The Internet site www.agriturismosottotono.it (hereinafter referred to as the Web Site) and the material in it is provided by CHIC Sarl – Agriturismo Ristorante Sottotono (hereinafter the Data Controller or only the Data Controller), which carries out its activities in compliance with the guidelines established by the national and European legislation, pursuant to art. 13 D. Lgs. 196/2003 Code regarding the protection of personal data and art. 13 GDPR 2016/679 European regulation on the protection of personal data.
PERSONAL DATA COLLECTED
The personal data processed is provided by customers who are natural persons and by natural persons who operate in the name and on behalf of clients legal entities, in their capacity as interested parties, on users on the Website, visits, phone calls, requests for information (even via e-mail) and previous transactions.
Use of this Website by persons under the age of 16 is only permitted under the supervision of parents or guardians.
USE OF PERSONAL DATA
Personal data of customers, natural persons, if provided, are processed by the Data Controller to acquire pre-contractual data and information; manage and control risks, prevent possible fraud, insolvency or default; carry out the operations necessary for processing orders and other requests; prevent and manage possible litigation, take legal action in case of need; manage accounting and tax obligations; manage the administrative, accounting, civil, fiscal obligations; prepare and present declarations and documents of a civil, fiscal nature, provided for by laws, regulations, Community and non-EU regulations and directives.
Personal data of natural persons operating in the name and on behalf of clients legal entities, if provided, are processed by the Data Controller to forward communications of various kinds and different means of communication (telephone, mobile phone, text message, email, fax) , paper mail); make requests or fulfill requests received; exchange information aimed at the execution of the contractual relationship, including pre and post contractual activities; carry out the operations necessary for processing orders and other requests.
The processing of data for the purposes set out takes place using either automated, electronic or magnetic, or non-automated means, on paper, in compliance with the rules of confidentiality and security required by law, the resulting regulations and internal provisions.
Without prejudice to the communications made in fulfillment of legal and contractual obligations, the personal data processed by the Data Controller will not be disclosed, or will not be disclosed to indeterminate subjects, in any possible form, including that of their availability or simple consultation. Any persons in charge and / or internal and external managers identified in writing by the Data Controller may become aware of personal data within the limits strictly necessary for the purposes of processing orders or other requests or services related to the transaction or the existing contractual relationship. The Owner has provided specific written instructions to them.
The Data Controller does not transfer personal data to third countries or to international organizations.
In other terms
The Data Controller transfers personal data to third countries or to international organizations for reasons strictly linked to existing contractual relationships (for example, other Group companies based in non-European third countries).
In the case of transfers to third countries or international organizations in a country where the European Commission has recognized an adequate level of data protection, personal data will be transferred on this basis.
In the case of transfers to third countries or international organizations in a country where the European Commission has not recognized an adequate level of data protection, personal data will be transferred upon fulfillment of the appropriate or appropriate safeguards indicated in Articles 46, 47 and 49 c.2 GDPR 2016/679.
To obtain a copy of these protection rules or details on where they are available, you can send a written request as indicated below.
SPECIFIC USE OF PERSONAL DATA
The Data Controller has put in place an email marketing system to inform the recipients of the service on commercial offers, news and previews of products / services, as well as updates, activities and reputed events of interest to them. The email is sent exclusively to subscribers and addresses given on the occasion of other relationships with the Data Controller. The use of software or other automatic tools for the indiscriminate collection of network addresses is excluded, providing the service recipient with the possibility, at any time, to interrupt the service by clicking on the unsubscribe link.
The data used for email marketing strategies are exclusively those provided by the user when registering for the service. The data supplied end up in lists / databases for managing communications via professional mail, they are NOT saved in spreadsheets, individual computers and / or in any server owned by the Data Controller. The data will NOT be disclosed to third parties.
The data in question will be used as long as the recipient is not deleted from the newsletter list. The cancellation is immediate, but if you find the receipt of mail even after the request for cancellation can solicit the removal from the lists of contacts used for this purpose to the following email: firstname.lastname@example.org
By filling out the contact form(s) on this Site with your personal data, you authorize the Data Controller to use this data to respond to requests for information, quotes or any other type of request, as indicated by the header of the form. Personal data collected and processed may include: First and Last Name, Gender, Date of birth, Nationality, e-mail address, telephone number, tax number, business address.
Some personal data may be collected through social media (Facebook, Instagram, Google+, Linkedin, Pinterest etc.), for example when we are contacted for any questions. In this case we use only the data of the account in order to respond to the message received.
In the event that the user uploads images on the Site, it is advisable to avoid uploading images including embedded location data (EXIF GPS).
PERSONAL DATA PRESERVATION
The Data Controller retains and processes personal data for the time necessary to fulfill the purposes indicated. Subsequently, personal data will be stored, and not further processed, for a period established by the current provisions on civil and fiscal matters.
As an interested party, you have the right to access your personal data and obtain the relevant information on the treatment listed in art. 7 of Legislative Decree no. 196/2003 (origin, purpose, logic, identification details of the owner, subjects that can access it). You also have the right to rectify your personal data, update them, delete them (including the right to make them anonymous and to block data if unlawfully processed, pursuant to Article 7 of Legislative Decree 196/03), to request the treatment limitation. The content and exercise of these rights is governed by articles 15 and following of the GDPR 2016 / 679e from the art. 7 of the legislative decree 196/2003. To exercise these rights, simply write to: CHIC Sarl – Agriturismo Ristorante Sottotono – Via Poggio Dei Colli 1/3, Carmignano (PO) – email@example.com
With reference to art. 23 of Legislative Decree no. 196/2003 and art. 6 of the GDPR 2016/679, the interested party can revoke any consent given at any time.
However, the processing of this information is lawful and permissible, even without consent, as it is necessary for the execution of a contract of which the data subject is part (the service supply relationship) or for the fulfillment of its requirements.
In his capacity as an interested party he has the right to lodge a complaint with the Data Protection Authority if he considers that the processing concerning him is in breach of the GDPR 2016/679, pursuant to and in accordance with art. 77 of the said Regulation. To do so, consult the website of the Guarantor: www.garanteprivacy.it
The Data Controller does not process treatments consisting of automated decision-making processes, including profiling, on the data of natural persons clients, or of natural persons operating in the name and on behalf of clients, legal entities, except as provided by art. 22 paragraph 2 of the GDPR 2016/679.
CHANGES TO THIS INFORMATION
RESPONSIBLE FOR TREATMENT
The Data Controller is: CHIC Sarl – Agriturismo Ristorante Sottotono
Registered office address for privacy matters: Via Poggio Dei Colli 1/3, Carmignano (PO)
The updated list of data processors and data processors is kept at the registered office of the Data Controller.