PRIVACY POLICY

This Privacy Policy (“Privacy Policy”) describes how your personal information and data are collected from you when you use this online website, mobile website, application, digital service, or any related products, services, sites, features or functionality (each a “ Service”, collectively the “Services”) and how MIRTA (“MIRTA”, “the company”, “we”, “us”, or “our”), property of AILATI TECHNOLOGY S.R.L., uses, shares and manages your information and data. By using any of the Services, you consent to the collection, use, processing, and sharing of your information as described in this Privacy Policy.

1. Our Privacy Principles

We are committed to recognizing and respecting your privacy rights by keeping you informed and processing and protecting your personal data in compliance with applicable law.

Effective May 25th, 2018, our processing of your personal data will comply with the European Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016, known as the General Data Protection Regulation (“GDPR”).

As required by the General Data Protection Regulation of the European Union (GDPR 2016/679, Article 13), before proceeding with processing, the interested party (User of the website www.mirta.com) is informed that personal data collected through the website are subject to processing by the Company through IT and/or telematic tools, for the purposes indicated in this policy.

To this end, the User is presented with the Privacy Policy prepared by MIRTA, creator and promoter of the activities available on the website www.mirta.com (“Site”). This Privacy Policy only addresses Mirta’s practices regarding information collected from visitors of the Site and only addresses information collected directly through or from the Site – it does not address or govern any information-gathering, use, or dissemination practices related to information collected from you other than directly through or from the Site.

By using the Site, you consent to the collection and use of Personal Information by Mirta as stated in this Privacy Policy. You are also requested to read the "Terms and Conditions" of Mirta, which contain detailed information regarding the conditions of our services. Some services may be subject to specific legal terms, in which case we will provide you with all the relevant information from time to time.

2. Data Controller

The Data Controller for personal data is AILATI TECHNOLOGY S.R.L. with a registered office in Via Palermo, 1 - 20121, Milano, Italia; Partita IVA (Tax ID): 10662620961.

For any clarification, question, or requirement related to your privacy and the processing of your personal data you can contact us at any time by writing to: hello@mirta.com or to the address of our DPO: lorusso@legalelorusso.it

3. Information and data we collect from you

The personal data that MIRTA collects are:

  • Data you give us, when finalizing an order and purchasing goods or registering to our website,

  • Data we receive from other accounts or sources

  • Data we collect as you browse or use the services offered by www.mirta.com.

When you visit the Site, we automatically collect certain information about your device and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information”. These data may include your:

  • Device Registration Data (for example, the type of mobile device you use, your mobile device’s unique device or advertising ID, IP address, operating system, and browser type),

  • Device Settings (for example, your language preference)

  • Mobile Carrier

  • Information about how you use the Services (for example, how many times you use the Services each day)

  • Requested and Referring URLs

  • Location Data collected through your Device(including, for example, precise location data such as GPS and WiFi information)

We collect Device Information using the following technologies:

  • “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit www.allaboutcookies.org.

  • “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.

  • "Advanced matching" capture the hashed customer data (ex: email addresses) you leave on our website during processes like checkout, account sign-in, or registration. For more information about advanced matching please refer to https://www.facebook.com/privacy/explanation

  • “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you browse the Site.

Additionally when you make a purchase or attempt to make a purchase through the Site or when you register with an account on MIRTA, we collect certain information that you directly and voluntarily provide to us, including your name, email address, billing address, shipping address, payment information (including e.g. credit card numbers), email address, phone number, interests, user name, password, and other registration information. We refer to this information as “Order Information”.

If you are a registered user you may also be able to adjust your account settings through your user account. We note that, even if you adjust your settings so that your user profile remains private, we will still be able to access and view the information you provide as part of your user profile. If you post information on public areas of the Services, that data may be collected and used by us, other users of the Services, and the public generally, such as reviews, comments, and user content. We strongly recommend that you do not post any information through the Services that allows strangers to identify or locate you or that you otherwise do not want to share with the public. Additionally, we can receive information about you from other sources, such as from your other accounts or other websites, including data brokers, social media providers like Facebook and Twitter, advertising networks and analytics partners, and payment and delivery service providers. We refer to this information as “Account Information”.

By logging in to our mobile applications via Facebook or Twitter, or linking your account on our Website to your Facebook or Twitter accounts, you are giving us permission to obtain certain information and content from these accounts. The specific types of information that we may obtain depends on your settings for that account or website, and will be subject to their privacy policies.

We supplement the data you provide to us with data from data append services such as public or social graph data in order to better serve you with content or promotions. We will append this data to our existing customer account information to better understand customers’ interests and to provide more relevant product recommendations and advertising, to increase our customer’s security when using our Website, and to comply with our legal obligations, such as sanctions laws. This information may include household size, household income, or profession. This information can be associated with your personal information such as name, email, address, physical address, or phone number.

When we talk about “Personal Information” in this Privacy Policy, we are talking both about Device Information, Order Information, and Account Information.

4. Use of your personal information

The personal data provided when browsing the website www.mirta.com are processed in accordance with the current regulations for the protection of personal data.

We use the Personal Information that we collect for the purposes stated below, when in line with the preferences you have shared with us:

Improving the Services, Providing Support, and Communicating With You: We and our service providers may use the data you provide or that is collected through the Services to operate and improve the Services, our other sites, applications, products, and services, to contact you from time to time to provide you with important information and notices relating to the Services, to manage your requests to our Customer Service, and to communicate with you about marketing promotions. In general, we may use the data to improve and optimize our Site, for example by generating analytics about how you browse and interact with the Site, and to assess the success of our marketing and advertising campaigns.

Managing our loyalty program: We collect your Name; Email; Phone Number; Addresses; Date of Birth; Purchase history; Browsing history and behaviour; Device Information; Shopping preferences; Nickname; Cookie identifiers; Internal identifiers; Country. The legal basis is your consent.

Advertising and Third Party Content and Links: The Services may be supported through advertising, and we may work with advertisers and advertising networks to provide advertising through the Services. We may provide these advertisers and advertising networks with the ability to collect data about how you interact with the Services and, if applicable, your mobile device. This data may include the unique device or advertising identifier associated with your device and your precise location data, in order to help analyze and serve targeted advertising on the Services and elsewhere (including third-party sites and applications). In addition, the Services may include third-party content and links to other third-party websites. These advertisers, advertising networks, and third parties may use cookies, pixels, and web beacons to track the actions of users online over time and across different websites or platforms in order to deliver targeted electronic advertisements to an individual user. You can opt-out of targeted advertising by using the links below:

  • Facebook: https://www.facebook.com/settings/?tab=ads

  • Google: https://www.google.com/settings/ads/anonymous

We do not have access to or control over cookies, pixels, or web beacons that third-party websites or partners may use. We are not responsible for the privacy practices or the content of these third-party websites. You are encouraged to review the privacy policies of the different websites that you visit.

If you access the Services through a browser, your browser may allow you to adjust your browser settings so that “Do Not Track” requests are sent to the websites that you visit. However, we will not disable tracking technology that may be active on the Services in response to any Do Not Track requests that we receive from your browser. You can change your privacy preferences regarding the use of cookies and other similar technologies through your browser. You may set your browser to accept all cookies, block certain cookies, require our consent before a cookie is placed in your browser, or block all cookies. Blocking all cookies will affect your online experience and may prevent you from enjoying the full features offered through the Services.

Only after your express and explicit consent, the personal data you provided may be processed for profiling activities, or analysis of your preferences aimed at creating personalized content and offers.

Analytics Services: We may also work with third-party analytics companies to help us understand how the Services are being used, such as data collection, reporting, ad response measurement, website, and mobile application analytics, and to assist with delivery of relevant marketing messages and advertisements.

We may use Google Analytics, an analytics service provided by Google, or other third-party analytics services providers (“ Analytics Services”) to collect information about your use of the Services. These Analytics Services may collect information about the content you view and your system information and geographic information. The information generated by the Analytics Services about your use of the Services will be transmitted to and stored by the Analytics Services. The information collected by the Analytics Services allows us to analyze your use of the Services.

We encourage you to review your device and Services settings to ensure they are consistent with your preferences, including with respect to the collection and use of information. You may be able to stop further collection of certain data by the Services by updating your applicable device settings, or you may uninstall the Services. In addition, you may choose not to share your location details by adjusting your mobile device’s location services settings. For instructions on changing the relevant settings, please contact your service provider/carrier or device manufacturer.

Purchases and Payment Processors: The personal data you provide will be used for the establishment, management, execution and/or conclusion of the online sales contract. The data you provide will be processed for the purpose of managing the purchase order with reference to, for example, payment, shipment, management of returns, customer support, administrative and accounting purposes related to the management of the order and the fulfillment of obligations under the current legislation.

If you make a purchase through the Services, you may be able to pay using a third-party payment service, such as Stripe or other third-party payment services. All information collected by these third-party payment services for purposes of processing your payments is not available to us, unless you have otherwise provided this information to us in connection with your use of the Services. Information collected from you by these third-party payment services is governed by the applicable third-party payment service’s privacy policy. You should review the applicable privacy policy prior to submitting any information to the applicable third-party payment service. When you place an order through the Site, we will maintain your Order Information for our records unless and until you ask us to delete this information.

We use the Device Information that we collect to help us screen for potential risk and fraud (in particular, your IP address). In case of payment by credit card, the fundamental information for the execution of the transaction (credit/debit card number, expiration date, security code) will be processed by Stripe or, possibly, by companies in charge of the anti-fraud control using an encrypted protocol and without any third parties being able to access it in any way. This information will never be displayed or stored by the seller MIRTA.

Promotions, Sweepstakes, and Contests: From time to time, we may host a promotion, sweepstakes, or content on the Services. You may be asked to provide personal information or permit the transfer of your personal information to a third party in connection with such promotion, sweepstakes or content. The parties who privacy policy applies will be disclosed at point of collection or transfer and you will have a choice of whether or not you wish to permit such transfer or collection of information to a third party.

If you wish to unsubscribe from receiving marketing communications from us by email, please follow the instructions contained in each email you receive from us describing how you can unsubscribe from receiving further marketing communications from us. If you are a registered user you may also be able to adjust your email settings by logging in to your account and adjusting your account settings.

Social Media and Sharing: The Services may use social networking or “share functionality” or may contain links to third-party social media sites or applications that are not owned or controlled by us. We also may allow you to use social media sites or applications to leverage your existing social media site or application accounts to access features of the Services. Your use of these features may result in the collection or sharing of information about you by these sites or applications, depending on the feature.

We have no control over, and assume no responsibility for, any share functionality or the content, privacy policies, or practices of any third-party site or application. We encourage you to review the privacy policies and settings on the social media sites or applications with which you interact to make sure you understand the information that may be collected, used, and shared by those sites. You are subject to the policies of those third parties when and where applicable.

5. Sharing your personal Information

The data collected will not be disseminated in any way, but will be treated within the limits and for the purposes described by the employees of the Company on the basis of appropriate operating instructions (for example, administrative, commercial, marketing, legal personnel, system administrators, etc.). Some data processing may also be performed by third parties (for example Google Analytics), appointed as External Data Processors for processing, of which MIRTA relies on or could be used in the management of the contractual relationship, the provision of services offered, and organizational needs of its activities. We share your Personal Information with third parties to help us use your Personal Information, as described above. We may also share your Personal Information to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights.

In particular, we may share the information you provide or that we collect in some circumstances as follows:

With Advertisers: We may share your information with advertisers, third-party advertising networks, and analytics companies who may use it to deliver targeted advertisements to you on the Services or third-party websites or advertisers. Similarly, these advertisers may share information with us about you that they have independently gathered or acquired. We may also share encrypted versions of information we have collected in order to enable our advertising partners to perform data analysis or for advertising-related use.

With Our Partner Programs: If you are directed to the Services through a third party, we may share certain information back with that third party, which may include information such as name, email, and value of purchase depending on the type of relationship or Services utilized.

For Marketing Campaigns: From time to time we may disclose certain information (name, mailing address, and non-sensitive transactional information such as your purchase history, amounts paid and products ordered) to marketing companies for trade or rental purposes. If you prefer to opt-out of the use of your personal information by marketing companies for trade or rental purposes, please let us know at hello@mirta.com

With Our Service Providers: We may share your information with our service providers who work on our behalf. For example, these service providers may handle payment or credit card processing, data management, customer data pooling or aggregating, feature administration, email distribution, market research, information analysis, shipping and logistics, and promotions management. These service providers will only have access to the information needed to perform these limited functions on our behalf.

As Required By Law or to Protect Rights and to Comply with Our Policies: To the extent permitted by law, we will disclose your information to government authorities or third parties, including national security or law enforcement agencies, if required to do so by law, or if requested in response to a subpoena or court order, we believe in our sole and absolute discretion that disclosure is reasonably necessary to protect against fraud, to protect the property or other rights of us or other users, third parties or the public at large, or we believe that you have abused the Services by using it to attack other systems or to gain unauthorized access to any other system, to engage in spamming or otherwise to violate applicable laws or in violation of our Terms of Service. You should be aware that, following disclosure to any third party, your information may be accessible by others to the extent permitted or required by applicable law.

The management and storage of Personal Data will be carried out on servers and/or third-party companies duly appointed as External Data Processors. Your personal data may be transferred abroad, in accordance with the provisions of current legislation, even in countries outside the European Union. The transfer to countries outside the EU, in addition to cases in which this is guaranteed by an Adequacy Decisions by the Commission, is carried out in such a way as to provide appropriate and opportune guarantees pursuant to Articles 46, 47 or 49 of the Regulation.

The updated list of External Data Processors and other persons authorized to process the data is available to the interested party, following a request sent via email to hello@mirta.com.

6. Rights of Interested Party

As the interested party, you may exercise, at any time, the rights provided to you in Articles 15, 16, 17, 18, 20, and 21 of the GDPR which, in particular, confer the rights to:

  1. Obtain from the Data Controller, pursuant to Article 15, confirmation of the existence or not of personal data being processed and, in this case, obtain access to the data and information such as: (i) the purposes of the processing; (ii) the categories of personal data; (iii) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients located in Third Countries or International Organizations; (iv) when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period;

  2. Obtain from the Data Controller, pursuant to Article 16, the correction of inaccurate personal data without undue delay; taking into account the purposes of the processing, the data subject has the right to have incomplete personal data completed, by providing an additional declaration;

  3. Obtain from the Data Controller, pursuant to Article 17, the deletion of their personal data without undue delay. The Owner has the obligation to cancel, without undue delay, personal data if there is one of the reasons indicated in paragraph 1 of Article 17;

  4. Obtain from the Data Controller, pursuant to Article 18, restriction of processing when one of the hypotheses governed by paragraph 1 of Article 18 occurs;

  5. Obtain from the Data Controller, pursuant to Article 20, the portability of data or to receive in a structured, commonly used and machine-readable format, their personal data provided to a Data Controller. The Data Subject also has the right to transmit such data to another Data Controller without impediments by the first Data Controller to whom it has provided them, if the conditions indicated in Article 20 paragraph 1 are met. Finally, the Data Subject has the right to obtain the direct transmission of personal data from one Data Controller to another, if technically feasible;

  6. Object to, in whole or in part, pursuant to Article 21, the processing of their personal data.

To exercise these rights, you can send your request to hello@mirta.com.

It should also be noted that you have the right to revoke the consent at any time without prejudice to the lawfulness of the processing based on the consent given prior to the revocation, without prejudice to the consequences indicated above regarding a refusal to provide such personal data. You also have the right to lodge a complaint with a Control Authority.

You can make requests regarding these rights by sending an email to hello@mirta.com.

MIRTA will respond to requests made by the interested party within one month, except in cases of particular complexity, for which it may take up to a maximum of three months. In any case, MIRTA will provide the interested party with the reason for the delayed response within one month of the request. The outcome of the request will be provided in writing or in electronic format. In case of request for rectification, cancellation and limitation of processing, MIRTA will communicate the results of the requests received to each of the recipients of their data, unless this proves impossible or involves a disproportionate effort.

The Company specifies that a contribution may be requested from the Interested Party if the applications manifest to be unfounded, excessive or repetitive; in this regard, MIRTA will provide a register to track the requests for intervention.

7. Cookies

We use technology such as "cookies" to collect information and store your online preferences. Cookies are small pieces of information sent by a web server to a web browser, which allows the server to uniquely identify the browser on each page.

We use the following categories of cookies on our Site:

CATEGORY 1 - STRICTLY NECESSARY COOKIES: These cookies are essential in order to enable you to move around the website and use its features. Without these cookies, services you have asked for such as remembering your login details or shopping basket items cannot be provided.

CATEGORY 2 - PERFORMANCE COOKIES: These cookies collect anonymous information on how you use our Website. For example, we use Google Analytics cookies to help us understand how customers arrive at our site, browse or use our site and highlight areas where we can improve areas such as navigation, shopping experience and marketing campaigns. The data stored by these cookies does not show personal details from which your individual identity can be established. You may opt-in to these cookies using your browser settings..

CATEGORY 3 - FUNCTIONALITY COOKIES: These cookies remember choices you make such as the country you visit our website from, language and search parameters such as size, colour or product line. These can then be used to provide you with an experience more appropriate to your selections and to make the visits more tailored and pleasant. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites. You may opt in to these cookies using your browser settings.

CATEGORY 4 - TARGETING COOKIES OR ADVERTISING COOKIES: These cookies collect information about your browsing habits in order to make advertising more relevant to you and your interests. They are also used to limit the number of times you see an advert as well as help measure the effectiveness of an advertising campaign. The cookies are usually placed by third party advertising networks. They remember the websites you visit and that information is shared with other parties such as advertisers. For example, we use third party companies to provide you with more personalised adverts when visiting other websites. You may opt-in to these cookies using your browser settings.

CATEGORY 5 - SOCIAL MEDIA COOKIES: These cookies allow you to share what you’ve been doing on the website on social media such as Facebook and Twitter. Please refer to the respective privacy policies for how their cookies work. If you want to delete any cookies that are already on your computer, please refer to the help and support area on your Internet browser for instructions on how to locate the file or directory that stores cookies. Information on deleting or controlling cookies is available at www.AboutCookies.org. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our Website.

You can withdraw your consent to these cookies at any time through the following options:

  • Google Analytics cookies across all websites, please visit Google Analytics Opt-out Browser Add-on

  • Other third-party cookies relating to behavioral advertising, please go to www.youronlinechoices.eu

  • Any other type of cookies, you can clean cookies through your browser settings.

8. Manage Cookies

You can block cookies by activating the setting on your browser that allows to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies you may not be able to access all important parts. To opt-out of being tracked visit http://optout.networkadvertising.org/?c=1 

Cookies are blocked by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies as soon as you visit our site.

To opt out of being tracked by Google Analytics across all websites visit http://tools.google.com/dlpage/gaoptout

Please note that refusing cookies does not mean you will no longer receive online advertising. It does mean that the company or companies from which you opted out will no longer deliver adverts tailored to your web preferences and usage patterns, so you may see a greater number of adverts that are irrelevant to you and your preferences.

9. Age of consent

By using this site, you represent that you are at least the age of majority in your state or province of residence, or that you are the age of majority in your state or province of residence and you have given us your consent to allow any of your minor dependents to use this site. We do not knowingly collect or distribute personal information from or about people under the age of majority. If a parent or guardian becomes aware that his or her child has provided us with information without their consent, he or she should contact us hello@mirta.com

10. Security Measures

We provide industry-standard physical, electronic, and procedural safeguards to protect personal data we process and maintain. For example, we take reasonable measures to limit access to this data to authorized employees and contractors who need to know that information in order to operate, develop or improve our Services. Please be aware that, although we endeavor to provide reasonable security for data we process and maintain, no security system can prevent all potential security breaches. As a result, we cannot guarantee or warrant the security of any information you transmit on or through the Services and you do so at your own risk.

11. Privacy Policy changes

MIRTA reserves the right to make changes to this Privacy Policy at any time by giving notice to users on the website www.mirta.com. Therefore, please consult this page often, referring to the date of last modification indicated at the bottom of the policy. In case of non-acceptance of the changes made to this Privacy Policy, you may require MIRTA to delete their personal data. Unless otherwise specified, the previous Privacy Policy will continue to apply to personal data collected until then.

12. Contact us

For more information about our privacy practices, if you have questions, or if you would like to make a complaint, please contact us by e‑mail at hello@mirta.com, to the address of our DPO lorusso@legalelorusso.it, or by mail using the details provided below:

AILATI TECHNOLOGY S.R.L.

via Palermo 1

20121 Milano MI, Italy