Privacy Policy pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 – WEBSITE www.assisisalumi.it
With this Privacy Policy, the Data Controller, as defined below, wishes to inform you of the purposes and methods of the processing of your personal data and your rights under Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data and on their free movement (“GDPR”).
The computer systems and software used to operate the www.assisisalumi.it site acquire, during their operation, some personal data whose processing and transmission are implicit in the use of internet communication procedures. This information is not collected in order to be associated with identified subjects, but by its nature could indirectly allow, the identification of users.
DATA CONTROLLER:
Assisi Salumi S.R.L.
Via A. Canini, 10 – Torchiagina di Assisi – 06081 – Perugia
Tel. 075.8039639 – Fax. 075.8039560
PEO: info@assisisalumi.it
PEC: assisisalumi@registerpec.it
P.Iva 01785860543
TYPES OF DATA PROCESSED
The processing activities carried out are aimed at acquiring the following personal data:
| Categoria | Tipo |
| Shared data | Cookie di Profilazione (see Cookie Policy) |
| Shared data | Navigation logs |
| Shared data | Personal data |
CATEGORY OF INTERESTED PARTIES
The processing activities carried out are aimed at acquiring the following personal data: Web Users
PURPOSE OF PROCESSING AND CONDITIONS UNDER LAWFUL PROCESSING
The personal data of the user, collected during navigation of the www.assisisalumi.it site, will be treated with the sole purpose of allowing the user to use the site and to know the professional reality and the products of Assisi Salumi S.R.L. In addition, the data, for the purposes of maintenance and technical assistance for the correct functioning of the site, may be processed to improve the quality and structure of the site or to create new content.
The processing of the data is carried out in respect of the limits and the conditions foreseen by the law, with automated instruments, including electronic and telematic ones.
WEBSITE NAVIGATION DATA
This data is collected in order to obtain anonymous statistical information on the use of the site, to check that the website is functioning correctly and to carry out possible liability investigations in the event of hypothetical computer crimes against the Data Controller.
The data you provide will be processed for the following purposes:
| Condition under lawful processing | Purpose | Description |
| Legitimate Interest – Art. 6, c.1, let. f. GDPR | Technological Maintenance of the website. | Data analysis to carry out the evolution and maintenance of the website. |
| Legitimate Interest – Art. 6, c.1, let. f. GDPR | Unlawful use of the website. | Establishment of liability in the event of potential computer crimes to the detriment of the website and/or Data Subjects. |
| Legitimate Interest – Art. 6, c.1, let. f. GDPR | Statistical Analysis. | Anonymous statistical analysis of the website. |
Anonymous statistical analysis of the website.
Nature of conferment: Mandatory.
Consequences of refusal to provide data: Failure to provide data will make it impossible for the company to provide the websites services.
Personal data storage period: The data is stored for 30 days.
Minimum data protection misures: Standard Protection Misures
Processing Methods: The processing is carried out using computer tools.
RECIPIENTS OF PROCESSING
| Role | Recipient or Category Recipient |
| Data Processor | Hosting Service Providers |
| Data Processor | ICT system maintenance services |
| Data Processor | Supplier |
| Designated Processing Person (Internal) | Personnel employed by the Data Controller |
FACEBOOK SOCIAL PAGE
When a user uses the Page administered by the Data Controller, Facebook (“Social Media”) collects information such as the types of content viewed or interacted with, the actions performed as well as information about the devices used (IP addresses, operating system, browser type, language settings, cookie data).
Page Insights are aggregated statistics created from certain events recorded by Facebook’s servers when users interact with Pages and their content.
As explained in Facebook’s Privacy Policy Social Media also collects and uses information to provide statistical data collection services called Insights della Pagina to page administrators to enable them to understand how people interact with content on pages.
Details on how Facebook processes these data can be found on the following link:
https://www.facebook.com/privacy/explanation
Details on the personal data processed for Insights are available on the following link:
https://www.facebook.com/legal/terms/information_about_page_insights_data
Details on the cookies used by Facebook can be found on the following link:
https://www.facebook.com/policies/cookies/
The Data Controller as administrator of the Page and Facebook Ireland Limited (4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland) are joint data controllers in accordance with Article 26 of the GDPR for the processing of such personal data recorded for events delivered via Insights della Pagina (“Insights Data”).
The co-ownership agreement between the Data Controller and Facebook covers the creation of these events and their aggregation in Insights on the Page provided to each administrator.
The legal basis for the processing is the legitimate interest of the Data Controller, Art. 6(1)(f) GDPR. Therefore, the acquisition of your consent prior to the processing is not necessary.
The data you provide will be processed for the following purposes:
| Condition under lawful Processing | Purpose | Description |
| Legitimate Interest – Art. 6, c.1, let. f. GDPR | Consultation Insights Facebook Page | Statistical surveys relating to the use of features contained on the Facebook page administered by the data controller. |
Nature of Conferment: Mandatory
Consequences of refusal to provide data: Failure to provide the requested data will make it impossible for the Owner to provide services published on the Facebook page.
Personal data storage period: The data collected will be processed for the time strictly necessary to fulfil the purposes described above as specified in the Facebook policies.
Minimum data protection misure: Security measures adopted by the Data Controller Facebook Ireland Limited Processing methods: The processing is carried out by the Data Controller Facebook using computer tools
RIGHTS OF THE INTERESTED PARTY – COMPLAINT TO THE SUPERVISORY AUTHORITY
In relazione ai trattamenti descritti nella presente Informativa, in qualità di interessato Lei potrà, alle condizioni previste dal GDPR, esercitare i diritti sanciti dagli articoli da 15 a 22 del GDPR e, in particolare, i seguenti diritti:
In relation to the processing described in this Information Notice, you as a data subject may, under the conditions provided in the GDPR, exercise the rights in Articles 15 to 22 of the GDPR and, in particular, the following rights:
- Right of access – Article 15 GDPR: the right to obtain confirmation as to whether or not personal data concerning you is being processed and, if so, to obtain access to your personal data;
- Right of rectification – Article 16 GDPR: right to obtain, without undue delay, the rectification of inaccurate personal data concerning you and/or the integration of incomplete personal data;
- Right to erasure (right to be forgotten) – Article 17 GDPR: the right to obtain, without undue delay, the erasure of personal data concerning you. The right to erasure does not apply to the extent of processing necessary for compliance with a legal obligation or for the performance of a task carried out in the public interest or for the establishment, exercise or defence of legal claims.
- Right to processing restriction – Article 18 GDPR: right to obtain the restriction of processing, when: a) the data subject contests the accuracy of the personal data; b) processing is unlawful and the data subject objects to the erasure of the personal data and instead requsts that its use be restricted; c) the personal data is necessary for the establishment, exercise or defence of legal claims; d) the data subject has objected to the processing pending verification as to whether the legitimate reasons of the data controller prevail over those of the data subject.
- Right to data portability – Article 20 GDPR: the right to receive, in a structured, commonly used and machine-readable format, personal data concerning you provided to the Data Controller and the right to transmit them to another data controller without hindrance, where the processing is based on consent and is carried out by automated means. In addition, the right to have your personal data transmitted directly from this controller to another controller if this is technically feasible;
- Right to object – Article 21 GDPR: the right to object, at any time, to the processing of personal data relating to you based on the condition of legitimate interest, including profiling, unless there are legitimate grounds for the Data Controller to continue processing overriding the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of legal claims.
- Right not to be subjected to an automated decision-making process – Article 22 GDPR: you have the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or significantly affects you in a similar way, unless this is necessary for the conclusion or performance of a contract or you have given your consent. In any case, an automated decision-making process may not affect your personal data and you may at any time obtain human intervention by the data controller, express your opinion and contest the decision.
- Right to lodge a complaint with the Data Protection Authority http://www.garanteprivacy.it; withdraw the consent given at any time and as easily as it was given without affecting the lawfulness of the processing based on the consent given before the withdrawal
The above rights may be exercised, with regard to the Data Controller, by contacting the references indicated in the section DATA CONTROLLER, in the first section of this information notice.
The exercise of your rights as data subject is free of charge pursuant to Article 12 GDPR. However, in the event of requests that are manifestly unfounded or excessive, including due to their repetitiveness, the Data Controller may charge you a reasonable expense contribution, in light of the administrative costs incurred in handling your request, or deny you satisfaction of your request. Finally, we inform you that the Data Controller may request further information necessary to confirm the identity of the data subject.
Informativa aggiornata il 15-04-2021