Login

Privacy Policy

Privacy information for Users

Tikato S.r.l., with registered office in Vicenza, Piazzale del Mutilato no. 3/4 – 36100, VAT number 03836750244 and registration number with the Vicenza Companies Register: 358223 (hereinafter, the “Data Controller”), owner of the website https://www.discoup.com/us/ (hereinafter, the “Website”), in its capacity as data controller of the personal data of the users of the Website (hereinafter, the “Users”), provides below this privacy notice (hereinafter, the “Privacy Notice”) pursuant to Article 13 of EU Regulation No. 2016/679 of 27 April 2016 (hereinafter, the “Regulation” and/or the “Applicable Law”).

This Website and any services offered through the Website are reserved for individuals who are at least eighteen years old. The Data Controller therefore does not collect personal data relating to individuals under 18 years of age. At the request of Users, the Data Controller will promptly delete any personal data unintentionally collected relating to individuals under 18 years of age.

The Data Controller attaches the utmost importance to the right to privacy and the protection of the personal data of its Users. For any information in relation to this Privacy Notice, Users may contact the Data Controller at any time using the following methods:

  • By sending a registered letter with return receipt to the registered office of the Data Controller: Piazzale del Mutilato no. 3/4 – 36100 Vicenza;
  • By sending an email to: info@discoup.com.

 

  1. Purposes of processing
    The Users’ personal data will be lawfully processed by the Data Controller pursuant to Article 6 of the Regulation for the following purposes:
  1. contractual obligations and provision of the service, in order to allow browsing of the Website and to perform the Website General Terms and Conditions (https://www.discoup.com/us/page-terms-and-conditions.html), as well as the prize contest rules (https://www.discoup.com/us/page-discoup-rewards-conditions.html), which are accepted by the User at the time of registration, and to comply with specific requests made by the User. The User data collected by the Data Controller for these purposes include only the email address. Unless the User gives the Data Controller a specific and optional consent to the processing of their data for the purpose referred to in paragraph 3 below, the User’s personal data will be used by the Data Controller solely for the purpose of verifying the User’s identity (including by validating the email address), thus preventing possible fraud or abuse, and of contacting the User for service-related reasons only – for example, managing the User’s possible participation in prize contests or sending notifications relating to the services offered on the Website regarding the Data Controller’s products. Without prejudice to what is provided elsewhere in this Privacy Notice, in no case will the Data Controller make the Users’ personal data accessible to other Users and/or third parties.
  2. administrative and accounting purposes, i.e. for carrying out organisational, administrative, financial and accounting activities, such as internal organisational activities and activities that are functional to the fulfilment of contractual and pre-contractual obligations;
  3. legal obligations, i.e. for complying with obligations laid down by law, by an Authority, by a regulation or by applicable legislation (for example, the regulations governing prize contests – Presidential Decree no. 430/2001).

The provision of personal data for the processing purposes indicated above is optional but necessary, since failure to provide such data will make it impossible for the User to browse the Website, register on the Website and use the services offered by the Data Controller through the Website.

  1. Newsletter with offers and promotions on similar products or services (so‑called soft spam)
    For Users registered on the Website who have used the service offered by the Data Controller, the latter may send, without requesting their consent, commercial communications, exclusively (i) by email and (ii) relating to discount codes, offers or promotions available on the Website. Users may object at any time, easily and free of charge, to the further sending of such communications by using the automated unsubscribe links included in the Data Controller’s communications, as well as through the ordinary methods indicated in paragraph 6 below (in this case, this processing purpose will be pursued by the Data Controller without the need to obtain the User’s consent, in line with the exemption provided for by Article 130, paragraph 4, of Legislative Decree no. 196/2003, without prejudice to the aforementioned possibility for the User to easily object).
  2. Additional processing purpose: profiling
    With the User’s free and optional consent, the User’s personal data (namely the email address and information relating to the offers in which the User has expressed interest) may also be processed by the Data Controller for profiling purposes, i.e. to reconstruct the User’s preferences and purchasing habits, identifying their consumer profile so as to send the User commercial offers that are consistent with the identified profile.
    If consent is not given, the possibility for the User to register on the Website and use the services offered by the Data Controller through the Website will in no way be affected.
    If consent is given, the User may revoke it at any time by submitting a request to the Data Controller using the methods indicated in paragraph 6 below.
  3. Methods of processing and data retention period
    The Data Controller will process Users’ personal data using manual and electronic tools, with logics strictly related to the purposes themselves and, in any case, in such a way as to ensure the security and confidentiality of the data.
    The personal data of the Users of the Website will be kept for the time strictly necessary to fulfil the primary purposes described in paragraph 1 above, or in any case as required for the protection, in civil proceedings, of the interests of both the Users and the Data Controller.
    In the case referred to in paragraph 2 above, Users’ personal data will be stored for the time strictly necessary to pursue the purposes described therein and, in any case, until the User objects to such processing.
    In the case referred to in paragraph 3 above, Users’ personal data will be stored for a maximum period of 3 years and, in any case, until the User revokes their consent.
    If the User decides to block and/or delete their profile, all stored data relating to the User will be deleted. If the complete deletion of the User’s data is not permitted or required by law, such data will be blocked from further processing.
  4. Scope of communication and disclosure of data
    Employees and/or collaborators of the Data Controller in charge of managing the Website may become aware of the Users’ personal data. These persons, who are formally appointed by the Data Controller as “Authorised Persons”, will process the User’s data exclusively for the purposes indicated in this Privacy Notice and in compliance with the provisions of the Applicable Law.
    Third parties may also become aware of the Users’ personal data and may process such data on behalf of the Data Controller as “Processors”, such as, by way of example only, providers of IT and logistics services functional to the operation of the Website, providers of outsourcing or cloud computing services, professionals and consultants.
    Users have the right to obtain a list of any data processors appointed by the Data Controller by submitting a request to the Data Controller using the methods indicated in paragraph 6 below.
  5. Rights of data subjects
    Users may exercise the rights granted to them by the Applicable Law by contacting the Data Controller using the following methods:
  • By sending a registered letter with return receipt to the registered office of the Data Controller: Piazzale del Mutilato no. 3/4 – 36100 Vicenza;
  • By sending an email to: info@discoup.com;
  • By unsubscribing using the dedicated button included in our email communications.

Pursuant to the Applicable Law, the Data Controller informs Users that they have the right to obtain the following information:

  1. the origin of the personal data;
  2. the purposes and methods of processing;
  3. the logic applied in the event of processing carried out with the aid of electronic instruments;
  4. the identification details of the data controller and of any processors;
  5. the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as processors or authorised persons.

In addition, Users have the right to obtain:

  1. access to, the updating and rectification of the data or, where interested therein, the integration of the data;
  2. the erasure, transformation into anonymous form or restriction of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
  3. certification that the operations referred to in points (a) and (b) above have been notified, also as regards their content, to those to whom the data have been communicated or disclosed, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is being protected.

In addition, Users have:

  1. the right to withdraw consent at any time, where processing is based on their consent;
  2. the right to data portability (the right to receive all personal data concerning them in a structured, commonly used and machine‑readable format), the right to restriction of the processing of personal data and the right to erasure (“right to be forgotten”);
  3. the right to object:
  1. in whole or in part, on legitimate grounds, to the processing of personal data concerning them, even where relevant to the purpose of the collection;
  2. in whole or in part, to the processing of personal data concerning the User for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communications;
  3. where personal data are processed for direct marketing purposes, at any time, to the processing of their data for such purposes, including profiling to the extent that it is related to such direct marketing;
  1. where they consider that the processing concerning them infringes the Regulation, the right to lodge a complaint with a supervisory authority (in the Member State where they habitually reside, in the one where they work or in the one where the alleged infringement occurred). The Italian supervisory authority is the Italian Data Protection Authority (Garante per la protezione dei dati personali), with registered office in Piazza Venezia no. 11, 00187 – Rome (https://www.garanteprivacy.it/).

The Data Controller is not responsible for updating all the links that can be viewed in this Privacy Notice and therefore, whenever a link is not working and/or up to date, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by such link.