Privacy Policy

The Data Controller of this website is
Pulcranet S.r.l. (VAT no. 03094930363), Via Martiniana 325/B, 41126, Modena, with a DPO (Data Protection Officer) reachable at the following e-mail address: dpo@holyart.it
The company provides this information pursuant to Articles 12 and 13 of the new EU Regulation 2016/679 (commonly referred to as “GDPR”), and Legislative Decree 101/2018, describing the methods of processing personal data of users who consult this website accessible online at:
https://www.holyart.co.uk/blog/ (or in any case corresponding to the homepage of the Blog).

With regard to the privacy policy of the e-commerce site accessible from the Blog, please refer to the policy available at the following link: https://www.holyart.co.uk/privacy-policy
This policy is provided only for the aforementioned site and not for any other websites that may be accessed by the user via links.

Types of data processed.
i) Personal and contact data (Full name, e-mail address, phone number);
ii) Browsing data, IP address and site navigation, declared preferences (preferred product categories including data falling into the special categories of personal data as listed in Art. 9 GDPR, such as data indirectly related to religious belief).

Categories of data subjects.
Blog users.

Nature of processing.
Collection, registration, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, alignment or combination, restriction, erasure, or destruction.

Purpose of Data Processing.
User data is collected to allow the Data Controller to provide its services, as well as for the following purposes: Social Applications, Interaction with social networks and external platforms, Advertising, Statistics, Address management and e-mail message sending, Commercial affiliation, RSS feed management, Contacting the user, Payment processing, Infrastructure monitoring, Displaying content from external platforms, and Content commenting.

Legal basis.
Processing is carried out according to the lawful bases defined by Art. 6 GDPR, in connection with the relationship established with the Controller. Therefore, the legal basis for processing the type of data referred to in point (i) above, as required under Art. 13(c) GDPR, lies in the reasons for which the relationship with the Controller is established, and specifically in relation to browsing this Site and/or completing the relevant contact form and related requests for information or services. Legal basis:
a) consent of the data subject (Art. 6(1)(a) GDPR) (marketing, profiling via cookies);
b) performance of a contract (Art. 6(1)(b) GDPR) (purchases);
c) compliance with a legal obligation to which the controller is subject (Art. 6(1)(c) GDPR) (e.g. invoicing);
d) legitimate interest of the controller (Art. 6(1)(f) GDPR) (soft spam and/or platform protection and controller’s protection).

Processing methods.
Data processing will be carried out on paper and/or electronically by specifically authorized individuals. No processing is carried out through automated decision-making processes. Providing data is optional, however, failure to do so may make it impossible to perform the requested service. Some browsing data (refer to our cookie policy) are acquired automatically by the system. The data provided to the Controller may be processed for: management, organization, use, storage, database creation, processing within the EU and outside the EU (countries falling within the scope of Articles 45 and 46 GDPR), statistics, communication to partners with whom initiatives will be developed – such partners will be appointed as external processors under Art. 28 GDPR, joint controllers, or independent controllers where data is communicated directly. Processing also includes communication of future initiatives and sending of promotional material.

Rights of data subjects.
The Controller informs you that the following rights are guaranteed:
the right to rectification (Art. 16 GDPR), the right to erasure (Art. 17 GDPR), the right to restriction of processing (Art. 18 GDPR), and the right of access to personal data and all consequential information as listed under Art. 15 GDPR. Data subjects also have the right to:

1. Request access, rectification, or erasure of their personal data, or restriction of processing; 
2. Object to processing; 
3. Data portability pursuant to Art. 20 GDPR; 
4. Where processing is based on Art. 6(1)(a) or Art. 9(2)(a), withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal; 
5. Lodge a complaint with a supervisory authority. 

To exercise the above rights or request further information, simply send an email to: info@holyart.it, with the subject “exercise of rights under GDPR”, specifying the right you wish to exercise, along with your full name and e-mail address for the response. The Controller will process your request and respond within the time limits set by Art. 12 GDPR.

In particular cases, the Controller provides specific policies with related consents to allow data processing. Additionally, the Controller notifies that if it intends to further process personal data for a purpose other than that for which they were collected, it will provide the data subject with information about the new purpose and any other relevant details before such further processing, and obtain consent where applicable.

Data Retention.
Personal data will be kept for as long as necessary to fulfill the purposes for which it was collected. The retention period depends on the purposes of processing and therefore may vary, i.e., for the entire period during which the data subject is a customer and for 5 years thereafter unless explicit consent is given to extend the retention. Personal data necessary for fulfilling legal and tax obligations will be retained accordingly, respecting legal retention periods and for potential legal defense of the controller.

Cookies
A cookie is a small text file placed on a user’s device by a website. Cookies uniquely identify the browser of the user. Cookies do not damage the computer and do not contain viruses. Cookies serve to streamline web traffic analysis or indicate when a particular site is visited, and allow web applications to send information to individual users.
The user can manually delete cookies from their device or enable automatic deletion when the installed browser is closed.
For more information, we recommend consulting our cookie policy.

Newsletter and Marketing.
During the data retention period, the Controller reserves the right, based on legitimate interest as the legal basis for processing, to send soft commercial offers, or to send marketing communications where consent has been given.

Copyright
All content on this website is protected by copyright and intellectual property law. Reproduction, even partial, in any form is prohibited. The Controller does not grant any license regarding copyrights, patents, or any other intellectual property rights.

Liability
The material and information on the site may be subject to changes or updates without notice by the Controller.

Application of the regulations
The Controller regularly updates this policy and, in general, its privacy compliance, aligning with newly issued provisions. For questions or concerns about these privacy rules, feel free to contact us at: info@holyart.it

Complaints
We respond to users who submit formal written questions and/or complaints to this address: info@holyart.it to further investigate the reported issue. We are committed to cooperating with the relevant authorities to resolve any complaints about personal data processing that cannot be resolved directly between the Controller and individual users.