copied 3d url is missing successfully copied to clipboard
  • Free shipping above € 50 & free returns
  • #SPEEDUP
Search
 

Privacy

Statement on the Processing of Personal Data

 

pursuant to Article 13 of EU Regulation 2016/679 “GDPR”

 

As the controller for the processing of personal data within the meaning of EU Regulation 2016/679 "General Data Protection Regulation", Ober Alp S.p.A. hereby informs on the following provisions for the protection of persons with regard to the processing of their personal data. The processing of personal data is subject to the principles of correctness, lawfulness, transparency as well as the protection of secrecy and the rights of the data subject. Personal data may only be collected, processed and used in accordance with the provisions of the aforementioned legislation and the confidentiality obligations contained therein.

 

1.) Data subjects
Data subjects are those persons who provide their data in the following manner to a company of the Oberalp group:

 

• by registering on the websites of the Oberalp Group (Brand – Salewa, Dynafit);

• by registering for and using different Oberalp S.p.A. services

• by purchasing goods through the websites of the Oberalp Group;
• by contacting (via telephone, fax, e-mail, etc.) the Consumer Care office of Ober Alp S.p.A.;
• by subscribing to the brand newsletters of the Oberalp Group through the websites;
• by registering for the outdoor events periodically organized by Ober Alp S.p.A. for its brands;
• by participating in online and offline competitions or contests;
• by submitting an application for specific programs organised and managed by the Oberalp Group (e.g. brand-ambassador programs such as Trailhero); and
• by making purchases during the sample sales periodically organized by the company.

 

Part of the Oberalp Group are Ober Alp S.p.A, Oberalp Deutschland GmbH, Oberalp Austria GmbH, Salewa Sport AG, Salewa Polska, Salewa Czech and Slovakia SRO, Salewa France SARL, Salewa Iberica S.L. and Wild Country Ltd.

 

2.) Purposes of processing
The personal data provided will be processed for the following purposes:

 

a) Use of the services offered by the Oberalp Group - fulfilment of the purchase contracts concluded in the Online Store

 

The personal data of the data subjects are processed in order to enable those persons to use the services offered by the Oberalp Group and to fulfil and carry out the sales contracts concluded by the data subjects. In particular, the data will be processed for the following purposes:

 

• customer management;
• after-sale assistance;
• settlement of disputes;
• customer billing history;
• measurement of customer satisfaction;
• tax or other legal requirements.

 

The processing of personal data in connection with the above-mentioned purposes is necessary to ensure correct management of the business relationship and the provision of personal data is mandatory in order to fulfil and carry out the above-mentioned purposes. The personal data that must be disclosed by the data subject are marked with an asterisk.

 

If the data subject does not provide or provides incorrect and/or incomplete mandatory personal data, the controller cannot guarantee the performance of the service and/or the fulfilment of the contract.

 

The processing is carried out on the basis of Art. 6, para. 1, letter b) GDPR and, limited to compliance with tax and accounting legislation, on the basis of Art. 6, para. 1, letter c) GDPR.

 

The personal data processed for these purposes will be processed for a period necessary for the provision of the services offered by the Oberalp Group and/or for the fulfilment of the sales contract concluded with the data subject and thereafter for the duration provided for by law.

 

b) market studies and statistical purposes
For these purposes, the data are processed exclusively in anonymous form, meaning that an identification of the person concerned is no longer possible.

 

c) direct marketing
The personal data will also be processed, with the consent of the data subject (art. 6, par. 1, letter a) GDPR, for the following marketing purposes:

 

• sending the brand newsletter of the Oberalp Group (Salewa and Dynafit) and newsletters informing about sample sales events;
• sending periodic commercial communications regarding company products and services;
• promotional activities also related to the transmission of advertising and promotional material.

 

The provision of data for the above-mentioned purposes is not mandatory and the refusal by the data subject to consent to the processing for this purpose will have no negative impact on the business relationship with the data controller. The person concerned may revoke his/her consent at any time.

 

For the purposes of direct marketing, the data controller also processes and evaluates data regarding the data subject's purchase behaviour and the websites visited on the pages of the Oberalp Group in order to carry out a profiling of data subjects, which is used solely for sending personalised advertising material based on the interests of the data subject.

 

For the purposes of direct marketing, the personal data of the data subject are processed until consent is revoked. The personal data processed for the purposes of profiling, including data on purchase behaviour, are processed for the maximum time permitted by law.

 

d) Application, selection and execution of specific programs organised and managed by the Oberalp Group (e.g. brand-ambassador programs such as Trailhero)

 

The personal data will be processed in order to carry out the application and selection process regarding the specific program as well as its execution. The application, selection and execution of the program may include the transfer of personal data to media partners of the controller.

 

The processing of personal data in connection with the above-mentioned purposes is necessary to ensure the correct management of the relationship between the controller and the data subject and the provision of personal data is mandatory in order to fulfil and carry out the above-mentioned purposes. The personal data that must be disclosed by the data subject are marked with an asterisk.

 

If the data subject does not provide or provides incorrect and/or incomplete mandatory personal data, the controller cannot guarantee the fulfilment of the application and/or selection process as well as the execution of the program.

 

The processing is carried out on the basis of Art. 6, para. 1, letter b) GDPR and, with regard to the transfer of personal data to the media partner of the controller, also on the basis of Art. 6, para. 1, letter f). The legitimate interest of the controller consists in the publication of activities, including promotional activities, or achievements of the data subject as a brand ambassador of the controller.

 

The personal data processed for these purposes will be processed for a period necessary for carrying out the application and selection process as well as the execution of the program and thereafter for the maximum duration provided for by law.

 

e) Participation in online (including social media) and offline competitions and contests organised by the Oberalp Group

The personal data will be processed

 

i) to comply with national laws and regulations as well as European Union Law

 

ii) to enforce and implement contractual obligations, i.e. to enforce and implement the regulation for the competition or the contest as well as to comply with specific requests of the data subject and to manage the relationship with the data subject.

 

Personal data will be used by the controller to verify the identity of the data subject (also through verification of the e-mail address), in order to avoid fraud or abuse, as well as to contact the data subject for reasons related to the competition and the contest (e.g. managing the participation in the competition/contest, notifying the data subject of possible winnings and managing the assignment and delivery of prizes; contacting the data subject in order to obtain further information – like a copy of his/her ID card – which may be requested to verify the data subject’s identity to prevent fraud or abuse);

 

Providing personal data for the purpose indicated under letter i) is mandatory and refusal to provide or providing incorrect or inaccurate personal data entails the impossibility of the data subject to take part in the competition or the contest. The corresponding processing does not require consent from the data subject and is carried out on the basis of Art. 6, para. 1, letter c) GDPR.

 

Providing personal data for the purpose indicated under letter ii) is not mandatory, but refusal to provide or providing incorrect or inaccurate personal data may entail the impossibility to take part in the competition or contest. The corresponding processing does not require consent of the data subject and is carried out on the basis of Art. 6, para. 1, letter b) GDPR.

 

The Personal Data processed for the purposes indicated under this paragraph e) will be processed for the time necessary to carry out and fulfil the competition or the contest and thereafter for the maximum duration permitted by law.

 

3.) Method of processing
The personal data may be processed in the following ways:

 

• processing of data through completion of factsheets, coupons and questionnaires;
• processing by computer and automated means;
• manual processing through paper-based archives;
• processing of data collected by third parties;
• transfer to third parties for processing operations.

 

The data will always be processed in accordance with the principles set out in Art. 32 GDPR.

 

4.) Disclosure/Transfer
The personal data provided will be kept at the headquarters of the controller and will only be passed on to persons who are in a position to provide the necessary services for the correct handling of the business relationship with the data subject and the fulfilment of the contract, always under guarantee of the protection of the rights of the data subject.

 

The personal data provided will be processed only by personnel expressly authorized by the controller and specifically by the following categories of processors:

 

• Group Administration,
• Group IT,
• Group Brand&Marketing,
• Group Business Development,
• Group Logistics,
• Group Retail BU,
• Group Distribution BU

 

The personal data provided may be transferred to third parties solely for the purposes described above, and specifically to:

 

• forwarding agents, carriers, delivery services, mailing providers, logistics firms;
• consultants and professionals, in one-off disclosures or as part of a course of dealing;
• banks and credit institutions;
• providers of IT services;

 

The personal data provided by the data subject may be transferred within the Oberalp Group, namely to Italian and foreign companies of the Oberalp Group.

 

The personal data may be transferred and disclosed to public bodies, for example police or courts, only in cases permitted by law.

 

With regard to the purposes specified in letter d) of section 2., personal data may be transferred to media partner of the controller for online or offline publication and/or for publication on social media accounts of the media partner.

 

With regard to the purposes specified in letter e) of section 2., personal data may be transferred to any person or entity, to which personal data need to be mandatorily transferred for these purposes under the applicable laws and regulations. Furthermore, the name, surname, profile name on social media channels as well as place and country of residence of the data subject or a photographic image of the data subject or provided by the data subject may be published by the controller (e.g. publication on the internet or on the social media account of the controller).

 

5.) Data Controller
The controller for the processing of personal data is Oberalp S.p.A. with offices at Via Waltraud Gebert Deeg, 39100 Bolzano (BZ), tel. +39 0471.242.900, e-mail: [email protected].

 

6.) Data Protection Officer
The Controller has nominated a data protection officer for the entire Oberalp Group. e-mail: [email protected], tel. +39 0471.242.900.

 

7.) Rights of the data subject
The person concerned has the right to obtain from the Data Controller access, communication, rectification, integration, updating, cancellation and portability of personal data concerning him/her, as well as the right to exercise in general all the rights provided for in chapter III of the GDPR, as indicated below:

 

Chapter III (Art. 12 - 23) GDPR

 

a. access to personal data (the data subject has the right to obtain information free of charge about the personal data held by the controller and processing of said personal data, as well as to obtain a copy in an accessible format);

 

b. rectification of data (Oberalp will correct or supplement incorrect or inaccurate data, including which has become incorrect or inaccurate due to a non-carried out update,, on the basis of a notice received by the data subject in this regard);

 

c. withdrawal of consent (if the processing is carried out on the basis of consent given by the data subject, the latter may withdraw consent at any time, without this, however, affecting the lawfulness of the processing provided before the withdrawal)

 

d. erasure of data (right to be forgotten) (the data subject may request, for example, erasure when the data are no longer necessary for the purposes for which they were collected or processed or when they have been processed unlawfully, when they have to be deleted in order to fulfil a legal obligation, when the data subject has withdrawn consent and there is no other legal basis for the processing, or when the data subject objects to the processing);

 

e. restriction of processing (the data subject may request this in certain cases: - where the accuracy of the data is contested, within the time necessary for verification; - where the lawfulness of processing is contested and the data subject opposes to erasure; - need to use the data for the data subject's rights of defence, while they are no longer useful for the purposes of processing; if there is opposition to processing, during the time the necessary verifications are carried out - the data will be stored in such a way as to be restored, but, in the meantime, they are not available for consultation by the controller except for the sole purpose to verify the validity of the data subject's request or its objections.

 

f. objecting in whole or in part to the processing for legitimate interests (in certain circumstances the data subject may nevertheless object to the processing of his/her personal data, in particular, if the personal data are processed for purposes of direct marketing, the data subject has the right to object at any time to the processing, including profiling to the extent that it is related to such direct marketing. When personal data are processed for purposes of scientific or historical research or for statistical purposes, for reasons related to his particular situation, he has the right to object to the processing, unless the processing is necessary for the performance of a task carried out in the public interest;

 

g. data portability (if the processing is based on consent or on a contract and is carried out by automated means, upon request of the data subject, the latter will receive in a structured format, commonly used and machine-readable, the personal data concerning him and may transmit them to another controller, without hindrance by the controller to whom he provided them and, if technically feasible, may obtain that such transmission is made directly by the latter).

 

h. lodging a complaint with the supervisory authority (Garante per la protezione dei dati personali – Garante Privacy).

 

To exercise the rights indicated above, the person concerned may contact the controller by post or by e-mail at the addresses indicated.

 

This policy statement was last updated on 30/01/2020 and applies to your use of the website today, but may be updated from time to time, for organizational reasons or because the law changes: we suggest you visit our websites regularly to see the latest version.