Product currently reserved by other clients. Please contact your CS regarding availability.

Article produced to customer order, ensuring maximum care and quality throughout the production process. To check availability, please contact your customer service or sales representative.

Article produced to customer order, guaranteeing maximum care and quality during the production phase.

For article made on request, please note that the delivery time stated is subject to the availability of the base fabric.

For information regarding product availability and for requests related to orders and reserves, please contact the Customer Service at customerservice@mariaflora.com or your Mariaflora sales representative.

For information regarding product availability and for requests related to orders and reserves, please contact the Customer Service at customerservice@mariaflora.com

Privacy Policy for the Processing of Personal Data - pursuant to Art. 13 and 14 of the Regulation (EU) 2016/679 (General Data Protection Regulation)

In compliance with the provisions of Art. 13 and 14 of the Regulation (EU) 2016/679 (hereinafter also simply referred to as the General Data Protection Regulation or “GDPR”), we are providing you, as Data Subject, with the necessary information regarding the purposes and methods for the processing of your personal data carried out by the Joint Data Controllers, as well as the scope of communication and dissemination of the same.

1. Purposes of the data processing

The data processing is aimed at contacting Data Subjects interested in the Joint Data Controllers’ products, and at direct marketing activities, including sending newsletters, communications, and/or informational and promotional materials, including via email, regular mail, SMS/MMS, or similar means, relating to the promotional activities/initiatives undertaken by Mariaflora (Filippo Uescher S.r.l.) and Dedar S.p.A., as Joint Data Controllers.

2. Data processing methods

Pursuant to Art. 5 of the GDPR, the personal data being processed shall be processed lawfully and fairly, and shall not fall outside the purposes set out in point 1.

The personal data processed for the purposes referred to in point 1 shall be retained for a period of 2 (two) years from their collection, a period strictly necessary to achieve the purposes referred to in point 1, in compliance with the principles of minimisation and storage limitation pursuant to Art. 5 no. 1 letter e) of the GDPR and, in any case, until the Data Subject unsubscribes via the opt-out option found at the bottom of each communication, except for any different and longer retention period required by current legislation, particularly tax legislation, in order to allow the identification of the Data Subject through a specific folder containing his or her data.

In the event that the Data Subject withdraws his/her consent, their data shall be deleted within 3 (three) months of such request, without prejudice to specific legal obligations regarding the retention of accounting and administrative documentation.

The processing is carried out by means of the operations or sets of operations as set out in Art. 4 no. 2 of the GDPR and may be carried out with or without the aid of electronic or automated tools and according to logics that fully respond to the purposes pursued.

The data processing shall be carried out by both Joint Data Controllers, by Data Processors and/or by persons appointed by the Joint Data Controllers and/or the Data Processors.

3. Legal basis of the data processing, nature of data provision and consequences of refusal

The provision of personal data for the purposes referred to in point 1 of this Privacy Policy is carried out pursuant to Art. 6 no. 1 letter a) of the GDPR (explicit consent of the Data Subject), is optional and strictly necessary to allow the Joint Data Controllers to carry out direct marketing activities by sending newsletters, communications and/or informational and promotional materials, including via email, regular mail, SMS/MMS or similar systems relating to the promotional activities/initiatives undertake by Mariaflora (Filippo Uescher S.r.l.) and Dedar S.p.A.

However, it should be noted that any refusal by the Data Subject to provide his/her personal data shall make it impossible to carry out the activities referred to in point no.1.

4. Scope of communication of data

Your data, subject to processing, may be communicated to entities acting as external Data Processors pursuant to Art. 28 of the GDPR, including, by way of example and not limited to: external collaborators, consultants and, in general, all those subjects to whom communication is necessary for the correct fulfilment of the purposes indicated in point no. 1. The complete list of Data Processors is available upon request from each of the Joint Data Controllers.

Data Controllers and Data Processors shall process data only if necessary to carry out their assigned tasks.

All this without prejudice to the guarantee of protection of the rights of the Data Subject.

5. Scope of data dissemination

Personal data shall not be disclosed.

6. Transfer of personal data abroad

Personal data may be transferred to European Union countries for the purposes referred to in point no. 1. Moreover, in the event of the use of cloud platforms for the storage and/or transfer of data, the same, in compliance with the provisions of Art. 44 et seq. of the GDPR, the data may also be transferred to third countries outside the European Union, in particular for possible server support. In this case, only services that comply with the requirements set forth by current legislation shall be used.

7. Rights of the Data Subject

Pursuant to Art. 15, 16 and 17 of the GDPR, you can assert your rights by contacting each of the Joint Data Controllers.

In particular, as provided for by Art. 15 of the GDPR you may obtain the following from the Joint Data Controllers:

· confirmation of the existence or otherwise of your personal data and provision of the same data in an intelligible form;

· know the origin of the data;

· know the purposes and data processing methods;

· know the logic applied to the data processing;

· know the identifying details of the Data Controller and of the subjects to whom the data may be communicated;

· the updating, correction and integration of the data;

· the deletion, the transformation into anonymous form or the blocking of personal data processed unlawfully.

The Data Subject may, for legitimate reasons, object to the processing of data concerning him/her, even if pertinent to the purpose of the collection and, moreover, has the right to data portability pursuant to Art. 20 of the GDPR.

To exercise the aforementioned rights, you can contact any of the Joint Data Controller by sending a request, including an email, to the addresses indicated below.

8. Data Controller

a) The Joint Data Controller is Mariaflora (Filippo Uecher S.r.l.), (Tax Code 02588410023), in the person of its legal representative pro tempore, with registered office in Milan (20121 – MI), Italy, in Piazza della Repubblica, 1/A and operational headquarters in Ponderano (13875 – BI), Italy, in Via Gramsci, 48, email: info@mariaflora.com.

b) The Joint Data Controller is Dedar S.p.A., (Tax Code 03187590157), Sole shareholder of Mariaflora (Filippo Uecher S.r.l.), in the person of its legal representative pro tempore, with registered office in Milan (20121 – MI), Italy, in Piazza della Repubblica, 1/A and operational headquarters in Appiano Gentile (22070 – CO, Italy), Italy, in Via della Resistenza, 3, email: info@dedar.com.

Dedar S.p.A. has appointed a Data Protection Officer (DPO), who can be contacted at the following email address: dpo@dedar.com.

9. Rights of the Data Subject

Pursuant to Art. 26 of the GDPR, the Joint Data Controllers have defined in a specific Agreement their mutual rights and obligations resulting from strict compliance with the provisions and principles set out in the GDPR, with particular regard to exercising the rights of Data Subjects, as well as their respective roles in communicating information to Data Subjects.

In compliance with paragraph 3 of the same Article, the following lines summarise the content of the Agreement.

The Agreement became effective between the Parties immediately upon its signing and shall remain valid and effective until the original or extended expiration of the contractual relationship between the Joint Data Controllers, or until its termination of validity and effectiveness for any reason whatsoever.

Within the scope of the aforementioned Agreement, the Joint Data Controllers have undertaken, including separately, to:

a) process personal data lawfully, fairly, and transparently, in accordance with constitutional principles and applicable legislation, in particular the GDPR, and only for the time strictly necessary for the intended purposes, including compliance with applicable legal obligations;

b) collect personal data limited to that essential to carry out the activities constituting the joint project (relevant and limited personal data), ensuring its relevance, accuracy, truthfulness and updating;

c) ensure the timely recovery of the availability of personal data in the event of a physical or technical incident;

d) ensure that the methods of processing the personal data and their storage are clear, transparent and relevant in order to guarantee adequate security;

e) ensure compliance with the current legislative and regulatory provisions applicable to the protection of personal data, updating the management of the personal data protection as needed;

f) ensure that its employees and collaborators are reliable and have full knowledge of the applicable primary and secondary legislation regarding the protection of personal data;

g) following the cessation of the data processing, as well as following the termination of the contractual relationship, whatever the cause, the Joint Data Controllers shall continue, each on their own behalf and under their own exclusive responsibility, to process the data of the Data Subjects, for the purposes mentioned above, becoming independent Data Controllers.

Furthermore, the Joint Data Controllers undertake to take particular care to facilitate the exercise of the Data Subjects’ rights. In this regard, the Data Subject may exercise his or her rights towards and against each Joint Data Controller. Following any eventual requests, the Joint Data Controllers shall coordinate with each other to manage relations with the Data Subject.