Privacy policy - Seventh Street by Safilo

Privacy policy

PRIVACY POLICY – WEBSITE SEVENTH STREET.COM

Art. 13 of Regulation 2016/679/EU (“GDPR”)

This privacy policy explains the methods and purposes of the processing activities carried out by Safilo S.p.A., as the Data Controller (hereinafter the “Company” or “Controller”), regarding the personal data of data subjects in the context of browsing the website https://www.seventhstreet.it/ (hereinafter the “Website”).
In particular, on this page, the Controller intends to provide some information about the processing of personal data relating to individuals (hereinafter “Users” or “Data Subjects”) who visit, browse, or interact with the Website.
This policy is provided exclusively for the Controller’s Website and all related sub-sites/sections and not for other websites that may be accessed by the User through links made available (for which reference is made to their respective privacy policies regarding personal data processing).
The reproduction or use of the pages, materials, and information contained on the Website, by any means and on any medium, is not permitted without the prior written consent of the Company.
Copying and/or printing content from the Website is allowed only for personal and non-commercial use (for requests and clarifications, please contact the Controller at the contact details provided below). No other uses of the content, services, and information on the Website are permitted.

1. Data Controller and Data Protection Officer

The Data Controller is Safilo S.p.A., with registered office at Settima Strada 15, 35129 Padua, Italy.
The appointed Data Protection Officer (“DPO”) can be contacted at the email address dpo@safilo.com.

2. Purpose of the Processing and Legal Basis

Personal data are processed for the following purposes:

  1. To ensure the proper management of the Website by the Controller.
    Legal basis: legitimate interest of the Controller (Art. 6(1)(f) of the GDPR) in the correct functioning of the Website and to allow Users to navigate it.
    Provision of personal data is optional; however, in case of refusal, it may not be possible for the Data Subject to properly browse the Website;
  2. To manage and respond to contact or information requests submitted by the User through the dedicated forms available in the sections of the Website called “Contacts” and “Retailers.”
    Legal basis: performance of pre-contractual measures (Art. 6(1)(b) of the GDPR) adopted at the request of the Data Subject.
    Provision of personal data is optional; however, without it, the Controller will not be able to process the Data Subject’s request;
  3. To send the newsletter to the User who has requested it by completing the appropriate registration form.
    Legal basis: explicit consent given by the Data Subject (Art. 6(1)(a) of the GDPR). Provision of personal data is optional, and consent may be withdrawn at any time without affecting the lawfulness of the processing carried out prior to the withdrawal;
  4. To allow the Controller to exercise, ascertain, and defend its rights and interests, including before the competent judicial Authority.
    Legal basis: legitimate interest of the Controller (Art. 6(1)(f) of the GDPR) to protect its rights in any competent forum;
  5. To comply with legal, regulatory, and EU legislative obligations to which the Controller is subject.
    Legal basis: compliance with a legal obligation to which the Data Controller is subject (Art. 6(1)(c) of the GDPR).
    The processing of data is necessary, and in the absence of provision, the Company will not be able to fulfill its legal obligations.

3. Methods of Data Processing

The processing is carried out with the aid of electronic or automated tools by the Controller and/or third parties that the Controller may use to store, manage, and transmit the data. The processing will be carried out through the organization and logical processing of the User’s personal data, including in relation to logs generated by access to and use of the services made available via the web, products, and services used in connection with the purposes outlined above and, in any case, in a manner that guarantees the security and confidentiality of the data.

4. Retention of Personal Data

Personal data will be retained for the time strictly necessary to achieve the purposes for which they were collected and processed. Without prejudice to the need to retain data for the fulfillment of legal obligations incumbent on the Controller or to exercise or defend a right, User data will not be retained for a period longer than:

  • for navigation data, [24 months] from the time of acquisition, regarding the purposes related to ensuring the proper management of the Website by the Controller (purpose no. 1);
  • 24 months following the response provided to the User, regarding the management of contact and information requests submitted through the forms on the Website (purpose no. 2);
  • 24 months from the consent given by the Data Subject, regarding the sending of newsletters to Users (purpose no. 3), subject to the possibility that consent may be renewed or revoked by the Data Subject;
  • the ordinary legal and statute of limitations periods, in relation to purposes nos. 4 and 5.

5. Cookies

A cookie is a small text string that is sent to the User’s browser and may be saved on the computer (alternatively on a smartphone/tablet or any other device used to access the Internet); this sending generally occurs each time a website is visited.
Cookies stored on the User’s device cannot be used to retrieve data from the hard drive, transmit viruses, or identify and use the User’s email address. Each cookie is unique in relation to the browser and the device used to access the Controller’s Website. In general, the purpose of cookies, including so-called “pixels and/or web beacons,” is to improve the functionality of the Website and the User experience. These cookies help understand how Users use the Website in order to evaluate and improve its functioning and create content more aligned with their preferences. For example, analytical cookies provide information about which pages are most and least visited, how many visitors the site has, the average time spent on the site by Users, and how visitors arrive at the Website. This allows determination of which content works best and is most appreciated, as well as how to improve content and page functionality. To understand how Users use the Website, the Company uses third-party services to collect, aggregate, and analyze data to better understand Website usage. These cookies have a limited duration. The information collected is used by the Controller in aggregated and/or pseudonymous form, for example to monitor and analyze Website usage, improve functionality, and select content and graphics more accurately to meet visitors’ needs.
In any case, if for any reason you prefer that these specific cookies are not activated, Google offers a free opt-out add-on that can be installed on major browsers (see https://tools.google.com/dlpage/gaoptout). For more information about what cookies are and how they work, the User can consult the website “All about cookies” at the following link: http://www.allaboutcookies.org.
If the User wishes to block or delete the cookies used by the Website, they can do so by modifying their browser settings. Should the User choose to disable all cookies, even those that are necessary, functional, or performance-related, this may cause difficulties in navigating the Website.
For detailed information on the cookies used by the site, please refer to the Cookie Policy available at the following link: https://www.seventhstreet.it/

6. Interaction with Social Networks and External Platforms

The Website, through widgets and buttons, may interact with external platforms and social networks. In this case, the information acquired depends on the settings of the profiles used by the User on each social network and not on the Website administrator, especially if the User has an active login profile on these platforms.
Connections with Instagram®, or other social networks, allow the User to interact with the Seventh Street pages present on social networks and to share ideas, opinions, or topics from the Website on the respective social platforms and may collect data of the Data Subject. It should be noted that by using the dedicated Seventh Street pages on social networks, the User may post content publicly available on the Internet. Before interacting with these areas, please carefully read the general terms of use of the social media, keeping in mind that, in certain circumstances, published information may be viewed by anyone, and all information included in posts may be read, collected, and used by third parties. More information can be obtained from the websites of the companies providing the service.
It should be noted that in this case, during such navigation, the User’s personal data are not managed by the Company, whose role is limited to providing the connection through such buttons only to offer an additional service to the User, but has no control over them.

7. Recipients of Data

For the pursuit of the purposes described above, the User’s personal data may be shared with employees and collaborators of the Company, as persons authorized to process personal data pursuant to Article 29 of the GDPR.
Furthermore, the User’s personal data may be communicated to the following categories of subjects: (i) the Company’s partners; (ii) third-party providers of IT and telematic services (e.g., hosting services, website management and development, payment tools) used by Safilo to carry out technical and organizational tasks instrumental to the Website’s operation; (iii) credit institutions. The subjects belonging to the above categories will use the personal data as independent controllers or data processors, the latter specifically appointed pursuant to Article 28 of the GDPR.
Finally, the personal data processed may be communicated to subjects whose right of access to the data is recognized by law, secondary legislation, or provisions issued by competent Authorities.

8. Data Transfer Outside the EU

For the pursuit of the purposes described above, data may be transferred outside the European Economic Area (“EEA”). In such cases, the Controller ensures that the data transfer is based on adequate safeguards, including the European Commission’s adequacy decisions pursuant to Article 45 of the GDPR or, failing that, standard contractual clauses or other appropriate guarantees provided under Article 46 of the GDPR, as well as in the presence of specific derogations pursuant to Article 49 of the GDPR.
The User may obtain a copy of the guarantees offered for the transfer of personal data outside the EEA at the following address: dataprotection@safilo.com.

9. Data of Minors

The Website is not directed to minors under 18 years of age, and the Company does not intentionally collect personal data from them. In the event of accidental registration of information about minors, as soon as the Company becomes aware of it, it will promptly delete it.

10. Rights of Data Subjects

Users are granted the rights provided under Articles 15 to 22 of the GDPR. In particular, the User has the right to:

  • request confirmation as to whether data processing is underway and, if so, request access from the Controller to the information relating to such processing (so-called right of access);
  • request the correction of inaccurate or incomplete data (so-called right to rectification);
  • request the deletion of data from the Controller (so-called right to erasure);
  • request restriction of processing (so-called right to restriction of processing);
  • request to receive data in a commonly used and machine-readable format and to transmit them to another controller, or obtain the direct transmission from one controller to another if technically feasible (so-called right to data portability);
  • object at any time to the processing of personal data concerning them pursuant to Article 6(1)(f), including profiling (so-called right to object);
  • not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them;
  • revoke consent at any time when data processing is based on consent. Such revocation does not affect the lawfulness of processing carried out prior to the revocation.

The User can exercise these rights by sending a request to the Controller at the following email address: dataprotection@safilo.com.
Finally, if the User believes that the processing of their Data violates data protection laws, they have the right to lodge a complaint with the Data Protection Authority.

11. Update of the Privacy Policy

This Privacy Policy was updated in July 2025.