INFORMATION ON THE PROCESSING OF PERSONAL DATA

of users who consult this website pursuant to Article 13 of Regulation (EU) 2016/679 (GDPR)

This page describes, pursuant to Regulation (EU) 2016/679, the methods of processing the Personal Data of users collected while browsing this Site | www.Sassonetartufi.com | or conferred directly by the interested party by filling in forms and contact addresses.

This information does not concern other sites, pages or online services accessible via hypertext links that may be published on the site but referring to resources external to this site.

1. The data controller is Sassone S.r.l., which has its operational headquarters in Via Antonio Gramsci, 5 – 87070 Montegiordano (CS) Italy – VAT number: 03867650784
2. Data Processing Manager
   The data processor is Mr. Egidio Sassone
3. Types of Data collected – Purpose – Legal basis
   
   3.1. “INFORMATION REQUEST” FORM – Data provided directly by the interested party by completing and sending the contact forms. The explicit and voluntary sending of messages to the contact addresses, as well as the compilation and forwarding of the forms on the site, involve the acquisition of the sender’s contact data, as well as all personal data included in the communications.

   These data are processed for the following purposes and in compliance with the relative legal bases of the processing, for a retention period not exceeding that necessary for the purposes for which they were collected and processed.

   3.1.1. Purpose: to respond to requests sent by the interested party.Legal basis: legitimate interest, the processing is necessary to respond to requests; for the execution of pre-contractual measures adopted at the request of the interested party.

   3.1.2. Purpose: to send promotional information aimed at carrying out marketing activities. Such communications can take place via e-mail (such as sending newsletters) or through other channels such as telephone calls, ordinary mail, fax, text message and social media. Legal basis: consent of the interested party

   3.2.   Website navigation data

   For its proper functioning, this site acquires some personal data during normal navigation, including IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment. The navigation data is acquired not for the purpose of identifying users, but for the sole purpose of collecting, anonymously, statistical information on the use of the site and its services.

   3.3.   Cookie

   Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing a site, the user can also receive cookies on his terminal that are sent from different sites or web servers (so-called “third parties”), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that the same is visiting. Cookies, usually present in users’ browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc. In this regard, and for the purposes of this provision, two macro-categories are therefore identified: “technical” cookies and “profiling” cookies. For further information, please refer to the Cookie Policy.
    

4. CSharing of website contents through Social Networks
   In the event that the user decides to share some contents of the site through one or more social networks (Facebook, Twitter, Google+, Pinterest, Linkedin, Istagram, WhatsApp) and if the user has activated the sharing of data of his account with third-party applications, this site may collect and communicate some information from your account to the social networks with which the sharing is carried out. The user can disable the sharing of his account data with third-party applications by accessing his account settings. For more information, you can consult the website of the social network (s) to which you are registered (www.facebook.com, www.twitter.com., Www.google.com, www.pinterest.com, www.linkedin.com, www.instagram.com).
5. Categories of recipients of personal data
   The following categories of subjects may become aware of your data: Owner, Manager and persons in charge of processing, appointed in writing by the undersigned company, shareholders, accounting and billing staff, commercial employees, our consultants, as external managers, within the limits necessary to carry out their assignment at our organization, subject to a letter of appointment and / or stipulation of a contract that imposes the duty of confidentiality and security, as well as subjects who need to access data for legal advice, with purposes auxiliary to the relationship that between the parties, such as the execution of the contracts in place, within the limits strictly necessary to carry out the auxiliary tasks entrusted to them.
   In addition to the Data Controller, in some cases, other subjects involved in the organization of this Website (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers) may have access to the Data. , hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller.
6. Processing methods
   The processing of data takes place through the use of tools and procedures suitable for guaranteeing security and confidentiality and can be carried out both on paper and with the aid of computerized means, suitable for storing, managing and transmitting the data.
   The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located.
7. Communication and dissemination
   The data will not be disclosed to indeterminate subjects by making them available or consulting.
   The data may be communicated, as far as their respective and specific competence is concerned, to Bodies and in general to any public or private subject with respect to which there is an obligation for us (or faculty recognized by law or secondary or community legislation) or need for communication.
8. Rights of interested parties
   Articles from 15 to 22 of the GDPR EU 679/2016 grant the interested parties specific rights. In particular, the right to obtain confirmation of the existence or not of personal data, access to personal data and the rectification or cancellation of the same or the limitation of the processing that concern him or to oppose their treatment, in addition to the right to data portability, the communication of such data and the purposes on which the processing is based. Furthermore, the interested parties have the right to obtain the revocation of consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation, the transformation into anonymous form or the blocking of data processed in violation of the law, as well as the updating or, if there is an interest in this, the integration of the data. Interested parties have the right to oppose the processing itself for legitimate reasons.
   Reports for any changes in personal data must be sent promptly to the Data Processor in order to be able to comply with art. 11, letter (c) of the aforementioned legislation, which requires that the data collected be accurate and, therefore, updated.
   Interested parties who believe that the processing of their personal data through this site is in violation of the provisions of the Regulation have the right to lodge a complaint with a supervisory authority, as provided for by art. 77 of the Regulation itself, or to take appropriate judicial offices (Article 79 of the Regulation).