Policy Privacy

Policy regarding the processing of personal data

pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”)

Pursuant to Art. 13 of EU Reg. 2016/679 (General Data Protection Regulation, hereinafter “GDPR”), this page collects information about those who, as data subjects, interact with the services of Az. Agr. Cavalchina Società Semplice, as per Art. 4, letter. 1 of the GDPR (“User/s”). Thise web site is accessible electronically via the following address: www.tenutedifamiglia.com.

This information is provided solely for the Az. Agr. Cavalchina Società Semplice website, and not for any other websites that may be accessed by Users via links present at www.tenutedifamiglia.com.

1 - DATA CONTROLLER:
The Data Controller Az. Agr. Cavalchina Società Semplice, whose contact details are detailed below.

2 - CONTACT DETAILS OF DATA CONTROLLER:
For any requests related to the processing of personal data or to exercise rights granted under Articles 15-21 of the GDPR, data subjects may contact our Privacy Department:

Az. Agr. Cavalchina Società Semplice, with registered office in Via Sommacampagna, 7 37066 Custoza fraz. Custoza (VR), e-mail: info@cavalchina.com.

If it is not possible to properly identify the request, the Privacy Department may ask for additional information for the sole purpose of correctly identifying the data subject.

3 - TYPES OF PERSONAL DATA PROCESSED:

• Browsing data
During the ordinary course of operations, the computer systems and software procedures for running this Site acquire some data whose forwarding is implied in the use of the communication protocols of the Internet. This concerns information that is not collected to be associated with specific individuals, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. IP addresses or domain names of computers utilised by Users to connect to the site, geolocation data, the URI/URL (Uniform Resource Identifier/Locator), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system and the User's information environment are kinds of data which fall within this category. These data are used for the sole purposes of obtaining anonymous statistical information on the use of the Site and ensuring that it functions properly, and are only stored for periods of time laid down by the relevant legal regulations. The data could be used to determine responsibility in the case of hypothetical computer crimes against the Site.

• Data submitted by the User on a voluntary basis
In some instances, in order to enable you to take advantage of the various services on the Site, we will ask you to provide us with personal data based on the service in question. Providing said data is entirely voluntary but, in some cases, failure to share this information will prevent us from providing the relevant service.

• Cookies
For all information about how cookies are used on the Site, you can access our Cookie Policy.

4 - PURPOSES AND LEGAL BASIS OF PROCESSING:
The Data Controller shall process personal data relating to the User for the following purposes:

a) responding to User inquiries about this Site. Your personal data will be processed in order to fulfil your requirements or requests. The legal basis for processing your data is the performance of a contract or pre-contractual measures (Art. 6, par. 1, letter b) of the GDPR).
b) Evaluate applications for the search, selection and recruiting of candidates, in order to propose job offers in accordance with the professional profile of the data subject and for the management of pre-contractual relations with the data subject for the purposes of formalising the employment contract. The legal basis for processing your their data is the performance of a contract or pre-contractual measures (Art. 6, par. 1, letter b) of the GDPR). The candidate is also requested not to communicate any data qualified as special under Art. 9 of the GDPR. Failing this, the Data Controller may only process such Data following a specific consent from the candidate, to be collected during the first interview.

Your personal data may also be processed in order to fulfil a legal obligation to which the Data Controller is subject, or for the legitimate interests of the data controller of obtaining statistical data and ensuring this Site is secure.

5 - DATA RETENTION:
None of the personal data acquired may be used for purposes other than those indicated above, and will be held for the period of time necessary for said purposes. After this period, personal data will be deleted or anonymised. 

6 - SCOPE OF PERSONAL DATA DISCLOSURE:
The personal data is processed at the operational sites of the Data Controller and in any other place where the parties involved in the processing are located. Your personal data may be transferred to a country other than that in which you are located. If the User’s data is transferred in a way described above they may request information from the Data Controller by contact them via the details provided at section 2. In addition to the Data Controller, in some cases, other parties involved in the organisation of this Site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies, media agencies) appointed by the Data Controller, if necessary, Data Processor and they may also have access to the Data. The updated list of Data Processors can be requested from the Data Controller.

7 - RIGHS OF DATA SUBJECTS:
As per Articles 15-21 of the GDPR, the data subject has the right to ask the Data Controller for access to their personal data, to have said data rectified or deleted, to limit the processing of data concerning them, or to object to said data being processed, as well as having the right to data portability. Any such request can be made by email or registered email to the Data Controller with the subject line: "data subject request". The request should specify the right that the data subject wishes to exercise (deletion, rectification, portability, the right to be ‘forgotten’) and provide a valid email/certified email address to which the response can be sent. The Data Controller or whoever is appointed by them will satisfy the request within 30 days of receipt. If the answer is complex, the response time may be extended by a further 30 days after the data subject is promptly informed. If the User considers enforcing their rights an appropriate course of action, they have the right to lodge a complaint with the competent supervisory authority: The Italian Data Protection Authority (Piazza Venezia 11, Rome).

 

PERSONAL DATA PRIVACY POLICY

Dear Client,
For the purposes of article 13 of Regulation (EU) no. 2016/679, the General Data Protection Regulation (“GDPR”), Azienda Agricola Cavalchina Società Semplice, with head office in Via Sommacampagna, 7 37066 Custoza fraz. Custoza (VR) (ID - VAT 04831560232) (the “Controller”), in the person of its legal representative, is the Controller of personal data collected from you. This includes, among other items:
    • Company name
    • Head office address and tax details
    • Telephone number and email
    • Full name of legal representative or owner
    • Contact names
These (the “Data”) will be processed in accordance with the GDPR and other Community and national data protection legislation and instructions issued by the relevant authorities. We will ensure that the data processing is correct, legal, transparent, confidential and protected.
Specifically,

1. CONTROLLER:
Az. Agr. Cavalchina Società Semplice, with head office in Via Sommacampagna, 7 37066 Custoza fraz. Custoza (VR) (ID - VAT 04831560232), in the person of its legal representative, who can be contacted at info@cavalchina.com

2. DATA PROCESSED, PURPOSE AND LEGAL BASIS OF PROCESSING:
The Data will be processed by the Controller for the following purposes:
    (a) Carrying out of activities connected to the execution of a contract, in which the subject represents one of the parties, and/or fulfilment of pre-contractual commitments (e.g. contact details registration, invoicing, logistics, etc.) within the legal basis provided for by art. 6, § 1, lett. b) GDPR;
    (b) Compliance by the Controller with national and European administrative, tax, accounting and other laws concerning its relationship with the Client and/or related and/or relevant to this relationship and covered by article 6, §1 c) of the GDPR;
    (c) The Controller's legitimate interest in forwarding communications from institutions and/or other information related and/or relevant to this relationship and covered by article 6, §1 c) of the GDPR;
    (d) The Controller's legitimate interest in establishing, exercising or defending its rights in any competent jurisdiction, including extrajudicial procedures, covered by article 6, §1 f) of the GDPR by article 6, §1 f) of the GDPR.

3. PROCESSING METHODS:
The Data will be processed by being collected, recorded, organised, stored, looked up, amended, compared, used, correlated, selected, extracted, blocked, communicated, deleted, or destroyed.
The Controller will record and store the Data in electronic and/or paper archives, and keep and monitor it in such a way as to ensure that it remains secure and confidential in accordance with the aforementioned data protection laws. The Data will be processed by employees and agents of the Controller specifically identified and authorised to do so under article 29 of the GDPR, and by third parties, who will be designated as Processors under article 28 of the GDPR, if necessary. The Data will not be shared, or subjected to any fully automated decision-making processes, including profiling.

4. PROVISION OF DATA:
Providing the Data for the purposes specified in paragraph 2 above is optional; however, it is deemed obligatory for the purposes of establishing and/or maintaining a relationship with the Client, and failure to provide it may render it difficult for the Controller to maintain such a relationship. The Data (including details entered on online forms, where compulsory information is indicated by an asterisk or other means) will be collected from the Client by authorised agents of the Processor and other third parties.

5. RECIPIENTS OR POSSIBLE CATEGORIES OF DATA RECIPIENTS:
The Data may be communicated, within the limits strictly relevant to the aforementioned obligations, tasks and purposes and in compliance with current legislation on the subject, to the following categories of subjects:
    (a) External individuals and/or companies authorised to process it under paragraph 3 above;
    (b) Entities to whom the Data must be provided in order to comply or obtain compliance with specific legal obligations, regulations, and/or other national or Community law.

6. TRANSFER OF DATA TO A THIRD COUNTRY OR INTERNATIONAL ORGANISATION:
As part of the Client's relationship with the Controller, the Data may be transferred to countries outside the EU and/or international organisations, with particular reference to foreign carriers, also in order to carry out customs obligations relating to the delivery of the goods. In such cases, the Controller will take adequate measures about security, transparency, and confidentiality in order to protect the Data in accordance with data protection law.

7. DATA RETENTION:
For the purposes of paragraph 2, the Controller will process and store the Data for as long as is required to provide the precontractual services, the services provided for in the contract and thereafter, for any periods specified by accounting, tax, civil or procedural laws.

8. CLIENT'S RIGHTS, AND HOW TO EXERCISE THEM:
For the purposes of the processing described in this document, the Client is entitled to:
    • View the Data, have it amended or deleted, impose limits on its use, or object to its being processed;
    • Receive the Data in a structured, commonly used and machine-readable form suitable for transmission to another Controller;
    • Submit a complaint to the Data protection authority;

In order to exercise these rights, the Client should contact the Controller at the address specified in paragraph 1 above.