PRIVACY AND CONSENT POLICY
Information and consent in accordance with the EU General European Data Protection Regulation (GDPR) no. 2016/679
Distilleria Prete, by Stefano Prete, Via Grotticella n. 26, 03019, Supino (FR), Italy, E-MAIL: firstname.lastname@example.org, PEC: email@example.com, TEL. (0039) 3924524999 communicates and informs that your data will be processed in the manner and for the following purposes, indicating the precautions used and the rights due to the Users
WHY THIS NOTICE – OBJECT
In particolar the following note describes how to the site is managed in relation to the processing of personal data of users who consult it. This information is also provided in accordance with the General Data Protection Regulation (EU) 2016/679 (General Data Protection Regulation or GDPR) and art.13 of the Italian Legislative Decree of 20 June 2003 n. 196 - Code on the Protection Of Personal Data to whom interacts with the accessible web services from the address: www.distilleriaprete.it . The information only refers to this website and not fto other websites that may be accessed by the user via links, of which Distilleria Prete is not responsible. The indications provided below are also inspired by the guidelines and principles of the GDPR, and relate in particular to the collection of personal data on the Internet, in view of identifying the minimum measures to be implemented in respect of the persons concerned in order to ensure the loyalty and lawfulness of such practices.
DATA CONTROLLER (WHO MANAGES AND IS RESPONSIBLE FOR YOUR DATA)
The data controller is Stefano Prete - Distilleria Prete, Via Grotticella n. 26, 03019, Supino (FR), Italy. The Data Controller may be contacted at the following addresses: Via Grotticella n. 26, 03019, Supino (FR), E-MAIL: firstname.lastname@example.org, PEC: email@example.com, TEL. (0039) 3924524999. For the type of data requested and processed, no Data Protection Officer has been appointed (RPD or, data protection officer, DPO)
PLACE OF THE DATA PROCESSING
IThe web services connected to this application including Storage, database and server are provided by Aruba s.p.a. which declares to use the service in accordance with the GDPR. Further information about data storage and processing is available at https://www.aruba.it
TYPES OF PROCESSED DATA
DATA PROVIDED VOLUNTARILY BY THE USER
The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the website and put in place for particular services on request.
FORM OF CONTACT
The User ,by filling in the contact form with their Data, consents to their use to respond to request for information, quotes, or any other topic indicated in the form header. Users who have provided their phone number may be contacted for commercial or promotional purposes related to this Website, as well as to meet support requests.
PURPOSES OF DATA PROCESSING (FOR WHAT PURPOSE YOUR DATA ARE REQUESTED AND USED)
The Data Controller treats personal, identifying and non-sensitive data (first name, last name, tax code, p. VAT, home address, residence, ordinary email, certified e-mail, fixed and/or mobile telephone number- subsequently, "personal data" or even "data") communicated and necessary when requesting the service provided and for the sole objective of using them for that purpose. Your Data will also be processed in order to: fulfil the obligations provided for in the tax and accounting field; comply with the obligations incumbent on the trader and provided for by current legislation. Personal data may be processed through both paper and computer files (including portable devices), to reach the purposes indicated above. The User can contact the Data Controller at any time to get information on the use of the data. In particular, personal data may be processed: A) without express consent (art. 24 lett. a, b, c Privacy Code and art. 6 lett. b, and GDPR), for the following purposes: - to fulfil the obligations provided for by law, by a regulation, by Community legislation or by an order of the Authority; - to prevent or detect fraudulent activities or harmful abuses; - to exercise the rights of the owner, for example, the right of defence in court. B) with user’s consent (art. 23 and 130 Privacy Code and art. 7 GDPR) for the following purposes also of Marketing: - for sending email newsletters, for commercial communications and/or advertising material on products or services offered by the Owner, etc. The custom service may inform the user on the availability of products, similar to those previously purchased, unless the user deny consent (art. 130 c. 4 Privacy Code).
ANALYSIS OF USER DATA AND FORECASTS ("PROFILING")
The Owner may process the usage data collected through this Website to create or update user profiles. This type of processing allows the Data Controller to evaluate the choices, preferences and behaviour of the User for only purposes related to the provision of the service and the sale of products. User profiles can also be created using automated tools, such as algorithms, which can also be offered by third parties. To obtain further information on profiling, the User can refer to the following address: firstname.lastname@example.org, PEC: email@example.com. The User has at all times the right to oppose this profiling activity. To find out more about the User’s rights and how to exercise them, the User can refer to the section of this document relating to the Users' rights.
METHODS OF PROCESSING (HOW DATA ARE PROCESSED AND STORED)
The processing of personal data is carried out as indicated in art. 4 Italian Privacy Code and art. 4 n. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Personal data are subject to both paper and electronic and/or automated processing. The Data Controller will process personal data for the time necessary to fulfil the above purposes, except for the retention for legal purposes, such as tax and fiscal purposes. The Data Controller shall take appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data. The processing is carried out using computer and/ or informatics with organizational methods and logic strictly related to the purposes indicated.
ACCESS AND COMMUNICATION OF DATA (USE OF DATA AND COMMUNICATION TO THIRD PARTIES)
Your personal data may be communicated to: 1. consultants and accountants or lawyers providing functional services for the above purposes; 2. banking and insurance institutions providing functional services for the above purposes; 3. persons who process data in compliance with specific legal requirements; 4. judicial or administrative authorities, for the fulfilment of legal obligations. 5. employees and collaborators of the Data Controller in their capacity as persons in charge and/or internal data processors and/or system administrators; without your express consent (according to art. 24 lett. a), b), d) of the Privacy Code and art. 6 lett. b) and c) of the GDPR. The Data Controller may communicate your data for legal purposes to supervisory bodies, judicial authorities and all other subjects to whom communication is mandatory by law for the accomplishment of the aforementioned purposes. Your data will not be disseminated in any other way or otherwise used. In addition to the Owner, in some cases, other parties involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external parties may have access to the Data (as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as data processors by the Data Controller. The updated list of Data Processors may be requested by the Data Controller.
OPTIONAL PROVISION OF DATA
Apart from what is specified for navigation data, the user is free to provide the personal data contained in the request forms or indicated in contacts to request the sending of informative material or other communications. The missing communication of such data can entail the impossibility to obtain what asked.. For completeness it should be remembered that in some cases (not subject to the ordinary management of this site) the Authority may request information and information in compliance with the art. 157 of Italian legislative decree n. 196/2003 and the GDPR, for the purposes of controlling the processing of personal data. In these cases the user’s answer is mandatory on penalty of administrative fine (sanction).
USER NAME E PASSWORD
When the user choose a 'user name' and a 'password' for accessing confidential sections of the site (reserved areas), the same is responsible for keeping such data confidential and informing us of the attempted access by unauthorized persons.
METHOD OF TREATMENT
Personal data are processed with automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access in compliance with the obligations to comply with minimum security measures. We inform you that, to provide a complete service our portal contains links to other websites, not managed by us. We are not responsible for errors, content, cookies, publications of illegal moral content, advertising, banners or files that do not comply with Privacy regulations the user can find in websites not managed by us. To improve the service an immediate report of malfunctions, abuses or suggestions is welcome writing to the email address: E-MAIL: firstname.lastname@example.org, PEC: email@example.com.
RIGHTS OF DATA SUBJECTS (WHAT YOU MAY DECIDE TO DO AND NOT TO DO WITH YOUR DATA)
As Users, you have the rights referred to art. 7 of the Italian Privacy Code and art. 15 of the GDPR: i. obtaining confirmation of the existence (or not) of personal data concerning youself, even if not yet registered, and their communication in intelligible form; ii. obtaining the information about: a) the origin of personal data; b) the purposes and methods of processing; c) the logic applied in case of processing carried out using electronic means; d) the identification details of the owner, of the persons in charge of data processing e) of the subjects or of the categories of subjects to which the personal data can be communicated or that they can come to knowledge of it as appointed representative in the territory of the State or people who may know as responsible or in charge of data treatment. iii. obtaining: a) on your request the update, the correction or the integration of your data; b) the cancellation, the transformation into anonymous form or the blocking of the data processed in violation of the law, including those for which storage is not necessary in relation to the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to a) and b) have been brought to the attention, also with regard to their content, of those to whom the data have been communicated or disseminated, except where such fulfilment proves impossible or involves the use of means manifestly disproportionate to the right protected; iv. opposing, in whole or in part: a) for legitimate reasons to the processing of your personal data, even if pertinent to the purpose of collection; b) the processing of your personal data for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by email and/or through traditional marketing methods by telephone and/or paper mail. Please note that the right of opposing of the interested party, set out in the previous point b), for direct marketing purposes through automated methods extends to the traditional ones and that in any case the interested party can exercise the right of opposition even in part. c) Therefore, the interested party (the user) may decide to only receive communications through traditional methods or only automated communications or neither of the two types of communication. Where applicable, the user also has the rights in compliance with the art. 16-21 GDPR (Right to rectification, right to be forgotten (erasure), right to restriction of processing, right to data portability, right of opposition), as well as the right to complain to the Guarantor Authority.
DATA STORAGE PERIOD (HOW LONG TIME YOUR DATA WILL BE RETAINED IN THE SYSTEM)
Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the contract is completed. Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. When processing is based on the User’s consent, the Data Controller may retain the Personal Data for longer until such consent is revoked. In addition, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or by order of an authority. At the end of the retention storage period, the Personal Data will be deleted. Therefore, upon expiry of this period, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
MINORS (under age of 18)
The Data Controller’s Services are not intended for minors under 18 years of age and the Data Controller does not intentionally collect personal information relating to under-aged. In the event that information about under-aged are unintentionally registered, the Owner will delete them in a timely manner, directly or at the request of users who indicate the age of the persons concerned.
WHO TO WRITE TO EXERCISE THE RIGHTS
To exercise these rights, interested parties can simply write to the Data Controller, and in particular: E-MAIL: firstname.lastname@example.org, PEC: email@example.com, TEL. (0039) 3924524999.
NAVIGATION AND STATISTICAL DATA COLLECTED BY THIRD PARTIES (PROFILING) – INDICATION
MANAGEMENT OF PAYMENTS
Unless otherwise specified, this site processes the data necessary and useful for the shipment of products. In general, and unless otherwise specified, Users are requested to give details and personal information directly to such service. In case of intermediation of Distilleria Prete, according to the general terms and conditions of sale, the data will be provided to the third forwarder for the sole purpose of the service. The relevant references regarding the identification of the Data Controller for the exercise of the rights in compliance with the GDPR, given that this site and its Data Controller, Distilleria Prete, communicates with the aforementioned external suppliers only for the purpose of the service, can be found at the following link: Packlink Shipping S.L, https://www.packlink.it/.
If you have any doubts about this Policy, please first contact Distilleria Prete by sending an E-MAIL to firstname.lastname@example.org, PEC: email@example.com .
FINAL LEGAL NOTES
Distillerie Prete, while assuring the total commitment in order to guarantee the correctness and completeness of the information provided through this website, assumes no responsibility for any errors inaccuracies and omissions. As a result, the company does not assume any liability for damages of any nature that may arise from access to the aforementioned website and the use of the information provided by it. Distilleria Prete also does not guarantee the possibility of uninterrupted and constant access to the website or the constant connection to other sites (linked) of which obviously does not guarantee the truthfulness and relevance of the content; similarly does not guarantee the transmission, free of errors, information via the internet and/or other networks, including e-mail; nor can it guarantee the exact processing and representation of the information by the software and hardware used by the site owner. Distilleria Prete, finally, despite actively striving in this regard, is not able to ensure that its website is free of viruses or other harmful elements for users. Distilleria Prete is a registered trademark. All rights are reserved. Even partial reproduction is forbidden. All links and any other third-party brands are the property of their respective owners and are intended as navigation tools and therefore provided "as internet navigation tool only". This site does not represent a newspaper and is updated without a predefined periodicity, exclusively based on the availability of the material. Therefore it is not an editorial product subject to the discipline of art. 1, subparagraph III, Italian Law n. 62/2001.