Policy Data Protection Regolamento UE 2016/679
This document provides all necessary information regarding methods, timing and nature of the processing of personal data acquired through consultation of the www.commerciofrutta.com website.
The information is provided exclusively for the online activities on this website and is valid for its users.
It does not apply to other websites visited by users via links.
For users younger than 16 years of age, according to art.8 par.1 of EU Reg.2016/679 their consent to personal data processing will have to be authorized by their parents or whomever acts in their stead.
II. DATA PROCESSING
The interested party
The interested party in the data processing of this Company may be a: client, supplier, person requesting information, website user.
The Data Controller
The data controller is the legal or natural person, the public authority, the service or other body that, alone or together with others, determines the purpose and means of the personal data processing.
As concerns this website the data controller is Commercio frutta spa consortile soc.agr. whose registered office is in 47122 Forlì (FC), via Trentola 68, fiscal code 03605820400 Tel.+39 0543723153 e-mail email@example.com PEC firstname.lastname@example.org
Processing and personal data
Processing means any kind of operation carried out with or without the use of automated processes and applied to personal data, like collection, registration, organization, conservation, adaptation or modification, extraction, consultation, use, communication through transmission, broadcasting or any other available form, comparing or interconnection, limitation, cancellation or distruction as further specified in art. 4 of EU Reg. 679/2016.
Personal data means any piece of information concerning a natural person identified or identifiable (the interested party); It is considered identifiable the natural person who can be identified, directly or indirectly, with particular reference to an identifier like the name, a number of identification, data concerning location, an online identifier or one or more characteristic features of his/her physical, physiologic, genetic, psychic, economic, cultural or social identity, as further specified in art.4 of EU Reg. 679/2016.
The Data Processor
The data processor is the legal or natural person, the public authority, the service or other body that processes personal data on behalf of the data controller.
Asper art.28 EU Reg. 2016/679, nominated by the controller, the data processor of this website is INTREGRA SOLUTIONS SRL
Data processing generated by the use of this website takes place in the registered office of the Controller and/or by processors nominated by the Controller.
III. PROCESSED DATA
During their normal running the systems that make the website function acquire personal data whose transmission is implicit in the use of the Internet’s communication protocols. The information is not collected to identify users but, due to its own nature, through elaboration and association with other data in possession of third parties, it may lead to identification of the users. Data collected could be the following:
– internet protocol address (IP);
– kind of browser and parameters of the device used to connect to the site;
– name of the internet service provider (ISP);
– date and time of visit;
– web page the user is coming from (referral) and going to next;
– number of clicks.
Such information is electronically processed and collected exclusively in aggregated form in order to verify the correct functioning of the website and for security reasons.
For security reasons and according to relevant laws, some data (as the IP address) may also be used to determine responsibilities in case of hypotetical computer crimes agains the website.
Data provided voluntarily by the user
They are mainly the following: name, surname, e-mail address, date of birth, postal address, mobile phone number. The optional forwarding, explicit and voluntary, of data through e-mails sent to the address indicated in this website or via input form provided in this website, involves the subsequent acquirement of the sender’s address, necessary to reply to the enquiry, as well as any other personal data contained in the e-mail.
However, this website has no control over cookies of third parties, that are entirely managed by them.
As cookies are linked to the browser used, they may be disabled directly by it, by refusing or withdrawing consent to their use. However, disabling cookies may influence the correct functioning of some of the website’s functions.
Instructions on how to disable cookies are found on the browsers’ web pages:
Mozilla Firefox – Microsoft Internet Explorer – Microsoft Edge – Google Chrome – Opera – Apple Safari.
IV. PURPOSE OF DATA PROCESSING
The personal data supplied will be lawfully managed according to art. 6 of EU Reg. 2016/679 for the following purposes:
– web browsing;
– filling up of forms collecting data in order to send an enquiry to the data controller;
– discharge of contactual obligations, compliance with legal, administrative and accounting requirements.
For the purposes of implementation of the provisions regarding personal data protection, the processing carried out for administrative and accounting reasons is connected with the carrying out of the Company’s organizational, administrative, inancial and accounting activities.
V. PROCESSING METHODS
Personal data processing will be conducted according to principles of correctness, lawfulness, transparency and essentiality and will be carried out with due respect of the limitation of purposes and minimal conservation of the data collected. Website browsing, manual and electronic processing have been organized according to the founding principles of data protection laws:
❖ principle of responsibility: Specific individuals inside the organization are in charge of data processing;
❖ principle of transparency: the kind of processing that electronic and content data go through is indicated clearly;
❖ principle of relevance of the collection: personal data are lawfully and correctly processed; they are recorded for specific, explicit and legitimate purposes according to the institutional functions of the Company; they are relevant and do not exceed the purposes of the processing; they are stored for the time necessary to the purposes of the collection;
❖ Principles of purpose limitation, data minimization and limitation of storage period: the processing and storage period of personal data is limited to the minimum necessary. Personal data are stored only if the processing purpose is not reasonably attainable through other means. Moreover, personal data are cancelled as soon as they are no longer needed;
❖ principle of purpose: the purposes of personal data processing are those already mentioned in the relevant paragraph. New data processing, if carried out for different purposes from those declared, is carried out only after the interested party has been informed;
❖ principle of verifiability: personal data are correct and updated through time. They are also organized and stored in a way that the interested party may always have the possibility to know, if desired, which information has been collected and recorded, as well as control their quality and ask for their correction, integration, de-indexation from internet browsers, cancellation for law infringments or oppose to the processing and exercise all the other rights according to EU Reg. 2016/679, by sending enquiries to the following e-mail address: email@example.com;
❖ Principle of security: personal data are protected by technical, electronic, organizational, logistic and procedural security measures against risks of distruction or loss, even accidental, and non-authorized access or processing that was not allowed. Such measures are periodically updated according to technical progress, nature of data and the specific characteristics of the processing, constantly controlled and verified over time.
Data are collected in two ways: direct manual registration by an employer and/or representative and registration through e-mail or website
Processing can be carried out using paper files or digital instruments, always guaranteeing the utmost confidentiality and relevancy, and that data are not more than those necessary for the abovementioned purposes. The data controller is not accountable for personal data regulations and processing methods adopted by other websites that can be reached following links on the Company’s website www.commerciofrutta.com
VI. USER RIGHTS
According to methods and within the limits laid out by the current legislation, users have a right to know their processed data and, when conditions allow it, to exercise all rights concerning their use (right of access, correction, updating, integration, cancellation, limitation of processing, portability, withdrawal of consent to the processing, right to obtain a copy of one’s data when they are stored in countries outside of the European Union, as well as obtain indications about the place where data are stored or transferred) and to oppose for legitimate reasons to a specific processing and anyway to use of their data for commercial purposes, in full or in part, also as concerns automated methods. Any enquiry must be addressed to the data Controller using the following address: Commerciofrutta spa cons.soc.agr..
VII. COMMUNICATION TO NON EU COUNTRIES AND INTERNATIONAL ORGANIZATIONS
Data processing may also consist of communication of data to other EU or non-EU countries for the purpose of encouraging international trade and will be limited to strictly necessary data. Communication of data to non-EU countries or international organizations takes place only when at least one of the following conditions applies: there are binding corporate rules; there is the legitimate interest of the data controller.
VIII. DATA BREACH
In case the interested party’s data are lost (data breach case), the Company will immediatly inform him/her and the relevant authorities.
IX. MODIFICATIONS TO THIS DOCUMENT
This document can at any moment be modified and/or updated. Users must periodically check for possible modifications: in order to make this verification easier, the information bears the date of the update.
In case of important modifications and/or updates the Company Commercio frutta spa consortile.societa’ agr. will notify the user.
Use of the website after publication of the modifications implies their acceptance.
Date of update: 24.05.2018