Privacy Policy

Privacy Policy – Newsletter

Ipermela Store srl, owner of the Ultra Experience brand, with registered office in Via del Terziario, 28 – 36016 Thiene (VI) – P. IVA and CF 03850010244 (hereinafter, “Owner”), owner of the website https://ultraexperience. it (hereinafter, the “Site”), as the owner of the processing of personal data of the users of the Site (hereinafter, the “Users”) provides below the privacy policy pursuant to Article 13 of the EU Regulation 2016/679 of April 27, 2016 (hereinafter, “Regulation” or “Applicable Legislation”).

This Site and any services offered through the Site are restricted to individuals who are 18 years of age or older. Therefore, the Owner does not collect personal data relating to individuals under the age of 18. Upon the request of Users, the Owner will promptly delete all personal data unintentionally collected relating to individuals under the age of 18.

The Owner holds in the highest regard the right to privacy and protection of personal data of its Users. For any information in relation to this privacy policy, Users may contact the Controller at any time using the following methods:

By sending a registered letter with return receipt to the registered office of the Controller via del Terziario, 28 – 36016 Thiene (VI);
By sending an e-mail message to mail@ultraexperience.it.
The Controller has not identified the figure of the Data Protection Officer (DPO or DPO), as it is not subject to the obligation of designation provided for in Article 37 of the Regulation.

1. Purposes of the processing

Users’ personal data will be lawfully processed by the Data Controller in accordance with Article 6 of the Regulations for the following processing purposes:

(a) to fulfill the User’s request: the personal data of Users are collected and processed by the Controller for the sole purpose of fulfilling the User’s request regarding the sending of the newsletter. Therefore, the User will receive a periodic newsletter from the Owner that will contain information, updates and news in relation to the field related to the Site’s activities and/or the Owner’s activities. User data collected by the Owner for this purpose include: name and email address. No other processing will be carried out by the Owner in relation to Users’ personal data. Notwithstanding the provisions elsewhere in this privacy policy, under no circumstances will the Controller make Users’ personal data accessible to other Users and/or third parties.

b) administrative-accounting purposes, i.e. to carry out activities of an organizational, administrative, financial and accounting nature, such as internal organizational activities and activities functional to the fulfillment of contractual and pre-contractual obligations;

(c) legal obligations, i.e. to fulfill obligations required by law, authority, regulation or European legislation.

The provision of personal data for the above processing purposes is optional but necessary, as failure to provide such data will result in the User being unable to receive the newsletter from the Controller. In case of consent, the User may revoke the same at any time by making a request to the Controller in the manner indicated in paragraph 4 below.

The User may also easily object to further newsletter mailings by also clicking on the appropriate link for revocation of consent, which is present in each email containing the newsletter.

Personal data that are necessary for the pursuit of the processing purposes described in this paragraph 1 are indicated with an asterisk within the request form.

2. Modalities of data processing and retention times

The Data Controller will process Users’ personal data by means of manual and computerized tools, with logic strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data.

The personal data of the Users of the Site will be kept for the time strictly necessary to fulfill the primary purposes illustrated in paragraph 1 above, or in any case as necessary for the protection in civil law of the interests of both the Users and the Data Controller.

3. Scope of communication and dissemination of data

The personal data of the Users may be disclosed to the employees and/or collaborators of the Controller in charge of managing the Site and the Users’ requests. These subjects, who have been instructed to this effect by the Owner in accordance with Article 29 of the Regulations, will process the User’s data exclusively for the purposes indicated in this notice and in compliance with the provisions of the Applicable Regulations.

Third parties who may process personal data on behalf of the Data Controller as “External Data Processors”, such as, by way of example, providers of IT and logistical services functional to the operation of the Site, providers of outsourced or cloud computing services, professionals and consultants, may also become aware of Users’ personal data.

Users have the right to obtain a list of any Data Processors appointed by the Data Controller by making a request to the Data Controller in the manner indicated in paragraph 4 below.

4. Rights of Data Subjects

Users may exercise the rights guaranteed to them by the Applicable Regulations by contacting the Data Controller in the following ways:

By sending a registered letter with return receipt to the registered office of the Controller: via del Terziario, 28 – 36016 Thiene (VI)
By sending an e-mail message to mail@ultraexperience.it
Pursuant to the Applicable Regulations, the Data Controller informs that Users have the right to obtain information on (i) the origin of the personal data; (ii) the purposes and methods of processing; (iii) the logic applied in case of processing carried out with the aid of electronic instruments; (iv) the identification details of the data controller and data processors; (v) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as data processors or persons in charge of processing.

In addition, Users have the right to obtain:

(a) access, update, rectification or, when interested, integration of the data;

b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including those that do not need to be kept in relation to the purposes for which the data were collected or subsequently processed;

c) certification that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data were communicated or disseminated, except where this proves impossible or involves a manifestly disproportionate to the protected right.

In addition, Users have:

(a) the right to withdraw consent at any time, if the processing is based on their consent (including through the simplified modalities referred to in paragraph 1);

b) the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), the right to restriction of processing of personal data and the right to erasure (“right to be forgotten”);

(c) the right to object:

(i) in whole or in part, on legitimate grounds to the processing of personal data concerning them, even if relevant to the purpose of collection.

d) if they consider that the processing concerning them violates the Regulation, the right to lodge a complaint with a Supervisory Authority (in the Member State in which they usually reside, in the Member State in which they work, or in the Member State in which the alleged violation occurred). The Italian Supervisory Authority is the Garante per la protezione dei dati personali, with headquarters at Piazza di Monte Citorio n. 121, 00186 – Rome (http://www.garanteprivacy.it/).

The Data Controller is not responsible for updating all links displayed in this Policy, so whenever a link is not working and/or updated, Users acknowledge and accept that they should always refer to the document and/or section of the websites referred to by that link.