Toggle Nav
ext Worldwide Countries
My Cart
You are in Worldwide CountriesWorldwide Countries
Change Worldwide Countries Worldwide Countries
Search
Advanced Search
 

Privacy Policy

Loading...

Why am I receiving this notice and what do I have to know:
Freddy S.p.A., Data Controller exercising overall control over the processing of your personal data for the loyalty program, has decided to no longer manage the website www.freddy.com and to transfer it to the company Freddy UK.
Consequently, the loyalty program will be deactivated. However, we are sure that you would like to retain the points you have collected so far and therefore ask you if you want us to transfer them, along with your email, to the new Data Controller that will send you their policy on the processing of personal data.

1. Subject matter of the processing (processed data)
The following data is processed: email address connected with the loyalty program.
Provision of data is optional yet necessary to provide the service/fulfil the request. Failure to provide the said data will result in the impossibility to transfer any collected points to the new owner of the website that will acquire the data as independent Data Controller and will provide the relevant privacy policy.
Your data will be processed using digital means and will not be publicly disclosed.

2. Purposes of data processing and legal basis
Your data will be processed to allow for the performance of activities related to the setting up and management of the service requested to the Data Controller.
In particular, the processing is based on your consent to the transfer of data.
Your data will be processed lawfully, fairly, and with the utmost confidentiality, in compliance with the applicable safety measures as provided for by the Code and the Regulation.

3. Methods of data processing
Freddy S.p.A. will stop processing your personal data as soon as the transfer is complete, or any case, within 6 (six) months from receipt of this email.

4. Disclosure of data
For the purposes referred to in Art. 2 above, the Data Controller may disclose your personal data to subjects to whom such disclosure is required by law for the purposes of fulfilling legal obligations. 

5. Storage and transfer of data
Your data will be stored and managed on servers located inside and/or outside the European Union and owned by the Data Controller and/or third parties duly appointed as Data Processors. The Data Controller guarantees that should the data be transferred outside of the EU, the transfer of data will be carried out in compliance with the applicable legal provisions, and if necessary, by entering into agreements that ensure a suitable level of protection and/or implementing the standard contract terms set forth by the European Commission.

6. Rights of the Data Subject
In his/her capacity as Data Subject, the customer has the rights set forth in Art. 15 of the Regulation, namely:
1. The Data Subject has the right to obtain confirmation as to whether personal data concerning him/her exists or not, even if not yet recorded, and communication of the said data in intelligible form. 
2. Furthermore, the Data Subject has the right to receive information about: 
a) the source of personal data
b) the purposes and methods of processing
c) the logic applied in the case of processing with electronic tools 
d) the identity of Data Controller, Data Processors, and representative
e) the entities or categories of entities to which personal data may be disclosed or that may become aware of such data in their capacity as appointed Data Processors.
3. The Data Subject has the right to:
a) the updating, rectification, and integration of his/her personal data
b) the erasure, anonymization, or blocking of data when the processing thereof is unlawful, including of data the storage of which is not necessary for the purposes for which the data has been collected and processed
c) the assurance that the operations referred to in letters a) and b) above have been brought to the attention, also regarding their content, of the parties to whom the data has been transferred or disclosed, except in the case where such notification proves impossible or requires the use of means clearly disproportionate with respect to the right being protected.
4. The Data Subject has the right to object, in whole or in part:
a) for legitimate reasons, to the processing of personal data concerning him/her, even if relevant to the purposes of data collection
b) to the processing of personal data concerning him/her for purposes other than those provided for in Art. 2 above.
Pursuant to Art. 15 et seq. of the GDPR, the Data Subject has the right to request, at any time, access to his/her personal data, the rectification and erasure thereof, as well as the restriction of data processing in the cases provided for by Art. 18 of the GDPR, and to obtain the data concerning him/her in a structured, commonly used, and machine-readable format in the cases provided for by Art. 20 of the GDPR. Pursuant to Art. 7 of the GDPR, the Data Subject can withdraw his/her consent at any time, while pursuant to Art. 77 of the GDPR, the Data Subject can lodge a complaint with a supervisory authority if he/she considers that the processing infringes the legislation in force.
Pursuant to Art. 21 of the GDPR, the Data Subject may submit a request to stop the processing of his/her personal data giving evidence of the reasons for his/her objection. The Data Controller reserves the right to assess the request and to reject it should legitimate grounds exist to proceed with the processing that prevail on the interests, rights, and freedoms of the Data Subject.
The Data Subject can exercise the rights referred to above at any time by sending:
- a certified mail with return receipt to Freddy S.p.A. Via Santo Spirito, 14 - 20121 Milan (Italy)
- an email to [email protected]

7. Data Protection Officer
The Data Controller has appointed a Data Protection Officer who can be contacted at the following email address: [email protected]