Privacy Policy for Contact Requests

The Data Controller of your personal data, which will be processed for the purposes described in the following section, is Tod’s S.p.A. (hereinafter referred to as “Tod’s”, “we”, “us” or “our”), having its registered office in Via Filippo Della Valle, 1, Sant’Elpidio a Mare, (FM) - Italy (EU).

Unless specified otherwise within the Privacy Policy herein, we collect and process the personal data you provide; we shall not obtain your personal data from any third party. “Personal data” pertains to any information concerning an identified or identifiable natural person (the ‘data subject’).
Your personal data and information (e.g. your name, surname, e-mail address, telephone number, and the like), shall be processed in order to provide you with feedback to your contact request and provide you with the support you need.
Any and all personal data and information we require when you fill in the online form and/or which will be requested by our operators are essential to the processing of your request; therefore, your failure to communicate such information may prevent us from going through with your request for support.
Finally, we reserve the right process your personal data in order to comply with any legal obligations we may be subject, or to pursue any legitimate interest, be it ours or belonging to third parties (i.e. optimising the customer care service, preventing frauds, exercising and defending a right of ours or improving the business processes), in compliance with the conditions and limits set by the legislation currently in force.

We shall process your personal data both by means of paper- and IT-based tools, and such processing shall be based on the principles of fairness, lawfulness, and transparency, in order to protect your rights and privacy.
We make use of industry-standard physical, organizational, contractual and technological security measures to protect your personal data from unauthorized access, public disclosure, use, modification, damage or loss.

We shall not disseminate your personal data.
To the extent permitted by law and where required with your consent, your Personal information may be disclosed, for the purposes described in the Privacy Policy herein:
to our service providers, including other companies of Tod’s Group, performing technical and organizational tasks on our behalf (i.e. IT support services , delivery and logistics services, customer support, processing, or hosting services, etcetera);
to a third party in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other shift in all or in any given part of our business, assets or stock (also in connection with bankruptcy or similar outcomes);
in connection with the essential purposes described above (that is to say in order to comply with legal obligations or to execute a lawful request of public authorities).

Your personal data shall be transferred from your country to our headquarter in Italy, based on adequacy regulations, pursuant the section 17A of the Data Protection Act 2018.

Data transfers toward countries outside the European Economic Area (EEA): We guarantee that we shall transfer your personal data towards a country outside the European Economic Area (EEA) not having an Adequacy Decision by the European Commission (EC), only after the adoption of at least one of the cross-border transfer mechanisms the Regulation recognizes as being able to ensure an adequate protection of the personal data being transferred:
specific “Standard Contractual Clauses” are to be drafted, issued by the European Commission, in order to ensure that the protection level of the personal data processed by our partners outside the EU shall comply with the EU's data protection level;
adoption of Company Binding Rules, approved by the competent Public Authorities, in compliance with the data transfer within a group of undertakings or enterprises is done through binding corporate rules, approved by the competent data protection authority in the UE, pursuant to the consistency mechanism referred to in art. 63 and to the conditions detailed under art. 47 of the Regulation.

We also undertake to carry out, in accordance with laws in force, any possible prior risk assessment concerning the data transfer; adopting, if necessary, any additional security measures, complementary to the safeguards guaranteed by the aforementioned transfer mechanisms.

We would like to stress the fact that the data transfer mechanisms, used to disclose your personal data outside the EU, are coherent with the cross-border data transfer tools stated by the UK laws framework.

Your personal data shall only be processed by parties being duly instructed and able to provide adequate technical and organizational safeguards, as well as bound to the strictest confidentiality by us.

We shall process your personal data at different times depending on the purpose.
We will process your personal data for the period strictly necessary to follow through with your support request and to perform any task and operation arising from your request.
We would also like to inform you that we are further required to store your personal data in order to comply with specific law provisions, in the manner and within the timeframe established by said regulations.
Should the processing of your personal data be based on any legitimate interest, be it ours or belonging to third parties, the processing of your personal data shall be strictly limited to the time required to achieve the legitimate interest, on a case-by-case basis.

You have the right, as detailed within the law in force, to access your personal data, to correct or update it, to delete or to obtain a copy or the transmission in a structured format to any third party thereof. You may also request to limit or object to such processing.
You may exercise these rights at any time, by writing to our Data Protection Officer (DPO) to the following addresses:
by e-mail: dataprivacyofficer@todsgroup.com.
by post: Data Protection Officer - Via Filippo Della Valle n. 1, 63811 Sant’Elpidio a Mare (FM) – Italy (EU).

We would like to point out that, should you exercise one or more of the privacy rights acknowledged by the relevant legislation we shall not discriminate against you, and such activities shall have no impact on the support services given, nor on any relationship of yours with Tod’s Group.

We will make sure to comply with your request to exercise your rights, always within the terms of the law.

We shall retain the right to ask you, in the ways we deem appropriate, for specific information to help us confirm your identity and be reasonably certain that only you can access your personal data and no unauthorized third party can seize, change or delete them. The processing of your request is free of charge. However, should your requests be manifestly unfounded, excessive, or repetitive in nature, we shall retain the right to refuse to comply with them or to request suitable economic contributions for them.
Remember that you can file a complaint with the Supervisory Authority if you believe that we have violated any rules concerning the protection of personal data.

We may periodically update the Privacy Policy herein. Please reference the “LAST UPDATED IN” legend at the top of this page to see when the Privacy Policy herein was last revised.