Circular letter on personal data processing performed by the website: www.emiliaalimentari.it,in compliance with art. 13 of the European General Data Protection Regulation (GDPR – 2016/679)
Emilia Alimentari Società Cooperativa Consortile, as data controller, notify to data subjects the following information on data processing.
This circular letter is referred to and is valid only for this website (www.emiliaalimentari.it) and not for other external websites surfed by the user through links available in www.emiliaalimentari.it. The data controller isn’t responsible of processing performed by third part websites. Please take a look to data processing policy when you visit a third part website.
The data controller is Emilia Alimentari Società Cooperativa Consortile, VAT number: IT01943720357 and established in Via Maiella 4, 42123 Reggio Emilia (RE) – Italy. You can contact the data controller by the following mail address: email@example.com
PURPOSES OF PROCESSING, LEGAL BASIS AND RETENTION TIME
We process personal data only with a proper legal basis established by law. In the following list you can found all the information concerning the purposes of processing, the types of personal data processed, the legal basis and the data retention time.
Purposes of processing
Categories of personal data
Data retention time
To browse on the website and guarantee the proper functionality and cyber security to the website itself and other users.
Legitimate interest pursued by the controller to promote his own business through his website, to maintain it online, reachable and to defend itself and the other visitors against possible cyber attacks
To manage commercial and information requests received through the contact forms or other communication means available on the website
Data concerning contact details and addresses
Legitimate interest of Data Controller concerning the management of communications with data subjects to satisfy specific submitted requests
To perform a contract in which data subject is part or to manage pre-contractual requests submitted by data subjects
This data will be processed for the time strictly necessary to manage your request.
After this process, data submitted to fulfill your enquiry will be deleted or further processed for other purpose, if a commercial agreement took place (ex. to manage the service provision).
TYPES OF PERSONAL DATA PROCESSED
Surfing data – Systems and software procedures responsible for the functioning of this website acquire, during their normal operation, several personal data which transmission is implicit in the use of Internet communication protocols.
Those information is not collected to be associated with the purpose to identify data subjects, but them might allow users to be identified through further processing and association with other data held by data controller or third parties.
This category of data includes:
- IP addresses or domain names of computers utilized by users connecting to the site;
- the URI (Uniform Resource Identifier) addresses of the requested resources;
- the time of request;
- the method used in submitting the request to the server;
- the size of file obtained in response;
- the numeric code indicating the status of response given by the server (good result, error, etc.),
- other parameters relating to the operating system and the user’s IT environment.
This data are processed only to obtain anonymous statistical information on the use of the site and to check its proper functioning, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical cybercrimes that might damage the website or other users during the browsing session.
Personal data sent by the user: The user can submit his personal data to data controller by the following tools available on the website:
- Contact form: through contact forms available in the website the users can submit specific requests to data controller. It’s required to submit personal identification data and contact details as well as other information to allow data controller to manage the request. Data collected will be exclusively processed to answer to the submitted requests and would be further kept and processed only if a business relationship will take place between data subject and data controller.
TRASMISSION OF PERSONAL TO THIRD PARTIES
Your personal data may be transmitted only to the following third parts:
- Companies which provide IT systems and website management and development services (as e-commerce and secure payment infrastructure, web development consultants, etc.);
- Companies and professional offices which provide business assistance and consultancy (IT technologies, accounting, etc.);
- Public institutions, for the fulfillment of legal obligations related to commercial relationship, to investigate on crime or cyber-attacks delivered or suspected to our systems or to other visitors, or to manage disputes.
Further information related to the third parties who may process your personal data are available by submitting a specific request to the data controller.
PROVISION OF DATA AND CONSEQUENCES OF REFUSAL TO REPLY
The communication of your personal data is mandatory when the process is necessary to browse in the website, to carry out commercial and information requests received through contact forms or personal area, to provide the services and to perform a contract with customers. the denial to submit those data will affect our capability to carry out your requests.
In the other cases, such as for marketing purposes, the transmission of data it’s optional and when necessary dependent to your explicit consent.
RIGHTS OF DATA SUBJECTS
We inform you about the existence of your rights to access to your personal data, to rectify and/or cancel the same, restrict the process performed on your data, object to processing activities and to request data portability (Articles 15 to 22 of the EU Regulations 2016/679 GDPR);
You can exercise your rights and get acknowledge about third parties to whom data may be shared with by writing to the e-mail address: firstname.lastname@example.org
If data processing has as legal base your explicit consent (art. 6, § 1, lect. a), you may revoke that consent in every moment, without prejudicing the lawfulness of processing activities previously carried out.
You are entitled to file your complaints with the control authority at the Supervisory Authority address for the protection of personal data, by sending a certified e-mail to the address email@example.com, or with the control authority of another EU member country.
This circular letter was updated on 21/09/2022.