This section contains information relating to the management methods of B.S.G. S.r.l. with reference to the processing of data of users of www.bottegasenzaglutine.com.
This information is valid for the purposes of articles 13-14 of EU Regulation no. 2016/679 (hereinafter referred to as GDPR), relating to the protection of individuals with regard to the processing of personal data as well as the free movement of such data, for subjects who interact with B.S.G. S.r.l. and can be reached at the address corresponding to the initial page: bottegasenzaglutine.com
The information is provided only for B.S.G. S.r.l. and not for other websites that may be consulted by the user through links contained therein.
The purpose of this document is to provide information on the methods, timing and nature of the information that the data controllers must provide to users when connecting to the bottegasenzaglutine.com web pages, regardless of the purpose of the connection itself, according to Italian legislation and European.
The information may undergo changes due to the introduction of new regulations in this regard, the user is therefore invited to periodically check this page.
If the user is under the age of 14, pursuant to article 8, c.1 GDPR, he will have to legitimize his consent through the authorization of his parents or guardians.
II – COOKIES
III - DATA PROCESSING
1 - Owner of the Data
The data controller is the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of processing personal data. He also takes care of the security profiles.
With regard to this website, the data controller is: Bottega senza gluten srl P.IVA 02674320367 and for any clarification or exercise of the user's rights, he can contact him at the following email address: firstname.lastname@example.org.
2 - Place of data processing
The data processing generated by the use of B.S.G. S.r.l. takes place at Via Galilei 16 - 41030 - Sorbara di Bomporto (MO) Italy.
IV - DATA PROCESSED
1 - Data processing mode
Like all websites, this site also makes use of log files in which information collected in an automated manner is kept during user visits. The information collected could be the following:
- internet protocol (IP) address;
- type of browser and parameters of the device used to connect to the site;
- name of the internet service provider (ISP);
- date and time of visit;
- web page of origin of the visitor (referral) and exit;
- possibly the number of clicks.
The personal data we collect depends on our interaction with you and may include information relating to:
identity and contact details (name, surname, postal address, e-mail address, telephone, etc.),
digital profile (online account)
The aforementioned information is processed in an automated form and collected in an exclusively aggregated form in order to verify the correct functioning of the site, and for security reasons. This information will be treated on the basis of the legitimate interests of the owner.
For security purposes (spam filters, firewalls, virus detection), the automatically recorded data may eventually also include personal data such as the IP address, which could be used, in accordance with applicable laws, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities or activities constituting a crime. These data are never used for the identification or profiling of the user, but only for the purpose of protecting the site and its users, such information will be treated on the basis of the legitimate interests of the owner.
If the site allows the insertion of comments, or in the case of specific services requested by the user, including the possibility of sending the Curriculum Vitae for a possible working relationship, the site automatically detects and records some identification data of the user, including the email address. These data are intended to be voluntarily provided by the user at the time of requesting service provision. By inserting a comment or other information, the user expressly accepts the privacy information, and in particular agrees that the contents inserted are freely disclosed to third parties as well. The data received will be used exclusively for the provision of the requested service and only for the time necessary for the provision of the service.
The information that users of the site will deem to render and public through the services and tools made available to them, are provided by the user knowingly and voluntarily, exempting this site from any responsibility for any violations of the law. It is up to the user to verify that they have permission to enter personal data of third parties or contents protected by national and international standards.
2- Purpose of data processing
1. Provide the good and/or service requested by the user, manage the contracts finalized by the user, fulfill the related administrative, accounting, tax and legal obligations, as well as process the requests sent by the user.
2. Detect your experience of using our platforms, the products and services we offer and ensure the correct functioning of the web pages and their contents.
3. Send you commercial communications relating to promotions and/or offers for which you may be entitled to benefit, in the interest of the Data Controller.
Data retention will be carried out for the period strictly necessary to achieve the aforementioned purposes and in any case not exceeding 5 years.
The data used for security purposes (blocking attempts to damage the site) are kept for the time strictly necessary to achieve the previously indicated purpose.
3 - Data provided by the user
As indicated above, the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
Specific summary information will be progressively reported or displayed on the pages of the site set up for particular services on request.
V. YOUR RIGHTS
Pursuant to articles 13, paragraph 2, and from 15 to 21 of the GDPR, we inform you that with regards to the processing of your personal data, you may exercise the following rights:
a) withdraw your consent to the processing at any time. It should be noted, however, that the withdrawal of consent does not affect the lawfulness of the processing based on the consent before the withdrawal, as required by art. 7, paragraph 3, GDPR;
b) ask the Data Controller for access to your personal data, as required by art. 15 of the GDPR;
c) obtain from the Data Controller the rectification and integration of your personal data deemed inaccurate, as required by art. 16 of the GDPR;
d) obtain from the Data Controller the cancellation of your personal data if there is even just one of the reasons provided for by art. 17 of the GDPR;
e) obtain from the Data Controller the limitation of the processing of your personal data if one of the hypotheses provided for by art. 18 of the GDPR;
f) receive personal data concerning you from the Data Controller in a structured format, commonly used and readable by an automatic device, as well as have the right to transmit such data to another data controller without impediments, as required by art. . 20 of the GDPR;
g) oppose at any time, for reasons related to your particular situation, the processing of your personal data carried out pursuant to art. 6, paragraph 1, letters e) or f), including profiling on the basis of these provisions, as provided for by art. 21 of the GDPR;
h) not to be subjected to decisions based solely on automated processing, including profiling, which produce legal effects that concern you or that significantly affect your person, if you have not previously and explicitly consented, as required by art. 22 of the GDPR.
i) lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority www.garanteprivacy.it.
The exercise of rights is not subject to any formal constraint and is free of charge. The interested party may exercise the rights at any time by sending an email to: email@example.com.
VI - DATA TRANSFER TO NON-EU COUNTRIES
Data will never be transferred to third countries that do not comply with the conditions set out in article 45 and following, GDPR.
VII. SECURITY OF DATA PROVIDED
This site processes user data in a lawful and correct manner, adopting the appropriate security measures aimed at preventing unauthorized access, disclosure, modification or unauthorized destruction of data. The treatment is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated.
In addition to the owner, in some cases, categories of persons in charge involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies).
VIII. CHANGES TO THIS DOCUMENT
It may be subject to changes or updates. Users are invited to periodically consult this page to stay up to date on the latest legislative news.
Previous versions of the document will still be available on this page.
The document was updated on 10/25/2022 to comply with the relevant regulatory provisions, and in particular in compliance with the GDPR.