Shopping bag (0)

Close
Your cart is empty

Select country

Close
Search

Select language

Close

Please note that the contents of your cart will not be retained if you change delivery destination.

Close
Menu opened
Menu closed
LOCATION United Kingdom(£)  -  English
Search Search Wishlist Wishlist Cart Cart 0
Privacy Policy
Arrow down
Terms & Conditions
Payment
Privacy Policy
Cookies
Shipping
Returns policy
FAQ
Terms & Conditions
Payment
Privacy Policy
Cookies
Shipping
Returns policy
FAQ

Privacy Policy

Pursuant to and for the purposes of Article 13 of EU Regulation 2016/679, concerning the provisions that protect individuals in regard to personal data processing and the free movement of such data (hereinafter also referred to simply as “GDPR”), we would like to inform you that the processing of users’ and/or visitors’ personal data (hereinafter also referred to simply as the “Users”) who consult and/or visit and/or register on the “sergiorossi.com” website (hereinafter also simply the “Website”) and/or make use of the relative services – regardless of whether they purchase products – is carried out in compliance with personal data protection and confidentiality legislation to which our business is duly bound, for the purposes and methods described in detail in this Privacy Policy.

Indeed, the Website Privacy Policy is based on the following principles:

1.       process personal data solely for the purposes and in accordance with the methods described in the privacy policy that is provided when said data is collected;

2.       only use personal data for purposes other than those for which it was specifically provided with the prior specific and express of the User;

3.       only make the personal data available to third-party companies for purposes that are essential for providing the requested service; do not communicate, sell or transfer personal data to third parties for their own processing without informing Users in advance and obtaining their consent;

4.       respond to requests for the deletion, amendment and integration of the personal data provided and the opposition to the processing of personal data for the purposes of sending commercial and advertising information;

5.       ensure the proper and legal management of personal data, safeguarding the privacy of Website Users, as well as apply suitable security measures to protect the confidentiality, integrity, availability and resilience of the personal data provided.

We would like to inform you that the Privacy Policy applies to this Website only and no other websites that the User may consult via other links. This Privacy Policy is readily available as it is accessible from the Website homepage and via links on every other page on the Website where personal data is collected. To use specific services provided on the request of the User, specific privacy policies will be provided and, where necessary, consent to process personal data will be requested.


Personal data refers to “any information relating to an identified or identifiable natural person (“data subject”); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” and images (Article 4, No. 1 of the GDPR).

1. Data Processors and Data Protection Officer for the Processing Of Users’ Personal Data


Sergio Rossi S.p.A. (Tax no. 05820951001 and VAT No. 03132190400) with registered office in San Mauro Pascoli (FC), at Via Stradone, 600/602 (47030) tel.: +39 0541 – 813111; email: privacy@sergiorossi.com as Data Controller for Users’ personal data, shall process for the purposes referred to in paragraphs 3.1. “Registering on the Website and creating a personal account”, 3.3. "Sergio Rossi Marketing Activity” and 3.4. "Sergio Rossi profiling activities” that follow (hereinafter also referred to simply as "Sergio Rossi”).

Sergio Rossi has designated a Data Protection Officer (DPO) who may be contacted directly at the following email address: dpoprivacy@sergiorossi.com.

Sergio Rossi, for some purposes as more fully explained in paragraph 3.2. "Establishment, execution and management of the business relationship” will be partnered by Diana E-commerce Corporation Srl (Tax code and VAT No. 05097740285) with registered offices in Torreglia (PD), at Via San Daniele, 137/139, 35038, email: privacy@dianacorp.com and will act as co-owner for processing (hereinafter also individually, "Diana E-commerce“ and jointly, Sergio Rossi and Diana E-commerce, the “Co-owners").

Diana E-commerce has appointed a Data Protection Officer - (DPO) that the Data Subject may contact by writing to the following address: privacy@dianacorp.com.

The Co-owners, with regard to the processing of Users’ personal data shall process these for the purposes referred to in paragraph 3.2. "Establishment, execution and management of the business relationship", acting as Co-owner, pursuant to article 26 of the GDPR state that they have entered into a co-ownership agreement, whose essential content is available to users at the premises of the co-owners, which will write in the best mode to indicate in paragraph 11 "Contacts for exercising the rights of the data subject and other information" below. 


2. Categories Of personal data processed


2.1.       Personal data voluntarily provided by the User


Sergio Rossi will process the following personal information provided by the User directly for the purposes of:

  • - ensuring the registration on the Website and creating a personal account: first name and surname, telephone numbers, email addresses and passwords.
  • - finalising an order for the purchase of a product sold on the Sergio Rossi Website: first name and surname, telephone number, address, tax ID code, VAT number, credit card, bank account details and date of birth.


    The personal data of Users referred to in paragraph

    2.1.2 will also be processed by Diana E-commerce, as co-owner.

2.2.       Personal data collected by Sergio Rossi S.p.A. via company IT systems and applications

Both for registration on the Website and for finalising a purchase through the Sergio Rossi product Website, Sergio Rossi will process the following personal data, collected through information technology tools and company application services used by the company:
  • - browsing data and log files and log data for the network traffic generated by Sergio Rossi IT systems (for example: registering and managing your personal account, managing your wish list; and your purchase and access history;
  • - sales data for Sergio Rossi products: purchase method, as well as the type, quantity and price of the Sergio Rossi products purchased.


    The personal data of users referred to in paragraph

    2.2.1. limited to the navigation data and paragraph 2.2.2 will also be processed by Diana E-commerce, as co-owner.


2.3.       Personal data of third parties


The User acknowledges that the indication of any personal and contact data of any party other than the User within the framework of the commercial relationship for the purchase of Sergio Rossi products (for example, if the User has purchased a product that is to be delivered to another person, or when the person that pays for the purchase of a product is not the person for whom the product is destined, or when the User intends to inform a friend of a service provided on the Website) represents an instance of personal data processing for which the User acts as the data controller of the personal data of the aforementioned subjects. Therefore, when providing said data to Sergio Rossi, the User must ensure that: i) any personal data submitted by the User to Sergio Rossi have been processed by the User in compliance with the measures in force regarding data protection and ii) that the aforementioned third parties have been duly informed by the User in advance regarding how said data are processed and for what purposes, and that they have provided the User with due authorisation.

The personal data of Users referred to in paragraph 2.3 will also be processed by Diana E-commerce, as co-owner.


3. Purposes Of Personal Data Processing And Legal Basis


The User's personal data will be processed, with the User’s prior and express consent where necessary, for the purposes and on the legal basis which are explained in more detail below.


3.1.       Registering On The Website And Creating A Personal Account

The personal data referred to in paragraph 2.1.1 will be processed by Sergio Rossi for registration on the Website and the creation and management of the User's personal account.
The legal basis for the processing of personal data for the purposes referred to above in paragraph 3.1 is the commercial relationship to which the User is party.


3.2.       Establishment, Execution And Management Of The Commercial Relationship


The personal data referred to in paragraphs 2.1.2, 2.2 and 2.3 above will be processed by the Co-owners to:
  • - fulfil the legal obligations that apply to the co-owners in accordance with civil, fiscal and accounting regulations;
  • - for the establishment, execution and management of the commercial relationship and/or to provide the services connected with said commercial relationship. And specifically, for: administrative and accounting purposes; issuing invoices and credit notes; customer data management; fulfilling and sending purchase orders; post-sales support: management of returns and any complaints, also via the “Contact us” form on the Website.

The legal basis for the processing of personal data for the purposes referred to above in paragraph 3.2 is the commercial relationship to which the User is party.


3.3.       Sergio Rossi Marketing Activities

The personal data of the User as set forth in paragraphs 2.1 and 2.2 above will be processed by Sergio Rossi - using automated tools (email, fax, sms, instant messaging and mms) or traditional means (telephone calls with an operator employed by Sergio Rossi, traditional mail) – for promotional activities, such as:
  • - sending newsletters, brochures, catalogues and presentations;
  • - sending commercial and/or promotional communications, information and updates on Sergio Rossi products and services;
  • - invitations to special events (promotional sales, fashion shows);
  • - market research.

The legal basis for the processing of personal data for the purposes referred to above in paragraph 3.3 is the User's explicit prior consent.
  3.4.       Sergio Rossi Profiling Activities

The personal data of Users indicated in paragraphs 2.1 and 2.2 above will be processed by automated profiling. In this instance, Sergio Rossi will only analyse the sales data of Sergio Rossi products, i.e. the purchase method, type, quantity and price of the Sergio Rossi products the User purchased and/or viewed to:
  • - develop and/or create profiles based on the User’s preferences and purchases;
  • - personalise the User’s experience with Sergio Rossi in line with their interests and purchase habits.

    However, it is not deemed that partly-automated profiling will produce legal ramifications for the User or have a significant effect on the User in a similar manner.
The legal basis for the processing of personal data for the purposes referred to above in paragraph 3.4 is the explicit prior consent of the User.


4. Mandatory or optional provision of the user’s personal data - consequences of refusal

4.1.       The provision of the User's personal data for the purposes referred to in paragraph 3.1 and 3.2 is optional. However, failure to provide said data will make it impossible for them to register on the Website, to create a personal account, or to establish and/or continue a commercial relationship and/or for the services connected to this relationship to be provided.

4.2.       The provision of the User’s personal data for the purposes referred to in paragraphs 3.3 and 3.4 is optional and failure to provide said data will have no effect on their ability to register on the Website and/or create a personal account and/or purchase products and/or receive the services requested. However, we will not be able to inform Users about promotions and commercial initiatives or send invitations to events or assess their interests and preferences.

We would also like to specify that if Users have given their consent to authorize Sergio Rossi to carry out activities for the marketing and profiling purposes referred to in paragraphs 3.3 and 3.4 above, they are nonetheless still able to withdraw consent at any time and/or oppose the processing of their data for the aforementioned purposes, also with regard Users’ contact details (for example, if Users wish to have their data processed via traditional contact details, they can oppose processing of their contact details through automated means). This can be done on your personal page on the Website or by sending a clear written notification – without any formalities – to this effect to the addresses listed in paragraph 11 “Contacts for exercising the rights of the data subject and other information” which can be found below.


5. Methods used to process personal data

Your personal data will be processed via manual, IT and electronic tools, as well as paper means.

In particular, the User’s personal data will be processed by Sergio Rossi Customer Relationship Management (“Sergio Rossi CRM”). The inclusion of the User's personal data in Sergio Rossi’s CRM for the purposes set out in paragraphs 3.3. and 3.4. (marketing and profiling) is optional and occurs only in the event of release of the User's consent while for the purposes referred to in points 3.1. and 3.2. (registration and account creation and purchase of a Sergio Rossi product) above, the inclusion of personal data in Sergio Rossi’s CRM is necessary in order to allow Sergio Rossi to properly management and execute the Website registration and sales relationship to which the User is party. Once added to Sergio Rossi’s CRM, your personal data may be read, amended and updated by employees of the Sergio Rossi S.p.A. offices and the employees of Sergio Rossi Stores in Italy and abroad, who have been specifically appointed as data processors.


6. Recipients Of Personal Data


6.1.       Your personal data may be disclosed by Sergio Rossi to:

(i) persons appointed by Sergio Rossi to process data, who have been given specific written instructions:
  • - employees in the marketing and event organisation office;
  • - employees in the omni-channel office;
  • - employees in the public relations department;
  • - employees in the retail and wholesale department;
  • - employees in the IT office;
  • - employees in the purchasing department;
  • - employees in the administration and finance department;
  • - employees in the quality control office;
  • - employees in the shipping office;

    (ii) parties that provide services for Sergio Rossi S.p.A. appointed in writing as data processors by the latter:
  • - event service companies and public relations agencies;
  • - banks used by Sergio Rossi to carry out and verify payments;
  • - IT service providers, related to the management of the website including the cloud service and e-commerce service;
  • - entities that provide delivery and labelling services, also for invitations; 
  • - entities responsible for customer support;
  • - Sergio Rossi subsidiaries and associated companies: Sergio Rossi USA Inc., Sergio Rossi Hong Kong Ltd, Sergio Rossi Shanghai Ltd, Sergio Rossi Japan Ltd, Sergio Rossi Retail S.r.l., Sergio Rossi UK Ltd; Sergio Rossi Deutschland GmbH;

    (iii) parties that provide services for Sergio Rossi S.p.A. as independent data controllers:
  • - legal, fiscal and accounting consultants;
  • - external auditing firm: PricewaterhouseCoopers;
  • - judicial and/or public authorities in cases of express request or in the event of fiscal and financial audits.

    For a complete and updated list of the entities to whom your data is disclosed, you can write to Sergio Rossi S.p.A. at the addresses given in article 11 below “Contacts for exercising the rights of the data subject and other information”.


    6.2.       To achieve the purposes for which personal data are collected, Diana E-commerce may use the following categories of party to whom the data may be disclosed or who can learn about them as data processors:
  • - providers of IT services, such as direct marketing, internet services and cloud computing;
  • - persons performing logistics, warehouse, promotion, supply, sale and delivery of Diana E-commerce products and services;
  • - entities responsible for customer support;
  • - studios and other entities that provide assistance, consultancy and entertainment services, such as legal, tax, accounting, financial and economic, technical and organizational, data processing, communication;
  • - entities that provide banking, financial, insurance and credit recovery;
  • - persons providing fraud control activities on payments;
  • - subsidiary companies, parent companies and associated companies;
  • - supervisory and monitoring organisations;
  • - other companies as part of a merger, acquisition or sale of the company or a branch thereof.


    In order to offer you Klarna’s payment methods, at the checkout stage we may transmit your personal data to Klarna, in the form of contact and order details, so that Klarna can assess whether you are suitable for their payment methods and adapt those payment methods to your needs. Your transferred personal data is processed in accordance with with Klarna's Privacy Policy.

    The updated list of the personal data processing personnel is available from Diana E-commerce, to which the User may send a specific request via the procedures indicated in article 11 below "Contacts for exercising the rights of the data subject and other information".


7. Duration Of Personal Data Storage


7.1.       For the purposes set out in paragraph 3.1. (registration on the Website), the User's personal data will be stored by Sergio Rossi until the account has been closed by the User. In any case, it is understood that if your account is not operational for 10 years after the last use (e.g. last accessed) of the account by the User, Sergio Rossi will delete personal data relating to the registration and management of the account.


7.2.       For the purposes set out in paragraph 3.2. (establishment, execution and management of the business relationship), the User's personal data will be processed by the Co-owners for the duration of the business relationship and for a period of 10 years following the termination of the business relationship, except in cases in which additional storage is justified by additional requirements of law, litigation and/or requests made by the competent authorities.


7.3.       For the purposes set out in paragraph 3.3. (marketing), personal data will be stored by Sergio Rossi for 5 years after obtaining consent and the corresponding recording in the CRM of Sergio Rossi, or until the revocation of consent.


7.4.       For the purposes set out in paragraph 3.4. (profiling), personal data will be stored by Sergio Rossi for 5 years after obtaining consent and the corresponding message to the CRM Sergio Rossi, or at least until the withdrawal of consent.


8. Minors



The Site and its services are not intended for minors and therefore Sergio Rossi and Diana E-commerce do not knowingly process personal data of persons under 18 years of age.



9. Transfer of personal data outside of the EU



The personal data of Users may be transferred, for the purposes for which they are collected, to the UK and USA, which are outside the European Union.

In the event that for the purposes described above, personal data of Users should be transferred to countries outside the EU, Sergio Rossi and Diana E-commerce, each for its own purposes, inform that the transfer of data outside the EU will always be in accordance with the provisions of applicable privacy legislation, which is based on an adequacy decision of the European Commission in relation to the non-EU country to which the personal data of Users will be transferred or, failing that, by obtaining consent, when necessary, or by the adoption of any other measures necessary to ensure the security of personal data that is transferred (these measures include, for example, contractual agreements based on standard contractual clauses as identified by the European Commission) or otherwise to subscribers to the Privacy Shield list, a self-certification mechanism for companies established in the US who wish to receive personal data from the European Union in accordance with EU Implementing Decision 2016/1250 adopted by the European Commission on July 12, 2016.



10. Exercising the rights of the data subject


In accordance with Articles 13, paragraph 2, letters b), c) and d), 15-22 of GDPR, Sergio Rossi and Diana E-commerce – the latter limited to the purposes set forth in paragraph 3.2 "Establishment, execution and management of the business relationship” –- inform that Users:
  1. have the right to request access to their personal data, together with information on the purposes for which they are being processed, the category of personal data processed, the subjects or categories of subjects to which they have been or will be communicated (with an indication of whether these are subjects located in third-party countries or are international organisations) and – when possible – indications on the storage period of personal data or the criteria used to determine this period, the existence of their rights to rectify and/or delete the personal data, to limit the processing thereof and to object to the processing thereof, and their right to lodge a complaint with a supervisory body, as well as indications on the origin of the data and the existence and reasoning applied in the instance of automated decision-making processes. If they exercise this right, and unless otherwise indicated by the User, they will receive an electronic copy of their personal data that is subject to processing.

  2. Users are also entitled to obtain:
  • - the rectification of their personal data if inaccurate or incomplete;
  • - the deletion of their personal data, if one of the conditions pursuant to article 17 of the GDPR exists (for example: if personal data are no longer required for the purposes for which they were collected, if they decide to withdraw their consent for processing – where this is the legal basis therefor – and where there are no other legal grounds for the processing, the User objects to the processing and there is no other legitimate prevailing interest of the Data Controller, or the User’s data has been processed illegally);
  • - the restriction of the processing of the User’s personal data: 1) for the time required by Sergio Rossi to ascertain the accuracy of their personal data (in the instance that a User has disputed it), or 2) where the processing of their personal data is illegal or the User requests the restriction of processing instead of deletion, or 3) when Sergio Rossi no longer requires the User’s personal data, but said data are needed for the User to ascertain, exercise or defend a right in court, or, lastly, 4) for the time needed to assess the possible prevalence of the legitimate reasons of Sergio Rossi with over those of the User, if the User has opposed the processing of his/her personal data pursuant to point C below;
  • - their personal data in a structured, commonly used and machine-readable format, also in order to transfer it to another data controller, if the processing is based on consent or on a contract and is carried out with automated methods (the right to data portability). If in their interests, Users may ask Sergio Rossi and/or Diana E-commerce to send their personal data directly to another data controller, if this is technically feasible.
  1. Users are also entitled to oppose the processing of their personal data if it is processed pursuant to article 6.1, letter e) (i.e. to carry out a public service the Data Controller is authorised to perform) or letter f) (i.e.to pursue a legitimate interest of the Data Controller) of the GDPR, unless compelling legitimate reasons of the Data Controller exist to proceed with the processing, pursuant to article 21 of the GDPR.
  2. Users are also entitled to withdraw their consent at any time without prejudice to the lawfulness of the processing of their personal data based on consent and carried out before said withdrawal. 
  3. If they are not satisfied with the way their personal data is processed by Sergio Rossi, Users can lodge a complaint with the Italian Data Protection Authority, following the procedures and instructions published on the Authority’s official website (www.garanteprivacy.it).
  4. Any rectification or deletion of personal data or processing restrictions implemented at the request of the User – except where impossible or requiring disproportionate effort – will be communicated by Sergio Rossi to each of the recipients to whom Users’ personal data may have been disclosed in accordance with this information.

Exercising the above rights is without any form of restriction and free of charge. Sergio Rossi may ask that Users verify their identity before carrying out further actions subsequent to their request.



11. Contacts for exercising the rights of the data subject and other information


To exercise the rights and/or to obtain any kind of information regarding this privacy policy, Users can send:
  • - a written communication to Sergio Rossi S.p.A. (Tax no. 05820951001 and VAT no. 03132190400), based in Via Stradone, no. 600/602, San Mauro Pascoli (Forli-Cesena), Italy, or a send an email to: privacy@sergiorossi.com or 
  • - a written communication to Diana E-commerce Corporation Srl, Via San Daniele 137/139 Torreglia (PD), 35038, or email to: privacy@dianacorp.com, limited to the purposes set out in paragraph 3.2. “Establishment, execution and management of the commercial relationship”.


12. Cookies



The Data Controller uses cookies to facilitate secure and efficient site navigation. For more information on cookies and their usage on the Website, please see the Cookies page, which is an integral part of this privacy policy.


13. Social Sharing Buttons


The Website may also contain social sharing buttons. Specifically, these are “buttons” that carry social network icons, such as Facebook, Twitter, Instagram, Pinterest and Google+. These allow Users to reach and interact with social networks just by clicking on the icon. For example, the User can share content or recommend products from the Website on the social networks by using these tools.

After clicking on the social sharing buttons, the social network may collect data concerning the User’s visit to the Website. As mentioned above, this privacy policy does not include the processing of the User’s personal data by the social network. Therefore, the User must refer exclusively to the privacy policy provided by the social network.

With the exception of cases where the User freely shares their browsing data with the selected social networks by clicking on the social buttons/widgets, the Data Controller does not share or disseminate any of the User’s personal data with the social network.


14. Security Measures



Pursuant to Article 32 of the GDPR, Sergio Rossi and its appointed data processors, including Diana E-commerce Corporation S.r.l., adopt suitable security measures to minimise the risk of the destruction or loss – even accidental – of personal data and of unauthorised access or unauthorised processing or processing that does not comply with the collection purposes indicated in our Privacy Policy.

However, Sergio Rossi cannot guarantee its Users that the measures adopted for the security of the Website and the transmission of personal data and information on the Website limit or exclude all risks of unauthorised access or leaks of personal data from the User’s devices.

It is always advisable that the User’s computer has suitable software to protect against the transmission of their personal data on the internet, both incoming and outgoing, and that their internet service provider has adopted suitable security measures for sending personal data across the internet.


15. Links to Other Websites


This Website contains links to other websites that may have no connection to Sergio Rossi.

The Data Controller does not control or monitor such third-party websites or their content. The Data Controller shall not be held liable for the content of such sites and for the rules adopted by them in respect to the User’s privacy and the processing of their personal data when visiting those websites.

This Privacy Policy does not apply to third-party websites. The Website provides links to these sites merely to help the User in their searches and when browsing and to facilitate hyperlinks to other sites on the internet. The provision of links to other websites is in no way a recommendation or indication to access or browse these websites, nor does it provide any guarantees to the content, services or goods supplied and sold to internet users.



16. Governing law



This Privacy Policy is governed by Italian law and, in particular, data privacy legislation, including the GDPR, the Privacy Act and the provisions, authorisation and guidelines adopted by the Italian Data Protection Authority, which regulate personal data processing, where applicable.


17. Amendments and Updates to the Privacy Policy



The Data Controller may amend or simply update, in whole or in part, the Website Privacy Policy, also in consideration of amendments to laws or regulations that govern the matter. Users will be notified of any amendments and updates to the Privacy Policy on the homepage as soon as they are made and they will become binding as soon as they are published and can be viewed on the Website. We therefore recommend that you access this section regularly to check for the most recent and up-to-date version of the Privacy Policy.



18. Specific Information Related to the Processing of Personal Data Contained in User Generated Content



It is possible that User Generated Content (hereinafter also simply “UGC” or “Authorised Contributions”, contain the personal data of the User or third parties (such as, images or identifying features of natural persons). To this end, without prejudice to the provisions in this Privacy Policy, we would like to specify the following.

The processing of any personal data contained in the Authorised Contributions is carried out solely with the User's specific consent and will be based on the principles of fairness, lawfulness and transparency. Pursuant to Article 13 of the Privacy Act and Article 13 of the GDPR, we would thus like to provide the following additional information: personal data will be processed according to the limits and methods provided by the Privacy Act and the GDPR: i) for the promotional, commercial and advertising purposes of Sergio Rossi S.p.a. and its products, ii) via publication on the Website, as well as via Sergio Rossi S.p.a. accounts on social channels, such as Facebook and/or Instagram, as well as via the posting of contributions on promo-advertising material concerning Sergio Rossi and its products; iii) for the time strictly necessary to pursue the aforementioned purposes and, in any case, no longer than two (2) years; iv) in paper and/or digital format.

The provision of personal data is optional, however if the User does not give consent to Authorised Contributions containing personal data they will not be published by Sergio Rossi. In the event that the User has expressed consent, this can always be withdrawn.