In compliance with EU Reg. 2016/679 (European Regulation for personal data protection) we hereby inform you as to the processing of the personal data you have conferred.
This notice shall not apply to any other website accessible through links published on the Internet sites owned by the Data Controller, who may in no way be held liable for third party Internet sites.
Through browsing activities on the website, the personal data of identified on unidentified individuals may be processed. This page provides a description of the website management methods used to process the personal data of the users who consult the site.
This notice is provided pursuant to art. 13 of EU Reg. 2016/679 (European Regulation for personal data protection) and is also inspired by the provisions of EU Directive 2002/58/EC, subsequently updated by EU Directive 2009/136/EC, with regard to Cookies as well as the Provision issued by the Italian Data Protection Authority of 08.05.2014 on cookies.
1. PROCESSING ENTITIES
THE DATA CONTROLLER, pursuant to articles 4 and 24 of EU Reg. 2016/679 is Consorzio Vino Nobile Montepulciano, owner and legal representative.
2. PURPOSES AND LAWFULNESS OF DATA PROCESSING
The personal data conferred will be processed in compliance with the requisites of lawfulness stipulated by art. 6 of EU Reg. 2016/679 for the following purposes:
a) Management of data processing pertaining to (art. 6 lett. b)):
- browsing activities on this website;
- possible completion of data acquisition forms when forwarding inquiries to the Data Controller;
- fulfilment of contractual and legal obligations and for administrative-accounting purposes. In compliance with the personal data protection provisions, processing activities carried out for administrative-accounting purposes are those associated with activities of an organizational, administrative, financial and accounting nature, regardless of the type of data being processed.
3. BROWSING DATA
Like all websites, this site uses log files for the storage of information automatically acquired during the users’ visits. The information acquired could be one of the following types:
- Internet protocol address (IP);
- browser type and parameters of the device used to connect with the website;
- name of the Internet service provider (ISP);
- date and time of visit;
- visitor’s referral source and exit page;
- the number of clicks.
This type of information is not acquired for the purpose of being associated with identified users but, owing to its nature, could be elaborated and associated with data held by third parties to identify the users.
The data could be used to ascertain responsibility in the event of hypothetical cyber crimes which are harmful for the website: barring this possibility, at present web contact data is never stored for any longer than seven days.
4. DATA CONFERRED VOLUNTARILY BY USERS
The optional, explicit and voluntary mailing of electronic messages to the addresses indicated on this website imply the subsequent acquisition of the sender’s address, which is required to answer inquiries, along with any other personal data included in the e-mail.
Cookies (small text files enabling the storage of information regarding visitors’ preferences, to improve the working of the site) may be used.
Our website may use "cookies" to improve the user’s browsing experience. The user’s web browser saves these cookies in its hard disk to keep a trace of the visit and sometimes to keep a trace of information. Users may choose to set their web browser to disable cookies, or to be advised whenever they are sent. If these options are set, some parts of the Website may not work correctly.
WHICH COOKIES DOES THIS WEBSITE USE AND HOW CAN USERS DENY CONSENT TO INDIVIDUAL PROFILING OR THIRD PARTY COOKIES.
As well as technical cookies, this website may send users the following profiling or third party cookies:
In order to deny consent to the use of one or more profiling cookies, you may:
- access the website links indicated above to deny consent;
- alternatively, follow the disabling procedure contemplated by the main browsers:
6. PERSONAL DATA RECIPIENTS OR CATEGORIES OF RECIPIENTS
The personal data conferred may be disclosed to recipients who are appointed pursuant to art. 28 of the EU Reg. 2016/679, to process the data in their role as data supervisors and/or as individuals acting under the authority of the Data Controller and Data Supervisor, for the purpose of complying with contractual obligations or purposes associated with them. More specifically, data may be disclosed to recipients belonging to the following categories:
- Service providers for the management of the IT system and the communication networks of Consorzio Vino Nobile Montepulciano. (comprising electronic mail);
- Firms or companies providing assistance and consultancy services;
- The competent authorities for legal obligations and provisions of public bodies (State Police), on request;
- In the case of administrative and accounting purposes, data may be transferred to companies providing business information services in order to assess solvency and paying habits and/or to companies for the purpose of debt collection.
The entities belonging to the aforementioned categories either act as Data Supervisors or operate independently as Data Controllers.
7. DATA CONTROLLER
The data acquired by the site are processed on the premises of the Data Controller and by the data centre of the Hosting web. The hosting web, which is responsible for processing data on behalf of the Data Controller, is located in the European Economic Area and acts in compliance with European regulatory norms.
The list of appointed data supervisors is constantly updated and available on the premises of the Consorzio Vino Nobile Montepulciano
8. TRANSFER OF DATA TO THIRD PARTY COUNTRIES AND/OR INTERNATIONAL ORGANIZATIONS
The personal data conferred will not be transferred abroad either within or outside of the European Union.
9. STORAGE PERIOD OR CRITERIA
Data processing activities will be carried out automatically and/or manually, using methods and equipment aimed at guaranteeing maximum security and privacy, by persons specifically assigned to this task.
In compliance with art. 5 para. 1 lett. e) of EU Reg. 2016/679 the personal data acquired will be stored in a form which enables the identification of the data subjects for a period of time not exceeding the fulfilment of the purposes for which the personal data has been processed. For further information regarding the criteria governing data storage, please write to firstname.lastname@example.org.
10. NATURE OF DATA CONFERMENT AND DENIAL
Apart from what has been specifically indicated for browser data, users are free to confer their personal data in the dedicated sections of the website.
IThe conferment of personal data for the purposes referred to in point a) of this notice is necessary to complete specific functions and to enjoy the services provided by the Data Controller, for example to receive a reply to inquiries. Failure to confer personal data may make it impossible to obtain the requested service or to experience the services provided by the website.
11. DATA SUBJECTS’ RIGHTS
You may exercise your rights, as expressed by articles 15 – right of access, 16 – right of rectification, 17 – right of deletion, 18 – right of restricted processing, 20 – right of portability, 21 – right of refusal, 22 right to refuse automated decision-making processes of the GDPR 679/16 of EU Regulation 2016/679, by writing to the Data Controller at email@example.com.
You are entitled, at any time, to ask the Data Controller for access to your personal data, as well as its rectification, deletion and restricted processing.
Moreover, you are entitled, at any time, to deny consent to the processing of your data (comprising automatic processing, e.g. profiling) and the portability of your data.
Without prejudice to any other administrative or judicial appeal, if you believe that the processing of your personal data is in breach of the provisions laid down by EU Reg. 2016/679, pursuant to art. 15 letter f) of the aforementioned EU Reg. 2016/679, you are entitled to forward a claim to the Italian Data Protection Authority and, with reference to art. 6 paragraph 1, letter a) and art. 9, paragraph 2, letter a), you are entitled to withdraw your consent at any time. Link to the site of the Italian Data Protection Authority: www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524
In the event of a data portability request, the Data Controller will supply you with your personal data in a commonly used and machine readable format, without prejudice to paragraphs 3 and 4 of art. 20 of the EU Reg. 2016/679.
Download complete notice - Website
Download complete notice - Customer
Download complete notice - Supplier