Information pursuant to Legislative Decree no. 196/2003 "Personal Data Protection Code" and EU Regulation 2016/679 - GDPR (General Data Protection Regulation) and subsequent amendments and additions
The individual company PANIFICIO SAN PIETRO of Valeria Palmisano (later, "PANIFICIO SAN PIETRO"), with offices in Via Pietro del Tocco, 23/25 - 74015 - Martina Franca (TA), Partita I.V.A. 02881950733, Tax Code PLMVLR82S56C741U and Registration in the Register of Companies of Taranto REA TA-176643, (telephone +39 080.4801623, e-mail firstname.lastname@example.org) as "Data Controller" of the treatment, protects the confidentiality of personal data and guarantees to them the necessary protection from any event that could put them at risk of violation. As required by the European Union Regulation no. 679/2016 ("GDPR"), and in particular to the art. 13, below we provide the user ("Interested") with the information required by the law regarding the processing of their personal data
LEGAL BASIS OF TREATMENT
OBJECT OF THE TREATMENT
The Data Controller processes personal, identifying and non-sensitive data (for example, but not limited to, name, surname, company name, address, telephone number, social security number, e-mail address - hereinafter "personal data" or even "data") from you communicated during the registration on the website http://www.panificiosanpietro.it (hereinafter, "Site"), of the purchase online products, participation in opinion and approval surveys, online clarification or support request and newsletter submission.
PURPOSE OF THE TREATMENT
In order to offer users the personalized services provided by their websites, PANIFICIO SAN PIETRO as Data Controller must process certain identification data necessary for the provision of the Service. The provision of personal data for these purposes is not mandatory, but the refusal to provide them implies the impossibility to provide the SERVICES. Personal data are processed:
- A) without your express consent (Article 24 letter a), b), c) Privacy Code and art. 6 lett. b), e) GDPR), for the following service purposes:
- manage and maintain the Site;
- allow you to use any of the Services you may request, such as the management of services for payment of goods / services on the Site (electronic commerce);
- process a contact request;
- fulfill the obligations established by laws, regulations and community legislation, as well as instructions issued by Authorities legitimated by the law and by supervisory and control bodies;
- prevent or discover fraudulent activities or malicious activities harmful to the Site;
- exercise the rights of the owner, for example the right to exercise a right in court.
- B) Only subject to your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Other Purposes:
- send you e-mail surveys of opinion and approval, newsletter.
SOURCE OF PERSONAL DATA
The personal data in possession of PANIFICIO SAN PIETRO are exclusively those supplied by the User during the registration operation on the Site, the purchase of PANIFICIO SAN PIETRO products or the request for information.
Cookies are small files corresponding to individual text elements that can be recorded on the hard drive of the User's computer. This allows easier navigation and greater ease of use of the site itself. Cookies can be used to determine if a connection has already been made between the User's computer and the pages of the PANIFICIO SAN PIETRO site. Only the cookie stored on the User's computer is identified. Of course it is possible to visit the site even without cookies. Most browsers accept cookies automatically. You can avoid the automatic registration of cookies by selecting the option "do not accept cookies" among those proposed. For more information on how to do this, refer to the browser instructions. It is possible to cancel any cookies already present on the hard disk at any time. The decision not to accept cookies from the browser may limit the functions accessible on the PANIFICIO SAN PIETRO website.
The site of PANIFICIO SAN PIETRO, for strictly technical reasons of computer security, makes use of session cookies to keep track of the User's visit and records the IP address of visitors accessing reserved areas. This information does not personally identify the User. Therefore, each User remains anonymous unless he has provided PANIFICIO SAN PIETRO with personal information in other forms. The user can manage or request general deactivation or cancellation of cookies by modifying the settings of his Internet browser. This deactivation, however, may slow down or prevent access to certain parts of the Site. The settings to manage or disable cookies may vary depending on the Internet browser used, therefore, for more information on how to perform such operations, We suggest you to consult the manual of your device or the "Help" or "Help" function of your Internet browser. The following are the links to the Users that explain how to manage or disable cookies for the most popular Internet browsers:
- Google Chrome: https://support.google.com/chrome/answer/95647
- Mozilla Firefox: http://support.mozilla.org/it/kb/Gestione%20dei%20cookie
- Microsoft Edge: https://support.microsoft.com/it-it/help/4027947/windows-delete-cookies
- Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internetexplorer-delete-manage-cookies
- Opera: http://help.opera.com/Windows/10.00/it/cookies.html
- Safari: https://support.apple.com/kb/PH19255?locale=it_IT
Like all websites, this site also makes use of log files in which information collected in an automated manner is kept during user visits. The information collected whose transmission is implicit in the use of Internet communication protocols can be:
- internet protocol address (IP);
- domain name of the computers used to connect to the website;
- browser type and parameters of the device used to connect to the website;
- country origin;
- internet service provider name (ISP);
- visit date and time;
- origin and exit web page of the visitor (referral);
- clicks number eventually;
- other Operative System and IT environment parameters of the user.
Collection of personal information
While the User performs activities such as ordering products, downloading software or participating in competitions, PANIFICIO SAN PIETRO may request to provide personal information by completing and sending an electronic form. The User is totally free to accept this request or not. If you decide to join PANIFICIO SAN PIETRO, you may request to provide personal information, such as your name, address, e-mail address and other data identifying you. If the User orders a product, for example, the information is used to register the license and the right, if required, to avail itself of technical support, updates or other advantages that may be offered to registered Users. If the User participates in a competition, the information is collected for the purpose of authorizing the User's participation and to contact him about the competition or the prizes awarded. PANIFICIO SAN PIETRO also makes use of the information provided by the User to support the effort to keep it constantly updated on new versions of a product, special offers and other products and services PANIFICIO SAN PIETRO. PANIFICIO SAN PIETRO recognizes and attaches great value to the responsible use of this information. The data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the activities specified. In any case, the data collected from the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided by law, for the assessment of liability in case of hypothetical computer crimes against the Site.
Data provided voluntarily by visitors
Optional provision of data
Apart from that specified for navigation data, the user is free to provide his personal data through the use of the appropriate sections of the Site and to request or request the sending of informative material or other communications. Failure to provide them can only lead to the impossibility of obtaining what has been requested. For the sake of completeness, it should be noted that in some cases (not subject to the ordinary management of the Websites) the Authorities can request news and information pursuant to Article 150 of Legislative Decree no. n.196 / 2003 and s.m.i. for the purpose of monitoring the processing of personal data. In these cases the answer is mandatory under penalty of administrative sanction.
DATA STORAGE TIMES
Unless the interested party expressly expresses his will to remove them, personal data will be retained until they are necessary with respect to the legitimate purposes for which they were collected. In particular, with regard to the management and provision of services relating to the requests for contact sent by the Data Subject, such data will be kept for no longer than a maximum period of 12 months; likewise, in case of adherence to a contract, they will be kept for the entire duration of the contract and in any case no longer than a maximum period of 12 (twelve) months from the last of the active Services connected to it, or if, within that period, they are not active and / or purchased Products of the Products through a contract. The personal data will in any case be kept for the fulfillment of the obligations (eg fiscal and accounting) that remain even after the termination of the contract (Article 2220 c.c.); for these purposes the Data Controller will retain only the data necessary for the relative prosecution.
The Data Controller has adopted specific and adequate security, technical and organizational measures, including encryption and authentication tools, to maintain the security of personal data. In particular, security measures protect data against the risk of loss, illicit or incorrect use and are intended to prevent unauthorized access, in compliance with the obligations to adapt to minimum security measures. Given the nature of the treatment and the specialization of PANIFICIO SAN PIETRO in Web technologies, appropriate and preventive security measures are adopted and implemented in accordance with the provisions of art. 31-34 of the Privacy Code and by article 32 GDPR. For security purposes (spam filters, firewalls, virus detection), the data recorded automatically may also include personal data such as IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to damage other users, or in any case harmful activities or constituting a crime. Such data are never used for user identification or profiling. This information is treated according to the legitimate interests of the Owner for the protection of the site and its users.
PLACE OF TREATMENT
The data collected by the Site are processed at the headquarters of the Data Controller, and at the datacenter where the PANIFICIO SAN PIETRO servers are located, located in Italy, in the European Economic Area managed by Provider HostingPresta di C. Alberici - 29b rue de Talant - 21000 Dijon - France - FR35788937803, which, in compliance with the dispositions dictated by the European Regulation 2016/679 ("GDPR"), has verified and adapted the technical and organizational measures aimed at guaranteeing the security of the personal data processed in the provision of services on behalf of the Data Controller. These measures are implemented and updated in light of the legislative evolution in the field as described online in the section dedicated to the European "GDPR" legislation available at the link: https://www.aruba.it/gdpr-regolamento-europeo-privacy.aspx.
METHOD OF TREATMENT
The processing of personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR through manual, IT and telematic tools with logic strictly related to the purposes indicated above and, in any case, in order to guarantee the security and confidentiality of data. Personal data are processed only for the time necessary to fulfill the purposes for which they were collected.
PANIFICIO SAN PIETRO, without the consent of the interested subject is necessary, can communicate the data necessary for carrying out specific tasks to proceed to the treatments that pursue the same purposes for which the data were collected. For this reason, the data processed can be accessed at:
- employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
- third-party companies or other parties (for example web server provider, e-payment service provider, suppliers, digital payment and payment institutions, hardware and software service engineers, shippers and carriers, professional offices, etc.) outsourced activities on behalf of the Data Controller, in their capacity as data processors.
The Data Controller imposes on the Third Party's own suppliers and the Data Processors compliance with security measures similar to those adopted in relation to the Interested Party, restricting the Manager's perimeter of action, to the treatment related to the requested service.
COMMUNICATION AND DATA DIFFUSION
Unless explicitly stated in the information concerning individual treatments, the personal data collected are not disclosed to third parties or disseminated. Without the express consent of the interested party (ex Article 24 letter a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate the personal data being processed to Supervisory Bodies, Judicial Authorities and to all other parties to whom the communication is mandatory by law.
The management and storage of personal data are performed in Europe, on computers and servers located in Italy, of the Data Controller and / or third-party companies appointed and duly appointed as Data Processors. The personal data of the interested party are stored in paper, computer and electronic archives located in countries where the GDPR (EU countries) is applied.
DATA TRANSFER IN EXTRA EU COUNTRIES
The Site may share some of the data collected with services located outside the European Union area. In particular, with Google and Facebook through social plugins and the Google Analytics service. The transfer is authorized on the basis of specific decisions of the European Union and the Guarantor for the protection of personal data, in particular the decision 1250/2016 (Privacy Shield), for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield.
RIGHTS OF THE INTERESTED PARTY
The interested party has the rights referred to in art. 7 Privacy Code and s.m.i. and art. 15 GDPR and precisely the rights of:
- obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form (right of access);
- obtain the indication: a) of the origin of personal data; b) of the purposes and methods of the processing; c) of the logic applied in case of treatment performed with the aid of electronic instruments; d) of the identification details of the owner, the managers and the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and s.m.i. and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of it in their capacity as designated representative in the territory of the State, managers or agents;
- obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case where such fulfillment is it proves impossible or involves a use of means manifestly disproportionate to the protected right;
- to object, in whole or in part: a) for legitimate reasons, to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the data subject to exercise the right to object even only partially. Therefore, the interested party may decide to receive only communications using traditional methods or only automated communications or none of the two types of communication;
- as well as, more generally, to exercise all the rights recognized by the current provisions of the law.
Where applicable, you also have the rights referred to in Articles 16-21 GDPR (right of rectification, right to be forgotten, right of limitation of treatment, right to data portability, right of opposition), as well as the right of complaint to the Guarantor Authority.
RULES OF EXERCISE OF RIGHTS
The interested party at any time can exercise the rights by sending:
- a registered letter a.r. to: PANIFICIO SAN PIETRO - Via Pietro del Tocco, 23/25 - 74015 Martina Franca (TA):
- an e-mail to the e-mail address email@example.com
The data controller is: PANIFICIO SAN PIETRO of Valeria Palmisano, with offices in Via Pietro del Tocco, 23/25 - 74015 - Martina Franca (TA). VAT number. 02881950733, Tax Code PLMVLR82S56C741U and Registration in the Register of Companies of Taranto REA TA-176643 (telephone +39 080.4801623, e-mail firstname.lastname@example.org) The Data Controller has appointed a Data Protection Officer (DPO) who can be contacted for any information and request by e-mail at: email@example.com The updated list of data processors and persons in charge of processing is kept at the headquarters of the Data Controller. In accordance with the regulations in force for each User, during the registration process on the Website http://www.panificiosanpietro.it , it is requested to express the consent for data processing by ticking the "Accept" box. It is understood that the consent refers to the processing of data except those strictly necessary for the operations and services requested by the User at the time of accession, because for these activities the User's consent is not necessary. Last updated: 25/05/2018