OWNER AND MANAGERS OF THE TREATMENT
The Data Controller of personal data collected through our website www.luxoliosynergy.it (hereinafter “Site”) is Azienda Agricola Tarchi Fabrizio (hereinafter “Agricola Tarchi”), with registered office in via Pistoiese 120/122 in Vinci ( Fi), Italy, the company that designed the Site, that manages it and that decides its configuration and evolution also on the basis of its own activity and services.
The personal data collected through the site may also be processed by third parties, service providers acting on behalf of Agricola Tarchi, appointed as Data Processors, who will process the data in accordance with the purpose for which the data were collected.
NECESSITY AND ESSENTIALITY OF DATA
Through this site personal data are collected and stored only when this is essential for the achievement of the purposes stated in this Policy. For users, it is possible to consult the site without registering and without being identified. Agricola Tarchi’s policy is to avoid the collection of personal data when the purposes pursued in individual cases can be achieved through the use of anonymous data (such as, for example, in the aggregate analysis of site navigation, carried out on a statistical basis with web analytics tools and avoiding analyzing the browsing traces of individual users).
PROCESSING METHODS AND SECURITY MEASURES
Users’ personal data will be processed using automated methods for the time and to the extent necessary to achieve the individual purposes for which they were collected.
The Site is protected from potential cyber attacks and unauthorized access with suitable security measures, aimed at guaranteeing the integrity, confidentiality and availability of both the data of the operators present on the Site with pages dedicated to them, and with the data of the registered users who consult the site.
Despite the efforts made to ensure adequate security, Agricola Tarchi cannot guarantee its users that the measures taken for the security of the Site and the transmission of data and information totally exclude any risk of unauthorized access or loss of data. Users are invited to check that their computer or device (e.g. smartphone, tablet) is equipped with adequate technological devices to protect the transmission of data on the network, both inbound and outbound (such as updated antivirus systems) and that their Internet service provider has taken suitable measures for the security of data transmission over the network.
PURPOSE OF THE TREATMENT
Users’ personal data will be processed for:
1) respond to requests for information and materials from users
2) allow the newsletter sending service requested by users
3) to put users in communication with the commercial functions of the company
4) fulfill any legal obligations.
LEGAL BASIS AND COMPULSORY OR OPTIONAL NATURE OF DATA CONFERENCE
For the purposes from number 1) to number 3), the processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same, pursuant to Article 6, paragraph 1 letter . b) of EU Regulation 2016/679 (hereinafter “GDPR”). The provision of data by users is optional, but in the absence of it, requests for information, materials, contact and sending newsletters cannot be satisfied.
The purpose of number 4) finds its legal basis in art. 6, paragraph 1 letter c) of the GDPR and the processing of data, if provided, is necessary to fulfill a legal obligation.
TYPE OF DATA
The personal data of users who write to Agricola Tarchi are contact details (such as name, surname, company, e-mail address) and any data contained in the freely fillable message field.
User data is information that allows the data subject to be identified only indirectly and in case of need, for example for a request from the judiciary and the Police Forces (such as, for example, for data that allow you to associate activities and browsing on the site of an anonymous user at the IP address, i.e. the Internet Protocol which constitutes an identifier of the computer or device (e.g. smartphone, tablet) from which the navigation or activities on the site were carried out.
CATEGORIES OF DATA RECIPIENTS
For the purposes described above, users’ personal data may be shared with the following categories of recipients:
- data processors duly appointed by the Data Controller, as subjects who provide services to this in administrative, legal, technological, etc.
- employees and collaborators of the owner subject to an obligation of confidentiality
- various subjects to whom the communication is required by law (eg public authorities).
TRANSFERS OF PERSONAL DATA TO THIRD COUNTRIES
Users’ personal data are not normally shared with subjects located outside the European Economic Area.
Should this happen, Process Factory ensures that the transfer will take place on the basis of compliance with an adequacy decision of the European Commission, the Standard Contractual Clauses approved by the European Commission or on a different appropriate legal basis.
DATA STORAGE TIMES
In relation to the purposes referred to in numbers 1), 2) and 3), personal data will be kept for the time strictly necessary to achieve them, as well as to allow Process Factory to protect its rights and interests in the legal seat, for the maximum time provided for by the applicable legislation and coinciding with the limitation period for legal actions that can be exercised.
As for the data collected for the purpose number 4), they will be kept for the time required by the specific obligation or applicable law.
ACCESS TO DATA AND EXERCISE OF DATA PROTECTION RIGHTS
Pursuant to EU Regulation 679/2016, the interested parties have the right at any time to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request to integrate, update it, or rectify them. The subjects to whom the personal data refer also have the right to request cancellation, transformation into anonymous form or limitation of processing, the portability of data in a commonly used and legible format, as well as to oppose in any case to their treatment.
Anyone wishing to exercise the aforementioned rights can contact the Data Controller by writing to the address of the registered office via Pistoiese n. 120/122, 50059, or by sending an email to email@example.com
Anyone who finds a violation of their rights can contact the competent supervisory authority pursuant to art. 77 of EU Regulation 679/2016. The possibility of appealing to the judicial authorities remains unaffected.