THE ROLLING STONES CAPSULE  NEW GIFT CARDS
Do you need help? Size Guide Newsletter Stores in the world Account My Wishlist Shopping Bag
THE ROLLING STONES CAPSULE  NEW DRESSES SUITS TOP T-SHIRT SHIRTS SWEATSHIRTS SWEATERS SKIRTS TROUSERS DENIM JACKETS OUTERWEAR SHOES ACCESSORIES HATS BAGS
See all
DRESSES JUMPSUITS SHIRTS TOP T-SHIRT SWEATHERS SWEETS SKIRTS PANTS JACKETS COATS ECOFURS SHOES ACCESSORIES HATS BAGS
See all
Terms & Conditions Payments Returns Top client Contacts Online dispute resolution (ODR) Privacy Policy Cookies Whistleblowing Virtual Showroom B2B
Italia Albania Andorra Australia Austria Bahrain Belgium Bulgaria Canada Chile China Croatia Cyprus Czechia Denmark Estonia Finland France Germany Greece Hong Kong SAR China Hungary Iceland India Ireland Japan Kuwait Latvia Lithuania Luxembourg Macao SAR China Malaysia Malta Mexico Monaco Netherlands New Zealand Norway Poland Portugal Qatar Romania Saudi Arabia Singapore Slovakia Slovenia South Africa South Korea Spain Sweden Switzerland Taiwan Thailand United Kingdom United Arab Emirates United States

Privacy Policy

PREAMBLE

This policy describes the management methods of the website www.aniyeby.com (hereinafter referred to as the “Site”) adopted by DEPECHE Srl Unipersonale, a company under the direction and coordination of Portovenere Srl Unipersonale, regarding the processing of personal data of users who visit and use the services offered. This constitutes an information notice provided pursuant to Article 13 of EU Regulation 2016/679 (hereinafter referred to as the “GDPR”).
This notice applies solely to this Site and not to data processing carried out by third-party websites that users may access through links published on the Site.

1. DATA CONTROLLER

To provide its web services, the Data Controller may process data relating to identified or identifiable natural or legal persons.
The Data Controller is DEPECHE Srl Unipersonale, a company under the direction and coordination of Portovenere Srl Unipersonale, with its registered office at Via dell’Agricoltura 47/49, Carpi (MO), Italy.


2. DATA PROCESSING LOCATION AND TERRITORIAL SCOPE

This site is physically hosted in Italy by technology providers designated as Data Processors pursuant to Article 28 of the GDPR for hosting, security management, and server backup services.
The data processing activities related to users interacting with the Site occur within facilities located in Italy, and thus within the European Union.
Therefore, the processing is subject to the provisions of EU Regulation 2016/679, irrespective of the nationality or residence of the users.

3. PERSONAL DATA PROCESSED

The Data Controller may process the following personal data of users navigating and interacting with the Site:
Personal identification and contact information: Such as name, surname, postal address, phone number, email, for users utilizing services provided on the website (e-commerce purchases, information requests, newsletters).
Authentication data: Such as email and password for account creation.
Shipping/Billing data: For users who made a purchase and/or requested after-sales support.
Payment data.
Browsing data: Such as IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of requested resources, request times, methods used to submit requests to the server, file sizes obtained in response, server response status codes (success, error, etc.), and other parameters related to the user’s operating system and computing environment.
Event data: Information derived from the use of web or social services by the user for sending advertisements (data processed by Google, Meta, and TikTok for retargeting activities in joint controllership with DEPECHE).
Geolocation data: To indicate the nearest store if authorized by the user.
Cookies and/or other tracking tools: All cookie-related information is detailed in our Cookie Policy.

4. PURPOSES AND LEGAL BASIS FOR PROCESSING

The processing we intend to carry out, subject to your specific consent where necessary, serves the following purposes:

a) Online sales, registration, and post-sales support
To purchase clothing and accessories marked with the ANIYE BY brand on the site, users must register their own account by providing the necessary data to execute the sales contract.
When registering a new account, DEPECHE collects mandatory data such as name, surname, email address, and password.
This account enables users to place orders and view or track their purchases. At checkout, additional details are requested, such as address, phone number, and payment method, to finalize the order and ship the purchased product.
These details are used for:
• Generating your account to allow order placement under our Terms and Conditions.
• Identifying you when accessing your account.
• Providing assistance regarding purchases.
• Processing your order and issuing the relevant payment receipt.
• Communicating your order to the courier.
Legal Basis: Article 6(1)(b) of the GDPR (processing necessary for the performance of a contract or pre-contractual measures) and legal obligations (Article 6(1)(c)).

b) Retargeting on the internet and social media
Retargeting involves displaying advertisements on the internet and/or social media to users who have previously visited or taken actions on the Site. This is achieved using tracking tools, such as cookies, installed by providers like Google, Meta, and TikTok while users visit the site.
Depeche, as per EDPB’s guidelines No. 8/2020 on social media targeting, conducts these activities in joint controllership with the mentioned providers (Article 26 of the GDPR), collecting data on the Site, transmitting it to these providers, and defining targeting criteria to deliver specific advertising content.
The legal basis for this processing is provided by the user's consent, obtained through cookie management mechanisms.

Depeche also receives anonymized statistics from the provider containing insights into its users' browsing habits, and it is in no way able to identify the individuals involved.

Depeche has entered into a joint controllership agreement with Meta Platforms Ireland Ltd, the owner of Facebook and Instagram, which establishes the obligations of each party for the processing of users' personal data in retargeting activities.

The agreement is available at:
https://www.facebook.com/legal/controller_addendum

Additional information on how these providers process user data is available at:

How Meta processes your data:
https://www.facebook.com/privacy/policy/?section_id=6-HowCanYouManage

How Google processes your data:
https://policies.google.com/privacy?hl=it-IT

How TikTok processes your data:
https://www.tiktok.com/legal/report/privacy

c) Sending newsletters
Your email will be requested to enable you to receive newsletters from Depeche with the sending of commercial and advertising communications.

The processing of users' data for the sending of newsletters is based on the request for consent. Providing the data is optional, and the only consequence of failing to provide your email is that Depeche will not be able to send you the newsletter.

You can unsubscribe from the newsletter at any time either in your account area or through the specific link at the bottom of every email sent. Depeche is committed to deleting your data and providing you with confirmation.

d) Soft spam
Soft spam refers to marketing emails sent to customers about promotional initiatives or similar products/services to those previously purchased on the site, offering discount coupons.
Legal Basis: Article 130(4) of the Privacy Code (Legislative Decree 196/2003 as amended by Legislative Decree 101/2018).


e) Responding to information requests
Users may provide their name, surname, email, and optionally their phone number and order number via the "Contact Us" page to request information.
Legal Basis: Article 6(1)(b) of the GDPR (pre-contractual measures).

f) Security monitoring and prevention
Depeche monitors the site for potential attacks and ensures adequate cybersecurity.
Legal Basis: Legitimate interest of the Data Controller (Article 6(1)(f)).
g) Handling complaints and legal defense
Data may be processed to respond to complaints and exercise legal rights.
Legal Basis: Legitimate interest (Article 6(1)(f)).


5. RECIPIENTS OF PERSONAL DATA PROCESSING

User data will be processed by DEPECHE's internal staff in the commercial and administrative departments, who are authorized to handle such data.

Additionally, data may be shared with:
Couriers: For processing and delivering your orders.
Service providers: For promotional and support services, such as website hosting, social media providers, e-commerce software maintenance, marketing services, email marketing, and payment services or banks facilitating your purchases. These entities may act as either data processors or independent data controllers.
Logistics companies: For acceptance, storage, packaging, and shipping services.
Accountants, legal advisors, and financial consultants: For administrative management.
Public authorities: As required to comply with laws or regulations.


6. DATA RETENTION

As per Article 5 of EU Regulation 2016/679, personal data will be retained in a manner that permits the identification of data subjects for no longer than necessary to fulfill the purposes for which it was processed.
• Contractual and billing data: Retained for 10 years from the date of payment receipt issuance, in compliance with accounting regulations and for evidentiary purposes.
• Newsletter data: Retained until users object to the processing or withdraw consent.
• Retargeting data: Retained until consent is withdrawn, which can be managed via the "Cookies" page by clicking “Modify Consent.”
• Soft spam data: Retained until users object by sending an email to [email protected].
• Contact page data: Retained for as long as necessary to respond to user requests or fulfill legal obligations. If no contractual relationship is established, the data will be deleted.


7. TRANSFER OF DATA OUTSIDE THE EU

Some processing activities may involve transferring data outside the European Union.
In such cases, the Data Controller ensures that the transfer complies with applicable legal requirements.

Specifically:
• Data may be transferred to non-European countries only if the third country’s data protection level is deemed adequate by the European Commission under Article 45 of the GDPR.
• Transfers may also occur based on adequate safeguards under Article 46(2), such as binding corporate rules, standard contractual clauses, codes of conduct, or certification mechanisms.

In the absence of an adequacy decision, transfers may occur under the derogations provided in Article 49 of the GDPR (e.g., consent or contractual necessity).

For retargeting activities, providers like Meta, Google, and TikTok declare that user data is also processed outside the EU. For these transfers, please refer to the respective privacy policies of the providers mentioned earlier.


8. RIGHTS OF DATA SUBJECTS

Users (data subjects) have the following rights regarding their data:

By accessing their personal account, they can:
• Access their personal data.
• Rectify, modify, or update their personal data.
• Withdraw consent to receiving newsletters.
• Withdraw consent to marketing/analytics cookie installation via the "Cookies" page by clicking “Modify Consent.”

By sending an email to [email protected], users can:
• Object to receiving commercial communications (soft spam).
• Request deletion of their data if the conditions of Article 17(1) of the GDPR are met.
• Request restriction of data processing under Article 18 of the GDPR.
• Request data portability in a structured, commonly used, and machine-readable format under Article 20 of the GDPR.
• Be notified of data breaches in case of severe violations under Article 34 of the GDPR.
Finally, users have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali) if they believe their data is being processed in violation of the GDPR.


9. POLICY UPDATES

The information provided in this policy may be subject to changes due to:
• Amendments to personal data protection laws relevant to the subject matter.
• Technological updates or organizational changes adopted by the Data Controller that affect the processing methods described.
Users are kindly invited to review this policy periodically to stay informed about the latest data processing practices.

Last modified on December 11, 2024.

Country selector Aniye By