We reserve the right, at our discretion, to change or remove portions of this policy at any time.
Problems or questions
If you have any questions about this policy, including any requests to exercise your rights or have a problem or complaint, please contact us as set out below.
Company region: Cantine Pirovano s.r.l.
E-mail address: [email protected]
Telephone number: +39 039 992 0542
Your duty to inform us of changes
It is important that the personal information we hold about you is accurate and up to date. Please keep us informed if your personal information changes during your relationship with us.
2. YOUR PERSONAL INFORMATION
We recognise the importance of protecting the privacy of data collected from and about visitors to our website, particularly data that identifies an individual (“personal information”). This policy governs the manner in which personal information obtained through the website will be processed. This policy will be reviewed periodically. We welcome your comments and feedback.
Personal data is information that identifies or makes identifiable, directly or indirectly, a natural person and that may provide information about his or her characteristics, habits, lifestyle, personal relationships, health, economic situation, etc..
We may collect, use, store and transfer different types of personal data, which we have grouped as follows:
- identity data including first name, last name, user name or similar identifier;
- contact data including e-mail address and telephone numbers;
- usage data and technical data including information on the use of our website.
We do not collect or process special personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership. Furthermore, we do not collect or process genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Nor do we collect or process any information on criminal convictions and offences.
Where we are required to collect personal information, or data, by law or under the terms of a contract we have with you, and you do not provide such data when requested, we may not be able to perform the contract (for example, to provide services). In this case, we may have to cancel a service you have with us but we will notify you if this is the case at that time.
3. HOW WE COLLECT YOUR PERSONAL INFORMATION
The methods through which we collect information and data include:
You may provide us with your identity and contact details by completing forms or by corresponding with us through this website.
This includes personal data provided when you:
- you request our services;;
- you subscribe to our newsletter.
Automated technologies or interactions
During your interaction with our website, we may automatically collect technical data about the device you use, your browsing actions and paths. We collect this data using cookies and other similar technologies.
4. HOW WE USE YOUR PERSONAL DATA
Personal information that visitors submit or that we collect through our website is used only for the purpose for which it is submitted or for other secondary purposes related to the primary purpose, unless other uses are disclosed in this policy. We will only use your personal information as and when the law allows us to do so.
Most commonly we will use your personal information in the following circumstances:
- qwhen it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. Legitimate interest means our interest in conducting and managing our business to enable us to provide you with the best service. We ensure that we consider and balance any potential impact on you (both positive and negative) and your rights before processing your personal data for our legitimate interests;
- when we have to comply with a legal or regulatory obligation. “Complying with a legal or regulatory obligation” means processing your personal data where necessary to comply with a legal or regulatory obligation to which we are subject. Please note that we may process your personal information for more than one legal reason depending on the specific purpose for which we are using your data;
- when you have given consent and requested to receive newsletters. If you have registered to receive newsletters or have requested information or purchased services from us, we will ensure that we have your consent before you can receive any marketing communications from us.
You can ask us to stop sending you content or marketing messages at any time by following the opt-out links on any marketing message sent to you, or by contacting us at any time.
In addition, there may be other types of legal basis on which we may rely to process the personal information you provide to us from time to time. You have the right to withdraw your consent to the processing or use of your data at any time by contacting us.
5. COMMUNICATION OF YOUR PERSONAL DATA
Your personal information may be disclosed to third parties in particular situations where we have reason to believe that this is necessary to identify, contact or bring legal action against anyone who intends to (intentionally or unintentionally) infringe our rights.
In addition, we may disclose personal information when we believe in good faith that the law requires such disclosure. We may engage third parties to provide services to you on our behalf. In that circumstance, we may disclose your personal information to such third parties in order to fulfil your request for services.
Where necessary, suppliers are appointed as Data Processors, an up-to-date list of which is available upon request from the Data Controller.
6. TRANSFER OF DATA OUTSIDE THE EU
The Data Controller does not transfer your personal data to countries where the EU Regulation 2016/679 (GDPR) does not apply (Non-EU countries), or countries with which there is not a specific agreement with the E.U. or individual Member State Authorities. Otherwise, it will be up to the Data Controller to inform you in advance of this type of transfer.
7. SECURITY OF PERSONAL DATA
We are committed to ensuring the security, integrity and confidentiality of your personal data submitted to or collected through our website and we review and update our security measures in light of current technology and regulatory changes. Unfortunately, no data transmission over the Internet can be guaranteed to be totally secure. However, we will endeavour to take all reasonable steps to protect any personal information you may transmit or provide to us online. Once we receive the transmission, we will also do our best to ensure its security on our systems. In addition, our employees and third-party vendors who provide services related to our information systems, including the website, are required to respect the confidentiality of personal information in our possession. We have put in place appropriate security measures to prevent your personal information from being lost, used or accessed in an unauthorised manner, altered or disclosed. In addition, we restrict access to your personal information to those employees, agents, contractors and other duly authorised third parties. They may only process your personal information in accordance with our instructions and will be subject to a duty of confidentiality. We have procedures in place to deal with any suspected personal data breaches and will notify you and any authorised.
8. DURATION OF PROCESSING
We will only retain your personal information for as long as is necessary to fulfil the purposes for which we have collected it and to comply with any legal, accounting, tax or reporting requirements. In determining the appropriate retention period for personal information, we consider the amount, nature and sensitivity of the data, the potential risk of harm from unauthorised use or disclosure of personal information, the purposes for which we process personal information and whether it can achieve those purposes by other means, and applicable legal requirements.
Your personal information is stored in accordance with the terms and criteria set out below:
- data collected in the context of the use of services offered on the Site: these data are retained until the termination of the service or the cancellation of the subscription to the service by the User and in any case until the completion of administrative and accounting formalities;
- data related to User requests: data useful for assisting you will be kept until your request has been fulfilled;
- data provided for commercial communication activities: until the User’s request for termination of the activity.
9. YOUR RIGHTS
You may exercise your rights at any time with reference to the specific processing of your personal data by the Controller. You will find below their general description and how to exercise them.
- Accessing and modifying your data: you have the right to access your personal data and to ask for them to be corrected, modified or supplemented with other information. If you wish, we will provide you with a copy of the data in our possession.
- Withdrawing your consent: you may at any time withdraw a consent you have given for the processing of your personal data in connection with any activity for marketing purposes. In this regard, we would like to remind you that sending commercial and promotional communications, conducting market research and satisfaction surveys in order to tailor the website and commercial offers to your interests are considered marketing activities. Upon receiving your request, we will promptly stop processing your personal data based on this consent, while other processing or processing based on other assumptions will continue to be carried out in full compliance with the provisions in force.
- Object to the processing of your data: you have the right to object at any time to the processing of your personal data carried out on the basis of our legitimate interest, by explaining to us the reasons justifying your request; before granting it, the Controller will have to assess the reasons for your request.
- Deleting your data: in the cases provided for by current legislation, you may request the deletion of your personal data. Upon receipt and examination of your request, if legitimate, we will promptly cease processing and delete your personal data.
- Ask for the processing of your personal data to be temporarily restricted: in this case the Controller will continue to store your personal data but will not process them, unless you request otherwise and exceptions are provided for by law. You can obtain the restriction of processing when you contest the accuracy of your personal data, when the processing is unlawful but you object to the deletion of your data, when we no longer need your data but you need it to exercise your right in court and when you object to the processing, during the period in which we assess the grounds for your request.
- Request your data or transfer it to a party other than the Controller (“right to data portability”). You can request to receive your data that we process on the basis of your consent or on the basis of a contract with you in a standard format. If you wish, where technically possible, we may, at your request, transfer your data directly to a third party specified by you.
- Finally, we inform you that you have the right to lodge a complaint before the Supervisory Authority, which in Italy is the Garante per la Protezione dei Dati Personali.
In order to exercise the above rights and for any request for information, you may contact the Data Controller at any time at the addresses indicated above.