PRIVACY POLICY
Information notice pursuant to Art. 13 of the Regulation (EU) 2016/679 (“GDPR”)
According to art. 13 of the Regulation (EU) 2016/679 (General Data Protection Regulation) we provide you with the due information concerning the processing of your personal data carried out through this website.
DATA CONTROLLER
Pursuant to articles 4 and 24 GDPR, Verongalli Plinio with registered office in Via Lago dei Tartari, 73 – 00012 Guidonia (RM), is the pro-tempore legal representative. The contact email of the Data Controller is [email protected]
PROCESSED PERSONAL DATA
Personal data: any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person (such as name, last name, date of birth, address, email, telephone number).
Browsing data
During their ordinary course of operation, the IT systems and software procedures required to run this website acquire certain Personal Data, whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified Data Subjects but, by its very nature, it could enable identification of the users through the processing and matching of data held by third parties.
This data category includes IP addresses or domain names of computers used by the users who visit the site, as well as the URI addresses (Uniform Resource Identifier) of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply from the server (done, error, etc.) and other parameters related to the operating system and the IT environment of the user.
Data provided voluntarily by the user
The optional and voluntarily disclosure of personal data (e.g.: dispatching of electronic mail to the addresses indicated on this website and/or the filling-in of a data collection form on this website) entails the collection and processing of the voluntary disclosed user’s data (e.g. sender’s address, name, last name), necessary to reply to the requests, as well as other personal data included in the email message (such as name, last name, address, telephone number, email address).
| PURPOSES | LEGAL BASIS | DATA RETENTION PERIOD |
| Navigation of this website / obtaining anonymous statistical information on the use of the website and services / control of website’s correct functioning | Art. 6 c. 1 lett. f) GDPR Controller’s legitimate interest: ensure the correct browsing and usage of the website | Duration of the browsing session, (except for any need to ascertain criminal offenses by the judicial authorities) |
| Reply to users’ request of assistance / contacts / information | Art. 6 c. 1 lett. f) GDPR Controller’s legitimate interest: reply to users’ requests | 1 year |
| Staff recruitment and evaluation of CVs provided through email contacts | Art. 6 c. 1 lett. b) GDPR Necessary in order to take steps at the request of the data subject prior to entering into a contract | 2 years |
| Direct e-mailing marketing in order to promote Controller’s goods or services similar to those already purchased by the data subject (so called “soft spam”) | Art. 6 c. 1 lett. f) GDPR Controller’s legitimate interest: promoting marketing activities towards its clients | Until data subject’s objection (opt-out) | unsubscription from the mailing list |
| Organizational, administrative, financial and accounting activities and users management | Art. 6 par. 1 lett. b) e c) GDPR Performance of a contract and compliance with a legal obligation | 10 years or different legal obligation |
PERSONAL DATA RECIPIENTS
Your personal data shall be processed by employees or collaborators processing your data as persons in charge of processing activities under the authority of the Controller for the above described purposes. Your personal data may be communicated to third parties recipients involved in a contractual relationship with the Controller, in order to comply with contractual obligations or related purposes, belonging to the following categories: subjects part of the retail network (such as branches, distributors, importers, carriers etc.); service providers for the management of the information system and the telecommunications networks (including e-mail, newsletter and website management service) of the Controller; professionals, firms or consultancy companies; competent authorities for the fulfilment of obligations of law and/or regulations of public bodies, upon request. The above mentioned subjects will act as data processors or may carry out their processing activities as independent data controllers. The list of data processors is constantly updated and it is available at each Controller’s headquarters and by contacting the same at the contacts above.
DATA TRANSFER TO THIRD COUNTRIES
Your personal data shall not be transferred to Third Countries outside EU. In case such data transfer becomes necessary in order to comply with contractual obligations or above said purposes, the data transfer outside EU shall be subject to the limits and conditions set forth by art. 44 and subsequent articles of the Regulation (EU) 2016/679. The data subject may obtain information on the appropriate safeguards provided by the Controller pursuant to Article 46 of the Regulation (EU) 2016/679 relating to the transfer of the personal data by writing to the contacts above.
NATURE OF DATA PROVISION
Except for what specified for navigation data which are necessary in order to allow navigation of the website, users are free to provide their personal data and their refusal may result only in the impossibility of obtaining the information or services requested and provided through this website.
DATA SUBJECT’S RIGHTS | COMPLAINT TO SUPERVISORY AUTHORITY
You may exercise your rights pursuant to articles 15, 16, 17, 18, 19, 20, 21, 22 of the Regulation EU 2016/679, in respect of and against each of the Controllers, by contacting the Controllers at the contacts above.
You have the right, at any time, to request to access your personal data and receive the information concerning their processing. You have the right to rectify, erase your personal data or limit their processing.
Where appropriate, you have the right to object, at any time, to the processing of your data, including profiling, and you have the right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You have the right to the portability of your personal data; in such case the Controller shall provide you with your personal data in a structured, commonly used and machine-readable format.
Without prejudice to any other administrative or judicial remedy, if you consider that the processing of your personal data infringes the Regulation (EU) 2016/679, you have the right to lodge a complaint with the Data Protection Authority.
CHANGES TO THIS PRIVACY POLICY
The Controllers reserve the right to amend, update, supplement or remove parts of this Privacy Policy at their own discretion and at any time. We encourage you to periodically
review our Privacy Policy. For your convenience, when we post changes, we will revise the “last updated date” at the bottom of this privacy policy.
Last update: May 10th 2020
Controller – Verongalli Plinio