Privacy Policy

PRIVACY POLICY of www.terredeighelfi.it (As at 18 January 2022) Information pursuant to Article 13 of EU Regulation 2016/679

Dear User,

Terre dei Ghelfi S.r.l. – Agricultural company with sole shareholder (hereinafter also referred to as “Terre dei Ghelfi,” “the Company,” and/or “the Data Controller”) is particularly attentive to aspects related to the privacy of its users. Through this page, the Company intends to describe the management methods of its website (www.terredeighelfi.it) concerning the processing and protection of the personal data of Users accessing it. This is a general information notice made in compliance with EU Regulation 2016/679 “Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereinafter referred to as EU Regulation) for the sole institutional website of Terre dei Ghelfi (hereinafter “Site”) and not for other websites that the User may consult through links on its pages, for which the Data Controller is not in any way responsible.

Data Controller

The data controller for the data provided by the User is Terre dei Ghelfi S.r.l. – Agricultural company with sole shareholder, with registered office at 57022 – Castagneto Carducci (LI), Podere Marconi, No. 182, Tax Code/VAT: 01274090495, Tel. 347.8456761, Email: info@terredeighelfi.it.

Types of Data Collected:

a) Navigation Data

The computer systems and software used for the operation of the Site collect some personal data, the transmission of which is implicit in the use of Internet communication protocols. These are pieces of information that, even if not collected to be associated with identified data subjects, could, by their nature and through processing and associations with data held by third parties, allow the identification of users. This category of data includes IP addresses or domain names of computers used by users connecting to the Site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters related to the user’s operating system and computer environment.

b) Data Voluntarily Provided by the User (Article 4(1) of the EU Regulation)

For the consultation of the Site, no personal data is required from the user. However, the optional, explicit, and voluntary sending of personal data to the addresses indicated on this Site, as well as their insertion in the “Contact” form, will result in the acquisition of the sender’s address and the personal data entered by the user necessary to respond to the requests sent. We invite users, in their service requests or inquiries, not to send names or other personal data of third parties that are not strictly necessary.

Legal Basis and Purpose of Processing

The legal basis for the processing of navigation data (point 2, letter a) is to pursue the legitimate interests of the Data Controller in relation to the management of the Site. In particular, navigation data will be used for the following purposes:

Enable access and navigation on the Site;
Collect data and information in exclusively aggregated and anonymous form to verify the correct functioning of the Site;
Collect data and information to protect the security of the Site (anti-spam filters, firewalls, virus detection) and users;
Obtain anonymous statistical information about the use of the Site;
Ascertain any liabilities in the event of computer crimes committed against the Site.
The data voluntarily provided by the user (point 2, letter b) to the addresses indicated on this Site will be processed in order to respond to the data subject, perform the requested service, or provide the requested performance. Furthermore, with the explicit consent of the user, the data referred to in point 2, letter b may be processed by the Data Controller:

I) For the periodic sending, via email, of newsletters and advertising material;
II) To carry out analyses and market research (profiling).

The provided data will not be disclosed to third parties without having obtained the user’s actual and unequivocal consent to the processing.

Consequences of Non-Provision of Personal Data

Navigation data as per point 2, letter a) is mandatory as it is strictly functional to the computerized management of the Site. The provision by the User of personal data as per point 2, letter b) is optional and aimed solely at responding to user requests; therefore, failure to provide such data will make it impossible for Terre dei Ghelfi to respond to any requests. The failure to provide personal data as per point 2, letter b for the purposes indicated in point 3, nos. i), ii), iii) will prevent the Data Controller from pursuing the aforementioned purposes.

Data Processing Methods

The data will be processed by the Data Controller both electronically and, if necessary, in paper format, according to the principles of correctness, lawfulness, and transparency. This processing may take place with or without the aid of electronic or automated means and will include all the operations provided for in Article 4, No. 2), EU Regulation (collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination, or any other form of provision, comparison or interconnection, limitation, deletion, or destruction of data) necessary for the processing in question, including communication to the subjects listed in the following point “Communication of Data.” The data will be recorded and stored both in paper and electronic archives, with organizational systems related to the purposes of the processing. To protect the data from destruction or loss (even accidental) and to ensure its integrity and confidentiality (even against unauthorized access or disclosure) and, in general, to ensure the rights of the data subject, the Data Controller has adopted technical and organizational security measures in accordance with the EU Regulation (with particular reference to Articles 24, 32, and 35).

Profiling

In the case of explicit consent, the personal data provided may be profiled by the Data Controller solely internally for statistical/comparative purposes, for better management of the services offered, or for the creation of commercial profiles and/or for the analysis of the preferences of registered users. The processing of personal data for profiling purposes will take place with suitable tools and methods, in compliance with the requests of the EU Regulation, in order to protect the rights, freedoms, and legitimate interests of the data subject.

Communication of Data

In addition to the Data Controller, internal subjects of Terre dei Ghelfi may have access to the data and are expressly authorized by the latter to process the data in accordance with Article 29 of the EU Regulation, according to their respective competence profiles and for the purposes mentioned above (point 3). The collected data may also be communicated to external subjects (e.g., third-party technical service providers, hosting providers, IT companies), appointed as Data Processors pursuant to Article 28 of the EU Regulation, who operate on behalf of Terre dei Ghelfi according to its instructions and exclusively for activities strictly connected to the purposes mentioned above (e.g., ensuring the operability of the Internet service, managing the IT and telematic system).

Data Retention Period

Navigation data (point 2, letter a) will be retained, in accordance with current legislation, for a period not exceeding that necessary to achieve the purposes for which they are processed. The Data Controller will process the data voluntarily provided by the user (point 2, letter b) for the time strictly necessary to provide the requested service and in any case, no later than 12 months. Finally, Terre dei Ghelfi will process the personal data voluntarily provided by the user (point 2, letter b) for the purposes referred to in point 3, letter i), ii), iii), for the time necessary to fulfill the aforementioned purposes and in any case, until a possible request for deletion by the data subject.

Location of Data Storage

Personal data will be stored at the operational headquarters of the Data Controller and in any case within the European Union.

User Rights

The user to whom the personal data refer has the right to ask and obtain, at any time, from the Data Controller, access (Article 15 of the EU Regulation), rectification (Article 16 of the EU Regulation), and deletion (the so-called “right to be forgotten”) (Article 17 of the EU Regulation) of their personal data. The user is also entitled to the right to limit the processing of personal data (Article 18 of the EU Regulation), the right to portability of such data (Article 20 of the EU Regulation), and the right to object, for legitimate reasons, to their processing (Article 21 of the EU Regulation). In any case, the user has the right to lodge a complaint with the supervisory authority, as provided for in Article 77 of the EU Regulation, or to take appropriate legal action under Article 79 of the EU Regulation if they believe that the processing of personal data concerning them has occurred in violation of the EU Regulation.

Exercise of Rights

The user can exercise their rights at any time by sending an email to the address info@terredeighelfi.it or by sending a registered letter with return receipt to Terre dei Ghelfi S.r.l. – Agricultural company with sole shareholder, 57022 – Castagneto Carducci (LI), Podere Marconi, No. 182.

Changes to this Notice

Terre dei Ghelfi S.r.l. reserves the right to modify this notice. The date indicated at the beginning of the notice indicates the date of the last update. In case of substantial changes, notice will be provided through the website or by other means to give the user the opportunity to review the changes before they take effect.

December 2023