COOKIE POLICY
The company Viktor&Rolf BV with registered office the Netherlands, 1013 AP Amsterdam, Danzigerkade 55 telephone +31207025555, email privacy@viktor-rolf.com, (hereinafter the “Company” or the “Data Controller”), in its capacity as Data Controller, provides the following information regarding navigation data and the operation of cookies and others tracking tools, within the website https://www.viktor-rolf.com/ (hereinafter the “Site”). For the purposes of this policy, the term “cookies” shall also refer to the others tracking tools used by the Site, as better described below.
The following notice refers to the Company’s website and not for other websites of third parties that may be consulted by the user through links.
For any other information on the policy adopted by the Company in the management of the Site, please refer to the Privacy Policy available at the following link.
- Browsing data, cookies and Others tracking tools
- Browsing data
The IT systems and software procedures responsible for the operation of the Sitacquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected with the purpose of identifying you, but could lead to your identification if, for example, they were combined with data held by third parties.
This category of data includes IP addresses or the domain names of the computers used by users who connect to the Site, the URIs (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
Such data are only used in order to obtain anonymous statistical information on the use of the Site and to check its correct operation and are immediately erased after the processing.
Data could be used to ascertain liability in case of cybercrimes committed to damage the Site: save for this case, data are stored for the time limits specified by the relevant legal regulations for the time strictly necessary to provide the user with the service required to ensure the transmission of communication.
- Cookie and others tracking tool
Cookies are usually short text that websites (so-called publishers or “first parties”) visited by the user or other websites or web servers (so-called “third parties”) place and store – directly, in the case of publishers, and indirectly, i.e., through them, in the case of “third parties” – in a terminal device available to the user. The terminals referred to are, for example, a personal computer, a tablet, a smartphone, or any other device capable of storing information.
Internet browsing software and the operation of these devices, e.g., browsers, can store cookies and then transmit them back to the sites that generated them on the occasion of a subsequent visit by the same user, thus keeping a record of his previous interaction with one or more websites.
The information encoded in cookies may include personal data, such as an IP address, user-name, unique identifier or email address, but may also contain non-personal data, such as language settings or information about the type of device a person is using to browse the site.
Cookies can therefore perform a wide variety of important functions, including performing computer authentication, monitoring sessions, storing information about specific configurations of users accessing the server, facilitating the use of online content, etc. They can be used to keep track of items in an online shopping cart or information used to fill out a computer form. They can, for example, be used to keep track of the items in an online shopping cart or the information used to fill out a computer form. Authentication cookies are of particular importance whenever it is necessary to verify who is accessing certain services, such as banking services. If, on the one hand, it is through cookies that it is possible, among other things, to allow web pages to load more quickly, as well as to route information on a network - in line, therefore, with obligations strictly related to the very operation of websites -, again through cookies it is also possible to convey “behavioral advertising” and then measure the effectiveness of the advertising message.
The same result achieved by cookies can also be achieved by other tracking tools (so-called “active identifiers” and “passive identifiers”, the latter assuming mere observation), which allow processing operations similar to those mentioned above.
- Types of cookies
Cookies and other tracking tools may have different characteristics in terms of time and therefore be considered according to their duration (session or permanent), or from a subjective point of view (depending on whether the publisher acts independently or on behalf of the “third party”). However, the classification that mainly meets the user’s protection needs is the one based on two macro-categories:
- Technical cookies, used for the sole purpose of “carrying out the transmission of a communication on an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the contracting party or user to provide such service” (see Article 122(1) of the Privacy Code); these cookies may be installed on the user’s terminal without the user’s consent, based, depending on the case, on the need to carry out a user’s request or on the legitimate interest of the Company;
- Profiling cookies, used to trace specific actions or recurring behavioral patterns in the use of the functions offered (patterns) back to specific, identified or identifiable subjects, in order to group the various profiles within homogeneous clusters of different sizes, so that increasingly targeted advertising messages can be sent, i.e., in line with the preferences expressed by the user when surfing the web; this type of cookie can be downloaded to the user’s terminal only with the latter’s consent.
Cookies may also be used to assess the effectiveness of an information society service provided by a publisher, for the design of a website or to help measure its “traffic”, i.e., the number of visitors, also possibly broken down by geographic area, connection time or other characteristics. These identifiers, defined as analytics cookies, may be included in the category of technical cookies, and as such may be used without the prior consent of the person concerned, under the following conditions:
- They are only used to produce aggregate statistics and in relation to a single site or a single mobile application;
- at least the fourth component of the IP address is masked for third-party cookies;
- the third-party refrains from combining these analytics cookies with other processing (customer files or statistics of visits to other sites, for example) or passing them on to third parties.
If these conditions are not met, analytics cookies also require the user’s consent in order to be downloaded.
Finally, cookies may also be used to enable interaction and easy sharing of content on social networks and/or to enable the sending of targeted advertisements based on the user’s preferences (social cookies); these cookies also require the user’s consent.
Like cookies, other tracking tools can be categorized according to several different criteria, the main one being, however, the purpose for which they are used: technical or commercial.
- List of cookies used by the Site
This Site uses cookies for technical, analytical, and statistical purposes, to improve the user’s interactivity with the Site via social networks and to personalize the sending of information and advertising communications according to the user’s interests (profiling).
- Technical cookie
The name, purpose of use and duration of each technical cookie used by the Site are set out below.
|
Cookie’s name |
Purpose |
Duration |
|
_ab |
Used in connection with access to admin. |
2 years |
|
_customer_account_shop_sessions |
Used in combination with the _secure_account_session_id cookie to track a user's session for new customer accounts |
30 days |
|
_secure_account_session_id |
Used to track a user's session for new customer accounts |
30 days |
|
_secure_session_id |
Used to track a user's session through the multi-step checkout process and keep their order, payment and shipping details connected. |
24 hours |
|
_shopify_country |
For shops where pricing currency/country set from GeoIP, that cookie stores the country we've detected. This cookie helps avoid doing GeoIP lookups after the first request. |
Session |
|
_shopify_m |
Used for managing customer privacy settings. |
1 year |
|
_shopify_tm |
Used for managing customer privacy settings. |
30 minutes |
|
_shopify_tw |
Used for managing customer privacy settings. |
2 weeks |
|
_storefront_u |
Used to facilitate updating customer account information. |
1 minute |
|
_tracking_consent |
Used to store a user's preferences if a merchant has set up privacy rules in the visitor's region. |
1 year |
|
_cmp_a |
Used for managing customer privacy settings. |
1 day |
|
c |
Used in connection with checkout. |
1 year |
|
cart |
Used in connection with shopping cart. |
2 weeks |
|
cart_currency |
Set after a checkout is completed to ensure that new carts are in the same currency as the last checkout. |
2 weeks |
|
cart_sig |
A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations. |
2 weeks |
|
cart_ts |
Used in connection with checkout. |
2 weeks |
|
cart_ver |
Used in connection with shopping cart. |
2 weeks |
|
c |
Used in connection with checkout. |
1 year |
|
cart |
Used in connection with shopping cart. |
2 weeks |
|
cart_currency |
Set after a checkout is completed to ensure that new carts are in the same currency as the last checkout. |
2 weeks |
|
cart_sig |
A hash of the contents of a cart. This is used to verify the integrity of the cart and to ensure performance of some cart operations. |
2 weeks |
|
cart_ts |
Used in connection with checkout. |
2 weeks |
|
checkout |
Used in connection with checkout. |
4 weeks |
|
checkout_token |
Used in connection with checkout. |
1 year |
|
customer_account_locale |
Used in connection with new customer accounts |
1 year |
|
dynamic_checkout_shown_on_cart |
Used in connection with checkout. |
30 minutes |
|
hide_shopify_pay_for_checkout |
Used in connection with checkout. |
Session |
|
keep_alive |
Used in connection with buyer localization. |
2 weeks |
|
master_device_id |
Used in connection with merchant login. |
2 years |
|
previous_step |
Used in connection with checkout. |
1 year |
|
discount_code |
Used in connection with checkout. |
Session |
|
remember_me |
Used in connection with checkout. |
1 year |
|
secure_customer_sig |
Used to identify a user after they sign into a shop as a customer so they do not need to log in again. |
1 year |
|
shopify_pay |
Used in connection with checkout. |
1 year |
|
shopify_pay_redirect |
Used in connection with checkout. |
Varies (1 hour, 3 weeks, or 1 year) |
|
shop_pay_accelerated |
Used in connection with checkout. |
1 year |
|
storefront_digest |
Stores a digest of the storefront password, allowing merchants to preview their storefront while it's password protected. |
2 years |
|
tracked_start_checkout |
Used in connection with checkout. |
1 year |
|
checkout_session_lookup |
Used in connection with checkout. |
3 weeks |
|
checkout_prefill |
Used in connection with checkout. |
5 minutes |
|
checkout_queue_token |
Used in connection with checkout. |
1 year |
|
checkout_queue_checkout_token |
Used in connection with checkout. |
1 year |
|
checkout_worker_session |
Used in connection with checkout. |
3 days |
|
|
|
|
The installation of these cookies does not require the prior consent of users. These cookies can be deactivated and/or deleted via the browser settings. All modern browsers allow to change the settings of cookies. These settings can usually be found in the “options” or “preferences” menu of your browser. To understand these settings, the following links may be useful. Alternatively, you can use the “Help” option in your browser for more information:
- Cookie Settings in Explorer/Edge
- Cookie Settings in Firefox
- Cookie Settings in Chrome
- Cookie Settings in Safari e iOS
In the event of a block on the use of cookies, the service offered to the user through the Site will be limited, thus affecting the use of the Site.
- Other types of cookies (profiling, analytics, social)
Below, for each cookie used by the Site that does not fall into the category of technical cookies, we provide: the name, the relevant third party, if the cookie is not a first party, the purpose of use and the duration.
For all the information relating to the cookies provided by third parties and for the methods of opting out of each cookie, you will be able to access the respective policies and the tool provided by the third party to opt out of each cookie.
Please note that you can also use the following link to exercise your opt-out from third-party cookies (i.e. companies that are members of the WebChoices tool of the Digital Advertising Alliance, including Facebook) installed on your browser: https://optout.aboutads.info/?c=2&lang=EN
You can also use the following tool provided by Your Online Choices to control your preferences by exercising you opt-out from third-party cookies: https://www.youronlinechoices.com/.
Profiling cookie
|
Cookie’s name |
First part or Third part (indicate supplier) |
Purpose |
Duration |
|
_shopify_s |
First Part (Shopify) |
Used by Shopify to track session and store information. |
30 minutes |
|
_fbp |
Third Part (Meta) |
Used by Facebook to deliver a series of advertisement products |
3 months |
Analytical cookies (non-technical)
|
Cookie’s name |
First part or Third part (indicate supplier) |
Purpose |
Duration |
|
_ga
|
Third Part (Google Analytics) |
Used to distinguish users for Google Analytics. |
2 years |
|
_pin_unauth |
Third Part (Pinterest) |
Used by Pinterest to track the usage of services. |
1 year |
Social cookie
|
Cookie’s name |
First part or Third part (indicate supplier) |
Purpose |
Duration |
|
_fbp |
Third Part (Meta) |
Used by Facebook to deliver a series of advertisement products |
3 months |
|
_pinterest_sess |
Third Part (Pinterest) |
Used by Pinterest to track users' session. |
1 year |
Other social functionality (e.g., plugins)
In addition to the above-mentioned cookies, the Site also incorporates plugins and/or buttons to allow the easy sharing of content on the following social networks: Facebook, Instagram, Pinterest, YouTube. When the user visits a page of the Website that contains a plugin, the browser connects to the servers of the social network from which the plugin is loaded, which server can track the visit to the Website and, if appropriate, associate it with the social network account, particularly if the user is logged in at the time of the visit or has recently surfed one of the websites containing social plugins. If the user does not wish the social network to record data relating to the visit to the Site, he/she must log out of the social network account and delete the cookies that the social network has installed in the user’s browser.
In relation to certain activities, the Company and the social networks may also act as joint controllers, within the meaning of Article 26 of the GDPR, in particular when the Company, through a plugin, jointly determines with the social network the purposes and means of processing consisting of the collection and transmission of user data to the social network. In such cases, the Company adheres to the contractual conditions of the social network, which may include co-ownership agreements.
In particular, with regard to the Facebook plug-ins, the Company and Facebook Ireland Ltd, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2 Ireland act as joint controllers and the relevant joint ownership agreement (“Data Controller’s Appendix”) can be found at the following link: [ ]. Facebook Ireland is responsible for the data subjects’ rights pursuant to Articles 15-20 of the GDPR in relation to the personal data stored by Facebook Ireland after joint processing. The following supervisory authority is responsible for Facebook: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland (https://www.dataprotection.ie/).
Finally, it should be noted that the possible joint ownership, in any case, does not extend to processing carried out by social networks in relation to which the Company does not determine the purposes and means of processing (e.g., operations carried out by the social network after the Site has communicated the User’s data).
With reference to the collection and use of information by social networks, please refer to their respective privacy policies.
- Facebook(link cookie policy);
- Instagram (link cookie policy);
- Pinterest (link cookie policy);
- YouTube (link cookie policy).
- Other tracking tools
Below are the tracking tools used on the Site:
- Google Analytics
- Data protection rights
Every user is entitled to obtain from the Company, subject to the existence of the legal prerequisite underlying the request:
- the access to personal data concerning him/her;
- the deletion of personal data;
- the rectification of personal data held by the Company;
- the revocation of consent in cases where processing is based on consent;
- the limitation of the processing of personal data;
- the copying of personal data provided by users to the Company, in a structured, commonly used and machine-readable format (portability) and the transmission of such personal data to another data controller.
Right to object: in addition to the rights listed above, you always have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out by the Company in pursuit of its legitimate interests and to the processing of your personal data for marketing purposes.
In the event that the user exercises any of the aforementioned rights, it shall be the responsibility of the Company to verify that the user is entitled to exercise such rights and shall be informed, as a rule, within one month.
If you believe that the processing of your personal data is in breach of the applicable data protection legislation, you have the right to lodge a complaint with the Data Protection Authority, using the references available on the website https://autoriteitpersoonsgegevens.nl/nl/zelf-doen/gebruik-uw-privacyrechten/klacht-melden-bij-de-ap or the local Supervisory Authority of your country.
- Contacts
The contact details of the Company, as data controller are:
Viktor&Rolf B.V., with registered offices in the Netherlands, 1013 AP Amsterdam, Danzigerkade 55
Email store@viktor-rolf.com
To exercise your rights, you may contact the Company to the above address of the Company or by email to store@viktor-rolf.com or finance@viktor-rolf.com.