PRIVACY POLICY

1. WHO IS THE DATA CONTROLLER

The owner of your personal data is Benetton Group Srl, with headquarters in Via Villa Minelli 1, 31050 Ponzano Veneto (TV), Italy, benettongroup@legalmail.it. Benetton Group Srl owns websites benetton.com, inside.benetton.com, sisley.com, familycard.benetton.com, blackcard.sisley.com, benettongroup.com (hereinafter “Digital Properties”).

You can contact the Data Controller in writing at the above address.

You can also contact the Benetton Group Srl Data Protection Officer directly at the e-mail address rpd@benetton.it, or by writing to the following address: Data Protection Manager, at Benetton Group S.r.l., via Villa Minelli 1, 31050 Ponzano Veneto (TV), Italy.

2. TYPE OF DATA

Depending on the products, services or functions of the platform you wish to use on each occasion, as indicated above, certain data may be necessary rather than others.

In general, the data being processed can be:

  • user identification data (e.g. first name, last name, date of birth, language and country from which you are operating, etc.);
  • contact data (e.g. email address, phone number, home address...)
  • transaction data (e.g. your payment or card details, information concerning your purchases, orders, returns, etc.);
  • connection, geo-location and navigation data (if, for example, IP address, mobile app, cookie or similar technologies);
  • commercial data (e.g., loyalty program subscription, newsletter subscription),
  • tastes and preferences data.

Depending on the services and/or functionalities requested, some data may be required mandatorily as they are needed for providing the service or product you require or in order to allow you to access that function.

Therefore, these data are necessary for correctly fulfilling our obligations under the contract, or necessary for complying with obligations which arise from applicable legal or regulatory provisions.

Failure to enter these data may result in the inability to complete your registration as a user or the inability to receive such services or products or to benefit from the functionality required.

3. PURPOSE OF PROCESSING, LEGAL BASIS AND RETENTION PERIOD

Below we indicate the processing purposes, the legal basis on which the data are processed and for how long they are retained, based on the types of services and/or functions requested.

PURPOSES DESCRIPTION OF THE PURPOSES LEGAL BASIS RETENTION TIME

Management of the registration as user of the Digital Properties.

Should you decide to register on the Benetton/Sisley website, some of your personal data will be processed in order to identify you as a user and to authorise you to access its various functions and services. Terms and conditions governing the use of the website (Art. 6.1.b GDPR) Until the customer requests account cancellation or after 10 years if no transactions are made in the last 24 months.
Fulfilment and execution of the contract for the purchase of goods and/or services

Personal data are subject to processing in the following cases:

  • Payment management
  • Returns management
  • Management of requests for information concerning the availability of articles, booking products
  • Provision of services such as, for example, product customisation
  • Use of vouchers, coupons, discount vouchers and/or gift cards
  • Provision of sales documents and/or invoices relating to transactions carried out
  • Activation of mechanisms to control and avoid potential scams during the purchase operation
  • Contacting the consumer for updates or information notices concerning the features, products and services purchased
(Art. 6.1.b GDPR) Personal data is kept for up to 10 years from the last transaction. Transaction data is kept for up to 24 months after the purchase.
Fulfilments related to joining the loyalty program Your personal data will be processed to award loyalty points, rewards and to allow you to take advantage of the various benefits associated with the loyalty program. (Loyalty Program Regulation) (Art. 6.1.b GDPR) Personal data is normally kept for the entire duration of the loyalty program. In any case, data is erased after 10 years if no purchase transactions are made the last 24 months. Transaction data is kept for up to 24 months after the purchase.
Processing of requests received through customer service channels Your personal data will be processed to handle inquiries, to process complaints and product warranties, to provide technical support through e-mail, telephone calls and social media. Legitimate interest (Art. 6.1.f GDPR) For the time strictly necessary for managing the requests (and in any case not beyond two years from the date of receipt of the request).
Marketing purposes

We will process your personal data to manage your subscription to the newsletter and to send you personalised information about our products or services, using various means of electronic communication (e.g., e-mail or SMS). In addition, we may also send you such newsletters and communications via push notifications, if this service is activated on your mobile device.
You can unsubscribe from the Newsletter at any time through:

  • The specific link at the bottom of each newsletter;
  • The specific link indicated in the My Area.
  • A request to the Contact Centre.

In order to stop receiving push notifications, you can deactivate this function on your mobile device.
To carry out promotional actions (for example, to implement contests or to forward your list of saved items to the e-mail address you specify).

With your express consent, to disseminate publicly shared photos or images on the Platform or on social networks through our channels.
Consent (Art. 6.1.a GDPR) 24 months from marketing consent or from the date of the last interaction with the Owner. (in fact, our commercial emails incorporate a tracking feature with which each email opening updates the Marketing consent date you provided when registering for our services. The marketing consent will not be updated if the applicant is unsubscribed with a date prior to the opening of the email.)
Profiling purposes We will use data concerning your web browsing behaviour, social iteration and transaction data to define consumer clusters in order to improve communications and the offer of products and services dedicated to you. Consent (Art. 6.1.a GDPR) 24 months
Analysis of the use of platforms and services in order to improve the user experience and the offer When you access our digital properties, we inform you that your navigation and interaction data with social channels will be processed for analytical and statistical purposes, i.e. to understand how users interact with our Platform and to enable us to improve it. Consent (Art. 6.1.a GDPR) or Legitimate interest (Art. 6.1.f GDPR) Until the browsing data is made anonymous as stated in the cookie information in the cookie bar.
Analysis of some aggregate data and performance data in order to improve the commercial offer to the general public Exclusively for subjects registered with digital properties or loyalty card holders, a series of attributes are used in aggregate mode aimed at understanding the trends and the main interactions with the company. Legitimate interest (Art. 6.1.f GDPR) 24 months


4. SHARING INFORMATION WITH OTHER PARTIES

For the purposes indicated in this information notice, your personal data may be communicated to other companies controlled by the Data Controller or to third parties who work in collaboration with the Data Controller in the provision of services, duly appointed as data processors or persons in charge of processing. These include:

  • a) Franchise partners.
  • b) Financial institutions and companies specialising in online payments and in the detection and prevention of frauds and scams.
  • c) Technology service providers.
  • d) Suppliers and collaborators of logistics, transport and delivery services.
  • e) Providers of services related to customer service.
  • f) Providers, collaborators and partners of marketing and advertising services.


Furthermore, for all the purposes indicated in the information notice, your data may also be transmitted abroad, inside or outside the European Union, in compliance with the rights and guarantees provided for by current legislation and subject to verification of the adequacy of the level of protection ensured by the Third Country.

Finally, your data will be processed by adequately trained personnel within the Data Controller’s offices, who operate as authorised personnel for the processing of personal data.

5. DATA SUBJECT RIGHTS

We wish to inform you that you have the right to ask the Data Controller for access to your personal data and to rectify these if inaccurate, to cancel or limit processing if the conditions are met, or to oppose their processing for legitimate interests pursued by our Company, and to obtain the portability of the data provided, only if subject to automated processing based on your consent or on the contract.

You also have the right to revoke the consent given for the purposes of processing which require it, without prejudice to the lawfulness of the processing carried out until the time of revocation.

Pursuant to article 17 of the GDPR, your personal information will be deleted, otherwise you can ask for a full deletion by contacting us at rpd@benetton.it.

You may exercise these rights by contacting the Data Controller at the addresses listed in point 1, indicating the reason for your request and the right you intend to exercise. If deemed necessary for identification purposes, we may ask you to provide us with a copy of a document which certifies your identity.

Please note that if you have registered for the services as a user, you may also access the appropriate section of your personal data in your account for any change or update. In any case, please note that by actively providing us with your personal data by any means, you guarantee its truthfulness and accuracy and undertake to notify us of any change. Any loss or damages caused to the Controller or to a third party due to incorrect, inaccurate or incomplete information contained in the registration forms, will be the sole responsibility of the user. In general, you are only required to provide us with your personal data, not the data of third parties, without prejudice to the provisions of the privacy and cookie policy.

We also inform you that you have the right to lodge a complaint with the Data Protection Supervisor (https://www.garanteprivacy.it/en) for the protection of personal data.

6. CHANGES TO THE POLICY

When deemed appropriate, we may modify the information contained in this statement. In this case, we will notify you in various ways (for example, by posting on websites, newsletters, with a banner, pop-up or push notification) or by forwarding a specific e-mail if the change affects the purposes for which the data were collected, so that you can view the changes, make your assessments and, where appropriate, oppose or terminate any services or functions.

7. INFORMATION ON COOKIES

We use cookies and similar devices to help you navigate the Benetton group websites, to analyse how you interact with us and, in certain cases, to send you advertisements based on your browsing habits. Please read our cookie policy carefully for further information concerning cookies and the similar devices we use, their purpose and other relevant information.