Privacy Policy

This document concerns the personal data privacy policies of Alimentari del Sole SRL which manages the website www.latteriadelsole-shoponline.it, intends to describe as accurately as possible the methods of processing the personal data of users and visitors to our site.

This information is also provided pursuant to Article 13 of Legislative Decree No. 196 of 30 June 2003, addressed to users of the services on our website and provided via the Internet.

This policy does not apply to other websites that may be accessed via our links, for which Alimentari del Sole SRL is in no way responsible.

The guidance provided below is also inspired by Recommendation No. 2/2001 of the European Data Protection Working Party, adopted on 17 May 2001 pursuant to Article 29 of Directive 95/46/EC, which specifically concerns the collection of personal data online. It aims to identify the measures that must be implemented with respect to data subjects to ensure the fairness and lawfulness of such practices (pursuant to Articles 6, 7, 10, and 11 of Directive 95/46/EC).

The Customer's personal data are processed in accordance with EU Regulation 2016/679, known as GDPR (General Data Protection Regulation) and hereinafter referred to as the Regulation.

The navigator is here referred to as the Client.

Purpose of data collection and processing

The personal data that the Customer provides during the relationship are processed for the purposes of:

1. to execute the obligations arising from the sales contract or in any case from the supply of goods or services, even if free of charge.

2. fulfill obligations imposed by laws, regulations or community legislation.

3. pursue promotional and advertising purposes, only if expressly and previously consented to by the Customer by "clicking" on the appropriate box in the newsletter registration form.

Legal basis for processing

The legal basis for the processing for the purpose referred to in letter a) is Article 6.1.b of the Regulation, which states that the treatment And necessary for the performance of a contract to which the interested party is party And party or to the execution of pre-contractual measures adopted at the request of the same, as well as on the authorizations currently in force from the Guarantor for the protection of personal data.

The legal basis for the processing for the purpose referred to in letter b) is Article 6.1.c of the Regulation which states that the treatment And necessary to fulfill a legal obligation to which And subject the Data Controller.

The legal basis for the processing for the purpose referred to in letter c) is Article 6.1.a of the Regulation, which states that the interested party has given consent to the processing of his or her personal data for one or more specific purposes.

Providing your personal data for the purposes indicated above is optional, but failure to do so will prevent us from providing the requested services.

Your personal data is processed using manual, computerized, and electronic tools that ensure the security and confidentiality of the data.

Data collected

Depending on the situations described in the following paragraphs, the personal data collected may be of different nature and quantity.

Simple registration on the site

Simply registering on the site may be necessary to access areas of the site reserved for certain Customers or to allow the Customer to subscribe to the newsletter (see below).

For registration on the site, only two pieces of data are collected:

• the username, which is chosen by the Customer

• the password, which is also chosen by the Customer.

Both the username and password may be subject to restrictions: to avoid identical usernames between different Customers or to prevent the password from being too insecure.

Full registration

If the site provides the provision of goods or services, the following data is also collected during registration:

• the name and surname

• the company name, if any

• the residential address and the shipping address, if applicable; address This refers to the street, house number, province, city and country

• the telephone number (landline, mobile or both)

• the email address

• the tax code

• the VAT number, if applicable

• the possible group of Customers to whom the Customer is assigned.

Newsletter subscription

If the site periodically releases an information bulletin (newsletter), Customers can subscribe through a specific subscription or by simply registering on the site.

The data required for newsletter subscription are:

• the name and surname

• the email address.

This data can be integrated with that provided during registration.

Browsing data and cookies

The software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be associated with identified users, but by its very nature, it could, through processing and association with third-party data, allow users to be identified.

This category of data includes:

• the IP addresses or domain names of the computers used by Customers who connect to the site

• the URI (Uniform Resource Identifier) ​​addresses of the requested resources

• the time of the request

• the method used in submitting the request to the server

• the size of the file obtained in response

• the numeric code indicating the response status given by the server (successful, error, and so on)

• other parameters relating to the user's operating system and computing environment.

This data is used solely to obtain anonymous statistical information on site usage and to verify its proper functioning. It is deleted immediately after processing. This data may be used to determine liability in the event of any cybercrime committed against our site.

The hosting service provider may potentially have access to the data exclusively for technical reasons of necessity and urgency that require intervention to avoid compromising functionality and security.

Despite the site www.latteriadelsole-shoponline.it does not perform profiling, it is possible that some third-party software present on the site (for example, Google or Facebook applets) track the Customer's behavior in order to provide advertising information consistent with his or her online behavior.

For more information about third-party tracking, see the extended information regarding cookies.

Data controller

The person responsible for processing personal data is Josef Pugliese.

Place of data processing

The treatments connected to the web services offered by the site www.latteriadelsole-shoponline.it (physically located at the datacenters of Ergonet in Milan, Via Caldera 21 and in Turin, Corso Svizzera 185) are carried out at the headquarters of Alimentari del Sole SRL, the data controller.

Customers' personal data is handled only by Alimentari del Sole SRL employees or collaborators appointed for data processing, or by any persons assigned to occasional maintenance operations. No data deriving from the web service is communicated or disseminated.

Transfer of data to third parties and customer tracking

Customer data will never be transferred to third parties, either for a fee or free of charge, unless the Customer himself gives prior and verifiable authorization.

Rights of the interested party

Customers interested in the processing of their personal data enjoy specific rights under the law, as set out below.

1. The interested party has the right to obtain confirmation of the existence or otherwise of personal data concerning him, even if not yet registered, and their communication in an intelligible form.

2. The interested party has the right to obtain information on:

   1. of the origin of personal data

   2. of the purposes and methods of processing

   3. of the logic applied in case of processing carried out with the aid of electronic instruments;

   4. of the identifying details of the owner, the managers and the designated representative

   5. of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, as managers or persons in charge

3. The interested party has the right to obtain:

   1. the updating, rectification or, when there is interest, the integration of the data

   2. the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which they were collected or subsequently processed

   3. the certification that the operations referred to in the letters to) And b) have been brought to the attention, including with regard to their content, of those to whom the data have been communicated or disseminated, except in the case in which such fulfillment proves impossible or involves the use of means manifestly disproportionate to the right protected;

4. The interested party has the right to object, in whole or in part:

   1. for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of the collection

   &

   to the processing of personal data concerning him/her for the purpose of sending advertising material or for carrying out market research or commercial communications.

Possibility of modification and cancellation

In relation to what is reported in the paragraph Rights of the interested party, it is specified that deleting a Customer's personal data may, in some cases, compromise the integrity of the database; for example, when the Customer has made a purchase that has been invoiced, it is impossible to delete all the customer data because the data included in the invoice must be retained by law.

To avoid the possibility of compromising the integrity of the database, it is therefore essential not to delete the Customer from the tables, but to mark this customer as disabled or inactive.

If the customer still feels it is important for him to completely eliminate some data that is not essential for invoicing (or even other data if no invoices have been issued), he can ask to replace such data with anonymous data.

Modification of data by the Customer

The Customer has the possibility to modify almost all personal data by accessing his/her profile.

Edit data on request

If the Customer wishes to request the deletion of his/her personal data, without proceeding on his/her own, he/she can contact Josef Pugliese.

Security criteria adopted

Personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are implemented to prevent data loss.

The Customer's personal data is stored on a server which can be accessed via encrypted protocol (HTTPS) by entering your username and password.

External SQL access to the site database is disabled. It is only temporarily enabled when necessary for maintenance.

The computers used to access the server have a specific work account, with no administrative privileges. Access to this account is possible only by entering a username and password, which are different for each user.

The administrator user has their own account, with their own username and password. The administrator account is never used for day-to-day operations, but only for computer maintenance.

Updates

The conditions of sale, the Privacy Policy and theExtended information Cookies are constantly reviewed and updated. Each time you access the site, it is your responsibility to verify any changes by checking the date of the last revision of the documents.

This document was last revised on February 18, 2019.