diVinosfuso.it collects Personal Data from its Users.
Data controller mail address: email@example.com
Types of Data Collected
Personal Data collected by diVinoSfuso, either independently or through third parties, include: Cookies, usage Data and email.
The Personal Data may be provided by the User voluntarily or, in the case of Usage Data, collected automatically during the use of diVinoSfuso.
Unless otherwise specified, all Data required by diVinoSfuso are mandatory. If the User refuses to disclose them, it may be impossible for diVinoSfuso to provide the Service. Where diVinoSfuso indicates that some Data are optional, Users are free to refrain from disclosing such Data without this having any consequence on the availability of the Service or on its operation.
Users who have questions about which Data are required are encouraged to contact the Data Controller.
The User accepts liability for the Personal Data of third parties obtained, published or shared through diVinoSfuso and warrants that they have the right to disclose or disseminate them, and releases the Data Controller from any liability towards third parties.
Modality and place of processing of the collected Data
Modality of processing
The Data Controller shall take appropriate security measures to prevent unauthorized access, dissemination, alteration or destruction of Personal Data.
The processing is carried out by means of computer and/or telematic tools, with organizational methods and logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other parties involved in the diVinoSfuso organization (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller. The updated list of Data Processors may always be requested from the Data Controller.
Legal basis of the processing
The Data Controller processes Personal Data relating to the User under one of the following conditions:
the User has given consent for one or more specific purposes; Note: in some jurisdictions, the Data Controller may be authorized to process Personal Data without the User’s consent or another legal basis specified below, provided the User does not object (“opt-out”) to such processing. However, this is not applicable where the processing of Personal Data is regulated by European legislation on the protection of Personal Data;
processing is necessary for the execution of a contract with the User and/or for the execution of pre-contractual measures;
the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
the processing is necessary for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller;
the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
It is in any case always possible to ask the Data Controller to clarify the concrete legal basis of each processing and in particular to specify whether processing is based on the law, provided for by a contract or necessary for the conclusion of a contract.
The Data are processed at the operating offices of the Data Controller and in any other place where the parties involved in the processing are located. For more information, please contact the Data Controller.
User’s Personal Data may be transferred to a country other than the one in which they are located. To obtain further information on the place of processing, the User may refer to the section on details on the processing of Personal Data.
The User has the right to obtain information about the legal basis of the transfer of Data outside of the European Union or to an international organization under public international law or formed by two or more countries, such as the UN, as well as about the security measures taken by the Data Controller to protect the Data.
If one of the transfers described above takes place, the User may refer to the respective sections of this document or ask for information from the Data Controller by contacting them at the contact details given in the introduction.
The Data is processed and stored for the time required for the purposes for which it was collected.
Personal Data collected for purposes related to the execution of a contract between the Data Controller and the User will be retained until the execution of such contract is completed.
Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User may obtain further information about the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the processing is based on the User’s consent, the Data Controller may retain Personal Data for longer until such consent is revoked. In addition, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period Personal Data will be erased. Therefore, upon expiry of this period the right of access, erasure, rectification and the right to Data portability may no longer be exercised.
Purposes of the Processing of the collected Data
The User’s Data are collected to allow the Data Controller to provide its Services, as well as for the following purposes: Statistics, Interaction with external social networks and platforms, Contacting the User, Remarketing and behavioral targeting, Advertising, Registration and authentication, Displaying content from external platforms, Access to accounts on third-party services and Content performance and functionality testing (A/B testing).
To obtain further detailed information on the purposes of the processing and on the Personal Data that are specifically relevant for each purpose, the User may refer to the relevant sections of this document.
Details on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
Mailing List or Newsletter
By registering with the mailing list or newsletter, the User’s email address will be automatically included in a list of contacts to which email messages containing information, including commercial and promotional, related to diVinoSfuso may be transmitted. The User’s email address may also be added to this list as a result of registering with diVinoSfuso or after making a purchase.
Personal Data collected: email.
Registration and authentication
By registering or authenticating, the User agrees to the Application identifying them and giving them access to dedicated services.
In accordance with the following, registration and authentication services may be provided by third parties. In such as case, this application may access certain Data stored by the third party service used for registration or identification.
Facebook Authentication (Facebook, Inc.)
Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and connected to the Facebook social network.
The services contained in this Section allow the Data Controller to monitor and analyze traffic Data and are used to track the User’s behaviour.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of diVinoSfuso, compiling reports and sharing them with other services developed by Google.
Google may use Personal Data to contextualize and customize the ads of its advertising network.
Personal Data collected: Cookies and usage Data.
By filling in the contact form with their Data, the User consents to their use to respond to requests for information, quotations, or anything else shown in the header of the form.
Personal Data collected: last name, email and first name.
Users may exercise certain rights with reference to the Data processed by the Data Controller.
In particular, the User has the right to:
- withdraw consent at any time. The User may withdraw their previously given consent to the processing of their Personal Data.
- object to the processing of their Data. The User may object to the processing of their Data when it takes place on a legal basis other than by consent. Further details on the right to object are shown in the section below.
- access their Data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
- verify and ask for rectification. The User may verify the accuracy of their Data and request its updating or correction.
- have processing restricted. When certain conditions are met, the User may request the restriction of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than to retain them.
- have their Personal Data erased or removed. When certain conditions are met, the User may request the erasure of their Data by the Data Controller.
- have their Data given to them or have them transferred to another Data Controller. The User has the right to have their own Data given to them in format that is structured , commonly used and readable by an automatic device and, where technically feasible, to have them transferred without hindrance to another Data Controller. This provision shall be applicable when the Data is processed by automated tools and the processing is based on the User’s consent under a contract to which the User is party or under contractual measures connected to it.
- submitting a complaint. The User may submit a complaint to the competent Personal Data protection supervisory authority or take legal action.
Details on the right to object
When the Personal Data are processed in the public interest, in the exercise of public authority vested in the Data Controller, or to pursue a legitimate interest of the Data Controller, Users have the right to object to Data processing for reasons related to their particular situation.
Users are reminded that, if their Data is processed for direct marketing purposes, they may object to the processing without giving any reason. To find out if the Data Controller is processing Data for direct marketing purposes, Users may refer to the respective sections of this document.
How to exercise rights
To exercise the rights of the User, Users may address their request to the contact details of the Data Controller indicated in this document. Requests are filed free of charge and processed by the Data Controller as soon as possible, in any case within one month.
Further information on the processing
Defence in court
The User’s Personal Data may be used by the Data Controller in court or in the preparatory stages for implementing any protective measures against abuse in the use of this Application or of the connected Services by the User.
The User declares that they are aware that the Data Controller may be required to disclose the Data by order of the public authorities.
Specific Privacy Statement
System log and maintenance
For needs related to operation and maintenance, this Application and any third party services it uses may collect system logs, that is files that record the interactions and that may also contain Personal Data, such as the User IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Responding to “Do-Not-Track” requests
This Application does not support “Do-Not-Track” requests.
To find out if any third-party services used support them, the User is requested to consult the respective privacy policies.
If the changes affect processing whose legal basis is consent, the Data Controller will collect again the consent of the User, if necessary.