WHY THIS INFORMATION
Pursuant to (EU) Regulation 2016/679 (hereinafter “Regulation”), this page describes the processing methods of the personal data of users visiting the website OF Enoteca Bussotti, accessible at the following address: www.enotecabussotti.it
This information does not concern any other on-line sites, pages or services which can be reached by means of any links published in the site but belonging to resources outside the dominion of the Controller.
PROCESSING CONTROLLER AND DATA PROTECTION OFFICER
Following a visit to the abovementioned site, data concerning natural or identifiable persons may be processed.
The data processing and protection Controller is Bottiglieria Bussotti Romano S.N.C.,Via San Gallo 161R – 50129 Firenze (FI), P.IVA: IT04415250481, Tel.: +39 055 483091, e-mail: firstname.lastname@example.org
TYPES OF PROCESSED DATA AND AIM OF PROCESSING
During their normal operation, the computerized systems and software procedures powering this site acquire some data whose transmission is implicit in the use of Internet communication protocols.
This data, necessary to use web services, is also processed in order to:
– acquire statistical information about the use of services (most visited pages, number of visitors by time period or daily, geographic areas of origin, etc.);
– check the proper operation of the services provided.
Navigation data is not stored after the end of the session.
DATA SUBMITTED BY THE USER
The optional, explicit and voluntary submission of any information to the Controller’s contact addresses, as well as the filling in and submitting of the forms present in the site, require the acquisition of the sender’s contact data necessary to answer, as well as all the personal data included in the messages.
COOKIES AND OTHER TRACKING SYSTEMS
DATA PROCESSING LEGAL BASIS
The data processing legal basis is the need to perform the required services.
Unless the opposite is specified, all the required data is mandatory. If it is not submitted, the required service may be impossible to provide. If some data is indicated as optional, the user is free not to submit it without entailing any consequence on the availability of the service and its operation.
If consent is necessary, we will require it (e.g. subscription to a newsletter).
PROCESSING METHODS, DATA STORAGE PLACE AND PERIOD
The Controller takes suitable measures aiming to prevent unauthorized access, disclosure, modification or destruction of personal data.
Data is processed by means of IT and/or computerized tools, with organization methods and logics tightly connected with the specified aims.
In addition to the Controller and the staff members authorized by him/her, data could also be accessed by external subjects (like third parties providing technical services, hosting providers, IT companies) appointed, if necessary, as Processors. The processing Controller may, at any time, be required to provide an updated list of Processors.
There is no intention to spread this data or to transfer it to Third Countries or International Organizations.
Data is processed in the operating offices of the Controller and in any other place in which the parties involved in processing are located. The data is processed and stored for the time necessary for the purpose for which it was collected. Therefore, the data collected for providing a service or fulfilling a request will be stored until the service has been provided or the request has been fulfilled. More generally, the personal data collected for purposes attributable to legitimate interests of the Controller will be stored until the interests in question have been satisfied. When the processing is based on a user’s consent, the Controller may store the data until the consent is withdrawn by unsubscribing from the newsletter.
RIGHTS OF THE DATA SUBJECTS
The rights which can be exercised within the framework of the regulation by addressing the processing Controller, using the abovementioned contact information, are specified in articles 12-22 of EU Regulation 2016/679 (GDPR). In particular, the rights to receive information about the processes carried out, to gain access to personal data, rectify imprecise personal data and integrate incomplete ones, to have personal data cancelled, to obtain the limitation of processing, to obtain the relevant personal data in a structured format, commonly usable and legible from an automatic device, to oppose at any time to the processing, revoke the consent at any time without prejudice to the legitimacy of the processing until that moment (when the processing is based on consent), not to be subjected to a decision only based on automatic processing. Data subjects who believe the processing of their personal data to have been carried out in this site in violation of what is envisaged in the Regulation have the right to submit a claim to the Supervisor, as envisaged by art. 77 of the Regulation itself, or to resort to the suitable judiciary institutions, pursuant to art. 79 of the Regulation.