Sorry we are sold out for 2018
You can pre-order NOW for delivery in January 2019

Privacy Policy for Users

Mamma 2.0 s.r.l. with registered offices in via Dogana No. 3, 20123 – Milan (Italy), Tax Code/VAT No. 08624410968 (hereinafter, the “Data Controller“), owner of the website www.mutable-design.com (hereinafter, the “Website“) in its capacity as Controller of personal data of the users who browse and are registered on the Website (hereinafter, the “Users“) hereby provides the following privacy policy according to Article 13 of EU Regulation 2016/679 dated 27 April 2016, on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, the “Regulation” and/or “Applicable Regulation“).

This Website and any services offered through the Website are reserved for individuals who are 18 years and over. Therefore, the Data Controller does not collect personal data relating to individuals under 18 years of age. Upon request of the Users, the Data Controller will promptly delete all personal data that has been involuntarily collected and related to subjects under the age of 18.

The Data Controller takes the utmost account of its Users’ right to privacy and protection of personal data. For any information related to this privacy policy, Users may contact the Data Controller at any time, using the following methods:

  • Sending a registered letter with return receipt to the registered offices of the Data Controller: Via Dogana No. 3, 20123 – Milan (Italy)
  • Sending an electronic mail message to the address: mamma2.0srl@legalmail.it

The Data Controller has not identified a Data Protection Officer (RPD or DPO), as it is not subject to the obligation of designation provided for by Article 37 of the Regulation.

1. Processing purposes

The personal data of the Users will be processed lawfully by the Data Controller pursuant to Article 6 of the Regulation for the following processing purposes:

  1. Contractual obligations and provision of the service, to enable the browsing of the Website or to implement the Website Terms of Use, which are accepted by the User either during registration to the Website or by purchasing on the Website as well as to fulfil the User’s specific requests. User’s data collected by the Data Controller for the purpose of any registration on the Website include: the name, the surname, the email address, the phone number, the shipping address (country, province, city, postal code and address), the billing address (country, province, city, postal code, address and TAX/VAT number) as well as any other personal information of the User that may be voluntarily published. Unless the User gives the Data Controller a specific and optional consent to the processing of their data for the further purposes set out in the following paragraphs, the User’s personal data will be used by the Data Controller for the sole purpose of ascertaining the identity of the User, thus avoiding possible scams or abuses, and contacting the User only for service reasons (e.g. by sending of notifications regarding the services offered on the Website related to products both by third parties and by the Data Controller). Notwithstanding the provisions contained elsewhere in this privacy policy, under no circumstances will the Data Controller make the personal data of the Users accessible to other Users and/or third parties.
  2. Administrative and accounting purposes, or to perform organizational, administrative, financial and accounting activities, such as internal organizational activities and activities functional to the fulfilment of contractual and pre-contractual obligations;
  3. Legal obligations, or to fulfil obligations provided by the law, an authority, a regulation or European legislation.
    The provision of personal data for the purposes of processing indicated above is optional but necessary; failure to provide the data will make it impossible for the User to browse the Website, to register with the Website and to take advantage of the services offered by the Data Controller on the Website.

Personal data needed for processing purposes described in this paragraph 1 are indicated with an asterisk in the registration form on the Website.

2. Other processing purposes: marketing and newsletter

With the User’s free and optional consent, some of the User’s personal data (namely: the name, the surname, the email address, the phone number and the shipping address) may also be processed by the Data Controller for marketing purposes (as for example, sending of advertising material, direct sales and commercial communication or sending newsletters containing information regarding news about the sector relative to the Website activities and the services offered by the Data Controller), or in order for the Data Controller to contact the User through electronic mail to propose to the User the purchase of products and/or services offered by the Data Controller and/or by third parties, to present offers, promotions and business opportunities by the Data Controller and/or by third parties.

In case of lack of consent, the possibility to register on the Website will not be in any way affected.

In case of consent, the User may at any time revoke the same, making a request to the Data Controller in the manner indicated in paragraph 6 below.

The User can also easily oppose further sending of promotional communications via e-mail by clicking on the appropriate link for the revocation of consent, which is present in each promotional email. Once the consent has been revoked, the Data Controller will send the User an e-mail message confirming the revocation of the consent.

The Data Controller informs that, following the exercise of the right of opposition to the sending of promotional communications via email, it is possible that the User continues to receive further promotional messages due to technical and operational reasons (e.g. formation of contact lists already completed shortly before the Data Controller’s receiving of the opposition request). Should the User continue to receive promotional messages after 24 hours from the exercise of the right of opposition, please report the problem to the Data Controller, using the contacts indicated in paragraph 6 below.

3. Other processing purposes: profiling

With the User’s free and optional consent the User’s personal data (or personal data and contact information or information relative to the services for which the same has shown an interest) may be processed by the Data Processor also for profiling purposes, or to put together the User’s tastes and consumer habits by identifying his or her consumer profile to send the User commercial offers consistent with the profile identified.

In case of lack of consent, the possibility to register on the Website will not be in any way affected.

In case of consent, the User may at any time revoke the same, making a request to the Data Controller in the manner indicated in paragraph 6 below.

4. Processing methods and data retention times

The Data Controller will process the personal data of Users using manual and IT tools, with logic strictly related to the purposes themselves and, in any case, in order to guarantee the security and confidentiality of the data.

The personal data of Website Users will be retained for the time strictly necessary to carry out the main purposes explained in paragraph 1 above or, in any case, as necessary for the protection in civil law of the interests of both the Users and the Data Controller.

In the cases referred to in paragraphs 2 and 3 above, the personal data of Users will be retained for the time strictly necessary to carry out the purposes explained in the same and, in any case, as long as the law allows the retention for such scope, included the judicial protection against legal request.

In case the User decides to unsubscribe, block and/or delete its account/profile all the retained data regarding the User will be deleted. Whereas the complete deletion of the User’s data will not be allowed or necessary according to the law, the data will be block for the entire processing.

5. Transmission and dissemination of data

The employees and/or collaborators of the Data Controller who are in charge of carrying out Website maintenance may become aware of the personal data of the Users. These subjects, who are formally appointed by the Data Controller as “in charge of processing“, will process the User’s data exclusively for the purposes indicated in this policy and in compliance with the provisions of the Applicable Regulation.

The personal data of the Users may also be disclosed to third parties who may process personal data on behalf of the Data Controller as “External Processors“, such as, for example, IT and logistic service providers functional to the operation of the Website, outsourcing or cloud computing service providers, professionals and consultants, carriers and so on.

External Processors processing Users’ personal data on behalf of the Data Controller are:

  • O&DS Srl, via Francesco Sforza 19 – 20122 Milano (Italy), regarding the IT services and support;
  • Loghistes Srl, via Europa 6 – 22070 Cirimido (Como, Italy), regarding the supply og logistic services;
  • General Logistics Systems Enterprise Srl, via Basento 19 – 20098 San Giuliano Milanese (Milan – Italy), as carriers;
  • Dhl Express Italy Srl, via G.S. Bernardo – 20089 Rozzano (Milan – Italy), regarding EU shipping;
  • Mds Fulfillment, West Mill Road, Milwaukee, WI (USA), regarding US shipping;
  • Ladder Digital, 337b East 8th Street New York, NY (USA), regarding the providing of marketing services and support;
  • Tross Media LTD, Ehad HaAm 9, East Wing, Tel Aviv, Israel, regarding the providing of marketing services and support.

Users have the right to obtain a list of any external processors appointed by the Data Controller, making a request to the Data Controller in the manner indicated in paragraph 6 below.

6. Rights of the Data subjects

Users may exercise their rights granted by the Applicable Regulation by contacting the Data Controller as follows:

  • Sending a registered letter with return receipt to the registered offices of the Data Controller: Via Dogana No. 3 – 20123 Milan (Italy)
  • Sending an electronic mail message to the address: mamma2.0srl@legalmail.it

Pursuant to Applicable Regulation, the Data Controller informs that Users have the right to obtain indications:

  1. of the origin of personal data;
  2. the purposes and methods of the processing;
  3. the logic applied in the event of processing carried out with the aid of electronic instruments;
  4. of the identification details of the data controller and processors;
  5. the subjects or categories of subjects to whom the personal data may be communicated or who may come to aware of them as processors or agents.

Furthermore, Users have the right to obtain:

  1. Access, updating, rectification, or, when interested, integration of data;
  2. The cancellation, transformation into anonymous form or the blockage of data processed in breach of the law, including data that does not need to be stored in relation to the purposes for which the data was collected or subsequently processed;
  3. Certification to the effect that notification has been supplied of operations as per letters a) and b), as regards their content, to those to whom the data was communicated or disseminated, except for the case where notification proves impossible or requires the use of means clearly disproportionate to the right being protected.

Moreover, the Users have:

  1. The right to revoke consent at any time, if the processing is based on their consent;
  2. The right to data portability (the right to receive all personal data concerning them in a structured format, commonly used and readable by automatic device), the right to limit processing of personal data and right of deletion (“the right to be forgotten”);
  3. The right to oppose to:
    1. In whole or part, for legitimate reasons, the processing of personal data relating to you for legitimate reasons even pertinent to the purpose of collection;
    2. In whole or part, the handling of personal data for the purpose of sending advertising or sales materials or for the carrying out of market research or for commercial communication purposes;
    3. If personal data is processed for direct marketing purposes, at any time, to the processing of data for this purpose, including profiling in so far as it is related to such direct marketing.
  4. If it is deemed that the processing concerning their personal data violates the Regulation, the right to lodge a complaint with a Supervisory authority (in the Member State in which they usually reside, in the one in which they work or in the one in which the alleged violation has occurred). The Italian Supervisory Authority is the Data Protection Authority, with registered offices in Piazza di Monte Citorio No. 121, 00186 – Rome (Italy) (http://www.garanteprivacy.it/).

7. Registration via “Connect with Facebook”

The Data Controller informs that Users registered with Facebook can register on the Website through the “Connect with Facebook” service or equivalent, in cases where this option is available on the Website. The data that may be communicated by Facebook to the Data Controller through the “Connect with Facebook” service are as follows: name, surname, profile picture, email address with which the User can be contacted by Facebook (with ‘actual’ address or address on the domain proxymail.facebook.com), address and date of birth. The Data Controller will process such data exclusively for the purposes indicated in this statement, in compliance with the consent granted by the User from time to time. By subscribing to the “Connect with Facebook” service and clicking on the “Allow” button, the User agrees that the data referred to above will be transferred from the Facebook platform to the Data Controller. The Data Controller will use this data to facilitate the registration procedure, pre-filling the fields on the User’s registration form with the data communicated by Facebook. Users who use the Facebook Connect service will be able to access the Website using the credentials normally used to access Facebook. For more information on the “Connect with Facebook” service and to change your privacy settings related to this service, please see the following links: http://www.facebook.com/help/405977429438260/ and https://www.facebook.com/about/privacy/your-info-on-other.

The Data Controller is responsible for updating all links viewed in this privacy policy, therefore, whenever a link does not work and/or is not updated, the Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by this link.