Dear User,

Terre dei Ghelfi S.r.l. – Società agricola a socio unico (hereinafter also referred to as “Terre dei Ghelfi,” “the Company,” and/or “the Data Controller”) pays particular attention to the privacy aspects of its users. Through this page, the Company intends to describe the management methods of its website (www.terredeighelfi.it) concerning the processing and protection of the personal data of Users accessing it.

This is a general notice provided in compliance with EU Regulation 2016/679, the “Regulation on the protection of natural persons concerning the processing of personal data, as well as on the free movement of such data” (hereinafter referred to as the EU Regulation), applicable solely to the official website of Terre dei Ghelfi (hereinafter the “Website”) and not to any other websites that the User may consult via links on its pages, for which the Data Controller assumes no responsibility.

Data Controller

The Data Controller of the personal data provided by the User is Terre dei Ghelfi S.r.l. – Società agricola a socio unico, headquartered at 57022 – Castagneto Carducci (LI), Podere Marconi, n. 182, Tax Code/VAT Number: 01274090495, Phone: +39 347.8456761, Email: info@terredeighelfi.it.

Types of Data Collected

a) Browsing Data

The IT systems and software procedures used to operate the Website collect certain personal data, the transmission of which is implicit in the use of Internet communication protocols.

These are pieces of information that, although not collected to be associated with identified users, could, by their nature and through processing and association with data held by third parties, allow the identification of users.

This category of data includes IP addresses or domain names of the computers used by users connecting to the Website, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the response status provided by the server (success, error, etc.), and other parameters related to the operating system and IT environment of the user.

b) Data Voluntarily Provided by the User (Art. 4, Para. 1, EU Regulation)

The consultation of the Website does not require the provision of personal data by the user. However, voluntarily, explicitly, and optionally sending personal data to the addresses indicated on this Website, as well as inserting such data in the “Contact” form, will result in the acquisition of the sender’s address and personal data entered, necessary to process the requests.

We invite users not to send names or other personal data of third parties that are not strictly necessary in their service requests or inquiries.

Legal Basis and Purpose of Processing

The legal basis for the processing of browsing data (section 2, letter a) is the pursuit of the Data Controller’s legitimate interests in managing the Website. Specifically, browsing data will be used for the following purposes:

• Enabling access to and navigation on the Website;
• Collecting data and information in exclusively aggregated and anonymous form to verify the proper functioning of the Website;
• Collecting data and information to protect the security of the Website (anti-spam filters, firewalls, virus detection) and users;
• Obtaining anonymous statistical information on the use of the Website;
• Identifying possible liabilities in case of cyber offenses against the Website.

The data voluntarily provided by the user (section 2, letter b) to the addresses indicated on this Website will be processed to respond to the user, execute the requested service or performance.

Additionally, with the user’s explicit consent, the data under section 2, letter b may be processed by the Data Controller for:

1. Periodic sending of newsletters and advertising materials via email;
2. Conducting market analysis and research (profiling).

 

The provided data will not be transferred to third parties without first obtaining the user’s explicit and unequivocal consent.

Consequences of Failing to Provide Personal Data

Browsing data (section 2, letter a) is mandatory as it is strictly necessary for the Website’s IT management.

Providing personal data under section 2, letter b is optional and solely intended to respond to the user’s requests. Therefore, failing to provide such data will make it impossible for Terre dei Ghelfi to respond.

Failure to provide personal data for purposes under section 3, numbers i) and ii) will prevent the Data Controller from carrying out those purposes.

Data Processing Methods

The Data Controller will process data in both electronic and, if necessary, paper format, according to principles of fairness, lawfulness, and transparency. This processing may occur with or without the aid of electronic or automated tools, including all operations listed in Article 4, No. 2 of the EU Regulation.

Personal data will be stored both in paper and IT archives, with organizational systems related to processing purposes.

The Data Controller has adopted technical and organizational security measures to protect data from destruction, loss (even accidental), and to ensure integrity and confidentiality.

Profiling

With explicit consent, personal data may be used for profiling within the Data Controller’s internal systems for statistical/comparative purposes, service improvement, commercial profiling, and registered users’ preference analysis.

Data Communication

In addition to the Data Controller, authorized personnel within Terre dei Ghelfi may access data according to their competencies.

Furthermore, the collected data may be shared with third-party service providers (e.g., IT service providers, hosting providers), acting as Data Processors under Article 28 of the EU Regulation, exclusively for purposes strictly related to the services offered.

Data Retention Period

• Browsing data (section 2, letter a) will be retained for no longer than necessary for the stated purposes.
• Voluntarily provided data (section 2, letter b) will be processed for the time strictly necessary to provide the requested service and no longer than 12 months.
• Data processed for newsletter and profiling purposes will be retained until the user requests deletion.

 

Location of Data Storage

Personal data will be stored at the Data Controller’s operational headquarters and within the European Union.

User Rights

The user has the right to:

• Access their personal data (Art. 15 EU Regulation);
• Request rectification (Art. 16 EU Regulation) or deletion (the “right to be forgotten”, Art. 17 EU Regulation);
• Request restriction of processing (Art. 18 EU Regulation);
• Request data portability (Art. 20 EU Regulation);
• Object to processing (Art. 21 EU Regulation).

If users believe their data has been processed unlawfully, they can file a complaint with the Italian Data Protection Authority (Art. 77 EU Regulation) or take legal action (Art. 79 EU Regulation).

How to Exercise Your Rights

The user can exercise their rights at any time by sending an email to info@terredeighelfi.it or a registered letter to Terre dei Ghelfi S.r.l., Podere Marconi, 182, 57022 – Castagneto Carducci (LI), Italy.

Policy Updates

Terre dei Ghelfi S.r.l. reserves the right to modify this policy. The update date is indicated at the beginning. Significant changes will be communicated via the Website or other means.