Privacy policy

This document describes how to manage the website www.la-spinetta.com (“Site”), with reference to the processing of personal data of Users (“User / Users”) who consult it.

It is a disclosure statement pursuant to article 13 of Regulation (EU) 2016/679 (“GDPR”) and of the national legislation on privacy and protection of personal data applicable to all those who visit the Site.

The information is provided only for the Site and not for other websites that may be consulted by the User through links on the Site.

The User is informed that this website is owned by the Società Agricola La Spinetta S.S.

1. Data controller

The data controller is Società Agricola La Spinetta S.S., with registered office in Via Annunziata, 17 – 14054 Castagnole delle Lanze (At), Italy, in the person of its pro tempore legal representative, (“Owner”). Email: privacy@la-spinetta.com.

2. Type of data collected

2.1 Browsing data

During their normal operation, the IT systems and software procedures used to operate the Site acquire some personal data whose transmission is implicit in the use of internet communication protocols.

This is information that is not collected to be associated with identified subjects, but which by its very nature could allow users to be identified.

This includes, for example: (i) the IP addresses or domain names of the computers used by the Users who connect to the Site, (ii) the URI (Uniform Resource Identifier) ​​notation addresses of the requested resources, (iii) the time of the request, (iv) the method used to submit the request to the server, (v) the size of the file obtained in response, (vi) the numeric code indicating the status of the response given by the server (successful, error) and (vii) other parameters relating to the User’s operating system and IT environment.

2.2 Data provided voluntarily by the User

Contact form:

The Data Controller processes personal and identification data (name, surname, address, email) following “personal data”. Users are free to provide their personal data to make requests for information. As far as data is concerned, there is no automated decision-making process, nor any processing involving user profiling. If the User provides personal data of third-party Users, he must be sure that these subjects have been adequately informed and have given their consent.

2.3 Cookie

Technical cookies are installed on the site for the proper functioning of the site and anonymized Google Analytics cookies for [*]. Please read the relevant Cookie policy.

3. Purpose and legal basis of the processing

3.1 Browsing data

Browsing data can be used to generate anonymous statistics on the use of the Website, for the purposes of security of the Website and to check its correct functioning and could be used to ascertain responsibility in the event of any computer crimes. The legal basis for the processing of such data is the legitimate interest of the Data Controller and in the case of requests from the judicial authority, the legal obligation.

3.2 Data provided voluntarily by the User

Contact form:

The personal data entered in the contact form are processed exclusively to respond to the request for information, or for the provision of the service and to fulfill pre-contractual, contractual or tax obligations.

The User’s personal data are also processed to fulfill the obligations established by law, by a regulation, by EU legislation or by an order of the Authority and to pursue a legitimate interest of the Owner or to exercise the rights of the Owner, for example the right of defense.

4. Categories of data recipients

Personal data may be disclosed to third parties belonging to the following categories:

• freelancers, studies or companies in the context of assistance and consultancy relationships;
• entities that provide services for the management of the information system and telecommunications networks;
• web platform managers (management software e.g. MailUp for sending newsletters);
• competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request.

The subjects belonging to the aforementioned categories perform the function of Data Processing Manager pursuant to art. 28 GDPR. Personal data will be processed only by persons authorized by the Data Controller, pursuant to art. 29 GDPR, due to their job or business role.

5. Retention period

Contact form:

The data provided directly by the User are kept for the time strictly necessary to process the requests and to achieve the purposes of the processing, after which they will be kept only in execution of the legal obligations in force on the matter, for administrative and / or purposes. to assert or defend one’s own right.

6. Security measures

Personal data are collected electronically, recorded in digital format, through the use of organizational and technical security measures to guarantee the protection of confidentiality and to avoid the risks of loss or destruction, unauthorized access, unauthorized processing allowed or not in accordance with the above purposes.

7. Extra EU data transfer

The personal data provided will not be transferred abroad to non-EU countries or to an international organization. The management and storage of data takes place on servers located in the European Union. In any case, it is understood that the Owner, if necessary, will have the right to move to non-EU countries.

In that case, the transfer of non-EU data will take place in accordance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection and / or by adopting the standard contractual clauses provided by the European Commission.

8. Children

This Site is not intended for use by minors and data of minors is not knowingly collected or processed. In accordance with applicable laws, the operator of parental responsibility must provide consent to the collection of the personal data of the minor. In the event that the data of the minors were unintentionally processed, the Data Controller will delete them in a timely manner, at the written request of the operator parental responsibility.

9. Rights of the interested party

The User may assert their rights as expressed in the articles 15, 16, 17, 18, 19, 20, 21, 22 of EU Regulation 2016/679, by contacting the Data Controller, by writing an email to privacy@la-spinetta.com or by sending a registered letter with return receipt to Società Agricola La Spinetta S.S., con sede legale in Via Annunziata, 17 – 14054 Castagnole delle Lanze (At), Italy.

The User has the right, at any time, to ask the Data Controller for access to his personal data, rectification, cancellation of the same, limitation of treatment. In addition, in the cases provided, you have the right to object, at any time, to the processing of data (including automated processing, e.g. profiling), as well as to withdraw the consent given without affecting the lawfulness of the treatment based on the consent given previously . The User has the right to lodge a complaint with the Guarantor for the protection of personal data (www.garanteprivacy.it) and / or other competent Control Authority pursuant to the Regulation. The User has the right to the portability of his data and in this case the Data Controller will provide the personal data concerning the User in a structured, commonly used and readable format from an automatic device.

10. Changes to the privacy policy

The Data Controller reserves the right to modify and update this information. Any updates will be published on this page. If the changes to the information are significant and specific consent is required by law, the Data Controller may send a communication via email to the User.

Update date: July 6, 2020