PURSUANT TO ART. 13 OF REGULATION EU 679/2016
Regulation concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data (general regulation on data protection)
Dear User, BioSolidale Distribuzione srl is particularly attentive to the aspects concerning the privacy of its customers/users. Through this page, it intends to describe the management methods of its website (www.bioeccellenze.it) with reference to the processing and protection of personal data of customers/users who access it. This is a general notice made in compliance with EU Regulation 679/2016 “Regulations concerning the protection of individuals with regard to the processing of personal data, as well as the free circulation of such data” to those who consult the BioEccellences website. In fact, the simple consultation of this site, as well as the registration in the same, may entail the registration, use, cancellation and, more generally, the processing of personal data relating to identified or identifiable users.
The Data Controller is BioSolidale Distribuzione srl with registered office in Via Tenuta del Cavaliere, 1 00012 Guidonia Montecelio ROME, e-mail: firstname.lastname@example.org. Given the objective complexity related to the identification of technologies based on cookies and their very close integration with the functioning of the web, the user is invited to consult the appropriate information below and/or contact the Data Controller if he/she wishes to receive any in-depth information on the use of the cookies and any use of the same – for example by third parties – carried out through this website.
RESPONSIBLE FOR DATA PROTECTION
In carrying out their duties (ref. Art. 24 and Art. 37 Subsection 1 of EU Regulation 679/2016) the Data Controller and the Managers have appointed as Data Protection Officer (DPO) Roberto Felicetti, Via Tenuta del Cavaliere, 1, e-mail: email@example.com.
This Officer has been designated according to professional qualities, with particular reference to the specialized knowledge of the legislation and to data protection practices. The duties of the Data Protection Officer are those indicated by Art. 39 of the Regulation.
TYPE OF COLLECTED DATA, PURPOSE OF DATA PROCESSING AND CONFERRAL BY THE INTERESTED PARTY (USER)
“Processing” of data means any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, comparison or interconnection, limitation, cancellation or destruction (Art. 4 EU 679/2016). The entry of data to access this website involves their acquisition for the purposes indicated below. The user is clearly free to choose whether to provide his or her data by inserting them in the appropriate registration forms.
Navigation data – The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified.
Data provided voluntarily by the user – The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the site pages set up for particular services on request. The personal data relating to the users of the website may be used for the purpose of obtaining anonymous statistical information on the use of the website, to check its correct functioning and to ascertain any liability in the event of offenses committed against the website, of the Owner or third parties.
With reference to the users who register on the website, as well as for the purposes described above, the data will be processed in order to:
• make it possible to access and browse the site
• provide the user with the services offered by BioEccellenze
• provide the user with the information requested by voluntarily sending of e-mail
• manage marketing activities and sending advertising material, only upon express consent
In carrying out the processing activities, the Data Controller has not identified any legitimate interest either from him or from third party delegates.
The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. Consequently, mere access to the site implies the acquisition by the operator of information and data concerning the user. The provision of data to request information, to make a quote or to carry out promotional activities, is optional since it is data collected by the writer to optimize the performance of his activity. The refusal to provide these data will make it impossible to send any information of an organizational, technical or commercial nature.
DATA PROCESSING, COMMUNICATION AND STORAGE METHODS
With regards to the methods of data collection and processing, we would like to inform you that the data in our possession will be processed in written form and/or on paper, magnetic, electronic or telematic support, with suitable instruments to guarantee confidentiality and safety of the same in accordance with the provisions of EU Regulation 679/2016 (with particular reference to Articles 24, 32 and 35).
The data will be processed lawfully, correctly and transparently and to protect the privacy and the rights of the user only by personnel directly authorized by the Data Controller, or by the Data Processors appointed for the purpose pursuant to Art. 28 of EU Regulation 679/2016 (list available from the Data Controller).
The data will not be disclosed, with this term meaning the giving of knowledge to undetermined subjects in any way, even through their provision or consultation.
The data may be communicated, with this term meaning the giving of information to one or more specific subjects (list available from the Data Controller), in the following terms:
• to subjects who can access the data pursuant to the provision of the Law, Regulation or Community Law, within the limits set by these Rules
• to subjects who need to access data for auxiliary activities to achieve the purposes for which the data was collected. In particular, the data of the “registered” users can be communicated:
• to third parties who provide the goods/services available on the website as well as to third parties who perform data analysis activities for statistical purposes and in any case within the limit of the purposes of the processing described above
• to third parties in charge of site maintenance by the Owner and under his supervision
• to companies associated with BioSolidale Distribuzione srl for the same purposes indicated above, following the consent of the interested party, both on national and European territory (as authorized by the Guarantor), or on a non-European territory, pursuant to Arts. 44, 46 and 49 Paragraph 1 Lett. A) and c) of EU Regulation 679/2016
No personal data acquired by the WEB service will be disseminated.
The data will be kept for a period not exceeding that necessary for the purposes for which they were collected or subsequently processed, based also on the applicable legal provisions.
RIGHTS OF INTERESTED PARTIES
The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or the rectification, cancellation or limitation, or to oppose their processing, to lodge a complaint to the supervisory authority pursuant to Art. 15 of EU Regulation 679/2016. Furthermore, pursuant to Articles 16, 17, 18, 19, 20, 21 and 22 of the same EU Regulation 679/2016, the interested party has the right to request the rectification, cancellation (right to be forgotten), limitation of processing, notification in the event of rectification or deletion of personal data or limitation of processing, portability of data, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their processing.
In order to be able to exercise these rights, you can directly contact the Data Controller as indicated above at the e-mail address: firstname.lastname@example.org indicating the subject “personal data deletion”.
WHAT ARE COOKIES
Cookies are small text files that the sites visited by the user send to the device (usually to the browser); they are stored in the corresponding browser folder while the user is intent on visiting a website, to then be re-transmitted to the same sites during subsequent visits.
They are used for the purpose of improving navigation, tracking the tastes of the user, allowing the management of the presence or absence of targeted marketing initiatives or the provision of services connected to the activity of the Controller, such as newsletters, demos, etc.
If limitations are placed on their use this affects the status of the user during the consultation. Blocking or removing them from the browser cache could cause an incomplete use of the services offered by the web application.
For the purposes that concern us, it is possible to divide cookies into two categories: technical cookies and profiling cookies
The profiling cookies – as provided for by provision 229/2014 of the Guarantor for the protection of personal data – are aimed at creating profiles relating to the user and are used in order to send advertising messages in line with the preferences shown by the user while browsing the net.
This site does not use profiling cookies. These, therefore, will not be the subject of this Notice.
Technical cookies are those used for the sole purpose of “transmitting a communication over an electronic communication network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such service “(see art. 122, paragraph 1, of the Code concerning the processing of personal data).
Persistent cookies and session cookies are considered among the cookies of this category. Persistent cookies help sites to remember user data and settings for later reference.
This allows faster and more convenient access in terms of time since it is not necessary to log in again. Persistent cookies remain active even after the browser is closed. Session cookies are temporary cookies whose operation on the machine is limited to the duration of the user’s use session.
When the browser is closed, session cookies expire. These are generally used to identify users when they access a website, to remind the user of their preferences when switching between pages on the site, to provide specific information previously collected, etc.
The so-called Third-party cookies are cookies set by a website other than the one in which the user is browsing. They are used, for example, by the site that the visitor first chose and which contains ads from another server or third-party website. Operationally the browser collects the information fed by different sources so that all the elements are displayed on the same page thus creating more cookies in the corresponding browser folder.
All these cookies can be removed directly from the browser settings or through special programs even free of charge or you can block their creation.
In the latter case some site services may not work as expected and it may not be possible to access or even not having the associated cookie lose user preferences, so the information would be displayed in the wrong local form or might not be available.
THREATS BASED ON COOKIES
Since cookies are transmitted between the browser and the website, an attacker or an unauthorized person could intercept the data transmission and information relating to them.
Although relatively rare, this can happen if the browser connects to the site using for example an unsecured WI-FI network. Other cookie-based attacks involve server settings.
If a website does not require the browser to use only encrypted connections (eg. Https), malicious people can exploit this vulnerability to trick visitors by sending them personal information through unsafe channels. Attackers can then divert personal data for unauthorized processing purposes.
HOW CAN I CHECK THE COOKIES INSTALLATION
Most browsers accept cookies automatically but you can still choose not to accept them. However, it is advisable not to disable them as this may prevent you from moving from one page to another.
If you do not want the computer to receive and store cookies, you can change your browser’s security settings (Internet Explorer, Google Chrome, Safari etc.).
In any case, it is specified that certain parts of this site can be used in their fullness only if the browser accepts cookies.
Consequently, the choice to remove and not accept cookies could negatively affect the permanence on the site and its use.
Browser manufacturers provide help pages related to the management of cookies in their products. See below for more information.
• Internet Explorer
For other browsers please consult the documentation provided by the manufacturer on the respective websites.
Since the installation of cookies and other tracking systems operated by third parties through the services used within this Application cannot be technically controlled by the Data Controller, any specific reference to cookies and tracking systems installed by third parties is to be considered indicative.
For further clarifications, please contact the Data Controller directly as indicated above by writing an email to: email@example.com