MANAGEMENT OF DATA RELATING TO THE USE OF THE COMPANY’S WEBSITE
Information for website users
You will find below the management methods of the politi.it winery site (hereinafter also referred to as “Enterprise”) in relation to the processing of personal data both of the users who consult it, and of those who establish an economic relation with the Company, or similar to it. This policy has been drawn up according to EU Regulation 2016/679; it is aimed at those who interact with the Company’s web services and does not concern other websites that may be consulted by users through links.
The data controller is Politi Winery, headquartered in Frazione Nidastore, 84, Arcevia, Italy, P. IVA 00487350423
PLACE OF DATA PROCESSING AND STORAGE
The processing connected to the web services of this site takes place at the address indicated above and it is managed by the owner or by personnel specifically in charge of the management of the site.
No data deriving from the web service are disclosed or released.
In any case, the data collected will be or may be disclosed to third parties, such as:
(1) banks responsible for regulating payments in accordance with the agreed procedures;
(2) bodies authorized to fulfil their obligations within the limits of the legal provisions;
3) natural or legal persons who, under contract with the Company, provide specific processing services or carry out activities connected, instrumental or supportive to those of the Company.
Currently, data are stored in the website back office
TYPES OF DATA PROCESSED
The IT and telematics systems, as well as the software procedures necessary for this website functionality acquire, during the normal exercise, some data classifiable as “common personal” whose transmission is implicit in the use of internet communication protocols.
Personal data are not collected to be linked with the person interacting with the site, but by their very nature, through processing and associations with data held by third parties, might allow to identify users.
This category includes: the IP addresses, URLs, or domain names of computers used by users connecting to the site, the Uniform Resource Identifier (URI) notation addresses of the requested resources, the time of requests, the file size, the numeric code indicating the status of the server’s response (e.g. it was successful, error) and other parameters related to the operating system and the user’s computer environment.
This data could be used to ascertain liability in case of hypothetical computer crimes against the site.
Data voluntarily provided by the user.
The optional, explicit and voluntary sending of e-mails, or other communications, to the addresses indicated on this site involves the subsequent acquisition of the sender’s address useful for a feedback or the provision of the services, as well as any other personal data entered by the sender in the communication.
Users should not provide either their own or third parties’ information constituting sensitive data pursuant to EU Regulation 2016/679, in particular relating to health, without having previously given their consent to the processing in accordance with the law.
The nature of the provision of data is optional. However, the same data are necessary to perform the assigned task and to meet tax obligations. In the absence of provision, it is therefore impossible to carry out any activity in favour of the applicant.
It has to be highlighted that in the event of a relation with the user, the Company shall provide for the consent request to send commercial communications and/or information in general.
In the website, there is also a “Customer Area” where only authorised users, that is, those to whom an authorisation credential has been issued by the data controller or by a person in charge, are entitled to insert or download files.
It should also be noted that, pursuant to Art. 6 of EU Regulation 2016/679, consent is not required when processing is necessary to perform obligations arising from a contract to which the Data Subject is a party or to comply with specific requests of the Data Subject before the contract conclusion.
PURPOSE AND METHOD OF PROCESSING
The transmitted data are stored and processed according to security and secrecy warranties under EU Regulation 2016/679 and are used only and exclusively to perform the assigned task and for the information communications sent by the Company, as well as for the obligations required by law.
The processing of data may be in paper, telematic and automated mode.
The data transmitted are not in any way alienated or transferred, in any capacity, to third parties, except with prior and express consent of the Data Subject.
No personal data of users are acquired by the site in this regard.
The use of session cookies (which are not persistently stored on the user’s computer and disappear by closing the browser) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site.
OPTIONALITY OF DATA PROVISION
Apart from the specifications regarding navigation data, the user can freely provide personal data by filling in a short FORM that allows the sending of an email to the email@example.com address to ask for information or for other communications, or by filling in a specific FORM within the page.
Furthermore, it is important to clarify that in some cases, not subject to the ordinary management of this site, the Authority may request news and information for the purpose of a control on the processing of personal data; in these cases the response is mandatory to avoid administrative sanction risk.
RIGHT OF PERSONS CONCERNED
Each person has the right to receive confirmation of the existence or not of the data at any time and to know their content and origin, to verify their accuracy or to request their integration or updating, or the correction of the data provided.
In addition, you have the right to request the deletion, anonymous transformation or blocking of data processed in violation of the law, as well as the right to oppose their processing in any case, for legitimate reasons.
Requests must be made in one of the following ways:
- registered Letter A/R sent to the registered office of the data controller;
by email to firstname.lastname@example.org,
EU Regulation 2016/679, in particular what is stated in Chapter III. This Company makes it available at the simple request of the Interested Party.