Last Update: July 2022
Reply S.p.A. (“Reply,” “we,” or “us”) respects your privacy and is committed to protecting it through our compliance with this Reply Shop Privacy Notice (“Privacy Notice”). This Privacy Notice describes the information we collect and process related to our Reply Shop website www.shop.reply.com (the “Reply Shop”), and what choices you have with respect to the information.
This Privacy Notice applies to registered users and to visitors applying for membership on the registration form of the Reply Shop. Reply does not process personal data of visitors who do not apply to or register to the Reply Shop.
THE INFORMATION WE COLLECT
We collect or otherwise obtain information relating to you in a variety of ways. Such information may include personal data (i.e., information that alone or in combination with other information identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly with you or your household).
The information we may gather about you includes:
Information you provide. We may ask you to provide, or you may choose to provide, information such as, without limitation, your full name, e-mail address, VAT registration number and/or tax code. Such information may be provided to us at various times, including, without limitation:
- when you fill in specific forms (online at shop.reply.com, offline) intended for the creation of a personal account (hereinafter referred to as “Account”);
- when placing an order to purchase products through the Reply Shop; and
- during requests for information, including as relating to the services offered through the Reply Shop and/or any requests for assistance or support forwarded by you via e-mail or through the relevant tools available on the Reply Shop.
With regard to the data of payments entered by you, only data received by digital payment companies and by banks handling credit card payments that contain information received on the status related to the payment (for example, accepted/refused) shall be processed. All additional information relating to the account (e.g. PayPal), pre-paid card or credit card is stored by the institutions that manage the relevant service and they are not authorised to use the personal data received through the Reply Shop for other purposes.
Our Use of Cookies. For information about how we use cookies when you interact with the Reply Shop, please refer to our Privacy and Cookie Policy also available in the footer of the Reply Shop.
Information We Do Not Seek. We generally do not seek information that may be considered “special” or “sensitive” personal data (e.g., government-issued identification numbers or information related to your racial or ethnic origin, political opinions, religious or other beliefs, health, criminal background, or trade union membership) for marketing purposes, and we ask that you do not provide such information.
HOW WE USE THE INFORMATION
Information you provide. Personal information you provide to us when you fill in specific forms may be used by Reply for the following purposes:
a) Fulfilment of pre-contractual and contractual obligations. We may use your personal to perform the activities that are necessary and/or related to the creation and/or management of the Account created by you on the Reply Shop and for the conclusion, management and implementation of the product purchase contracts through the Reply Shop. The purposes of an administrative and accounting nature, related to and in any case deriving from the contract concluded with you, are expressly included. This includes after sales service and therefore the processing of your personal data for managing and sending responses to requests for assistance regarding the products purchased through the Reply Shop, as well as, in general, the processing of data to manage and handle the requests submitted, in each instance, by you through the Reply Shop and/or by e-mail and/or via any other means of communication.
b) Payment processing. We may use your personal information to enable us to process payments and invoices related to your use of the Reply Shop. For information about the terms and conditions of payment, please refer to our Terms & Conditions of use of the Reply Shop.
c) Compliance with legal obligations. We may use your personal information to comply with obligations set forth in laws, regulations and by applicable legislation, including those regarding taxes, as well as by provisions issued by authorities authorised to do so by law or by supervisory and inspection authorities, also for the prevention and investigation of computer-related crimes.
d) By virtue of a legitimate interest of Reply. We may use your personal for the legal defence of a right or interest before any competent authority or institution, expressly included therein for the purpose of debt recovery. This also includes the processing of browsing data for the purpose of preventing fraud committed through use of the Reply Shop and for the protection of the related rights and interests of Reply also before the law.
e) Reply marketing activities. Subject to your express consent, and until you withdraw said consent, we may use your personal information to communicate with you regarding services, events, webinars and other initiatives offered by Reply and/or its group of companies (hereinafter, “Reply Group Companies”) or by Reply business partners on the occasion of co-marketing or joint pre-sales activities, to provide information on our events or webinars. Our marketing materials may be provided to you using automated tools (e.g. SMS, MMS, fax, e-mail and web applications) and/or traditional marketing channels (e.g. operator-assisted phone calls and/or post mail). When registering to use the Reply Shop, you will be required to select whether you consent to our use of your personal information for our marketing activities. If you do not wish to be contacted in connection with our marketing activities, please see the “Exercising your right to access personal data and other rights” section below. The legal basis for using the personal information you provide us for this purpose is your consent. For additional information about the use of personal information for our marketing activities, please refer to our Reply Marketing Privacy Notice.
The provision of data is necessary for all the purposes from a) to d) described above with the result that, in these cases, any refusal to provide data will mean that it will be impossible to create an Account, to manage and process the purchase orders submitted by you, and to meet your requests or selection options, and in general, to implement the initiating or established contractual relationship and/or to fulfil the requirements as set forth in the contract or by applicable legislation or, even to process your specific requests.
With reference to the marketing purposes (letter e) above), the provision of data is purely optional and the related data processing is based on consent, which is optional and may be withdrawn at any time. Failure to provide the data will not affect the possibility of registering on the Reply Shop and of using the services made available therein, including the possibility of making purchases on it; it will only make it impossible for you to receive advertising material regarding products and/or services of Reply.
Our use of cookies. For further information about we use cookies when you interact with the Reply Shop, please refer to our Privacy and Cookie Policy also available in the footer of the Reply Shop.
Processing method. For purposes of processing the data described in this “How We Use the Information” section, we may electronically and/or manually process your personal information by Reply and Reply Group Companies for the time strictly necessary to pursue these purposes.
HOW INFORMATION IS SHARED
In connection with the purposes outlined in the “How We Use the Information” section above, we may disclose your information to:
- all subjects (including Public Authorities) that have access to the personal data due to regulatory and administrative provisions
- banks and companies that manage national and international credit card companies through which payments are carried out online for the products purchased through the Reply Shop;
- all those subjects, public and/or private, individuals and/or legal persons (judicial authorities, chambers of commerce, trade union headquarters and employment offices, etc.), if the disclosure is necessary or useful for the proper fulfilment of the contractual obligations undertaken, as well as of the obligations arising by law.
In addition to the above, personal data may be disclosed to third parties that include, but are not limited to, third parties operating on behalf of Reply, such as:
- subjects, individuals and/or legal persons, entrusted by Reply to carry out technical work related to the repair, ordinary and extraordinary maintenance, restoration and upgrade of the Reply Shop;
- suppliers appointed to provide core services and/or services related to the implementation and management of product purchase contracts through the Reply Shop and to fulfil your requests (such as, including but not limited to, couriers and forwarding agents);
- other Reply S.p.A. Group Companies for administrative and accounting purposes;
- persons authorised by Reply to process the personal data required in order to perform activities closely related to the supply of services, who have made a commitment to confidentiality or have an appropriate legal obligation of confidentiality (e.g. Reply employees);
- companies or professional firms that provide assistance and consultancy to Reply on accounting, administrative, legal, fiscal, financial and debt recovery activities relating to the supply of the services referred to on the Reply Shop.
For payment services, we currently use PayPal which acts as autonomous data controller. For more information on how Paypal may use and protect your data, you may refer to Paypal privacy policy available on www.paypal.com.
Apart from the third parties discussed above. Your data will not be subject to any wider dissemination.
DATA RETENTION
Subject to your rights described in the “Exercising Your Right to Access Personal Data and Other Rights” section below, your personal data will be stored only for the period necessary to ensure the correct supply of the services offered. In particular, unless otherwise specified below, your data shall be processed and stored for the entire duration of the contractual relationship and, subsequently, for the maximum period provided for by applicable legal provisions regarding the lapse of rights and/or the withdrawal of the action and, in general, to exercise/defend the rights of Reply in lawsuits brought by public authorities and public and private persons/institutions.
However, with regard to the marketing purposes outlined in the “How We Use the Information” section above (letter e)), we will retain your data until you unsubscribe from the Reply Shop or request that we stop using your information for this purpose by contacting us by e-mail at shop@reply.com, whichever comes first.
CHILDREN
Reply does not knowingly use its Reply Shop to request and/or process data from under age individuals, according to privacy law and further laws and regulations applicable in their country of residence.
DATA SECURITY
We make use of reasonable technical and organizational security measures and safeguards that are designed to help protect the data that we collect, use, and retain. Please note, however, that no security measure is perfect, and there can be no absolute assurance of security.
EXERCISING YOUR RIGHT TO ACCESS PERSONAL DATA AND OTHER RIGHTS
Marketing activities. If you do not want us to use information that we collect or that you provide us for our marketing activities, you can contact us by e-mail at shop@reply.com.
Accessing, correcting, updating, deleting, and requesting information about your personal data. You can review and change your personal data by emailing us at shop@reply.com or to request access to, correct or delete your personal information. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.
Because we want to avoid taking action regarding your personal data at the direction of someone other than you, only you or an “Authorized Agent” permitted to act on your behalf may submit a request. An “Authorized Agent” means a natural person or a business entity you have authorized to act on your behalf by providing your written permission. Please note, we may deny a request from an Authorized Agent if they do not submit proof that they have been authorized by you to act on your behalf. Your request must:
● Provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal data or an Authorized Agent; and
● Describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it.
Additional information for EU/EEA/UK residents
Reply provides you with this Privacy Notice pursuant to Section 13 of EU Regulation No. 679/2016 and of UK General Data Protection Regulation, concerning the protection of individuals with regarding to the processing of personal data.
The Data Controller for the processing of your personal data is Reply S.p.A., with a registered office in Corso Francia n. 110, Turin, Italy, represented by the pro tempore legal representative.
If you have questions or concerns about our collection or use of your personal data, you can contact our Data Protection Officers (DPO) at:
● DPO Italy: dpo.it@reply.it
● DPO Germany: dpo.de@reply.de
● DPO UK: dpo.uk@reply.uk
If you are unsatisfied with the way in which we have handled your personal data or any privacy query or request that you have raised to us, you have a right to complain to the appropriate National Data Protection Authority (“DPA”). To find the contact details of the DPA in your EU country of residence, please visit the EU Commission’s directory of DPAs.
Data transfers outside of the EU/UK. Your personal data are not transferred outside the EU/UK. Please note that PayPal may transfer your personal data outside the EU/UK and acts as autonomous Data Controller.
Additional information for California residents
If you are a resident of the State of California, you are entitled to request information regarding the disclosure of your personal information to third parties for direct marketing purposes, and opt-out of such disclosures. Please note that we do not share your personal information with non-affiliated third parties for such purposes, and we do not sell your personal information. California residents may have additional rights and choices. Please see CCPA Privacy Notice for CA Residents for more information.
Additional information for Brazil residents
If you are a resident of the Brazil, Reply provides you with this Privacy Notice pursuant to Law No. 13.709/2018 (LGPD), that is concerning the personal data protection of individuals with regarding to the processing of data.
If you have questions or concerns about our collection or use of your personal data, you can contact us at:
● Brazil: privacy.security.br@reply.com
We will answer data subjects’ requests within 15 (fifteen) days upon receipt.
UPDATES TO THIS PRIVACY NOTICE
We may make changes to this Privacy Notice from time to time. The “Last Update” noted at the top of this page shows when this Privacy Notice was last revised. Any changes will become effective when we post the revised Privacy Notice on this site.
CONTACT US
If you have any comments or questions regarding this Privacy Notice or our data handling practices, please contact us at shop@reply.com. You may also send us a letter at the following address:
Reply S.p.A.
Corso Francia n. 110
Torino, Italy