Privacy Policy

A. Data Controllers:

Pursuant to Article 13 of Regulation (EU) 2016/679 “General Data Protection Regulation” (hereinafter, the “GDPR”):

  • DeanAndDanCaten (hereinafter, “D2”)
  • U.S. DIRECT E-COMMERCE LIMITED (hereinafter, “eShopWorld”)

This notice provides information regarding the collection, use, disclosure, and processing of your personal data via the www.deananddancaten.com website (hereinafter, the “Website”) and the DeanAndDanCaten mobile application (hereinafter, the “App”). Specifically:

  • D2 is the owner of the Website and the App, and the independent data controller for personal data processed for marketing and profiling purposes.
  • eShopWorld is the independent data controller for personal data processed for sales, billing, payment, and delivery purposes concerning products purchased via the Website and/or App.
  • D2 and eShopWorld are joint data controllers for the purposes of:
    • Registering users on the Website and/or App
    • Managing customer services and support services
    • Managing multichannel services

For more information about the personal data processed when browsing the Website and/or the App, please see paragraph I. For details about personal data processed using cookies and other similar tracking technologies, please refer to our Cookie Policy.

B. Data Protection Officer (DPO):

D2 has appointed a Data Protection Officer (hereinafter, the “DPO”).

C. Categories of Processed Data:

Depending on the purpose, the following personal data may be processed (this list is illustrative and not exhaustive):

  • Personal Information: First name, last name, date of birth, gender.
  • Contact Details: Telephone number, email address.
  • Authentication Data: Email address, password.
  • Shipping Information: Shipping address.
  • Billing Information and Tax Exemption Details: Billing address, first and last name, company name, tax code, VAT number, nationality, passport number.
  • Purchase Details: Items, size and color, price, sale date.
  • Customer Profile and Preferences: Shopping behavior information.
  • Navigation Data: Data collected during visits to the Website or App, including through cookies or other tracking technologies (for more information on data processing through these technologies, see the Cookie Policy).
  • Location Data (Store Locator Service): IP address.

D. Purpose and Legal Basis of Processing, and Data Retention Period:

D.1 Purposes Based on Legal Obligations (Art. 6, Paragraph 1(c) GDPR):

  1. Compliance with obligations established by laws, regulations, and EU provisions or by provisions issued by authorities or supervisory and control bodies related to or connected with the existing and/or future legal relationship.

The retention period for personal data related to the purposes mentioned in this section is ten years from the end of the contractual relationship. This period may be extended in case of legal disputes or legal provisions.

E. Transfer of Data Outside the European Union:

The Data Controller informs you that it intends to transfer the data subject’s data to countries outside the EU and EEA. These countries may not be considered by the European Commission as ensuring an adequate level of protection for personal data. Therefore, when we transfer your Personal Data outside the EU, we will adopt appropriate safeguarding measures in accordance with current EU and Italian legislation to ensure they are adequately protected.

In particular, your data may be transferred to Switzerland, in accordance with Article 45 of EU Regulation 2016/679, as a third country deemed adequate by the European Commission with decision 2000/518/EC of 26 July 2000, to the company DeanAndDanCaten, for the purposes set out above.

F. Data Subject Rights:

You can contact the Data Controllers to exercise your rights to access your data, request its deletion, correction of inaccurate data, completion of incomplete data, restriction of processing in the cases listed in Article 18 of the GDPR, and object to processing for reasons related to your particular situation when processing is based on the legitimate interests of the Data Controller.

In cases where processing is based on consent or a contract and is carried out with automated tools, you have the right to receive your data in a structured, commonly used, and machine-readable format, and, if technically feasible, to transmit it to another data controller without hindrance.

You have the right to withdraw consent at any time for marketing and/or profiling purposes, as well as to object to the processing of data for marketing purposes, including profiling related to direct marketing.

If you prefer, you can request to be contacted for such purposes exclusively through traditional methods and object only to receiving communications through automated means.

You also have the right to lodge a complaint with the supervisory authority in the Member State where you usually reside or work or in the State where the alleged infringement occurred.

G. Transmission of Navigation Data:

The IT systems and software procedures used to operate the Website or the App collect certain personal data during normal operation, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects but, by its nature, could allow users to be identified through processing and association with data held by third parties. Information that may be collected includes IP address, browser type or operating system used, URI (Uniform Resource Identifier) addresses, domain names, addresses of websites from which access was made or to which exit was made (referring/exit pages), time of the request to the server, method used, and information about the response received, other information about user navigation (see information on cookies), and other parameters related to the operating system and IT environment. These data could also be used to ascertain responsibility in case of hypothetical computer crimes against the Website or the App.