INFORMATION ON THE PROCESSING OF PERSONAL DATA
Pursuant to and for the purposes of Italian Legislative Decree no. 196/2003, as amended by Italian Legislative Decree no. 101/2018, as well as pursuant to Articles 13 and 14 of EU Regulation 679/2016, containing provisions on the protection of individuals with regard to the processing of personal data, we hereby inform you that this privacy policy applies to the personal data you provide to SAN MAURIZIO S.A. or which is derived from the same by means of cookies and other web tracking technologies.
The holder of the treatment of personal data is SAN MAURIZIO S.A. (c.f. – p.iva: 03702070040), in the person of its legal representatives pro tempore Mr Gallo Giuditta and Mr Corrado Alessandro, with registered office in the Grand Duchy of Luxembourg, Boulevard Royal n. 26, pec: sanmauriziosa@legalmail.it and secondary office in Santo Stefano Belbo (CN), Località San Maurizio n. 39.
Data processing takes place at the aforementioned offices of the data controller and is carried out only by technical personnel in charge of processing.
If necessary, personal data related to the services of the site may be processed by the staff of the company in charge of maintaining the technological part of the site, in which case they will be appointed as data processors.
The information you provide to us by sending us an email and/or filling out registration forms will only be used to answer your questions or fulfill your requests.
Data will also be processed relating to IP addresses or domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and computer environment.
This data will be used for the sole purpose of obtaining anonymous statistical information on the use of the site in order to check its correct functioning and will be deleted immediately after processing.
This data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
SAN MAURIZIO S.A. may use your personal data for other purposes, such as sending promotional and commercial information, or your data may be made available to our commercial partners to transmit useful information or send promotional material of interest to you.
All personal information provided by you is the result of your free choice; we have no unlawful means of obtaining this information without your consent.
Personal data may be processed with or without the aid of electronic or automated means.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
In any event, the processing will be carried out in compliance with all precautionary measures guaranteeing its lawfulness, security and confidentiality.
The personal data may be disclosed to the persons in charge of the processing (collaborators, suppliers, secretarial staff, etc.) or to the persons in charge of the processing who may be appointed.
Your data may be disclosed by us to public and private entities that can access the data by virtue of a provision of the law, regulation or EU legislation, within the limits provided for by the aforementioned rules (such as, for example, social security and welfare institutions and bodies, associations of local authorities, public administrations and bodies, associations, foundations, associations and/or insurance bodies), to subjects who need access to the data for purposes auxiliary to the relationship that exists between the parties, within the limits strictly necessary to carry out the aforementioned auxiliary tasks (by way of example, these include banks and credit institutions, service delivery companies, carriers and shipping companies), to our consultants, within the limits necessary to carry out their incaic at our organization, subject to appointment as data processors of the data provided to them.
Your data will not be disclosed by us, meaning by this term the knowledge of unspecified subjects in any way, even by making them available or consultation, unless there is a specific consent, free and informed by you expressed and granted for each type of treatment.
Without prejudice to the personal autonomy of the person concerned, the optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, which is necessary to reply to requests, as well as any other personal data included in the message.
Personal data will only be used for the period of time necessary to fulfil the purposes for which they were collected (personal data collected for purposes connected to the performance of a contract between the data controller and the user will be kept until the contract is fulfilled; personal data collected for purposes connected to the legitimate interests of the data controller will be kept until such interest is satisfied), or until you clarify your objection to SAN MAURIZIO S.A. using your personal data or until you withdraw your consent.
If SAN MAURIZIO S.A. is required by law to keep your personal data for a longer period or if SAN MAURIZIO S.A. needs your personal data to promote or defend against legal claims, the company will keep your personal data until the end of the relevant mandatory storage period or until the claims in question are resolved.
In any case, personal data will not be stored for a period longer than 10 years.
This site makes use of cookies. Cookies are small text files that store information about visitors’ preferences, to improve the functionality of the site, to simplify navigation by automating procedures (e.g. login, site language) and to analyse site usage.
Two main categories are identified: ‘technical’ cookies and ‘profiling’ cookies.
This site uses so-called “technical” cookies, for the sole purpose of carrying out the transmission of a communication on an electronic network, or to the extent strictly necessary for the provider of a service explicitly requested by the user, in order to provide this service.
These cookies can be divided into “navigation” or “session” cookies, which ensure the normal navigation and use of the website (allowing, for example, to make the purchase or to authenticate to access restricted areas) and/or “analytics” cookies, assimilated to “technical” cookies where used directly by the site operator to collect information, in aggregate form, on the number of users and how they visit the site itself and/or “functionality” cookies, which allow the user to navigate according to a set of selected criteria (eg: the language, the products selected for purchase) in order to improve the service provided to the same.
The use of so-called “technical” cookies (session variables, the values of which are stored on the device’s hard disk and can in any case be deleted: it is possible to disable cookies by following the instructions provided by the main browsers) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) and software usage data necessary to allow the safe and efficient exploration of the site: session variables (cookies) can avoid the use of IT techniques that could potentially compromise the confidentiality of users’ browsing and do not allow the acquisition of personal data identifying the user.
This website does not make any use of so-called “profiling” cookies (aimed at creating profiles of the user and used to send advertising messages in line with the preferences expressed by the user while surfing the web).
This site makes use of so-called “third-party” cookies, which are designed to receive on your device, while you are browsing a site, cookies sent by different sites or web servers (the information is stored by third parties).
One example is the presence of ‘social plug-ins’ for Facebook, Twitter, Google+ and Linkedin (parts of the visited page generated directly by the aforementioned sites and integrated into the page of the host site), the use of which is aimed at sharing content on social networks (the presence of these plug-ins involves the transmission of cookies to and from all sites managed by third parties: the management of information collected by third parties is governed by the relevant disclosures to which please refer).
Full list Privacy Policy third-party cookies used: google.com: www.google.it/intl/it/policies/privacy; youtube.com: www.google.it/intl/it/policies/privacy
Addthis.com: www.addthi.com/privacy.
For the purposes of disabling cookies, please note that most browsers are also configured to accept cookies, however, most also allow you to control and even disable cookies through your browser settings.
We remind you that disabling navigation or functional cookies may cause the site to malfunction and/or limit the service offered.
This site may share some of the data collected with services located outside the European Union.
In particular with Google, Facebook and Microsoft (Linkedin), via social plug-ins and the Google Analytics service. The transfer is automated.
In the event that the transfer of such user data takes place outside the European Union, we inform you that you will be entitled to obtain information regarding the legal basis for the transfer of such data, as well as the security measures adopted by the data controller to protect the data, by contacting the latter at the addresses indicated in the introduction to this privacy policy.
We inform you that you may request from SAN MAURIZIO S.A. at any time, information on which personal data it processes concerning you, as well as the correction or deletion of such personal data.
In any case, SAN MAURIZIO S.A. may proceed with the deletion of your personal data only if there is no legal or overriding legal obligation for SAN MAURIZIO S.A. to keep them.
Should you request SAN MAURIZIO S.A. to delete your personal data, you will not be able to continue using any service which requires the use of your personal data by the same company.
You have the right to request SAN MAURIZIO S.A. to limit any further processing of your personal data if there are no legal grounds for SAN MAURIZIO S.A. to process your personal data, and to request the aforementioned company to exclude your personal data from any processing, as well as if you declare that the personal data SAN MAURIZIO S.A. holds on you is incorrect.
If SAN MAURIZIO S.A. uses your personal data on the basis of a contract concluded with you, you may request a copy of the personal data provided to you.
Such requests may be addressed to: info@sanmauriziowineclub.com specifying the information or processing activity to which your request relates, the format in which you would like the information to be provided, and whether the personal data should be sent to you or to another recipient.
SAN MAURIZIO S.A. will take your request into careful consideration and will discuss with you how best to fulfil it.
If you believe that SAN MAURIZIO S.A. is not processing your personal data in accordance with the requirements set out in this policy or the rules of the EU Data Protection Regulation, you may lodge a complaint with the Data Protection Authority at any time.
The data are stored and controlled by adopting technical and organisational security measures suitable to guarantee a level of security adequate to the risk and aimed at reducing to a minimum the risk of loss and/or destruction, unauthorised access, unauthorised processing and/or processing not in accordance with the purposes for which the processing is carried out.
The controller, or any person acting under his authority or under the authority of the controller, who has access to personal data may not process such data unless instructed to do so by the controller, unless required to do so by Union or Member State law. Having regard to the state of the art and the cost of its implementation, as well as to the nature, subject matter, context and purposes of the processing, and to the risk of varying degrees of likelihood and severity to the rights and freedoms of natural persons, the controller and processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, which shall include, inter alia, where appropriate:
(a) pseudonymisation and encryption of personal data;
(b) the ability to ensure the confidentiality, integrity, availability and resilience of processing systems and services on an ongoing basis;
(c) the ability to restore timely availability of and access to personal data in the event of a physical or technical incident;
(d) a procedure for regularly testing, verifying and evaluating the effectiveness of technical and organisational measures to ensure security of processing.
When assessing the adequate level of security, special account shall be taken of the risks presented by the processing, resulting in particular from the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to personal data transmitted, stored or otherwise processed.
The controller and the processor shall ensure that any person acting under their authority who has access to personal data does not process such data unless instructed to do so by the controller, unless required to do so by Union or Member State law.
The Data Controller reserves the right to make changes to this Policy at any time, notifying Users on this page and, if possible, on the Application, as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details in its possession.
Users are therefore invited to consult this page periodically, referring to the date of last modification indicated at the bottom.
If the changes made affect processing operations whose legal basis is the user’s consent, the Controller will, if necessary, collect the user’s consent again.
Alba, 6 April 2020
The data controller
SAN MAURIZIO S.A.
_______________________