The Data Controller
The owner of the processing of your data is: Ustè srl – 700enolocanda – Via Resistenza 121 / B – 20090 Buccinasco (MI) – piva: 09727260961 – PEC: email@example.com – REA: MI – 2110228- Share capital: EUR 100,000
The data processing manager
Il responsabile del trattamento dei tuoi dati è l’Amministratore Delegato di: Ustè srl – Via Resistenza 121/B – 20090 Buccinasco (MI), info@700Enolocanda
Definition of “personal data”
Data processing methods
Users can access different sections of the website without giving any personal information. The Data Controller of your data processes and collects personal data online through its website and / or portal or other Company e-mail address; these treatments are carried out, in a mainly automated way, in the following ways: 1) Data released voluntarily by usersThe Data Controller of your data collects personal information and other data that are entered in the registration form or released in the form fields of the website and / or portal, as well as forwarded to the Company by electronic mail. These data may relate to information necessary to provide the services requested by the interested party (eg Newsletter) and / or to contact the interested party (name, postal address, e-mail address, telephone number, user ID and password), or even the date of birth, the professional credentials, the hobbies and interests of the user.2) Navigation data collected through the use of electronic tools Computer systems and software procedures used to operate the website of the Owner in the processing of your data they acquire, during their normal use, a series of personal information whose transmission is implicit in the use of Internet communication protocols (for example, the user’s IP address or the computer’s domain name used to access the website, the URL of the requested resources, the time of the request or the time of the session, the method used to submit the query to the server, the size of the files received in response to the request, the numeric code concerning the status of the response given by the server and other type of information regarding the operating system and the user’s computer environment). The website and / or web portal of the data controller of your data uses technologies such as cookies or similar in order to collect and / or transmit users’ personal data. The data controller of your data uses these technologies exclusively for the purpose of obtaining statistical information on the use of the site and / or web portal (eg total number of visitors to the sites, number of visitors per single web page, name of the original domain of the internet service provider of the visitors). In particular, the use of session cookies (those that are removed from the user’s computer when the browser is closed) is strictly limited to the transmission of information related to the user’s session, of fundamental importance for a safe and efficient navigation of the website and / or portal. Furthermore, the use of these session cookies strictly excludes the use of other IT techniques that are potentially detrimental to the confidentiality of users’ browsing and does not allow the acquisition of personal data identifying them.
Details on the processing of personal data
The User Data is collected to allow the Owner to provide its services, as well as for the following purposes: Statistics, Contacting the User, Interaction with external social networks and platforms, Registration and authentication, Social Applications, Payment management, Interaction with support and feedback platforms, Infrastructure monitoring, Traffic optimization and distribution, Interaction with live chat platforms, Remarketing and Behavioral Targeting, Address management and sending of email messages, Display of content from external platforms, Affiliation commercial and Heat mapping. The types of Personal Data used for each purpose are indicated in the specific sections of this document.
Purpose of the processing of the collected data
The Personal Data may be collected for the following purposes and using one or more of the following services:
These services allow the website and / or portal to draw on your profile data on social networks, and to make interactions with your post. These services are not activated automatically, but require explicit authorization from the user.
Access to the Twitter account
Access to the Facebook account
This service allows the site to connect with the User’s account on the Facebook social network, provided by Facebook Inc.
Il sito potrebbe richiedere alcuni permessi Facebook che consentono di eseguire azioni con l’account Facebook dell’Utente e di raccogliere informazioni, inclusi Dati Personali, da esso.
The required permits are as follows:
- Basic information The basic information of the User registered on Facebook which normally includes the following Data: id, name, image, genre and localization language and, in some cases, the “Friends” of Facebook. If the User has made publicly available Further data, the same will be available.
- Email Provides access to the user’s primary email address
- Page management Allows the application to retrieve access_tokens for the Pages and Applications that the user administers.
Access to the Pinterest account
Access to the Instagram account
These services allow interactions with social networks, or with other external platforms, directly from the site and / or portal. The interactions and information acquired from the site and / or portal are in any case subject to the user’s privacy settings relating to each social network. In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, the same collect traffic data relating to the pages in which it is installed.
Tweet button and Twitter social widgets (Twitter)
Like button and Facebook social widgets (Facebook)
+1 button and Google+ social widgets (Google)
“Pin it” button and Pinterest social widgets (Pinterest)
Instagram widget (Instagram, Inc.)
By registering to the mailing list or to the newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this site and / or portal may be transmitted . The User’s email address could also be added to this list as a result of registering on the site form or after making a purchase. Personal data collected: Email.
Address management and sending email messages
These services allow you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. These services could also allow you to collect data relating to the date and time of display of the messages by the User, as well as to the User’s interaction with them, such as information on clicks on the links inserted in the messages.
MailChimp (The Rocket Science Group, LLC.)
Interaction with live chat platforms
This type of CHAT services allows you to interact with live chat platforms, managed by third parties, directly from the pages of the website. This allows the User to contact the Application support service or to this Application to contact the User while he is browsing his pages. In the case in which an interaction service with live chat platforms is installed, it is possible that, even if the Users do not use the service, the same collect Usage Data relating to the pages in which it is installed. Furthermore, live chat conversations could be recorded.
Toc Toc chat widget (Toc Toc srl)
Interaction with support and feedback platforms
These services allow interaction with support and feedback platforms, managed by third parties, directly from the pages of the site and / or portal. In the event that an interaction service is installed with the support and feedback platforms, it is possible that, even if the Users do not use the service, it collects Usage Data related to the pages in which it is installed.
These services allow the Application to distribute its contents through servers located throughout the territory and to optimize its performance. The Personal Data processed depend on the characteristics and implementation methods of these services, which by their nature filter communications between the site and / or portal and the User’s browser. Given the distributed nature of this system, it is difficult to determine the places where the contents are transferred, which may contain User Personal Data.
It is a traffic optimization and distribution service provided by MaxCDN.
The MaxCDN integration methods foresee that this filters all the site / portal traffic, ie the communications between the site / portal and the User’s browser, also allowing the collection of statistical data on it.
Font Awesome CDN
It is a service that provides fonts in the form of icons used on customer sites.
Font Awesome uses the information collected for the following general purposes: supply of products and services, identification and authentication, improvement of services, contact and research.
These services allow the site and / or portal to monitor the use and behavior of its components, to allow them to improve performance and functionality, maintenance or troubleshooting. The Personal Data processed depend on the characteristics and implementation methods of these services, which by their nature filter the activity of the site.
AdWords Remarketing (Google)
AdWords Remarketing is a Remarketing and Behavioral Targeting service provided by Google Inc. that connects the activity of this Application with the Adwords advertising network and the Doubleclick Cookie.
Personal data collected: Cookies and usage data.
Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a Remarketing and Behavioral Targeting service provided by Facebook, Inc. that connects the activity of this Application with the Facebook advertising network.
Personal data collected: Cookies and usage data.
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics (Google)
Facebook Ads conversion tracking (Facebook)
Google AdWords Conversion Tracking (Google)
Mapping services are used to identify which areas of a page are subject to the cursor passing or mouse clicks in order to detect which of them attract the most interest. These services allow the monitoring and analysis of traffic data and are used to keep track of User behavior.
Albacross Nordic AB
These services allow you to view content hosted on external platforms directly from the pages of the site / portal and interact with them. In the event that a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.
Widget Video Youtube (Google)
Widget Video Vimeo (Vimeo, LLC)
Widget Google Maps (Google Inc.)
By registering or authenticating, the User allows the site / portal to identify it and give it access to dedicated services. Depending on what follows, registration and authentication services could be provided with the help of third parties. If this happens, this application will be able to access some Data stored by the third party service used for registration or identification.
The User registers by filling out the registration form on the website and providing his / her Personal Data directly to the site / portal. Personal data collected: name *, surname *, email *, telephone / fax *, address, city, post code, country , No. of Adults, No. of Children / Age of Children, acceptance of privacy *, additional request field (used for free text). * Compulsory fields being inserted to be contacted.
Purpose of the collection
- allow access to services provided by the site / portal and reserved for registered users,
- to be able to contact you on your request to provide you with the specific information and assistance you need or have requested our intervention
- with your express specific consent, for the sending of commercial information and for marketing purposes both with automated methods (eg email, fax, sms, mms etc.) and non-automated (eg ordinary mail, telephone with operator etc. ) in relation to products and services of companies and / or business partners,
- with your express consent to carry out, with electronic tools, profiling activities, analysis of purchase decisions and market research in order to improve the offer of services and commercial information, making them more in line with your interests.
- This information may be supplemented by further information provided at the time of any request for specific services.
Communication and / or dissemination of personal data
- when online users have authorized the release of information,
- when the aforementioned owner of the data processing needs to communicate information about users to offer services and satisfy the request of an online user,
- when the aforementioned data controller need to communicate information to their partners who perform services for online users,
- when the data controller mentioned above is required, by order of the judicial authorities, to release information about users, or in accordance with a local law or international, regulation or mandate.
Protection of personal data
In compliance with the principle of minimization of the treatment set forth in art. 5 GDPR, The holder of the aforementioned data processing guarantees that the processing by electronic means is carried out by reducing to a minimum the use of personal data and identification data, limiting the use of the cases in which they are strictly necessary to achieve the goals for the which were collected. The holder of the aforementioned data processing also guarantees the adoption and observance of specific security measures to prevent the loss of data, any illicit or incorrect use of the same and unauthorized access. The data of the user will be kept by the data controller for a maximum of two years from the last interaction with the user and up to any cancellation order by the interested party, including the data which does not need to be kept in relation for the purposes for which they were collected, in compliance with the rights enshrined in articles 15 – 21 GDPR and to be implemented in the manner described in the following paragraph “Your Rights”. It is the responsibility of each individual user to guarantee and verify the ownership and custody of their passwords and related access codes to web resources.
Consent to the processing of personal data
The owner of the aforementioned data processing processes the data of its users / customers exclusively with the consent of the same. However, if the user does not consent to the processing of data or requests the deletion of his / her data, it will not be possible to access the restricted areas of the Company’s website / portal.
Optional supply of data
Apart from that specified for navigation data, the user has the right to provide or not the personal data contained in the request and / or registration forms of the website / website of the aforementioned data controller. Failure to provide such data may make it impossible to obtain what is requested. For completeness it should be remembered that in some cases (not subject to the ordinary management of this site) the Authority may request news and information pursuant to art. 58 GDPR, for the purpose of monitoring the processing of personal data. In these cases the response is mandatory under penalty of administrative sanction.
Right to access personal data and other rights
Users of the website / web portal can always contact the Data Controller to assert their rights as provided for in articles 15 to 21 of the GDPR on the basis of which:
- The interested party has the right to obtain confirmation that a processing of personal data concerning him is being carried out and in this case to obtain access to personal data and the following information: a) the purposes of the processing b) the categories of personal data in question c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations; d) when possible, the data retention period expected personal or, if this is not possible, the criteria used to determine this period, e) the existence of the data subject’s right to request the data controller to rectify or delete personal data or limit the processing of personal data which concern him or object to their processing f) the right to lodge a complaint with a supervisory authority g) if the data is not collected from the data subject, all information available on their origin h) the existence of an automated decision-making process, including the profiling referred to in Article 22, paragraphs 1 and 4 GDPR, and, at least in such cases, significant information on the logic used, as well as the importance and the expected consequences of such treatment for the data subject.
- The interested party has the right to obtain: • the updating, rectification or, when interested, integration of the data • the deletion of data concerning him for the reasons specifically provided for by art. 17 GDPR (right to oblivion), the transformation into anonymous form or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were or subsequently processed;
- The owner of the processing of your data, in the event that the personal data have been made public and is obliged to delete them at the request of the interested party, adopts reasonable, even technical, measures to inform those who are processing the personal data of the request of the concerned to cancel any link, copy or reproduction of his personal data, except in the case where such fulfillment proves impossible or involves the use of means manifestly disproportionate with respect to the protected right.
- the interested party has the right to object, pursuant to art. 21 GDPR, in whole or in part: • for reasons connected to its particular situation, to the processing of personal data concerning him, even if pertinent to the purpose of the collection. The data controller refrains from further processing personal data unless he demonstrates the existence of legitimate cogent reasons for processing that prevail over the interests, rights and freedoms of the data subject or for verification, exercise or the defense of a right in court • to the processing of personal data concerning him for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication.
In accordance with these provisions, and in addition to the other rights specified herein, the aforementioned data controller provides the users of their website / web portal with the following possibilities:
- no collection of personal data: The user can choose not to provide personal data online to the data controller mentioned above by deciding not to enter or release personal information in the registration form or in the web form fields, or not using case no personalized service among those available on the website / portal of the Company. Some of the contents and / or services of the site / portal are offered exclusively to users who release personal information or use personalized services.
- limitations on the use and communication of personal data for different purposes: Access to certain sections of the contents and / or services of the website of the aforementioned data controller may require the user’s consent to use and release personal data to purpose of implementing the list of contacts and / or identifying and offering additional services and promotions considered interesting for the user. Users can limit the further processing of this information by checking or choosing the options to be set when entering the data.
Furthermore, the information provided after the first registration can be modified or deleted by changing the settings previously entered in the registration form on the website / website of the above-mentioned data controller, accessing the special “Newsletter” section on the home page. It is also possible for users to access their personal data, released and stored online and, where permitted, it is also possible to update and modify personal data online.
The “cookie” technology is used to obtain information about the experience gained on the website / web portal and to allow the operation of some services that require the passage of the user on the various pages to be identified.
What are cookies?
A “cookie” is information sent by a server to a browser and allows the server to collect information from the browser and vice versa. The cookie will help the website / web portal to recognize your device if the site / portal is visited again. Cookies serve many functions. For example, they can help us remember your username and your preferences, analyze the performance of our website or even allow us to recommend content that we think may be of interest to you. Our cookies are normally anonymous and cannot be linked to personal data. ‘user. First-party cookies are associated with the domain name of the page you are visiting and allow you to identify the person by cross-referencing with our database, they can be assigned only upon explicit user request and in order to allow their immediate identification for access restricted areas of the website, without users having to manually enter login and password. The identity of the user is never, in any case, included directly in the cookie and cannot be intercepted. Whenever you access the website / web portal, regardless of the presence or absence of a cookie, we record the type of browser, the operating system and the host along with the visitor’s source URL, as well as information on the requested page. This data can, therefore, be used in aggregate and anonymous form to perform statistical analysis on the use of the website.
Types of cookies
The cookies used on the website / web portal are divided into 4 types:
- Technical cookies
- Performance and functionality
- cookies Statistical
- cookies Profiling Cookies
Required for navigation within the site / portal and the use of some of its functions (eg timing of the display of some pages in “pop-up” mode, etc.). Performance cookies and functionalities performances collect anonymous information on the pages visited by users. They are used to trace the most sought after pages and are useful for improving links between pages and for determining the reason for possible error messages.
also store the choices made by the user in order to improve navigation and your online experience. Statistical cookies Provided and managed by third parties to statistically analyze access to the site / portal. The collection of information takes place solely in anonymous and aggregate form and personal data of users are not stored. You can decide not to use these cookies follow the information in the section Purposes of the processing of the collected data.
Provide and managed by third parties to generate specific advertising messages based on browsing habits and the interests of individual users. However, these cookies do not use sensitive user data. “The storage of information in the terminal equipment of a contractor or user or access to information already stored is permitted only on condition that the contractor or user has given his consent after being informed in a simplified manner referred to in Article 13, paragraph 3 “(Article 122, paragraph 1 of the Code). See section Purposes of the processing of collected data
Browser settings (art.122, paragraph 2, of the privacy code and Cookie Law – Directive 2009/136 CE)
The functions of cookies can be disabled through the appropriate page made available by EDAA (European Interactive Digital Advertising Alliance) http: //www.youronlinechoices.com/it/, or by acting on the Privacy settings of your browser. Without prejudice to the foregoing, it should be noted that disabling cookies may affect the proper functioning of certain sections of the Site / portal. Each browser handles cookies differently. To deactivate them, follow your browser instructions at www.allaboutcookies.org.
What happens to cookies that have been downloaded in the past?
We will only read or write cookies based on the preference level indicated in the cookie setting tool. The cookies present before changing your settings will remain on your computer and you can remove them using your browser settings.
Can we know if our users open our emails?
Our emails can contain a “web beacon pixel” that can make us know if our emails have been read and can check if you clicked on the links contained in the email. We may use this information for various purposes, including determining which of our emails are of most interest to users and asking whether users who do not open our emails wish to continue to receive them. Pixels will be deleted when you delete the email. From that moment on we will not be able to obtain any data, but we will keep the data already in our possession.