BVLGARI VAULT App for IOS and Android Smartphones and Tablets provides a convenient, easy to use and highly secure encrypted storage for all your valuable digital assets (passwords, PINs, credit & loyalty cards, documents, photos and more) - safely ENCRYPTED on your device. BVLGARI VAULT's easy to use interface allows you to store your web sites, usernames and passwords quickly and securely on your device, and quickly log on to web sites. Bvlgari Vault features authorization using the best practices on multi-factor or authentication by a combination of fingerprint, face recognition, dot pattern and password options.
A: CLIENT'S ACKNOWLEDGEMENT AND USE OF BVLGARI TRADEMARK AND DESIGN
1. The user of the BVLGARI VAULT ("Client" or "you") acknowledges that: (i) the BVLGARI VAULT has been developed and is operated and offered to customers by WiseKey SA ("WISeKey") and not by Bulgari S.p.A. ("Bulgari"); (ii) information on BVLGARI VAULT in any marketing or sales materials is provided by WISeKey which shall be solely responsible for its accuracy; (iii) Client has no right to use or interest in the BVLGARI trademarks; (iv) there is no involvement of Bulgari in the development and sale of the BVLGARI VAULT other than merely the licensing of the BVLGARI trademark by Bulgari; (v) there is no involvement of Bulgari in the issuance, maintenance and functioning of the digital certificate(s) released in connection with the BVLGARI VAULT nor in the storage and safekeeping of Client’s data encrypted and stored through the BVLGARI VAULT; and (vi) there is no joint venture, partnership or other formal business entity or fiduciary relationship between Bulgari and WISeKey nor agency relationship and neither Bulgari or WISeKey have the authority to bind or obligate the other in any manner.
2. RELEASE: TO THE MAXIMUM EXTENT ALLOWED BY LAW, CLIENT UNCONDITIONALLY WAIVES AND RELEASES, BULGARI, ITS DIRECTORS, OFFICERS, EMPLOYEES, SHAREHOLDERS, AGENTS OR CONTENT OR SERVICE PROVIDERS FROM AND AGAINST ANY LIABILITY WITH RESPECT TO ANY REPRESENTATIONS OR DEFECTS, FAILURE TO PERFORM, ABSENCE OF STATED QUALITIES, MALFUNCTIONING OF THE BVLGARI VAULT, LOSS (INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOST BUSINESS AND LOSS OF GOODWILL), COSTS FOR SUBSTITUTE SERVICES, ILLEGAL ACCESSING, COPYING OR USING OF CLIENT'S DATA AND/OR ANY CLAIM WHATSOEVER, RELATING TO THE SALE BY WISEKEY AND THE PURCHASE BY CLIENT OF THE BVLGARI VAULT. YOU HEREBY KNOWINGLY, VOLUNTARILY, INTENTIONALLY, PERMANENTLY AND IRREVOCABLY WAIVE THE BENEFITS OF ANY APPLICABLE LAW OR STATUTE WHICH MAY AFFECT YOUR ABILITY TO WAIVE AND/OR RELEASE YOUR RIGHTS AS SET FORTH HEREIN, WHETHER KNOWN OR UNKNOWN BY YOU AT THE TIME OF WAIVER. IF CLIENT IS A CALIFORNIA RESIDENT, CLIENT HEREBY KNOWINGLY, VOLUNTARILY, INTENTIONALLY, PERMANENTLY AND IRREVOCABLY WAIVES THE BENEFITS OF SECTION 1542 OF THE CALIFORNIA CIVIL CODE (OR SIMILAR STATUTE OF SUCH OTHER JURISDICTION OF RESIDENCY) WHICH STATES: "A GENERAL RELEASE DOES NOT EXTEND TO CLAIMS WHICH THE CREDITOR DOES NOT KNOW OR SUSPECT TO EXIST IN HIS OR HER FAVOR AT THE TIME OF EXECUTING THE RELEASE, WHICH IF KNOWN BY HIM OR HER MUST HAVE MATERIALLY AFFECTED HIS OR HER SETTLEMENT WITH THE DEBTOR.
3. Client further acknowledges that the licensing of the BVLGARI trademark by Bulgari and the right of WISeKey to use the esthetic layout and graphical contents of the BVLGARI VAULT, may be revoked and the relevant license agreements may be terminated at any time in accordance with the terms provided in the license agreement executed between Bulgari and WISeKey. In such event, all use of the BVLGARI trademarks and esthetic layout of the BVLGARI VAULT shall cease and WISeKey has contractually agreed with BVLGARI to: (i) publish an update of the BVLGARI VAULT so as to enable users who have downloaded the BVLGARI VAULT to revert to the WiseID Application using the WiseID name and layout, having the same content and functionality of the BVLGARI VAULT which WISeKey shall maintain available providing the relevant service without disruption up to expiration of the then current terms agreed upon with Client, (ii) send to all Clients a written communication to inform them that they are required to download the relevant update of the BVLGARI VAULT with a new layout. In this regard, Client acknowledges and agrees that: (i) it shall have no recourse against Bulgari in the event that the BVLGARI VAULT should revert to the WiseID name and layout or other lay out different from the BVLGARI VAULT layout and (ii) all use of the BVLGARI trademarks must cease in accordance with the foregoing.
B: BVLGARI VAULT TERMS OF SERVICE
2. BVLGARI VAULT App
To use the BVLGARI VAULT and the Services, you must download the BVLGARI VAULT App, register through the same App, set up an account with us and pay the relevant fee as may be applicable. A complete description of the registration process and the BVLGARI VAULT instructions and features are available at http://www.bulgarivault.com .
BVLGARI VAULT IS BEING PROVIDED TO CLIENT ON AN "AS IS" AND "AS AVAILABLE" BASIS AND WITHOUT ANY REPRESENTATIONS, WARRANTIES OR CONDITIONS OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, ANY IMPLIED WARRANTIES OF TITLE, NON-INFRINGEMENT, MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, PERFORMANCE, OR DURABILITY, ALL OF WHICH ARE HEREBY DISCLAIMED BY WISEKEY, BULGARI AND THE PROTECTED ENTITIES (AS DEFINED BELOW) TO THE FULLEST EXTENT PERMITTED BY LAW.
CLIENT'S USE OF THE BVLGARI VAULT, INCLUDING ANY SERVICES, MATERIALS, DATA, PASSWORDS OR OTHER INFORMATION SUBMITTED, DOWNLOADED OR OTHERWISE OBTAINED BY OR THROUGH THE BVLGARI VAULT (COLLECTIVELY, THE "MATERIALS"), IS AT CLIENT'S SOLE RISK. BVLGARI VAULT IS NEITHER DESIGNED NOR INTENDED TO BE USED AS A DISASTER RECOVERY FACILITY. CLIENT SHOULD NOT RELY ON THE BVLGARI VAULT FOR STORAGE OF THE MATERIALS CLIENT PROVIDES. CLIENT SHOULD KEEP ITS OWN BACKUP COPIES OF ALL MATERIALS THAT IT MAY USE, OR ALLOW OTHERS TO USE, IN CONNECTION WITH BVLGARI VAULT.
3. WISeKey's Undertaking
4. Intellectual Property Rights
4.1 Client acknowledges that WISeKey, and/or its vendors and licensors (such as Bulgari), retain all intellectual property rights and title (including any patent, copyright, trademark and other rights) in and to all of their respective trademarks, tradenames, confidential information, trade secrets or other proprietary information, products, and the ideas, concepts, techniques, inventions, processes, software or works of authorship developed, comprising, embodied in, or practiced in connection with the BVLGARI VAULT or Services provided by WISeKey hereunder (all of the foregoing "Works"), including without limitation all modifications, enhancements, configurations, upgrades, and interfaces to the WISeKey designated hardware and software supporting such Services. WISeKey and its vendors and licensors, as applicable, reserve and retain all intellectual property rights and title associated with Works created by WISeKey and its vendors and licensors and derivatives of such Works, including without limitation all Works or derivatives developed or created by WISeKey, and/or its vendors and licensors, as applicable, or their personnel or contractors during the course of performing the Services for, or providing the BVLGARI VAULT and the Services to, Client. Any software provided by WISeKey, including its operation, code, architecture and implementation, as well as the look and feel of the BVLGARI VAULT, are the valuable intellectual property of WISeKey, and/or its vendors and licensors, as applicable. Any such software and look and feel of the BVLGARI VAULT is protected by Swiss Copyright laws and/or the laws of other countries and international treaty provisions.
5. Client Obligations
5.1 Payment: by subscribing to the Cloud Service, WISeKey will automatically charge on a recurring basis the payment method associated with your Account. You are responsible for the timely payment of all fees and for providing a valid credit card or payment account details for payment of all fees as applicable. If WISeKey is unable to successfully charge your credit card or payment account for fees due, WISeKey reserves the right (at its sole discretion), upon a prior payment warning, to revoke or restrict access to your content stored through the Cloud Service and after one further warning, to delete your stored content or terminate your cloud data storage service. If you want to designate a different credit card or payment account or if there is a change in your credit card or payment account status, you must change your information online in the Account section. The total price for the Cloud Service will include the price of the Service plus any applicable credit card fees and any sales, use, goods and services (GST), value added (VAT), or other similar tax, under applicable law and based on the tax rate in effect at the time you purchase the upgrade. We will charge tax when required to do so under the tax rules applicable to the Service .
5.2 Regulatory Compliance: Client shall, wherever applicable, comply with all relevant regulations and obtain at its own expense any pertinent licenses or permits required for the use of the BVLGARI VAULT and Services, including, but not limited to those concerning digital certification services, the use of secure communications systems, secure messaging systems, the heightened legal recognition of digital signatures and digital certificates, as well as those required for the importation, exportation, re-importation, re-exportation, and use of any restricted products required (e.g. cryptographic or dual use products). WISeKey shall under no circumstances be liable for the illegal or unauthorised use of the BVLGARI VAULT and Services or for any rejections or delays in the attainment of permits, licenses or regulatory compliance in any manner required for the provision of the BVLGARI VAULT and Services. The Client agrees to use the BVLGARI VAULT and the Services in compliance with all applicable laws, including local laws of the country or region in which the Client resides or in which it downloads or uses the BVLGARI VAULT and Services. A Wi-Fi or cellular data connection is required for some features of the BVLGARI VAULT and Services. WISeKey shall under no circumstances be liable for consequences of the poor quality or lack of such connection.
CLIENT EXPRESSLY ACKNOWLEDGES THAT THE EMAIL ADDRESS PROVIDED AT THE MOMENT OF ITS REGISTRATION WILL BE USED BY WISEKEY FOR ALL NOTIFICATIONS RELATED TO THE BVLGARI VAULT AND SERVICES (INCLUDING BUT NOT LIMITED TO SECURITY ISSUES ARISING FROM ILLEGAL ATTEMPTS TO ACCESS THE MATERIALS) AND IT IS CLIENT'S RESPONSIBILITY TO KEEP IT UPDATED AT ALL TIMES AND CHECK IT REGULARLY. WISEKEY IS NOT IN ANY WAY RESPONSIBLE FOR CONSEQUENCES OF OUTDATED CLIENT'S RECORDS SUCH AS DELAYED OR MISSING EMAIL.
5.5 Devices and Accounts: Use of the BVLGARI VAULT and of the Services requires compatible devices, Internet access, and certain software (fees may apply); may require periodic updates; and may be affected by the performance of these factors. The Client will be responsible for any damage to such devices. As a registered user of the BVLGARI VAULT and the Services, Client will establish an account ("Account"). Client shall not reveal its Account information to anyone else. Client is solely responsible for maintaining the confidentiality and security of his/her Account and for all activities that occur on or through the Account, and Client agrees to immediately notify WISeKey of any security breach of the Account. Neither WISeKey or Bulgari, nor their respective Protected Entities (as defined in Section 6 below) shall be responsible for any losses arising out of the unauthorized use of Client's Account. You may add any number of devices to your Account as described in http://www.bulgarivault.com.
BULGARI VAULT REGISTRATION INFORMATION NOTICE Information notice on processing of personal data pursuant to the Italian Data Protection Code - Legislative Decree No. 196 of 30 June 2003 (the "DPC") and to the Swiss Federal Act on Data Protection Act (the "FADP")
WISeKey S.A. and Bulgari S.p.A. (hereinafter also: the "data controllers") gives the following information in relation to your personal data collection and use.
1. Purposes of the processing.
Personal data such as those necessary to the production of a public key certificate, for the verification of a digital signature, for the validation of a certificate's status as well as to positively identify a data subject (e.g. name, surname, email address, country of residency ) are collected and processed by WISeKey S.A. for the following purposes:
a) Proving an individual's identity before a digital certificate is issued to them, subsequent registration of users in order to benefit of the services provided on the Bvlgari Vault
b) Managing administrative and legal operations
Information about race, ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, health or sexual orientation will not be collected and personality profiles (as defined in FADP) will not be established except when specifically required to satisfy the requirements of of local legislation.
Personal data (e.g. name, surname, email address, country of residency, ) are collected and processed by Wisekey S.A. on Bulgari's behalf and in accordance with the Italian and Swiss applicable data protection laws and pursuant Bulgari S.p.A.'s instructions and recommendation for the following purposes:
c) Creating profiles and analyze the consumption choices of the customers, also using data on retail purchases made at Bulgari stores worldwide.
This processing is carried out in compliance with the guarantees and measures set forth by the Italian Data Protection Authority by the decision of acceptance of the request for prior checking submitted by Bulgari S.p.A. of April 24, 2013.
d) to provide personalized sales services at Bulgari stores worldwide, for example, but not limited to: personal shopping services, support services free of charge, courtesy services and to offer our customers products BVLGARI by sending of advertising material, newsletters, promotional communications also customized and for carrying out market research using automated contact means (e-mail, fax) as well as traditional contact means (paper mail, operator-assisted phone calls).
2. Provision of data
The provision of data to the purposes referred to in paragraph 1 letters a) and b) is voluntary but shall be mandatory, in case of refusal by a customer WISeKey S.A. will not be able to process your registration to the app and to provide you with the requested goods and services.
The provision of data to the purposes referred to in paragraph 1 letters c) and d) is optional and the use of the data is subject to specific approval by the customer. Any refusal to provide data however will not allow Bulgari S.p.A. to pursue the purposes described above.
It is a data subject's responsibility to ensure that any information they provide to WISeKey S.A. is accurate. If this information subsequently changes, it is the data subject's obligation to inform it promptly. If the data subject becomes aware of any inaccuracies in the personal data held about them, it is its responsibility to advise the entity that processed its personal data.
3. Methods of the processing
Personal data will be processed using electronic or automated systems, computer and internet, or by manual logic processing strictly related to the purposes for which the personal data have been anyhow collected, in order to ensure, in each case, the security of the same.
Personal data processed for the purposes referred to in paragraph 1 letters a) and b), will reside and be stored in Switzerland in a system managed by WISeKey S.A. and third parties contractors of same.
Personal data processed for the purposes referred to in paragraph 1 letters c) and d) will reside and stored in Italy in the CRM system managed by Bulgari S.p.A. and third parties contractors of same.
4. Data entry in the CRM system
The inclusion of personal data in the CRM system is optional and occurs only in the event of release of the data subject's consent to the pursuit of one of the purposes referred to in paragraph 1 letters c) and d).
The inclusion of personal data processed for the purposes referred to in paragraph 1 letters c) and d) in the CRM system will automatically result in the visibility, as well as the possibility of modification and updating of the same, by Bulgari's employees worldwide on a "need to know" basis.
5. Scope of communication, dissemination of data
The processing of personal data is carried out by internal staff of WISeKey S.A. and Bulgari S.p.A. for that purpose appointed, from time to time, as persons in charge of the processing or data processors.
Personal data collection can be handled by third parties, external data processors, namely by:
- Parent companies, subsidiary or associated with Bulgari S.p.A. in Italy and/or worldwide that manage the sales channels for the pursuit by such companies of the purposes referred to in paragraph 1 letters c) and d) on behalf of Bulgari S.p.A.;
- Companies performing services for mailing of the newsletter, advertising material or promotional communications on behalf of Bulgari S.p.A.;
- Companies doing customer care services on behalf of WISeKey S.A.;
- Companies doing analysis and market research on behalf of Bulgari S.p.A.;
- Companies that perform maintenance services of IT systems on behalf of WISeKey S.A. and of Bulgari S.p.A.
Personal data collected may also be disclosed by the data controllers to third parties, namely to:
- Individuals, companies, associations or professional firms that carry out assistance and advisory services (lawyers, accountants, auditors).
Personal data will never be disseminated.
Any cross-border data transfer (which also includes remote access from a foreign country) to a country without an adequate level of data protection is prohibited, unless there is a sufficient safeguard, in particular a contractual clause such as the EU-Model Clauses, ensuring an adequate level of data protection in the country where the importing company is located and the data subject has been previously informed about the transfer or the transfer could be inferred by the circumstances.
6.Data retention and storage
Personal data shall be retained only for the period required by applicable law or needed for one of the purposes for which it is retained as authorized pursuant to applicable law, whichever is longer.
This being said, personal data collected for the purposes of paragraph 1 letters a) and b) will be stored by WISeKey S.A. for a period of 7 years from the certificate expiry date to provide evidence in the event of a challenge on the validity of a certificate or a digital signature. Such period may be extended with regard to specific records and information upon request by the data subject of special archiving services. In all cases, the records may be archived in paper or electronic form. Personal data collected for the purposes referred to in paragraph 1 letters c) and d) will be stored by Bulgari S.p.A. until the data subject revokes the consent to the processing of data. Data relating to the details of purchases processed for profiling and marketing purposes, can be retained for 10 years in accordance with the decision of the Italian Data Protection Authority of 24 April 2013, or if earlier until the data subject revokes the consent to the processing of data. After the expiration of the retention period Personal data will be automatically deleted or made anonymous permanently.
7. Rights of the data subject
Data subject is entitled to exercise the rights referred to in Article 8 of FADP and in article 7 of DPC (both detailed below), requesting, inter alia, written information at any time on the processing of and the content of the collected personal data by Bulgari S.p.A., addressing a specific request to Bulgari S.p.A. - Data processor, Lungotevere Marzio 11 00186 Roma (RM), or by sending an e-mail to: --email@example.com>.
With the same modalities, the data subject may oppose, in whole or in part, without affecting the lawfulness of processing based on consent before its withdrawal, without economic charge and on legitimate grounds, to the processing of his/her personal data or oppose to their processing when performed through automated contact means (e-mail, fax) and require correction or deletion of the collected personal data.
ARTICLE 8 of the FADP
(Right to information)
1. Any person may request information from the controller of a data file as to whether data concerning them is being processed.
2. The controller of a data file must notify the data subject of:
a. all available data concerning the subject in the data file, including the available information on the source of the data;
b. the purpose of and if applicable the legal basis for the processing as well as the categories of the personal data processed, the other parties involved with the file and the data recipient.
3. The controller of a data file may arrange for data on the health of the data subject to be communicated by a doctor designated by the subject.
4. If the controller of a data file has personal data processed by a third party, the controller remains under an obligation to provide information. The third party is under an obligation to provide information if he does not disclose the identity of the controller or if the controller is not domiciled in Switzerland.
5. The information must normally be provided in writing, in the form of a printout or a photocopy, and is free of charge. The Federal Council regulates exceptions.
6. No one may waive the right to information in advance.
ARTICLE 7 of the DPC
(Right to Access Personal Data and Other Rights)
2. A data subject shall have the right to be informed:
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2);
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State's territory, data processor(s) or person(s) in charge of the processing.
A data subject shall have the right to obtain
a) Updating, rectification or, where interested therein, integration of the data;
b) Erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
8. Data controllers
The data controllers are:
- WISeKey S.A. - World Trade Center II, 29 route de Pré – Bois, Case postale 853, 1215 Geneva 15, Switzerland. for the purposes described in paragraph 1 letters a) and b).
- Bulgari S.p.A. - Via dei Condotti, 11 - 00186 Rome (RM) – Italy for the purposes described in paragraph 1 letters c) and d).
9. Data processors
The data processors are:
- the CENTRAL F&A SUPPORT Director so appointed by Bulgari S.p.A.
- the CENTRAL CUSTOMER SUPPORT manager appointed by WISeKey S.A.