DATA CONTROLLER

Frantoio Stanghellini s.a.s. – Via della cava 24, 58024 Massa Marittima (GR)

Owner contact email: info@frantoiostanghellini.it

TYPES OF DATA COLLECTED

Browsing within the site is free and does not require any registration on the part of the user except in cases where the collection of personal data is necessary for the achievement of certain purposes such as the completion of the contact form (name, surname, telephone number, country, e-mail, postal code). When accessing the site, a distinction can therefore be made between data derived from the user’s browsing alone and data voluntarily provided by the user for certain purposes.

DATA RESULTING FROM USER NAVIGATION

The computer systems and software procedures used to operate the Site acquire, during their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. Such data processing and association activities are never carried out or commissioned by us to third parties. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.

This data is used by us exclusively in anonymous form and for statistical purposes related to the use of the Site and its correct functioning. The data could be used and stored in the event of suspected computer crimes to the detriment of the Site, for which Frantoio Stanghellini reserves the right to appeal to the competent authorities to ascertain responsibility.

DATA PROVIDED VOLUNTARILY BY THE USER

The personal data provided by users who voluntarily interact with the Site, giving their personal data to Frantoio Stanghellini to obtain certain services (paid services, requests for commercial information, filling in the online form, sending e-mail messages, etc.), are used only to perform the service or provision requested and are communicated to third parties only where this is strictly necessary for the performance of the service (shipping of material, provision of assistance, etc.).

Apart from what has been specified above for navigation data, the provision of users’ personal data is optional, even though it is functional to the provision of certain services; in these cases, therefore, failure to provide such data could compromise or make it impossible to provide the service.

METHODS OF PROCESSING

The Data Controller adopts appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

The processing is carried out by means of computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other subjects involved in the organisation of this Web Site (administrative, sales, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data.

RETENTION PERIOD

Data are processed and kept for the time required by the purposes for which they were collected.

Therefore:

• Personal Data collected for purposes related to the performance of a contract between the Controller and the User will be retained until the performance of such contract is completed.
• Personal Data collected for purposes related to the legitimate interest of the Controller will be retained until such interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.

When the processing is based on the User’s consent, the Data Controller may keep the Personal Data longer until such consent is revoked. Moreover, the Controller may be obliged to keep the Personal Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period the Personal Data will be deleted. Therefore, at the end of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.

PURPOSE OF PROCESSING

The data provided during navigation will be processed for the following purposes:

• To provide the good and/or service requested by the user, to manage the contracts perfected by the user, to carry out the relative administrative, accounting, fiscal and legal fulfilments, as well as to process the requests forwarded by the user.

• Survey the user’s experience of our platforms, products and services offered and ensure the correct functioning of the web pages and their content.
  

• Carry out profiling activities, i.e. the analysis and processing of information relating to the user, their preferences, habits, consumption choices and/or browsing experiences. This activity is also carried out through the use of technologies such as cookies (for more information see the “Cookie Policy”).
  

• Fulfilling obligations required by law, regulation, EU legislation or an order from the Authority or at the request of the Italian or foreign government or the Italian Chamber of Commerce
  

• Preventing or detecting fraudulent activities or abuses harmful to the Site
  

Your data may be made accessible for the purposes listed above:

• to employees and collaborators of the Data Controller, in their capacity as persons in charge and/or internal data processors and/or system administrators;

• to third party companies or other subjects (website providers, cloud providers, e-payment service providers, suppliers, hardware and software support technicians, forwarding agents and carriers, credit institutions, professional firms, etc.) that perform outsourcing activities on behalf of the Data Controller, in their capacity as data processors.
  

Without your express consent (ex art. 24 lett. a), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes listed above to Supervisory Bodies and Judicial Authorities, as well as to all other subjects to whom communication is obligatory by law. We assure you, however, that your personal data will never be made public on the Controller’s website.

DATA TRANSFER

The management and storage of personal data will take place in Europe, on servers located in Italy of the Data Controller and/or of third party companies also abroad, appointed and duly appointed as Data Processors for the use of the services requested. Data of a personal nature supplied may be transferred abroad within and outside the European Union, within the limits and under the conditions set out in Art. 44 et seq. of EU Regulation 2016/679, in order to comply with purposes connected with such transfer.

REDIRECTS TO EXTERNAL SITES

The Site may use social plug-ins, i.e. special tools that allow social network features to be incorporated of social networks directly within the website (e.g. the Facebook “like” function). All social plug-ins on the site are marked with the respective logo owned by the social network platform (e.g. Facebook, Google, Twitter, Linkedin). When you visit a page of the Website www.frantoiostanghellini.it and interact with the plug-in (e.g. by clicking the “Like” button) or decide to leave a comment, the corresponding information is transmitted from your browser directly to the social networking platform and stored there. Any interactions and information acquired by the site are therefore subject to the privacy settings of the third party that created the aforementioned technologies. In order to receive detailed information on the use of personal data processed when you use these technologies, we invite you to visit the websites of the third party operators of these technologies. You will find below the references of these third parties, and next to each of them you will find the link to the page where you can receive information on the processing and, where required by law, express or deny your consent:

•  Facebook social widget https://www.facebook.com/privacy/explanation

• Instagram social widget https://privacycenter.instagram.com/policy/?entry_point=ig_help_center_data_policy_redirect

If you do not know the type and version of browser you are using, click on “Help” in the browser window at the top to access all the necessary information. If you do know your browser, click on the one you are using to access the cookie management page.

•  Internet Explorer http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies

• Google Chrome https://support.google.com/accounts/answer/61416?hl=it

• Mozilla Firefox http://support.mozilla.org/en-US/kb/Enabling%20and%20disabling%20cookies

• Safari http://www.apple.com/legal/privacy/

In your capacity as data subject, you have the rights set out in Article 7 of the Privacy Code and Article 15 of the GDPR, namely the rights to:

1. Access: you may request confirmation as to whether or not data relating to you is being processed, as well as further clarification of the information set out in this Policy, and to receive the data itself, within the limits of reasonableness;
2. Rectification: you may request to rectify or supplement the data you have provided or otherwise in the possession of Frantoio Stanghellini, if inaccurate;
3. Deletion: you may request that your data acquired or processed by Frantoio Stanghellini be deleted, if no longer necessary for the purposes or where there are no disputes or controversies in place, in case of revocation of consent or your objection to processing, in case of unlawful processing, or if there is a legal obligation to delete;
4. Limitation:  you may request the limitation of the processing of your personal data, when one of the conditions set out in Article 18 of the GDPR applies; in this case, the data will not be processed, except for storage, without your consent, except as explained in the same article in paragraph 2;
5. Objection: you may object at any time to the processing of your data on the basis of a legitimate interest of Frantoio Stanghellini, unless there are legitimate reasons of Frantoio Stanghellini to proceed with the processing that override those of the data subject, for example for the exercise or defence in court of Frantoio Stanghellini;
6. Portability: you can ask to receive your data, or have them transmitted to another data controller indicated by the data subject, in a structured, commonly used and machine-readable format.

You may at any time exercise your rights, make notifications or request clarification on the processing of your personal data by sending:

• a registered letter with advice of receipt to the head office, with the address stated in the incipit;

• an e-mail to info@frantoiostanghellini.it

This Policy may be subject to change. We therefore recommend that you check this Policy regularly and refer to the most up-to-date version.