GDPR New European Privacy Regulation
From 25 May 2018 the new one is in force European Data Protection Regulation (GDPR)
The new information explains in simpler words the essential points concerning the data collected about you, the reasons why your personal data and your rights are treated.
You can more easily view your data and change the consent settings you have provided for the different purposes of treatment.
You will always use a language familiar to you to communicate any information related to your personal data.
WHAT TYPES OF DATA DO WE COLLECT?
Only the data provided by the customer are treated. No data is collected automatically.
If you are a private individual when you register for the newsletter or participate in the activities, some data are required to issue the receipt / invoice or keep you updated via email / sms on news and offers.
THESE ARE, FOR EXAMPLE, THE REQUIRED DATA:
• email address
• name and surname
• residential address
• telephone number
• fiscal Code
IF YOU ARE A LEGAL ENTITY, COMPANY DETAILS ARE REQUIRED TO ISSUE THE INVOICE.
1. HOW DO WE USE THE COLLECTED DATA?
The data collected are used to issue the invoice or if you have given us your consent, to inform you about promotional activities that may interest you. In particular we use them to: communicate promotional, commercial and advertising activities.
2. IS THE PROVISION OF DATA MANDATORY?
The provision of personal data is mandatory only to be able to proceed with the provision of treatments offered by "Company Name" and issue the relevant invoice.
Instead it is totally optional for information and promotional purposes and any refusal to give consent does not have negative consequences on the provision of the service offered by "Company Name".
3. WHO ARE THE SUBJECTS OF THE TREATMENT?
Data controller (the natural person, the legal person, the public administration and any other body, association or body to which they are responsible, even together with another holder, decisions regarding the purposes, methods of processing personal data and the tools used, including the security profile).
THE DATA CONTROLLER IS COMPANY NAME:
Fattoria Carpineta Fontalpino Società Agricola di Filippo e Gioia Cresti s.r.l.
in the person of its legal representative Filippo Cresti and Gioia Cresti
Località Carpineta - Fraz. Montaperti
53019 Castelnuovo Berardenga - Siena - Italy
C.F & P.IVA-00386130520
The data controller uses a Data Processor (the natural person, the legal person, the public administration and any other body, association or body appointed by the data controller to process personal data) to achieve the purposes specified in point 1 (responsible for personal data protection)) to monitor the protection of personal data.
FOR EACH REQUEST RELATED TO YOUR PERSONAL DATA, COMPARE THE NEXT POINT.
Subjects to whom personal data may be disclosed
The data collected as part of the provision of the service or during the subscription to the Newsletter cannot be disclosed to any third party, but will remain for the exclusive use of Fattoria Carpineta Fontalpino.
In no case will personal data be transferred or sold to third parties.
4. HOW CAN YOU GET INFORMATION ON THE DATA, MODIFY IT, DELETE IT OR HAVE A COPY?
Access to personal data and withdrawal of consent (opt-out)
You can, at any time, request your personal data and you can revoke the consent you have provided at any time by writing your request to the email address: firstname.lastname@example.org
CANCELLATION OF PROCESSING OF PERSONAL DATA
You can request the cancellation of your personal data at any time by sending a request to the email address email@example.com
The cancellation will be made within the foreseen technical times and in accordance with the retention period specified in the following point 5.
EXERCISE YOUR RIGHTS
Any natural person who participates in the activities proposed by Fattoria Carpineta Fontalpino can:
- get from the owner, in each the moment, information about the existence of personal data, the origin of the same, the purposes and methods of treatment and, if present, to obtain access to personal data and information referred to in Article 15 of the GDPR
-require the updating, rectification, integration, deletion, limitation of data processing in the event one of the conditions provided for in Article 18 of the GDPR occurs, the transformation into anonymous form or blocking of personal data, processed in violation of the law, including those that do not need to be kept for the purposes for which the data were collected and / or subsequently processed
- to oppose, in whole or in part, for legitimate reasons, to the processing of data, even if pertinent for the purpose of the collection and processing of personal data provided for the purposes of commercial information or the sending of advertising material. Each user also has the right to revoke the consent at any time without prejudice to the lawfulness of the treatment based on consent given prior to revocation
- receive personal data, provided knowingly and actively or through the use of the service, in a structured format, common use and readable by automatic device, and transmit them to another holder of the treatment without impediment
-propose complaint with the Authority for the protection of personal data in Italy
For any question or request related to your personal data and to the respect of your privacy you can write to the email firstname.lastname@example.org
5. HOW AND FOR HOW LONG WILL YOUR DATA BE STORED?
The retention of personal data will take place in paper and / or electronic / IT format and for the time strictly necessary to fulfill the purposes referred to in point 1, in compliance with your privacy and current regulations. For marketing / promotion purposes we keep your data for a maximum period equal to that foreseen by the applicable legislation (respectively equal to 24 and 12 months).
Invoices, accounting documents and transaction data are stored for 11 years under the law (including tax obligations).
In the case of the exercise of the right to be forgotten through the request for explicit cancellation of personal data processed by the owner, we remind you that such data will be kept, in a protected form and with restricted access, only for purposes of ascertainment and repression of crimes. no more than 12 months from the date of the request and will subsequently be securely deleted or anonymised irreversibly.
6. HOW DO WE ENSURE THE PROTECTION OF YOUR DATA?
The data are collected by the subjects indicated in point 3, according to the indications of the relevant legislation, with particular regard to the security measures provided by the GDPR (Article 32) for their processing by means of computerized, manual and automated tools and with strictly related logic to the purposes indicated in point 1 and in any case so as to guarantee the security and confidentiality of the data.
This information may be subject to change. If substantial changes are made to the use of data on the user by the Owner, the latter will notify the user by publishing them with the maximum evidence on their pages or through alternative or similar means.