Information of the rules Ue 2016/679 – General Data Protection Regulation
The purpose of this document is to inform Users about Personal Data collected from the website https://www.tenutamonterosso.com (hereinafter “Application”).
The Data Controller, as subsequently identified, may modify or simply update, in whole or in part, this information by informing the Users. The changes and updates will be binding as soon as they are published on the Application. The User is therefore invited to read the Privacy Notice at each Application access.
1. Personal Data collected by the Application
The Data Controller collects the following types of Personal Data:
Contents and information provided voluntarily by the User
Contact details, credentials, contents: for example personal data, e-mail or postal address and other contact data, passwords and security information used for authentication and access to the account, personal interests and preferences and other personal content, etc.
Personal data collected by Social Media: Users can share data communicated to social media with the Application. The User has the right to check the Personal Data to which the Application can access when he / she accesses his social media accounts and through the privacy settings available through the social media in question. By associating accounts managed by social media with the Application and authorizing the Data Controller to access such Data, the User gives consent to the acquisition, processing and storage of data provided by said social media in accordance with this Privacy Notice.
Failure to provide certain data from the User could prevent this application from providing its services.
The User assumes the responsibility of the Personal Data of third parties published or shared through this Application and has the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
If the processing of Personal Data is based on the consent of the User, the same can revoke it at any time.
Data and contents acquired automatically during use of the Application
Technical data: the IT systems and software procedures used to operate this Application may acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interested parties, but due to its very nature, could, through processing and association with Data held by third parties, allow users to be identified. This category includes the IP addresses, or the domain names used by the Users that connect to the Application, the addresses in Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained, etc.
Usage data: Data relating to the use of the Application by the User, such as the pages visited, the actions performed, the functionalities and the services used can also be collected.
Geolocation data: the application can collect location data, which can be precise or inaccurate. Location accurate data can be Global Navigation Satellite System (GNSS) data, as well as data that identifies the nearest repeater, Wi-Fi hotspots and bluetooth, communicated when you enable products or features based on position.
Personal data collected through cookies or similar technologies
The collected data can be used for the following purposes: support and contact with the User
personalization of the User’s experience of comment and feedback
access to accounts on third-party services by communicating the Data to https: // en-en.facebook.com/help/325807937506242
external management of payments by credit card, bank transfer or other instruments. The Data used for payment are acquired directly by the payment service provider requested without being in any way treated by this Application. Payments are provided by communicating the Data to https://www.paypal.com/it/webapps/mpp/ua/privacy-full
displaying content from external platforms by communicating the Data to https://policies.google.com/privacy?hl=it
statistics only with Anonymous data communicating the Data to https://policies.google.com/?hl=it
monitoring, analysis and tracking of User behavior by communicating the Data to https://policies.google.com/?hl=it
technical monitoring of the infrastructure for maintenance, troubleshooting and performance improvement by communicating the data to https://policies.google.com/?hl=it
profiling of characteristics, behaviors, choices of the user to provide personalized services or promotions communicating the Data to https://policies.google.com/?hl=it
sending emails or newsletters and managing mailing lists communicating the Data to https://mailchimp.com/legal/privacy/
remarketing and behavioral targeting by communicating data to https://policies.google.com/technologies/ads managing user databases
3. Processing methods
The processing of Personal Data is carried out through IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
In addition to the Data Controller, in some cases, other subjects involved in the organization of this Application who provide assistance in the management of the Application and of the activity may have access to Data, provide services to the User. Said appointed persons, if necessary, Data Processors by the Data Controller, will be able to access the Personal Data of Users whenever this becomes necessary and will be contractually obliged to keep them confidential.
The updated list of Managers can be requested via email at email@example.com.
4. Legal basis of the processing
The Holder processes Personal Data relating to the User in the event that one of the following conditions exists: the User has given consent for one or more specific purposes:
the processing is necessary for the execution of a contract with the User and / or the execution of pre-contractual measures;
the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
the processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Holder;
the processing is necessary for the pursuit of the legitimate interest of the owner or third parties.
It is however always possible to request the Owner to clarify the concrete legal basis of each treatment.
The Data is processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For more information, contact the owner at the following email address firstname.lastname@example.org.
Personal Data may be transferred to non-EU countries: USA, India, Pakistan.
For these countries there is a decision of the European Commission or, in the absence of such decision, it is possible to request more information from the Owner regarding the appropriate guarantees adopted as well as the means to obtain a copy of such Data or the exact place where it is made available .
6. Security measures
The treatment is carried out according to methods and with suitable tools to guarantee the security and confidentiality of the Data, as the Controller has adopted appropriate technical and organizational measures that guarantee and demonstrate that the processing is carried out in compliance with the relevant legislation.
7. Data retention period
The Data Controller will process the Personal Data for the time necessary to fulfill the purposes connected with the execution of a contract between the Owner and the User and, in any case, not beyond the duration of 2 years from the termination of the relationship with the User.
When the processing of Personal Data is necessary for the pursuit of a legitimate interest of the Owner, Personal Data will be retained until the satisfaction of this interest.
If the processing of Personal Data is based on the User’s consent, the Data Controller may retain Personal Data until revoked.
Personal Data may be stored for a longer period if necessary to fulfill a legal obligation or by order of an authority.
All Personal Data will be deleted at the end of the retention period. At the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
8. Automated decision-making processes
All data collected will not be subjected to any automated decision-making process, including profiling, which could produce legal effects for the person or that could significantly affect it.
9. Rights of the User
Users may exercise certain rights with reference to the Data processed by the Data Controller. In particular, the User has the right to:
withdraw consent at any time; oppose the processing of their data; access their data;
verify and request rectification; obtain treatment limitation;
obtain the cancellation or removal of their Personal Data; receive their data or have it transferred to another holder;
propose a complaint to the personal data protection supervisory authority and / or act through court.
To exercise their rights, Users can direct a request to the contact details of the Owner indicated in this document. Requests are made free of charge and processed by the Data Controller as soon as possible, in any case within 30 days.
10. Data Controller
The Data Controller is Tenuta Monterosso of Garon Claudio, with registered office in Via Vergani 42/B – 35136 Feriole di Teolo (PD), VAT GRNCLD65S11G224M / 01287380289, PD – 240822, email email@example.com, PEC firstname.lastname@example.org, telephone +39 3386426065
Last updated: 25/05/2018