(according to the EU Reg. 2016/679, the “Regulation”)
The Data Controller is Azienda Agricola Sili Alessandro (hereinafter, “Il Felciaione” or “Data Controller ”) with registered head offices (Via Podere Ronne Vecchie cap 58024 Città Massa Marittima(GR).
If you have any further queries regarding data protection in connection with our website or the services offered, please contact us: firstname.lastname@example.org
2Categories of personal data
Felciaione collects and processes the following data from those accessing and visiting the website:
Automatically – collected personal data
Browsing data: IT systems and software procedures designated to the website’s operations acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to associate it with identified interested parties but, due to its nature, could allow users to be identified, through processing and association with data held by third – parties. This data category includes IP addresses or domain names of computers used by users connecting to the website, time of request, method used to submit the request to the server, size of the response file obtained, numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the operating system and the user’s IT environment.
Personal data provided directly by users
Personal data (e.g. name, surname); contact details (such as email, address, telephone number and mobile phone number); payment details; shipping and billing address provided during online purchase; contact details and other personal data provided when completing forms (such as newsletter registration).
Email address may be registered and retained when user directly contacts our firm to allow to deal with user requests. You must ensure that your provided personal data are correct and, in case of any changes, to notify the updated information.
Personal data collected via social network pages used
Some information is provided to Controller directly by you when you decide to share, via your profile, images published on our Social Media Pages, comments on our posts and/or show your appreciation for our products, initiatives, or events by pressing the specific buttons.
Data concerning minor users
The services on this Site are intended for people aged 18 years or older. The Data Controller does not freely request, collect, use, or disclose personal information provided by persons under the age of 18. In case Data Controller later knows that it has collected data from a minor, it will delete it. If you are under the required age, please do not register or purchase a product online and ask an adult (your parents or guardian) to carry out the necessary procedures.
3Purposes and legal bases of personal data processing
The personal data is collected and processed with automated means according to the principles of necessity, lawfulness, correctness, proportionality, and transparency, for the purposes and according to the conditions of lawfulness (so-called legal basis) indicated hereinafter:
- For online order processing, e.g. to carry out the necessary online transactions to process your order; to verify that the information you provide for the transaction is complete, valid, correct and not fraudulent; to process your order and deliver the products; to provide pre-sales and after-sales support services, including returns or handling legal warranties; to contact you, by email too, for any problems relating to the processing of your order or subsequent requests relating to your order. Please note that the Data Controller requires information regarding payment methods and payment card only during the purchase process. Felciaione cannot view or access the complete payment card data under any circumstances.
- To provide you with assistance if requested or answer your queries via email or telephone. In all the above-indicated cases, the legal basis of the processing is the performance of a contract or pre-contractual measures.
- To process your data for ascertain liability in the event of potential IT crimes and safeguard of our rights before law courts. The legal basis of the processing consists pursuing our legitimate interests before law courts.
- Direct Marketing. To send out newsletter, communications, and information about commercial and direct marketing of our products and any other promotional initiative adopted by us, fully automated contact systems or email address. We process your data based on your consent.
- To allow you to interact on our Social Media Pages, send your comments, show your appreciation for the initiatives promoted by us, and share our posts, we will process your data and also allow you to follow up on your requests sent via these channels. The legal basis of the processing are the pre-contractual measures.
- To comply with the obligations established by the law or regulations. The legal basis of the processing is the need to fulfil a legal obligation.
4Nature of personal data provided
In addition to what enlisted above regarding browsing data acquisition, personal data are registered only if voluntarily provided by users for the purpose of performing the requested service. Not providing personal data may affect our capabilities to fulfill user’s and legal requests.
The treatment of personal data takes place through manual, computerized tools suitable to ensure the security and confidentiality of the data themselves and in any case in compliance with the appropriate security measures as required by law. Your personal data collected will be processed by authorised Data Controller staff. Security measures are observed to prevent the loss, illegal or improper use of and unauthorized access to data.
6Personal data storage
The Data Controller will store personal data for a period that does not exceed the time required to pursue the purposes for which the data were collected and processed.
Regarding other personal data, since we cannot precisely define the storage period of your personal data, the Data Controller commits from this moment to process your personal data in compliance with the principles of appropriateness, relevance and minimization of data, as required by the European Regulation, regularly verifying the need to store them. Hence, once the purposes for which they were collected and processed have been achieved, we will remove them from our systems and logs and/or we will adopt the appropriate measures required to ensure their anonymity in order to prevent your identification.
7Personal data recipients
In the context of the data processing and their legal bases (contract performance, legitimate interests, consent, or processing obligations), your data may be shared with the following categories of recipients:
- companies, firms, or professionals who, on behalf of the Data Controller, provide IT and logistic support, administrative or accountability activities.
- service provider to allow payment of any purchases made on the Site or other IT service, such as newsletter dispatch.
- Public Authorities
Your data will not be diffuse in other ways.
8Personal data transfer to third countries
During data processing, your personal data may be transmitted to third countries or international organizations. For your protection and the protection of your personal data, appropriate safeguards are provided for such data transmissions, in accordance with legal requirements.
As interested party, pursuant to articles 15 et seq. of the Regulations, you have the right to:
- get confirmation of the existence of your personal data, access their content and get a copy (right of access);
- update, amend and/or correct your personal data (right to rectification);
- request the cancellation or restriction of data processing in the cases provided for by the Regulation, including where data have been processed in violation of the law or storage is not necessary for the purposes for which the data were collected or otherwise processed (right to erasure and right to restriction);
- withdraw consent, where given, at any time, without prejudice to the lawfulness of the processing based on consent given before withdrawal (right to withdraw consent);
- within the limits of what is provided for by the Regulation, get a copy of the data you provided in a structured, commonly used, machine- readable format and request this data to be transmitted to another data controller where technically feasible – if applicable (right to data portability).
- You also have the right to object to the processing of your data, at any time, for the purpose of direct marketing, including profiling connected to direct marketing and in the event that the processing is founded on legitimate interest (right to object).
- You also have right to lodge a complaint with a Supervisory Authority for Data Protection at any time in the event of a breach of data protection regulations. For further information: https://www.garanteprivacy.it/home_en/rights#how
You can claim your rights anytime by sending a letter to the following address or by writing to the following email address email@example.com
This Policy may be updated over time in consideration of future changes in laws or regulations regarding the protection of personal data and, in this case, we will inform you. Changes and updates will apply from the moment they are published on the Website.