain

You can mandate that an organization lodges a complaint on your behalf with a Supervisory Authority.

The Supervisory Authority should within a reasonable period inform you of:

  • the progress of the complaint, and
  • the outcome of the complaint.

Judicial remedy

You can seek a judicial remedy in the EU and the EEA against:

  • a controller,
  • a processor, and
  • a Supervisory Authority.

Mandate an organization to exercise your right

You can mandate that an organization exercises your right:

  • to a judicial remedy on your behalf.
  • to a compensation for a damage as a result of a breach of the law on the protection of the personal data on your behalf.
Can you choose your privacy settings?

Privacy settings

You can choose why and how we process your personal data in your privacy settings:

  • Nel vostro account Stokke potete modificare i dati ivi memorizzati.
  • Tutte le nostre newsletter presentano un link per annullare l’iscrizione e revocare il consenso all’invio della newsletter, nonché un collegamento al centro preferenze dal quale è possibile gestire le impostazioni relative al consenso,
  • Potete visualizzare la nostra informativa relativa ai cookie e gestire le relative preferenze dalla casella per il consenso all’uso dei cookie; il link alla casella è disponibile nel piè di pagina del nostro sito Web.
Are we certified and do we follow a code of conduct?

  • Self-assessment of correctness of this policy

    We self-assess that the:

    • attestations in this policy are true, and
    • assertions in this policy are true.