Welcome to our website Ferrari Store (“the Website”).
This Privacy Notice explains how Ferrari S.p.A and YOOX NET-A-PORTER GROUP S.p.A. (“we”, “us”, “our”) collect your personal information as you use the Website, how we use this personal information, with whom we share your personal information, and your choices in connection with this.
(1) CONTROLLER AND DATA PROTECTION OFFICER
- YOOX NET-A-PORTER GROUP S.p.A. ("YOOX NET-A-PORTER GROUP"), company with sole shareholder subject to direction and coordination of Compagnie Financière Richemont S.A., with registered office at via Morimondo, 17 – Milano 20143, Italy, as independent Data Controller. For any clarification, request, or requirement linked to your privacy and the processing of your personal data, you may contact us at any time by sending a request to our Customer Care by selecting ‘privacy’, or by writing to the address of the registered office of YOOX NET-A-PORTER GROUP S.p.A.. If you wish, you may also contact our Data Protection Officer (“DPO”), by writing to the aforementioned address, or by sending an email to DPO@ynap.com.
- Ferrari S.p.A. (“Ferrari”), with registered office at via Emilia Est, 1163 - Modena 41122, Italy, as independent Data Controller. For any clarification, request, or requirement linked to your privacy and the processing of your personal data, you may contact us by writing to Ferrari S.p.A., via Abetone Inferiore 4, 41053 Maranello (MO), Italy. If you so wish, you may also contact our Data Protection Officer (DPO) by writing to the aforementioned address, or via email to firstname.lastname@example.org.
(2) COLLECTION OF YOUR PERSONAL INFORMATION
We collect personal information, which is information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with you.
- Information You Provide To Us
If you choose to engage in the services offered on the Website, we will collect personal information from you. We collect personal information from you when you:
- Create a Ferrari account. You have the option to create a Ferrari account on the Website to shop faster, check your orders and returns, and save your favorite items. To do so, we will collect your personal identifiers (name, email address, date of birth, and telephone number) and protected classifications (gender). We use this personal information to create and maintain your account with us and to communicate with you about your account, purchases, and the Website. The legal basis for this is performance of our contract with you. Once your account is created, we will store your username and password.
- Contact us. When you send us a question or inquiry, or ask for other support, you will need to provide us with personal identifiers (name and email address), protected classifications (gender), and any other information you choose to provide in your correspondence. We use this personal information to respond to your questions or inquiries, troubleshoot where necessary, and address any issues you have with the Website or the services offered thereon. The legal basis for this is performance of our contract with you.
- Make a purchase. To facilitate your purchase and to manage the services offered by Ferrari Store, YOOX NET-A-PORTER GROUP will collect personal identifiers (name, email address, shipping address and telephone number) and customer records information (cardholder’s name, payment card number, expiration date, CVV or paypal account and billing address). YOOX NET-A-PORTER GROUP uses this personal information to manage the services offered by the website, to fulfill orders placed, and complete the activities related thereto, including the operations pertaining to administrative and fiscal requirements, to respond to requests via the contact form, as well as manage any product returns. The legal basis for this is performance of our contract with you.
- Subscribe to Ferrari Store newsletter. When you subscribe to Ferrari Store newsletter, we will collect personal identifiers (email address). We use this personal information to send you the newsletters as requested. Ferrari may also use this personal information to send you marketing communications Ferrari feels may be of interest to you. The legal basis for this is your consent. You may revoke your consent at any time by clicking the unsubscribe link provided within each email. This link will redirect you to the consent management page where you can opt-out of newsletters.
- Profiling activities. If you opt-in, Ferrari may use personal data described in this section to analyze your behaviors, habits and propensity to consume to enhance products and services provided by the Ferrari, to satisfy your expectations as well as to send you marketing communications Ferrari feels may be of interest to you. In doing so, Ferrari will analyze your preferences and interests using automated analysis techniques that provide Ferrari with inferences concerning you, including profiling. The legal basis for this is your consent. You may revoke your consent at any time by clicking the unsubscribe link provided within each email. This link will redirect you to our consent management page where you can opt-out.
- Web Push Notifications. Upon your express consent, Ferrari will collect certain categories of your personal data such as your name, date of birth, gender, language used to navigate the Website and the version of the Website you use (country), information about the device and browser you use, time and date on which you provided your consent to receive web push notifications, My Account date of creation and the date of your last visit on the Website. Ferrari will use such information in order to send you personalized notifications about products and other commercial news regarding the Ferrari Store to the data subject’s device. The personalization of the notifications will be based on: the way you navigate and use the Website and, particularly, the products you view, buy or add to your cart; data that you use to complete the registration form on the Website; data inserted during your purchase (specifically: your name so we can personalize any communication we send to you as well as your date of birth, so we can send you offers and discounts in celebration of your birthday). In order to send you these notifications, we use a technology similar to cookies (in particular, “HTML5 Local Storage”) which keeps information in the Local Storage of your browser/device.
We may also use the personal information we collect as described in this section to improve our products and services, to comply with the law, to efficiently maintain our business, and for other limited circumstances as described in HOW WE SHARE YOUR PERSONAL INFORMATION. This is part of our legitimate interest in the performance of our contractual obligations, protection of legal rights, and compliance with legal obligations. We may also deidentify or aggregate the personal information for benchmarking purposes.
Your personal information may be processed for each of the above purposes using paper, automated, or electronic methods and, in particular, by ordinary mail or email, telephone (e.g. automated calls, SMS, MMS), fax, or any other IT channel (e.g. websites, mobile app).
Providing your personal information is optional. However, if you opt not to provide data that has been marked as mandatory, it will be impossible for YOOX NET-A-PORTER GROUP to provide the services related to the purchase. Should you not provide the remaining optional data, the services will be provided in any case.
- Information Collected Automatically.
Cookies and Tracking Technologies
In addition to the personal information you provide directly, we may also collect information from you automatically as you use the Website. This information includes the following internet or other electronic network activity information and location information:
- Usage information. This includes information regarding your interaction with the Website, such as which pages you visit, the frequency of access, how much time you spend on each page, what you click on while on the Website, and referring the Website addresses.
- Device information. This includes certain information about your device that you use to access the Website, such as browser type, browser language, hardware model, operating system, and your preferences.
- Location information. This includes information about your location, which may be determined through your IP address.
We collect this information as part of our legitimate interest to improve the functionality and efficiency of the Website and to provide the Website to you.
- Technical. We use essential cookies to authenticate users, prevent fraudulent use of the Website, and to allow the Website and its features to function properly.
- Functional. We use functional cookies to provide enhanced functionality and personalization, to remember your login information, to remember your preferences, to diagnose server and software errors, and in cases of abuse, track and mitigate the abuse.
- Analytics. Analytics cookies allow us and our analytics provides to recognize and count the number of users to the Website, see how users interact with the Website and different functions, and when users are using the Website. We use this information to improve the Website.
- Profiling. Performance cookies collect information about how you use the Website and help us, for example, to identify especially popular areas of the Website. In this way, we can adapt the content of our websites more specifically to your needs and thereby improve what we offer you.
- Advertising identify and store behaviors that users take when visiting the Website. These cookies are used in order to identify you as a prospect for our services, deliver advertisements that are more relevant to you and your interests, limit the number of times you see an advertisement, and help measure the effectiveness of our advertising campaigns. Such sharing may be deemed a sale under the California Consumer Privacy Act. To opt-out of sharing through cookies, see YOUR PERSONAL INFORMATION CHOICES below.
To control the information collected about you using cookies and other technologies see YOUR PERSONAL INFORMATION CHOICES below.
Particular third-party cookies on the Website to note include:
- Facebook Pixel. We use Facebook Pixel to customize our advertising and to serve you ads on your social media based on your browsing behavior. This allows your behavior to be tracked after you have been redirected to the Website by clicking on the Facebook ad. The Facebook Pixel stores a cookie on your device to enable us to measure the effectiveness of Facebook ads for statistical and market research purposes. We do not have access to the information collected through the Facebook Pixel. However, the information collected via the Facebook Pixel, on the Website as well as other websites on which Facebook Pixel is installed, is also stored and processed by Facebook. Facebook may link this information to your Facebook account and also use it for its own promotional purposes in accordance with Facebook's Data Usage Policy. The Facebook Pixel also allows Facebook and its partners to show you advertisements on and outside of Facebook. Such sharing may be deemed a sale under the California Consumer Privacy Act. To opt-out of this sharing and displaying of Facebook ads, visit your Facebook Ad Settings, and you can clear and control the information third parties share with Facebook in your Off-Facebook Activity page. If you do not have a Facebook account, you can opt-out of Facebook ads through the Digital Advertising Alliance here.
- Bing Ads. Bing Ads is a remarketing service provided by Microsoft. We use Bing Ads to service you advertisements based on your past visits to the Website. You can learn more about the privacy practices of Microsoft here. Such sharing may be deemed a sale under the California Consumer Privacy Act. To opt-out of this sharing of Bing Ads you can follow the instructions here.
- Criteo. Ferrari, through its own providers, places tags on its properties for Criteo to collect browsing information and create customized ads to serve to users. Criteo creates the ads, decides which ad to serve and where. Such sharing may be deemed a sale under the California Consumer Privacy Act. You can learn more about the privacy practices of Criteo and opt-out of this sharing here.
- Hotjar. We use Hotjar in order to better understand user experience and to optimize the Website. Hotjar allows us to better understand users’ experience and this enables us to build and maintain the Website. For further details, please see the ‘about Hotjar’ section of Hotjar’s support services. You can opt-out of HotJar here.
(3) HOW WE SHARE YOUR PERSONAL INFORMATION
Ferrari may need to make the personal information identified in this Privacy Notice available within Ferrari, with service providers, or with other third parties. These instances include:
Within Ferrari. Ferrari may share your personal information with Ferrari subsidiaries for legitimate business purposes and general business management. The legal basis for this is Ferrari’s legitimate interest in carrying out our business efficiently. Upon your consent, we may also share your personal information with Ferrari subsidiaries for marketing purposes.
With Service Providers. Ferrari may share your personal information with our service providers that assist us in providing the Website. The legal basis is our legitimate interest in providing the Website efficiently. These service providers include communication providers, web-hosting providers, IT support, our customer management platform, shipping providers, payment processors, call center providers, marketing providers, and e-commerce providers. This also includes sharing of personal information with our service provider YOOX NET-A-PORTER GROUP that manages the Website on our behalf.
With Third Parties. We may need to disclose your personal information to third parties, such as legal advisors, law enforcement agencies, or governmental/regulatory bodies in order to protect our legal interests and other rights, protect against fraud or other illegal activities, prevent harm, for risk management purposes, and to comply with our legal obligations. The legal basis for this is compliance with the law, compliance with legal obligations, and our legitimate interest in the protection of the rights of others.
In the Event of a Corporate Reorganization. In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a reorganization, merger, acquisition, sale, joint venture, assignment, consolidation, transfer, change of control, or other disposition of all or any portion of our business, assets or stock, we would share personal information with third parties, including the buyer or target (and their agents and advisors) for the purpose of facilitating and completing the transaction. We would also share personal information with third parties if we undergo bankruptcy or liquidation, in the course of such proceedings. The legal basis for this is our legitimate interest in carrying out business operations.
With Your Consent. Apart from the reasons identified above, we may request your permission to share your personal information for a specific purpose. We will notify you and request consent before you provide the Personal Information or before the personal information you have already provided is shared for such purpose. You may revoke your consent at any time.
Sharing in the Last Twelve (12) Months
For a Business Purpose. In the preceding twelve (12) months, Ferrari has disclosed the following categories of personal information for a business purpose to the following categories of third parties:
- We have disclosed your personal identifiers, internet and other network activity information, and customer records information to service providers that perform services on our behalf. These service providers include YOOX NET-A-PORTER GROUP, our e-commerce provider, communication providers, web-hosting providers, IT support, our customer management platform, shipping providers, payment processors, call center providers, and marketing providers.
- We have disclosed your internet or other electronic network information and location information to our IT support to detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and to identify and repair Website errors that impair functionality.
- We have disclosed your internet or other electronic network information and location information to our IT support to maintain, improve, and upgrade the Website.
For a Sale. Under the CCPA, certain disclosures we engage in are considered a sale. In the preceding twelve (12) months, we have disclosed your internet or other electronic network activity information collected via cookies to data analytics providers and ad networks. You may opt-out of these cookies by following the instructions in YOUR PERSONAL INFORMATION CHOICES.
(4) YOUR PERSONAL INFORMATION CHOICES
Correct or View Your Information. You may access your Ferrari account to correct or view certain personal information you have provided to us and which is associated with your account.
Cookies. All session cookies are temporary and expire after you close your web browser. Persistent cookies can be removed by following your web browser’s directions. To find out how to see what cookies have been set on your computer or device, and how to reject and delete the cookies, please visit: https://www.aboutcookies.org/. Please note that each web browser is different. For information on reviewing or deleting cookies from specific browsers, click on the appropriate browser: Firefox, Firefox IOS, Firefox Android, Safari, Safari Mobile, Chrome, Internet Explorer, Microsoft Edge, Opera. To find information relating to other browsers, visit the browser developer’s website. If you reset your web browser to refuse all cookies or to indicate when a cookie is being sent, some features of the Website may not function properly. If you choose to opt out, we will place an "opt-out cookie" on your computer. The "opt-out cookie" is browser specific and device specific and only lasts until cookies are cleared from your browser or device. The opt-out cookie will not work for essential cookies. If the cookie is removed or deleted, if you upgrade your browser or if you visit us from a different computer, you will need to return and update your preferences.
Online Advertising. To opt-out of interest based advertising generally or to learn more about the use of this information by our service providers you can visit the Network Advertising Initiative or the Digital Advertising Alliance.
Bing Ads. To opt-out of Bind Ads, you can follow the instructions here.
Facebook Pixel. You can opt-out of displaying Facebook ads by visiting your Facebook Ad Settings, and you can clear and control the information third parties share with Facebook in your Off-Facebook Activity page.
Google Ads. To opt out of targeted advertising by Google, you can go to Google’s ad settings.
Double Click. To opt out of targeted advertising by Google, you can go to Google’s ad settings. You may also install the DoubleClick opt-out add-on.
Google Analytics. To prevent your data from being used by Google Analytics, you can download the Google Analytics opt-out browser add-on for Google Analytics which can be found here.
Criteo. You can opt-out of Criteo here.
HotJar. You can opt-out of HotJar here.
Marketing Emails. You may opt-out of receiving marketing emails from us by clicking the “unsubscribe” link provided with each email. Please note that we will continue to send you notifications necessary to the Website, your account, or requested products or services.
For more information on cookies and to manage your preferences for third party profiling cookies, please go to http://www.youronlinechoices.com. Once on the site, by accessing the area “Your Choices” you can: visualize the list of third party companies, our partners, which install cookies on the Website (Company); verify the presence and activation status of installed cookies (Status) and manage your consent selectively (On/Off). By expanding the dedicated voice (Info) for each company, you can access more information relative to the company and, via a link, reach the specific information about privacy and cookies.
(5) RIGHTS OF INDIVIDUALS UNDER GDPR
If our processing of your personal information is subject to the European Union General Data Protection Regulation 2016/679 (“GDPR”), you have the following rights with respect to your personal information processed:
- Right to Access. You have the right to ask Ferrari for copies of your personal data. This right has some exceptions, which means you may not always receive all personal data we process.
- Right to Rectification. You have the right to ask Ferrari to rectify personal data you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Right to Erasure. You have the right to ask Ferrari to erase your personal data in certain circumstances.
- Right to Restrict Processing. You have the right to ask Ferrari to restrict the processing of your personal data in certain circumstances. See YOUR PERSONAL INFORMATION CHOICES for additional ways you can restrict processing of your personal data.
- Right to Object to Processing. You have the right to object at any time, for reasons arising from your particular situation, to processing of your personal data, which is carried out on the basis of our legitimate interests. See YOUR PERSONAL INFORMATION CHOICES for additional ways you can object to processing of your personal data.
- Right to Data Portability. You have the right to ask that we transfer the personal data you gave us from one organization to another, or give it to you in a structured, ordinarily used, and readable format.
- Right to Lodge a Complaint. You have the right to lodge a complaint with a supervisory authority.
To exercise these rights, please contact Ferrari by email at email@example.com or by writing to Ferrari S.p.A, via Abetone Inf. 4; I-41053, Maranello, (MO), Italy. You may contact YOOX NET A PORTER GROUP’s Customer Care.
a. Personal Data Transfer Outside of the European Economic Area
Within our contractual relations, we may transfer personal data to countries outside of the European Economic Area (“EEA”). In the event personal data is transferred outside of the EEA, we will use appropriate contractual measures to guarantee an adequate protection of personal data, including implementation of agreements based on the standard contractual clauses adopted by the EU Commission.
(6) CALIFORNIA RESIDENTS
To the extent the California Consumer Privacy Act (CCPA) applies to the processing of your personal information you would be entitled to the rights listed below.
- Right to Access. You have the right to request what personal information we have collected, used, disclosed, and sold about you within the preceding twelve (12) months.
- Right to Deletion. You have the right to request the deletion of your personal information that we collect or maintain, subject to certain exceptions.
- Right to Opt-Out. You have the right to opt-out of the sale of your personal information to third parties. Ferrari does not have actual knowledge that it sells personal information of minors under the age of sixteen (16) years.
- Right to Non-Discrimination. You have the right to not receive discriminatory treatment if and when you exercise your rights to access, delete, or opt-out under the CCPA.
To exercise your rights, described above, you can:
For Ferrari you may submit a verifiable consumer request (i) by email at firstname.lastname@example.org; (ii) by telephone at 1-877-933-7727 or (iii) through the interactive webform.
For YOOX NET A PORTER GROUP:
- call the toll-free number 18554635042 from Monday to Friday from 9 a.m. to 11 p.m., excluding public holidays; or
- write to Customer Care by selecting the "privacy" topic in the relevant webform in the "Contact us" section of the Website; or
- contact us directly at the address indicated above. If you exercise your rights, we may require you to provide certain information to verify your identity (such as your name, email address, phone number and/or address).
You may make a verifiable consumer request for access twice within a twelve (12) month period.
To opt-out of the sale of your personal information via cookies, please follow the instructions in YOUR PERSONAL INFORMATION CHOICES or submit a request through the interactive webform.
For requests submitted via telephone or email, you must provide us with sufficient information that allows us to reasonably verify you are the person about whom we collected the personal data and describe your request with sufficient detail to allow us to properly evaluate and respond to it. If we are not able to verify your identity for access and deletion requests with the information provided, we may ask you for additional pieces of information. The interactive webform contains the information that Ferrari needs to verify your identity and review your request.
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a request related to your personal data. If you are an authorized agent making a request on behalf of another individual, you must provide us with signed documentation that you are authorized to act on behalf of that individual.
(7) NEVADA RESIDENTS
If you are a consumer in the State of Nevada, you may request to opt-out of the current or future sale of certain of your personal data. We do not currently sell any of your personal data under Nevada law, nor do we plan to do so in the future. If you have any questions regarding our data privacy practices, or would like to opt-out of the future sale of your personal data, please contact Ferrari at email@example.com and/or YOOX NET A PORTER GROUP’s Customer Care.
We keep your personal information for a limited period of time depending on the purpose for which it was collected. After such period, your personal information will be deleted or otherwise rendered anonymous in an irreversible way. The retention period is different depending on the purpose of the processing. For example, the personal information collected when items are purchased on the Website is processed until all administrative and accounting formalities have been completed. Therefore, it is kept on file in conformity with the local tax legislation, while the personal information used to send you our newsletter is kept until you request that we stop sending it. Ferrari retains the personal information for ten years from the time it was provided for marketing and profiling purposes unless consent is revoked. If consent is revoked, your personal information may not be processed for the aforementioned purposes, but may still be kept to manage any objections and/or disputes. The data used to manage Web Push Notifications will be retained up to the point in which consent is revoked by the data subject or up to 365 days from the last visit made to the Site by the data subject.
At any moment you can revoke your consent to receive these personalized commercial notifications (depending on your browser). As part of the Live Chat service, text messages sent by the user, including attachments, will be stored for 6 months on the server of our external service provider which we use, while the images taken during the video call are not stored. The Data processed for the purposes of registering to Live Chat will be kept for the time necessary to provide the service, except in the case in which the cancellation of the registration is requested.
(9) DO NOT TRACK
We do not respond to Do Not Track (“DNT”) requests. Do Not Track is a preference you can set in your web browser to inform The Websites that you do not want to be tracked. You can enable or disable Do Not Track by visiting the Preferences or Settings page of your web browser. For further details, click here.
(10) INFORMATION SECURITY
We implement and maintain reasonable security measures to protect the personal information we collect and maintain from unauthorized access, destruction, use, modification, or disclosure. However, no security measure or modality of data transmission is 100% secure and we are unable to guarantee the absolute security of the personal information we have collected from you.
(11) CHILDREN’S PRIVACY
The Website and the services offered thereon are not intended for individuals under the age of eighteen (18) years.
(12) LINK TO THIRD PARTY WEBSITES
Third party websites accessible from this website are under the third party responsibility.
We decline all responsibility concerning requests and/or provision of personal data to third party websites.
(13) AMENDMENT OF THIS PRIVACY NOTICE
This Privacy Notice is subject to change. Changes to the Privacy Notice will be posted on this page and will indicate the date the changes go into effect. Please check back frequently and review the Privacy Notice for any changes. If we make any changes that materially affect your privacy rights, we will notify you via email or by prominent posting on the Website.