The Data Controller is the company Enoitalia S.p.A. with headquarters in Italy, Località Colombara, Calmasino di Bardolino (VR).
The processing relates to Personal Data (name, surname, company name, address, landline / mobile phone, e-mail address, VAT number and any other information requested by the User).
Purpose and legal basis of the processing
The processing of personal data is based on the principles of correctness, lawfulness, transparency and protection of the privacy and rights of the User and is conducted for the following purposes:
- organization and implementation of activities connected to and instrumental in planning, start-up, conclusion and execution of contractual relationships;
- execution of obligations deriving from the contract concluded with the User;
- fulfillment of legal obligations of an administrative, accounting, civil, fiscal, regulatory, community and non-EU nature;
- general management of the relationship with the User (data acquisition and pre-contractual information, contacts, correspondence, orders, deliveries, invoices);
- management of litigation (breach of contract, notice, transactions, debt collection, legal disputes);
- carrying out market research, sending advertising material and promotional activities (sending, also via e-mail, information and communications relating to technical and commercial services, value-added services, pre and post sales services, news and promotions), with prior consent of the User; this type of service allows to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User and may allow to collect data relating to the date and time of display of messages by the User, as well as the User’s interaction with them, such as information about clicks on links inserted in messages.
The Data Controller processes Personal Data relating to the User in the event one of the following conditions exists:
- the User has given consent for one or more specific purposes;
- the processing is necessary for the execution of a contract with the User and / or the execution of pre-contractual measures;
- the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- the processing is necessary for the performance of a task carried out in the public interest or for the exercise of public authority vested in the Data Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
It is possible to request the Data Controller to clarify the concrete legal basis of each treatment and to specify whether the treatment is based on the law, foreseen by a contract or necessary to conclude a contract.
Provision of Data
The provision of data is mandatory and their failure, partial or incorrect conferment may have, as a consequence, the inability to provide the services as well as fulfill the contractual obligations or requests of the User.
The consent given for carrying out market research, sending advertising material and promotional activities is optional and can be revoked at any time pursuant to art. 6 GDPR.
The processing is carried out with manual and / or computerized and telematic tools with organizational and processing logics strictly related to the purposes themselves and in any case in order to guarantee the security, integrity and confidentiality of the data in compliance with organizational, physical and logics provided for by the provisions in force.
The Data Controller shall take appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
In addition to the Data Controller, in some cases, other subjects (administrative, commercial, marketing, legal, system administrators) or external subjects (suppliers of third party technical services, postal couriers, hosting providers, IT companies, communication agencies) may have access to the Data, also appointed, if necessary, Data Processors by the Data Controller. The updated list of Data Processors can always be requested to the Data Controller.
The Data are not transferred outside the European Union, but the Owner reserves the right to change the location of the servers even outside the European Union, ensuring, in this case, that the transfer will take place in accordance with the provisions and with the appropriate guarantees of the law.
Data processing and storage are carried out on servers located within the European Union, where appropriate also with third-party companies in charge and duly appointed as Data Processors.
Personal Data is stored in such a way as to allow identification of the Data Subject for a period not exceeding the achievement of the purposes for which it is processed and, in the case of revocation of consent, will be deleted.
Rights of the Data Subject
The User may at any time ask:
- to have access to personal data;
- to obtain the correction or cancellation of the personal data or the limitation of the processing that concerns him;
- to oppose the processing;
- data portability;
- to revoke the consent, where provided: the withdrawal of consent does not affect the lawfulness of the processing based on the consent given before the revocation;
- to propose a complaint to the supervisory authority (Privacy Guarantor).
The exercise of your rights as well as information and requests regarding privacy can be sent to Enoitalia by e-mail to the address firstname.lastname@example.org.