Policy pursuant to Art. 13 of the European Regulation 79/2016 and consent
-last updated version 25 May 2018-
Dear Customer,
pursuant to Art. 13 of the European Regulation (EU) 2016/679 (hereinafter GDPR), and in relation to the personal data available to the Data Controller, we inform you as follows:
Data Controller and Responsible for the processing of personal data
The Data Controller is:
Etrusca S.r.l., with registered office in Città di Castello, Viale Romagna No. 73, CAP 06012 (PG), Italy. The Data Controller may be contacted at inf@camiceriaetrusca.com or by telephone: +39 0758511328.
The Data Controller has not appointed a personal data protection officer (DPO).
Personal data processing purposes
The data processing is aimed at the correct and complete execution of your request made on our website. Your data will be processed in order to:
- fulfil your relationship/agreement with the Data Controller, or to fulfil your specific requests before the conclusion of the relationship/agreement;
- fulfil obligations provided for by law, guidelines or European Community regulations;
- fulfil current administrative, accounting and financial obligations and to launch the agreement concluded between the parties;
- send you our promotional messages and updates concerning our charges and offers, for example Newsletter (unless express consent).
Personal data may be processed using both paper and computer archives (including mobile devices) and processed with methods, which are strictly necessary to meet the aforementioned purposes.
Data processing lawful base
The Data Controller treats your personal data lawfully, whereby the processing:
l is necessary for the correct execution of the agreement and the exact fulfilment/relationship established with the Data Controller;
l is necessary to fulfil a legal obligation, for which the data Controller is responsible;
l is based on the declared consent and on an expressed request.
Consequences of failure to notify personal data
In relation to personal data concerning the implementation of the request and/or relationship/agreement or concerning the fulfilment of a regulatory requirement (for example the obligations regarding the accounting and financial records), the failure to notify the personal data prevents the response to the request and/or the conclusion of the contractual relationship itself and exposure to potential sanctions provided for by the legal system.
As regards the purpose referred to in points 4, failure to give consent will not prevent the execution of the agreement, but will not authorize the Data Controller to send promotional messages and updates on rates and offers, for example Newsletter.
Data Retention
Your personal data, which will be processed for the aforementioned purposes, will be kept for the duration of the agreement and, subsequently, for the time in which the Data Controller is subject to retention obligations for financial purposes or for other purposes provided for by the law or regulations or the legal protection of the rights in court.
Data Notification
Your personal data may be disclosed to:
1. consultants and accountants or other lawyers, who provide services for the aforementioned purposes;
2. financial and insurance institutions, which provide services for the aforementioned purposes;
3. individuals, who process data, in order to fulfil specific legal obligations;
4. judicial or administrative authorities, in order to fulfil legal obligations.
Data profiling and dissemination
Your personal data are not subject to dissemination or to any entirely automated decision-making process, including profiling.
Rights for Data Subjects
The rights granted by the GDPR include:
l to ask the Data Controller to access your personal data and information relating to them; the correction of inaccurate data or the integration of incomplete ones; the deletion of personal data (upon occurrence of one of the conditions specified in Article 17, paragraph 1 of the GDPR and in compliance with the exceptions provided in paragraph 3 of the same article); the limitation of the processing of your personal data (upon occurrence of one of the hypotheses indicated in Article 18, paragraph 1 of the GDPR);
l to request and obtain from the Data Controller - if the processing lawful base is the contract or the consent, and it is carried out by automated means - your personal data in a structured and machine-readable format, also in order to communicate such data to another data controller (so-called right to personal data portability);
l to oppose the processing of your personal data at any time, upon occurrence of particular situations concerning you;
l to nullify the consent at any time, only in cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (for example, date and place of birth or place of residence), or particular data categories (e.g. data revealing your racial origin, your political opinions, your religious beliefs, your health or sexual life). The treatment based on the consent and carried out before its nullification preserves, anyway, its lawfulness;
l to propose a complaint to a control authority (Italian Data Protection Authority – Garante - www.garanteprivacy.it).
COOKIES POLICY
- last updated version 25 May 2018 -
What are Cookies?
Cookies are information entered on your browser when you visit a website or use a social network with your PC, smartphone or tablet.
Each cookie contains various data such as, for example, the name of the server from which it comes, an ID code, etc…
Cookies can remain in the system for a session (that is to say until the browser used to surf the web is closed) or for long periods and may contain a unique ID code.
Technical Cookies
This website uses the following technical cookies, which are automatically set up, after accessing to the website:
- Session Cookies: they are used to optimize performance, save browsing preferences and improve the User's surfing experience by reducing page loading times.
- Disabling these cookies may not allow the correct use of the contents and some of the website's services.
Cookies and widget of social media and third parties
Third-party services
Google Maps (Google Inc.)
Google Maps service allows to view and interact with the maps offered by Google Inc
Category: Targeting/Advertising
Provider: Google Inc.
Address: 1600 Amphitheatre Parkway Mountain View - CA94043 USA
Widget YouTube (Google Inc.)
They allow to display the video content uploaded on Youtube on your site pages.
Category: Targeting/Advertising
Provider: Google Inc.
Address: 1600 Amphitheatre Parkway Mountain View - CA94043 USA
Social Network
AddThis (AddThis, Inc)
addThis is a service provided by AddThis, Inc that displays a widget that allows interaction with social networks and external platforms and content sharing of this website. Third parties will be aware of the related interactions and user data, if the widgets are shown to them.
Category: Social Widget
Provider: AddThis, Inc
Address: Privacy Office c/o AddThis 1595 Spring Hill Road, Suite 300 Vienna, VA 22182 USA
Facebook Social Plugins (Facebook Inc.)
The "Like" button and Facebook social widgets are services of interaction with the Facebook social network
Category: Social Widget
Provider: Facebook Inc.
Address: 1601 S. California Ave Palo Alto - CA94304 USA
Statistics
Google Analytics (Google Inc.)
Google Analytics is a web analysis tool that offers statistics and updated data about how visitors use the website. The expansion code has been annexed on this website, in order to guarantee the anonymous registration of IP addresses.
Category: Advertising/Analytics
Provider: Google Inc.
Address: 1600 Amphitheatre Parkway Mountain View - CA94043 USA
How to disable cookies?
Disabling cookies
It is possible to refuse consent to the use of cookies by selecting the appropriate settings on your browser.
Hereinafter there are links that explain how to disable cookies for the most popular browsers:
- Internet Explorer™ : http://windows.microsoft.com/it-it/windows7/block-enable-or-allow-cookies
- Safari™ : https://support.apple.com/kb/PH17191?viewlocale=it_IT&locale=it_IT
- Chrome™ : https://support.google.com/chrome/answer/95647?hl=it
- Firefox™ : https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie
- Opera™ : http://help.opera.com/Windows/10.20/it/cookies.html
Disabling only third-party cookies
Moreover, if services are provided by third parties, the User can exercise his right to oppose the tracking, inquiring through the privacy policy of the third party, using the waiver link if explicitly provided or by contacting it directly.
Deleting cookies already stored on the terminal
Even if the authorization for using third-party cookies is revoked, cookies may have been stored on the user's terminal before this revocation.
For technical reasons it is not possible to delete these cookies. However, the User's browser allows their removal from the privacy settings. Indeed, one of the browser options is "Clear browsing data", which can be used to delete cookies, website data and plug-ins.
Anonymous Web Surfing
It is possible to surf without cookies by activating the "Do not Track" option, which can be found in most browsers, or by activating the anonymous Web Surfing mode.
For further information, please visit the following websites:
- Internet Explorer™ : http://windows.microsoft.com/it-it/internet-explorer/use-tracking-protection#ie=ie-11
- Safari™ : http://support.apple.com/kb/PH11952
- Chrome™ : https://support.google.com/chrome/answer/114836?
- Firefox™ : https://support.mozilla.org/it/kb/impedire-tracciamento-siti-web
- Opera™ : http://help.opera.com/Windows/12.10/it/notrack.html
Rights of the interested party
According to the GDPR (European Regulation 679/2016), the interested party is entitled to:
- ask the Data Controller to access your personal data and information relating to them; the correction of inaccurate data or the integration of incomplete ones; the deletion of personal data (upon occurrence of one of the conditions specified in Article 17, paragraph 1 of the GDPR and in compliance with the exceptions provided in paragraph 3 of the same article); the limitation of the processing of your personal data (upon occurrence of one of the hypotheses indicated in Article 18, paragraph 1 of the GDPR);
- request and obtain from the Data Controller - if the processing lawful base is the contract or the consent, and it is carried out by automated means - your personal data in a structured and machine-readable format, also in order to communicate such data to another data controller (so-called right to personal data portability);
- oppose the processing of your personal data at any time, upon occurrence of particular situations concerning you;
- nullify the consent at any time, only in cases in which the processing is based on your consent for one or more specific purposes and concerns common personal data (for example, date and place of birth or place of residence), or particular data categories (e.g. data revealing your racial origin, your political opinions, your religious beliefs, your health or sexual life). The treatment based on the consent and carried out before its nullification preserves, anyway, its lawfulness;
- propose a complaint to a control authority (Italian Data Protection Authority – Garante - www.garanteprivacy.it).
For further requests, please contact the Data Controller at the following E-mail address: inf@camiceriaetrusca.com