HELP

DIESEL ON PRIVACY NOTICE

Last Updated: May 22, 2023

In order to use the Diesel On app for smartwatches, you will be asked by Fossil Group Inc. to consent to the sharing of your information with Fossil Group Inc. We (Diesel S.p.A) do not control and do not assume any responsibility for the use of Personal Information by Fossil Group Inc. once you have consented to share your Personal Information with them. We recommend you read the following privacy policy before sharing your data with Fossil Group Inc.

                                                           ----------------------------------------

At Fossil Group, Inc. (“Fossil Group”, “Fossil", "we", or “us”) (licensee of Diesel S.p.A. for Diesel ON branded wearable devices) we value and protect your rights to data protection and privacy. This Privacy Notice describes:

  • What Personal Information we collect from the Diesel ON App, Diesel Watch Apps, and Diesel Device and the purposes for which we use it.
  • What Personal Information we transfer to third parties.
  • Your rights and how you can execute such rights.
  • How you can contact us.

1. Summary

In the following we will provide you a quick summary of which Personal Information we use for which purposes and about your rights. For more details go to the relevant Sections below.

    1. Service Provision

We process Personal Information about you in order to provide you with the full range of services and features of your Diesel ON App, Diesel Watch Apps, and Diesel Device. This includes data you enter when setting up your user account and information required in order to receive specific features. For example, for distance and pace measuring, or calculation of calories burned, we might require information about your height, weight, heart rate, and geolocation or to participate in the fitness challenge functionality we may ask you to create a username and provide a photo or avatar; for other functionality you may authorize us to access your camera roll, microphone or contact list (for further information go to sections 3.1-3.7 below).

    1. Analytics

We and our service providers track and run analyses of the usage of the App, Watch Apps, and Device (to determine which functionalities are used more often than others) to understand how they are used and improve them. (For further information go to Section 3.8 below).

    1. Marketing

We may use your Personal Information for marketing purposes to provide you with relevant offers about our products and services. (For further information go to Section 3.9 below).

    1. Data access by recipients

Our service providers and other Fossil Group companies (Fossil Group, Inc. and its Affiliates and subsidiaries) also access your information in order to provide services to you and handle your data as described in this Privacy Notice. (For further detail go to Section 5 below).

    1. Your rights

Your rights may include the right to access, correct, and delete your Personal Information. You may also request the restriction of and, if applicable, withdrawal of your consent or objection to the processing (please proceed to Section 8 for a detailed description of your rights).

    1. Location of your information; disclaimer for EU, UK and Japan

Personal Information we collect will be primarily stored in the United States with us and our cloud service providers.

If you are a resident from the EU or the UK, Fossil will process your Personal Information in accordance with EU and UK law, in particular the EU General Data Protection Regulation and the retained EU law version of the General Data Protection Regulation (UK GDPR), both referred to as GDPR in this document; however, Fossil may be subject to laws including potential access rights by governmental authorities that do not adhere to the same requirements and standards deemed appropriate under EU and UK law.

If you are a Japanese resident, by using the service, you consent to the transfer of your Personal Information, as defined under applicable law, to our and our service provider’s servers located in the USA. We have contracts to require recipients take the necessary measures to comply with the relevant laws of the USA. Your Personal Information in the United States will be subject to appropriate data protection laws and the third party cloud providers we use will take the necessary measures to comply with the relevant laws of the USA which have been assessed by the PPC, and for which a report is available at https://www.ppc.go.jp/personalinfo/legal/kaiseihogohou/#gaikoku.

We may also transfer your Personal Information to a country/region pursuant to another exception allowing the transfer as permitted by applicable law. If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may file a complaint internally by sending us an email using the contact details provided in Section 10 or you may decide to make a formal complaint with the Personal Information Protection Commission (https://www.ppc.go.jp/en/).

2. When does this Privacy Notice apply?

This Privacy Notice applies to the Diesel ON App, Diesel Watch Apps, and Diesel Device. For further information about what these terms comprise please see Section 11.

This Privacy Notice does not apply to your purchase transaction of the Device or to any activities you conduct on any of our websites or within our stores.

3. What Personal Information do we collect on which legal basis and what do we use it for?

In order to provide you with our services and the full range of features of our App, Watch Apps, and Devices, we use Personal Information. 

We may receive Personal Information collected by third party services (e.g. Google Fit). You can deactivate such data sharing using the settings of the third party service.

The Personal Information that we collect include the following (please note: As the availability of functionality may vary, depending on your App, Watch Apps, and Device, not every one of the followings sections may apply to you):

    1. General Account data

When you use the App, Watch App, and Device we will collect general account data, including examples such as your first and last name, your email address, your date of birth, your gender, your height and weight, a photo, the password selected for your App account, a username, a photo or avatar to connect to your account, the App version, Device information (e.g. Device serial number), paired mobile device information (e.g. smartphone manufacturer, model, operating system) and your personal account and App settings (e.g. which features you want to use).

We will also collect this information when you sign-up using a social media login, such as via Facebook or Apple. We do not collect or store your social media password.

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract, Art. 6 (1) b) GDPR). For access to camera roll we require your prior explicit consent.

    1.  Activity and sleep data

In order to help you understand both your daily movement habits and your personal fitness, we use additional Personal Information. Examples include the calculated number of steps you have taken, your heart rate, your estimated blood oxygen saturation, calories burned, your mode of movement (e.g. running or walking), traveled distance, the time zone, and your goals for the day and whether you achieved them. In order to enable us to calculate calories burned we use your height, weight, and date of birth information. You may also choose to input information related to your activities through the App, such as updating information about your weight.

In order to enable you to participate in fitness challenges with other users, we may collect and share your activity data with such other users. You can control whether (and with whom) your activity data is shared in this way by electing (or not electing) to participate in such challenges. 

With the aim of enabling you to understand and to improve your sleeping habits, some Devices collect sleep start time, sleep end time, the time you go to bed, and the time you wake up. We also collect details of sleep, such as when light sleep or restful sleep occur, to show you data and insights about your sleeping patterns.

Certain activity and sleep data might be regarded as "health related data" in certain jurisdictions.

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract, Art. 6 (1) b) GDPR). As far as activity data may be considered health-related data we require your explicit consent for the processing.

    1. Notifications and alerts

If you want to send automated text responses or to be notified by your Device when you receive a text message, email, app alert, or when there is an upcoming event in the calendar of your mobile device, you need to activate this in the App settings. In order for certain features to function, access to your contact list by the App is necessary. Please note that your contact related settings including your contact list will remain on your mobile device and cannot be accessed by us. Furthermore, we do not store content of any notifications, we only track that a notification occurred.

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract (Art. 6 (1) b) GDPR).

    1. Location information

When you install the App, you will be asked to grant access to your geolocation data. When you install or use Watch Apps for the first time, including on devices powered with Wear OS by Google, you will be asked to grant the Watch App access to your Device’s geolocation data (if equipped) or the paired mobile device’s geolocation data. We can use that information to customize the App or Watch Apps with location-based information and features; examples may include automatically updating local weather information, tracing an activity route, or to help locate your Device based on last known location. If your Device is enabled with emergency call functionality it may use location information when that function is in use. 

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract (Art. 6 (1) b) GDPR).

    1. Performance report and customer support

In the event our App or Watch Apps stop working we will receive information about your paired mobile device and Device (e.g. model, software version, mobile device carrier) and any additional information you share with us, which allows us to identify and fix bugs and otherwise improve the performance of our App and Watch Apps.

In the event you contact us for customer support we will process your Personal Information.

Legal basis (EU/UK): These processing activities are necessary for the provision of our customer support services and for the fulfillment of warranty claims (legally: performance of our contract with you including transfers to the USA as part of performing the contract (Art. 6 (1) b) GDPR).

    1. Watch Apps

When you install or use one of our Watch Apps, you will be asked to grant the Watch App access to certain types of information from your Device and/or a paired mobile device (e.g. geolocation data, events on your personal calendar, fitness activity data or your contact list). If you grant such permission, the Watch App can collect information and use that information to provide specific features or services; for example to allow you to display a pre-selected watch face during a specific event, to download photos from social media, to help locate your Device based on last known location or to provide you with Alexa voice assistant.   

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract (Art. 6 (1) b) GDPR).  

    1. Emails and other communications

We send you push notifications to provide you with information about your personal goals and alerts about updates for the Device, the App, or Watch Apps. We will also send you emails with your wellness dashboard if you request them through the App.

We will send you emails related to the administration of your account, such as a welcome email when you create your account, a confirmation email if you delete your account, emails if you forgot your password and need assistance changing it, or a reminder that your account may be deactivated after a period of inactivity.

For paired mobile devices, you can at any time stop transfer of data from the paired mobile device to the App or Watch Apps by disabling the Bluetooth connection between the Device and the mobile device; however, in this case the functionalities described above may not work.

Legal basis (EU/UK): These processing activities are necessary for the provision of our services (legally: performance of our contract with you including transfers to the USA as part of performing the contract (Art. 6 (1) b) GDPR).

    1. Analytics

We aggregate and de-identify data (so that the data is not associated with an individual’s name or other personally identifiable information) collected through the App, Watch Apps, and Device and use it for a variety of analytical purposes, such as determining the average daily steps taken by App users, analyzing fitness trends, watch faces selected by Watch App users, or obtaining other information to improve our products and services. 

We use your Personal Information for other marketing, statistical, and market research purposes to learn more about our customers and users. For these purposes we also use publicly available Personal Information about you (e.g. from your social media profiles).

We use Google Analytics to track and examine how our App and Watch Apps are used and how we may improve them to enhance and improve our services. Google Analytics is an analysis service provided by Google LLC, located in the USA. In order to use Google Analytics, our App is sending anonymized information about your usage of our App to Google Analytics, where the data is aggregated and analyzed to provide meaningful reports for us. We do not connect data from Google Analytics with any of your Personal Information. You can opt-out from our collection of data by Google Analytics at any time in the App's settings.

Legal basis (EU/UK): For this processing we require your explicit consent (Art. 6 (1) a) GDPR). The analytics on publicly available information by social media users is based on our legitimate interest in measuring the performance of our social media offerings (Art. 6 (1) f) GDPR.

    1. Marketing

We may use your Personal Information for marketing purposes to provide you with offers about our products and services. By analyzing your general contract information (3.1), and how our services are used, we select which marketing information may be of specific interest for you. We might also send you promotional emails (in the EU and the UK: only for products similar to your purchases). At any time you can opt-out from the use of your Personal Information for marketing purposes as described under Section 8.1.

We will not use data relating to your health for marketing purposes.

If you enter a global sweepstake, contest, or competition we sponsor, we use your Personal Information to enable your participation and as otherwise set forth in the terms for such promotion.

Legal basis (EU/UK): The processing for marketing purposes regarding similar products or services is based on our legitimate interests (Art. 6 (1) f) GDPR) in promoting similar products or services in the context of an existing customer relationship. Other marketing activities will require your explicit consent (Art. 6 (1) a) GDPR).

If you are a Japanese resident, by registering to use our service, you consent to our and our service providers processing of Personal Information related to you in order to provide you with the full range of services and features we offer. You also consent to our use of your data for marketing purposes.

.

3.10 Legal obligation

In some cases we process your Personal Information due to a legal obligation (for further information go to Section 5.1 below). 

4. Can you share your Personal Information?

The App and Watch Apps allow you to share Personal Information from the App or Watch Apps on social networks like Facebook or transfer Personal Information to other apps like Apple Health or Google Fit or to share Personal Information directly with other users through certain functionality, such as fitness challenges. You can deactivate such an App/Watch App’s data sharing using the settings of your App or Watch App.

We do not control and do not assume any responsibility for the use of such shared Personal Information by such third parties. For more information about the third party’s purpose and scope of their use of Personal Information in connection with sharing features, please visit the privacy policies of such third party apps and their providers.

DieselOn app uses and transfers of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

5. When do we share Personal Information?

We will share your Personal Information in the following cases.

5.1 Legal obligation and internal purposes

We disclose your Personal Information (i) in order to comply with relevant laws, regulatory requirements and to respond to lawful requests, court orders, and legal processes, including requests to meet national security or law enforcement requirements; (ii) in order to protect and defend the rights or property of us or third parties; or (iii) in an emergency, in order to protect the safety of our employees or any person.

Additionally in the event that we or substantially all of our assets are acquired by one or more third parties as a result of an acquisition, merger, sale, consolidation, bankruptcy, liquidation, or other similar corporate reorganization, your Personal Information may be part of the transferred assets. Where required by applicable law (such as in the EU) we will inform you about and ask for your permission for the transfer of your Personal Information.

5.2 Joint processing within Fossil Group

Your Personal Information will be combined with or connected to other Personal Information that Fossil Group companies have obtained about you (e.g. purchase details of your Device, other goods you have purchased on a company website). We will also make your data available to Fossil Group companies if required to provide warranty and other after-sale services to you (please visit www.fossilgroup.com for information about Fossil Group member companies).

5.3 Sharing with third parties

We involve other companies for the provision of services or for hosting Personal Information. These companies are only permitted to use Personal Information on our behalf - they must not use such data for their own purposes except as required by law. Examples of subcontractors are hosting or other service providers such as Amazon Web Services, Inc., Google LLC, and service providers we use for customer care such as Salesforce, Inc or Transcosmos Information Systems, Ltd.

We contract with service providers using data enrichment technologies (this does not apply to the EU/UK).

When you enable sharing of Personal Information (connect) with Google Fit or other third    party apps, we will provide the applicable data to these third parties as requested. You can deactivate such data sharing at any time.

If your Device is enabled with emergency call functionality, your Personal Information may  be shared with third parties when that functionality is in use. 

Some Devices allow you to access features through the Amazon Alexa Service. When you do so, we do not collect the details of your interaction with Alexa. If you use Alexa to interact with the Fossil Wellness service, we will send data about your activity (heart rate, duration, distance, calories burnt, etc.) to Amazon.  Amazon does not process your Personal Information on our behalf; for more information about how Amazon may use your Personal Information, see the Amazon Privacy Policy and the Alexa Terms of Use.  Data will not be shared with Amazon unless activated by you.

5.4 Sharing de-identified information with third parties

We may share aggregated and de-identified data (which is not associated with an individual’s name or other personally identifiable information) collected through the App or Watch Apps with third parties for any lawful purpose.

6. Children's online privacy protection

We do not knowingly collect, maintain, or use Personal Information via the App or Watch Apps about children under the age of 16. Persons under the age of 16 may not use the App or Watch Apps, and their request for accounts will be denied. If we become aware that a child under the age of 16 has sent Personal Information to us without prior parental consent, we will remove his or her Personal Information from our files. Please note that outside the US other age thresholds may apply.

7. How long do we store and how do we secure Personal Information?

We will retain your Personal Information as long as necessary to provide you with App, Watch App, and Device functionality and services but in any event only as long as your account is active. When you delete your account or we disable it after a time of inactivity and notification from us, we will also delete your Personal Information obtained from the App, Watch Apps, or Device from our systems (excluding any information we have de-identified).

However, to the extent necessary we may keep some of your Personal Information for legal reasons (e.g. tax law, the defense against, or the establishment of, legal claims, and in order to demonstrate that our processing complies with data protection law requirements). We also keep your opt-in or opt-out requests for marketing messages (even if such request is made in or through the App).

8. What are your rights?

8.1 Your rights

We encourage you to address any inquiries or concerns you may have regarding our use of your Personal Information by using the contact details provided in Section 10 below.

With or without contacting us you can, by simply changing your settings in the App, at any time withdraw your consent, where our processing is based on your consent, without affecting the lawfulness of processing based on consent before the withdrawal.

At any time you may opt out from receiving marketing notifications or emails. You can opt out of marketing notifications or emails by changing the settings in your App or sending us an email or mail to the addresses listed under Section 10 below. You may also unsubscribe from email marketing by using the unsubscribe link contained in emails from us.

8.2 Your additional rights provided by EU law - EU residents

By contacting us as set forth in Section 10 below in the EU or in the UK you may exercise your rights, including the right to request from us access to, correction of, deletion of, and restriction of the Personal Information we hold about you. You also have the right to data portability (to receive data you provided in a machine readable format).

You may at any time object to our processing based on legitimate interests (Art. 6 (1) f) GDPR) and to receiving marketing notifications or emails as described above under 8.1.

You have the right to lodge a complaint with the responsible data protection authority.

8.3 California

The California Consumer Privacy Act of 2018 (CCPA) provides California residents with specific rights regarding their personal information over the last 12 months. If you are a California resident you have the right to request the disclosure of:

  • the categories of personal information we collected about you
  • the categories of sources from which the Personal Information is collected
  • the business or commercial purpose for collecting or selling Personal Information
  • the categories of third parties with whom we share Personal Information and
  • the specific pieces of Personal Information we have collected about you.

You have the right to request that we delete any Personal Information about you that we have collected, subject to certain exceptions defined in CCPA.

To exercise your access and deletion rights described above you have to submit a verifiable request to us by sending us an email at privacy.nam@fossil.com, or calling us at +1 (800) 449-3056. The verifiable request must contain sufficient information that allows us to verify you as a person and to properly understand and respond to your inquiry. As part of our verification process we will send you an email with a link to verify your email address. Following this we will ask you further verification questions. Once the verification process is complete we will send you emails with login credentials to our secure privacy portal for you to access, download or delete your data.

We will respond to your verifiable request within 45 days of receipt. If we require more time (up to 90 days) we will provide you with notice and explanation of the reason.

You may use an authorized agent to submit a request to access or delete on your behalf if you provide the authorized agent written permission to do so and verify your own identity directly with us. “Authorized agent” means a natural person or a business entity registered with the Secretary of State that a consumer has authorized to act on their behalf. We may deny a request from an authorized agent that does not submit proof that they have been authorized by you to act on your behalf, unless you have provided the authorized agent with power of attorney, pursuant to Probate Code sections 4000 to 4465.

We do not sell your Personal Information.

We do not knowingly collect personal information from California residents between the ages of 13 and 16.

We have collected and disclosed the following categories of Personal Information about California residents:

  • Identifiers such as real name, unique personal identifier, online identifier, Internet Protocol address, email address, account name, device information, paired mobile device information or other similar identifiers. We have disclosed this category with our business partners and affiliates including those to whom you instruct us to send this information and with our service providers.
  • Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)) such as name, date of birth, medical information. We have disclosed this category with our business partners and affiliates including those to whom you instruct us to send this information and with our service providers.
  • Protected classification characteristics under California or federal law such as sex/gender. We have disclosed this category with our business partners and affiliates including those to whom you instruct us to send this information and with our service providers.
  • Biometric information such as physical patterns, sleep, health, audio recordings of your voice for the Alexa service, or exercise data (the calculated number of steps you have taken, your heart rate, your estimated blood oxygen saturation, calories burned, your mode of movement - e.g. running or walking -, traveled distance, and your goals for the day and whether you achieved them). We have disclosed this category with our business partners and affiliates including those to whom you instruct us to send this information and with our service providers.
  • Internet or other similar network activity such as information on a consumer's interaction with an application. We have disclosed this category with our business partners and affiliates including those to whom you instruct us to send this information and with our service providers.
  • Geolocation data such as physical location or movements. We have disclosed this category with our service providers.
  • Audio/Visual such as audio. We have disclosed this category with our service providers.

We have collected the Personal Information directly from you and from your GPS tracking device, during your account registration, automatically as you navigate through the app or through your usage of the health and activity tracking apps. We may use or disclose the Personal Information we collect for "business purposes" or "commercial purposes" such as security, debugging/repair, performing services on behalf of the business or service provider, quality, safety maintenance and verification of a service or device, providing customer services, verifying customer information, providing advertising or marketing services, providing analytic services, etc.

We do not discriminate against you because you exercised any of your rights under the California Consumer Privacy Act, including, but not limited to, by:

    • Denying goods or services to you; charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties,
    • Providing a different level or quality of goods or services to you,
    • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

However, we may charge you a different price or rate, or provide a different level or quality of goods or services, if that difference is reasonably related to the value provided to you by your data (e.g. your identifiers).  In addition, we may offer financial incentives, including payments to you as compensation, for the collection of personal information, the sale of personal information, or the deletion of personal information. We may also offer a different price, rate, level, or quality of goods or services to you if that price or difference is directly related to the value provided to you by your data. We may enter you into a financial incentive program only if you give us prior opt-in consent which clearly describes the material terms of the financial incentive program, and which may be revoked at any time. We shall not use financial incentive practices that are unjust, unreasonable, coercive, or usurious in nature.

9. Changes to this Privacy Notice or how we use Personal Information

This Privacy Notice is effective as of May 22, 2023 and may be updated from time to time. We will notify you of material changes to our Privacy Notice by posting a prominent notice in the App, Watch App, or by sending you an email or a notification in which we may also seek your consent.

10. Who we are and how to contact us

The App, Watch Apps, and Device are provided to you by Fossil Group, Inc., 901 S. Central Expy, Richardson, Texas 75080, USA.

Please contact us if you wish to opt-out of marketing notifications or emails or if you want to exercise your further rights via email at privacy@fossil.com or mail us at Fossil Group, Attention: Privacy Compliance, 901 S. Central Expressway Richardson, TX 75080, USA.  Please also contact us at either of these addresses if you have any questions regarding privacy and data protection in connection with the App, Watch Apps or Device.

Our EU representative is FESCO GmbH, Natzing 2, 83125 Eggstätt, Germany. You can either contact our EU representative by sending an email to eu-privacy@fossil.com or calling +49-89-7484 6815.

Our UK representative is Fossil (UK) Ltd, Featherstone House, Featherstone Road, Wolverton Mill, Milton Keynes, MK12 5TH, England. You can contact our UK representative by sending an email to uk-privacy@fossil.com.

11. Definitions

"Personal Information" is information that can be used either directly or indirectly (in combination with other information) to identify you, or something about you. Examples of Personal Information include your name, email address, Device serial number, your activities and other details we collect via the App, Watch Apps, or Device.

Diesel ON App (“App”) is the app you install on your mobile device for the use of our services.

Diesel Watch Apps ("Watch Apps") are applications we designed to be used with Devices to expand the personal features and services available to you. Watch Apps may come preinstalled on some Devices or may be downloaded to your Device. Some of the Watch Apps are watch faces, smart battery modes, wellness, phone, weather, ring phone, music control, notifications, settings, timer, and stopwatch.

Diesel Device ("Device") is a Diesel wearable device. Our Devices can be distinguished between touchscreen Smartwatches and Hybrid Smartwatches. In order for you to benefit from the full spectrum of features available, for most of our Devices, you have to create a Diesel account and pair your Device with the Diesel ON App on your Smartphone. Some of our Smartwatches require you to set up a Google account and pair your Device with the Wear OS app on your Smartphone to function and others need a Google account to get Google features to work. Collection and use of your Personal Information on all touchscreen smartwatches through Google is subject to Google’s privacy policy.

Need help?

If you have any question or need help with your account, you may contact us to assist you.

We will respond to every message within 1 working day. Monday to Saturday, excluding national holidays.

Client service

Phone: +39 0230321047

From 9 am to 8 pm CET (from 8 am to 7 pm GMT), Monday to Saturday.

E-mail

From 9 am to 8 pm, Monday to Saturday.

Search

Remove Product?

Are you sure you want to remove the following product from the cart?

Search

Search

Search

Select language

English

Search

INFORMATION NOTICE ON THE PROCESSING OF PERSONAL DATA PURSUANT TO ARTICLES 13 AND 14 OF EU REGULATION 679/2016 (“GDPR”)

Your privacy is extremely important to us, please read this information notice carefully.

We wish to inform you in a complete and transparent manner about the personal data processing that the companies listed in paragraph 1 below will carry out on your personal data provided by you and/or collected in the context of the contacts you will possibly have with us, including for example the following:

  • contacting our Customer Service;
  • visiting the website www.diesel.com (hereinafter the “Site”) and/or the other websites referring to the brand, interacting with our pages on the social networks (eg. Facebook, Twitter, Instagram, Tik Tok, We Chat, Tmall etc.).

1. WHO COLLECTS YOUR PERSONAL DATA

The companies collecting and processing personal data as autonomous data controllers (hereinafter the “Data Controllers” or the “Companies”) or as Joint Controllers are:

  • OTB S.p.A. (“OTB”), with registered office in Italy, Breganze (Vi), Via dell’Industria 2, 36042, telephone +390445306555, email privacy@otb.net; OTB’s Data Protection Officer (“DPO”) can be contacted at dpo@otb.net;
  • Diesel S.p.A. (“Diesel”), with registered office in Italy, Breganze (Vi), Via dell’Industria 4-6, 36042, telephone +390424477555, email privacy@diesel.com; the Diesel Data Protection Officer (“DPO”) can be contacted at dpo@otb.net;

OTB and Diesel carry out some activities as joint controllers, taking jointly the decisions regarding the purposes and means of personal data processing. Hereafter, the term “Joint Controllers” means Diesel and OTB jointly considered when they process data as joint controllers.

To facilitate your understanding of the processing activities carried out by the above mentioned subjects as Controllers or Joint Controllers, we have prepared this document explaining which processing activities are carried out autonomously by each company.

Please consider that said processing activities are not intended for minors and the Data Controllers do not knowingly collect or solicit personal data from anyone under the age of 16. If you are less than 16 years old, please refrain from provide any personal data. This does not affect the applicable contract law such as the rules on the validity, formation or effect of a contract in relation to a child.

2. WHAT PERSONAL DATA WE PROCESS

Each Company collects different categories of personal data according to the purpose for which it processes them.

Herein below we specify which categories of personal data are collected; in the following paragraph we will explain for what purposes each category of data is processed by each Data Controller or by the Joint Controllers as appropriate (hereinafter also “Personal Data” if processed jointly).

  • Biographical Data: name, middle name, surname, date of birth, gender;
  • Contact Data: address of residence (street, city, province, state, zip code), domicile, email address, telephone number, mobile number;
  • Sales Data: shipping and billing address, method of delivery and payment, name of the credit card holder and expiry date of the card, information requested by the Customer Service, VAT number and/or tax code, passport number (the passport number will be used only for purposes related to payment where required by a law and within the limits of that law), Global Blue card number;
  • Tracking of Newsletters and Actions Data: information relating to the opening of newsletters or links
  • Data collected in the shop: birthday, presumed age group, in some countries the social network ID, gender, method and date of registration, store and sales assistant preferences, language, product categories of interest, methods of use services, preferences on services possibly noted in the shop, redemption campaign, events attendance, other brands purchased, products tried in the dressing room but not purchased;
  • Loyalty Data: your data collected as part of the “House of Diesel” loyalty program, whose Regulation is available at the following link, and based on your engagement with the brand (e.g., social media “like”, “comment”, “share”, “save”, “follow Diesel’s official account”, “share photos on community platform”, “create Wishlist and e-store avatar” etc.);
  • Navigation Data: data relating to browsing behaviour and/or use of the websites of the Data Controllers using, for example, cookies or information relating to the pages that have been visited or searched for or related to the wishlist collected while browsing or when shopping on the online store. As for the use of cookies, please refer to the Cookie Policy available at the following [http://diesel.com/shop/content/cookiepolicy].

3. FOR WHAT PURPOSES WE PROCESS YOUR PERSONAL DATA

In this paragraph we explain for what purposes each category of data is processed by each Data Controller or Joint Controller.

3.1 PURPOSES OF DIESEL S.P.A.

Diesel is the company that designs, sells and promotes the Brand’s products “Diesel”. It is the company maintaining the contacts with you if you decide to purchase the products through the Site or other websites controlled by Diesel or through other methods provided for by Diesel itself, if you participate in initiatives promoted by Diesel as prize competitions or other promotional initiatives; Diesel is also the company managing the loyalty program that you can sign in. Diesel will process Personal Data for the following purposes.

a) Sales activities and response to other requests made by customers

If you purchase Diesel’s products through the e-commerce service on the Site or through other methods provided for by Diesel itself, Diesel will process your Biographical Data, Contact Data, Sales Data and Purchase Data to conclude the sale, as well as for all activities strictly connected and related to it, such as delivery or other administrative and accounting obligations.

Similarly, Diesel may need to verify the requirements for participating to special discount programs (e.g. verifying if the purchase made is a first purchase or other requirements of the regulation) and to process your Biographical Data or Contact Data to respond to any further requests that you may formulate through the Site or through the Customer Service, through telephone or chat, such as requests for information, assistance, or to be notified by email when a desired product or size becomes available again on the Site, through the “Notify Me” functionality.

Legal basis: this processing is based on the performance of a purchase contract to which you are a party; the provision of the personal data listed above is necessary for this purpose, since otherwise Diesel will not be able to process your request..

b) Loyalty program Registration

The Biographical Data, Contact Data, Purchase Data and Loyalty Data will also be collected by Diesel to manage your request to join the loyalty program ( called “House of Diesel”, whose Regulation is available at the following link). These data will be processed to complete your membership and for all purposes strictly connected to it or instrumental, including - firstly - all the activities provided for in the loyalty program. Registration could take place: i) online through the Site; ii) offline in the participating shops, by completing the application form present in electronic (tablet or another smart tool) format or through flyers (distributed in shops) with a special QR code, through which customers can join the program themselves via the Site, iii) through further official channels of Diesel S.p.A., (for example, but not limited to social networks such as Facebook, Instagram, WeChat etc.), or iv) through the Customer Service.

All communications relating to the loyalty program may be made by Diesel via the Site, SMS, MMS, Wallet, e-mail, newsletter, social networks and/or any other official communication channel of Diesel. All these communications relating to the program itself are sent solely for the purpose of making available the benefits related to it and do not constitute marketing communications.

Furthermore, by creating an account on the Site in the reserved area, the user will become part of the Diesel’s loyalty program. If you wish to take advantage of the services available on the Site (e.g., purchase products) without joining the program, simply choose the “Guest” option where available (e.g., during checkout for payments).

Legal basis: this processing is based on the performance of a contract for joining the loyalty program to which you are a party; the provision of the Personal Data listed above is necessary for this purpose, since otherwise Diesel will not be able to process your request.

c) Participation in prize contests

Diesel will be able to process your Biographical Data to allow you to participate in prize contests that Diesel could organize. In certain situations, for example to proceed with the delivery of the prize, your Contact Data could also be processed. If participation in the contest requires further information, these will be requested to you upon release of a specific privacy policy.

Legal basis: this processing is based on the performance of a contract for attending the relevant prize contests to which you are a party; the provision of the Personal Data listed above is necessary for this purpose, since otherwise Diesel will not be able to process your request.

d) Marketing

Only with your consent, Diesel will process the Biographical Data, Contact Data and Purchase Data for marketing purposes, that is for advertising on social networks to which you are registered or sending advertising or direct sales material, carrying out market research, commercial communication with automated contact methods (e-mail, newsletter, SMS, MMS, online messaging platforms, etc.) and traditional contact methods (mail).

Legal basis: this processing is based on the consent you have given. In the event that you are registered in the loyalty program and decide to withdraw your consent to marketing, you will continue to receive communications relating to benefits (such as the Birthday or Anniversary Gift or preview access to the new collections and promotions only reserved to members). If, in addition to the withdrawal of consent, you do not want to receive this kind of communication anymore, you will be asked to specify it. Any removal from the loyalty program will also result in the cancellation of your online account, if you have one.

You can at any time withdraw your consent to receive the above-mentioned communications by clicking on the appropriate option in each marketing email received, as well as by writing to the address privacy@diesel.com, or otherwise by contacting the Company at the addresses indicated in paragraph 1.

e) Customer satisfaction

Diesel may use your Contact Data to conduct surveys to measure the level of satisfaction (i.e., customer satisfaction) with the service provided (by way of example but not limited to: in-store post-sales surveys; online post-sales surveys; second hand gold shopping surveys etc.). Please note that in any case the communications made for this purpose will not have an advertising content, or direct sales or will be used for market research or commercial communication.

Legal basis: this processing is based on the legitimate interest of Diesel to verify and improve the quality of its services.

f) Other administrative-accounting activities

Diesel may also process your Personal Data for administrative, accounting and internal statistical analysis for business planning purposes.

Legal basis: this processing is based on the legitimate interest of Diesel to improve the quality of its services and business.

3.2 PURPOSES OF THE JOINT CONTROLLERS (DIESEL AND OTB)

Diesel and OTB operate as Joint Controllers on the basis of a specific agreement for the purpose indicated below.

a) Customer profiling

With your consent, the Joint Controllers will be entitled to process Biographical Data, Contact Data, Sales Data, the Purchase Data, Loyalty Data, Tracking of Newsletters Data and Actions Data and the Navigation Data for profiling purposes and for business analysis, that is for analysis on your purchase preferences consisting of automated processing of the above mentioned Personal Data. This processing is aimed at analytically knowing or predicting your purchasing preferences also in order to create customer profiles and customize the commercial offer so that it is more in line with your preferences.

Legal basis: this processing is based on the consent you have given.

You will be entitled at any time to withdraw your consent to be subject to profiling by writing to privacy@diesel.com or otherwise by contacting the Joint Controllers at the addresses indicated in paragraph 1.

3.3 PURPOSES OF EACH DATA CONTROLLER OR JOINT CONTROLLER

Finally, each Data Controller or Join Controller may need to comply with a specific legal provision to which it is subject or to defend its own right in court.

a. Purposes related to the obligations established by laws or regulations, by decisions/requests of competent authorities or by supervisory and control bodies

Each Data Controller or Joint Controller may process your Personal Data to comply with a legal obligation to which it is subject.

Legal basis: compliance with a legal obligation.

The provision of data for this purpose is mandatory because in the absence of data the Data Controller or the Joint Controller will not be in a position to comply with their legal obligations.

b. Defense of rights during judicial, administrative or extra-judicial proceedings and in disputes arising in connection with the services offered

Your Personal Data may be processed by each Data Controller or Joint Controller to defend their rights or take legal action or make claims against you or third parties, including the prevention of fraud.

Legal basis: this processing is based on the legitimate interest pursued by the Data Controller or Joint Controller to protect their rights.

4. WHAT PROCESSING ACTIVITIES WE CARRY OUT WHEN YOU’RE USING OUR SITE AND YOU NAVIGATE WITHOUT BEING LOGGED IN

The Site is owned by Diesel. It is possible to browse the Site without having to actively communicate your Personal Data if you are not logged in. In this case, while browsing the Site, we inform you that the computer systems and software procedures used to operate the Site acquire, during their normal operation, some data whose transmission is implicit in the use of Internet communication protocols.

This is information that is not directly associated with identified users, but which by its very nature could, through processing and association with data held by third parties, allow these users to be identified.

This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, information regarding access, information regarding location , the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), the information regarding the user’s visit including data clickstream of the URL, within and from the Site, the duration of the visit on some pages and the interaction on these pages and other parameters relating to the operating system and the user’s IT environment.

These data are collected through the use of “cookies”. We specifically use browser cookies for various purposes, including cookies strictly necessary for the operation of the Site and the use of services through the appropriate features, and the cookies that are used for personalization, performance/analysis and promotional activities. Our Cookie Policy, available [http://diesel.com/shop/content/cookiepolicy], contains more information regarding the use of cookies on the Site, as well as the options for accepting or rejecting them.

The data collected while browsing the Site will be processed to (i) manage the Site and resolve any operating problems, (ii) make sure that the content of the Site is presented in the most effective way for its devices, developing, testing and making improvements to the Site, (iii) as far as possible, to keep the Site safe and secure, (iv) to obtain anonymous statistical information on the use of the Site and to check its correct functioning, (v) identify anomalies and/or abuses in the use of the Site. The data could also be used to ascertain responsibility in case of possible computer crimes committed against the Site or third parties and may be presented to the Judicial Authority, if this makes an explicit request.

5. WHAT HAPPENS IF YOU DO NOT PROVIDE PERSONAL DATA

Some Personal Data that we will indicate you from time to time during the registration or purchase process are necessary for the completion of the purchase contract and for administrative and accounting purposes.

In the description of the purposes in paragraph 3, we have specified when it is necessary to provide Personal Data. Where not expressly indicated as mandatory, therefore, the provision of Personal Data is optional and there will be no consequences if you do not provide them, if not the impossibility for the Data Controllers or Joint Controllers to act as described (for example, the impossibility to carry out marketing activities).

6. HOW AND HOW LONG WE WILL PROCESS PERSONAL DATA

The Personal Data provided to and/or collected by the Data Controllers or the Joint Controllers are processed and stored with automated tools and, in some cases, may be processed and stored on a paper backing. In particular, the Personal Data processed for purposes of marketing and of customer profiling will be entered and stored in the CRM systems that allow the processing of Personal Data for these purposes.

The Personal Data (either electronical and paper copies) will be stored for the time necessary to achieve the purposes for which they were collected. In particular, the following rules will apply:

  • data collected to enter into and perform purchase contracts, including payments: up to the conclusion of administrative and accounting obligations. The billing data will be kept for 10 years from the billing date;
  • data of the registered user for joining the loyalty program: the data will be kept as long as the account is active. Even after the termination of the account, we will retain the data if this will be necessary to comply with legal obligations, to protect our rights or to prevent fraud;
  • data related to data subjects’ requests: the data will be stored until the request is satisfied;
  • data collected and processed for customer satisfaction will be retained for 30 days;
  • if you have provided your consent, the data processed for purposes of marketing and customer profiling will be stored for a period of 7 years. (also according to an ad hoc provision provided for by the Italian Supervisory Authority upon Diesel’s request). In any case, you will not be contacted again for marketing and profiling activities 7 years after your last interaction with us or even earlier if you revoke the consent previously given. The events that identify this “interaction” may include, but are not limited to, a purchase, opening an email sent, participation in a survey, contest or event, interaction with Customer Service or a store, access to the “MyAccount” area, etc. For completeness, we would like to point out that, at any time, it is possible to review and modify your previously expressed consents in the “MyAccount” area of the Site, by contacting Diesel at privacy@diesel.com or the Customer Service.

In any case, for technical reasons, the termination of the processing and the consequent cancellation or irreversible anonymization of the related Personal Data will be definitive within thirty days from the terms indicated above.

The cancellation process is carried out periodically on the basis of the customer's request or at the expiry of the retention period, through an automatic flow that involves the data bases concerned; otherwise, Personal Data will be permanently anonymized; the hard copies will be destroyed by using appropriate devices.

With particular reference to the judicial protection of our rights or in case of requests from the authority, the data processed will be stored for the time necessary to process the request or to protect the right.

7. WHERE PERSONAL DATA MAY BE TRANSFERRED

For the purposes indicated above, we may also transfer your Personal Data to third countries, not belonging to the European Union, which may possibly do not guarantee the same level of protection. The transfer to third countries will always take place in accordance with the provisions of the GDPR, adopting any other measures necessary to ensure the security of the Personal Data being transferred. These measures possibly include agreements incorporating the so-called “standard contractual clauses” issued by the European Commission or your consent. You can ask for information regarding this third countries and how to obtain a copy of the appropriate safeguards using the following email address privacy@diesel.com or writing to the postal addresses indicated above.

8. WHO WILL PROCESS PERSONAL DATA

Personal Data will be processed by:

  • employees and collaborators of the Data Controllers or of the Joint Controllers processing data under the authority of the Data Controllers or of the Joint Controllers;
  • employees and collaborators of the Data Processors designated by the Data Controllers or Joint Controllers, including (i) the companies managing the online store and who will be entitled to view, modify and update the Personal Data entered in the CRM systems through which the Data Controllers or the Joint Controllers carry out the processing activities for marketing and profiling purposes (ii) the companies managing the storage of the Personal Data of the Data Controllers or Joint Controllers based on agreements or local regulations;
  • third parties established in the European Union and also outside the European Union, Data Processors, used by the Data Controllers or Joint Controllers in particular for services of: Personal Data acquisition and data entry, shipping, mailing of promotional material , after sales assistance and Customer Service, market research, management and maintenance of the CRM systems through which the Data Controllers or Joint Controllers carry out processing activities for marketing and profiling purposes and of the other corporate information systems of the Data Controllers or Joint Controllers of the processing. The complete list of Data Processors appointed by the Data Controllers or Joint Controllers can be requested to the following email address privacy@diesel.com or writing to the postal addresses indicated above.

Personal Data may also be disclosed to third parties, independent Data Controllers, in particular to freelancers or companies providing legal or tax advice and assistance and to companies managing payments made by debit or credit cards or for fraud prevention and management activities. Furthermore, in order to be able to offer you Klarna’s payment options, we will pass to Klarna certain aspects of your personal information, such as contact and order details, in order for Klarna to assess whether you qualify for their payment options and to tailor the payment options for you. General information on Klarna you can find here. Your Personal Data is handled by Klarnas as Data Controller in accordance with applicable data protection law and in accordance with the information in Klarnas privacy statement.

Personal Data will not be disseminated in any way.

9. YOUR RIGHTS

Pursuant to Chapter III of the GDPR, you have the right to ask each Data Controller or Joint Controller:

  • to access to your Personal Data;
  • to receive the copy of the Personal Data you provided us (so-called “data portability”) and to have data transmitted to another controller, if technically possible;
  • the rectification of the Personal Data in our possession;
  • the erasure of any Personal Data in relation to which we no longer have any legal basis for processing;
  • the limitation of the way in which we process your Personal Data, within the limits set by the applicable law data protection law.

Right to object: in addition to the rights listed above, you always have the right to object at any time to the processing of your Personal Data carried out by the Data Controller or Joint Controller for the pursuit of its legitimate interest. You have the right to object to direct marketing, which includes profiling. If you prefer that the processing of your Personal Data is carried out solely through traditional contact methods, you can object to the processing of your Personal Data carried out through automated contact methods.

You also have the right to withdraw, in whole or in part, the consent to the processing of Personal Data concerning you for the purpose of sending advertisements or direct selling or for carrying out market research or commercial communication with automated contact methods (e-mail, other remote communication systems via communication networks such as, for instance: SMS, MMS, messaging platforms, etc.) and traditional contact methods (mail).

The exercise of these rights, which can be done through the contact details indicated in paragraph 1, is not subject to formal constraints. In the event that you exercise any of the above mentioned rights, it will be the responsibility of the Data Controller or Joint Controller that you contacted to verify if you are entitled to exercise the right and to provide you with an answer, normally within a month.

As regards the Joint Controllers relationship, please note that OTB and Diesel entered into a specific agreement pursuant to article 26 of the GDPR, an extract of which is available for consultation contacting each of the Joint Data Controllers using the contact details indicated under paragraph 1.

If you believe that the processing of your Personal Data is carried out in breach of the provisions of the GDPR, you have the right to lodge a complaint with the Supervisory Authority or to start the appropriate legal actions before the competent courts.

To exercise your rights, you can send a request to the Data Controllers or Joint Controllers by writing to the addresses indicated in paragraph 1. The OTB and Diesel’s Data Protection Officer can be contacted at the email address dpo@otb.net.

Search

Marketing

Diesel S.p.A. will be able to process Biographical Data, Contact Data and Purchase Data for advertising activities on the social networks to which I am subscribed or sending advertising or direct sales material, carrying out market research, sending commercial promotions and discounts reserved to customers, commercial information - possibly also customized - with automated contact methods (e-mail, newsletters, SMS, MMS, messaging platforms, etc.) and traditional contact methods (mail).

We remind you that by joining the loyalty program, if you do not give the marketing consent, you will not receive any promotional communications but you will receive service communications concerning benefits to which you are entitled due to your registration to the loyalty program.

You can at any time withdraw your consent to receive the above-mentioned communications by clicking on the appropriate option in each email received, as well as by writing to the address privacy@diesel.com, or otherwise contacting Diesel S.p.a. at the addresses indicated at paragraph 1 of the information notice.

Search

The Joint Controllers will be able to process the Biographical Data, the Contact Data, the Sales Data, the Purchase Data, the Loyalty Data, Tracking of Newsletters Data and Actions Data and the Navigation Data for profiling purposes, or for analysis on your purchasing preferences consisting of automated processing of the above mentioned data. This processing is aimed at analytically knowing or predicting your purchasing preferences also in order to create customers profiles, and customize the commercial offer so that it is more in line with your preferences.

You can at any time withdraw your consent to be profiled by writing to the address privacy@diesel.com, privacy@otb.net or otherwise contacting the Joint Controller at the addresses indicated at paragraph 1 of the information notice.