Informative

Privacy Policy

This notice has been prepared in accordance with GDPR 2016/679, the Privacy Code (Legislative Decree No. 196 of June 30, 2003), as well as the Guidelines of the Privacy Guarantor (including the Guidelines for Countering Spam issued dl Garante Privacy on July 4, 2013). 

The document constitutes an essential element of the relationship between the Data Controller (hereafter also referred to only as “Provider” and/or “Data Controller“) and the user, regardless of whether the user purchases and uses the services offered. 

The privacy policy applies to this computer platform(hereinafter also referred to as just “Site” and/or “Portal“). 

The Data Controller is FORMAGGI CHIODETTI S.R.L . with headquarters in Civita Castellana (VT) at Via Flaminia, 79, Tax Code 00806680567, VAT Number 00806680567 email: info@formaggichiodetti.it . 

The Policy also describes the rights of customers regarding our processing of their personal data. 

GENERAL INFORMATION 

-This document describes how the Data Controller processes personal data provided on the Site. 

-This statement may be subject to change due to the introduction and/or modification of relevant legislative elements, so users are encouraged to check this page periodically. 

– Please note that:

> where you have entered into a specific mandatory relationship with the Controller, your personal data will also be used in connection with or in accordance with separate policies that will be provided;

> in the event that the user is under the age of 14, pursuant to Article 8, c.1 Regulation (EU) 2016/679, he/she will have to legitimize his/her consent through the authorization of his/her parents or legal guardian.

– Pursuant to the above regulations:

> By “treatment” means any operation or set of operations, whether or not involving automated processes, applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction;

> By “personal data” means any information relating to an identified or identifiable natural person (“data subject”); an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristic features of his or her physical, physiological, genetic, mental, economic, cultural or social identity.

DATA PROCESSING 

c.01 – By using or consulting this Site and through the use of services offered, visitors and users explicitly agree to this privacy policy and consent to the processing of their personal data in the manner and for the purposes described below, including possible disclosure to third parties if necessary for the provision of a service. In accordance with applicable law, you have the right to withdraw your consent at any time by contacting the Provider at the contact details specified in this Privacy Policy. 

c.02 – In accordance with the law, it is specified that data processing takes place in Italy at the registered office of the Data Controller or through the use of servers, which are made available by third-party providers and are located within the European Union; for further information contact the Data Controller. It is in any case understood that the Holder, should it become necessary, will be entitled to move the servers outside the EU as well. In this case, the Data Controller hereby ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided by the European Commission. 

c.03 – The information acquired and the manner of processing will be relevant and not excessive in relation to the type of services rendered. The data will also be managed and protected in secure computer environments appropriate to the circumstances. 

c.04 – No “special data” are processed through the Site. Particular data are those that may reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership in parties, trade unions, associations or organizations of a religious, philosophical, political or trade union nature, health status and sexual life.No judicial data are processed through the Site. 

DATA PROCESSED AND PURPOSE OF PROCESSING 

c.01 – Among the information that is collected some is essential for the stipulation and administration of the services offered; others, although not essential, help in offering a high level of service. Your data will be processed to respond to your inquiries. Providing the information is optional, but your refusal will make it impossible for the Data Controller to answer your questions. The legal basis for the processing is the legitimate interest of the Data Controller in fulfilling the user’s requests. This legitimate interest is equivalent to the user’s interest in receiving responses to communications sent to the Data Controller.

c.02 – The Data Controller may process your data purposes of so-called “soft-spam”, governed by the European Regulation mentioned above and, in Italian law, by Art. 130 of the Privacy Code. This means that limited to the email you provide in the context of an inquiry, the Data Controller will process the email to enable the direct offer of similar products/services, unless you object to such processing in the manner set forth in this policy. The legal basis for processing is the legitimate interest of the Data Controller in sending these types of communications. This legitimate interest can be considered equivalent to the data subject’s interest in receiving “soft-spam” communications. 

c. 03 – Your personal data are then processed for:

> Respond to and fulfill its requests;

> Fulfill pre-contractual, contractual and tax obligations arising from existing relationships with you;

> Fulfilling obligations required by law, regulation, EU legislation or an order of the Authority (such as in the area of anti-money laundering);

> Exercise the rights of the Owner, such as the right of defense in court.

> To send you via e-mail, mail and/or text message and/or telephone contact, newsletters, commercial communications and/or advertising material on products or services offered by the Owner and satisfaction survey on the quality of services.

STORAGE AND PROCESSING METHODS OF PERSONAL DATA 

c.01-Data received will be used exclusively for the provision of the requested service. The processing of your personal data is carried out by means of the operations specified in Art. 4 n. 2 GDPR and namely: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data. Your personal data are subject to both paper and electronic and/or automated processing. However, the Provider reserves the right to retain data for a longer period of time in order to comply with any legal and tax obligations, as well as for the exercise of rights. For this purpose, if the personal data is in the form of a deed, the maximum retention is expected to be 12 years after the conclusion of the business relationship. If, on the other hand, personal data are in the form of recorded communication, by telephone, electronically, in person or otherwise, the maximum retention is expected to be 10 years after the conclusion of our business relationship. 

c.02 – The personal data provided shall be treated confidentially, they shall be stored in a protected computerized storage system, in hard copy or by other means of record keeping. Specific measures are taken against misuse, loss, unauthorized access, manipulation or dissemination of personal data. 

c.03 – The Site does not implement tools to geolocate the user’s IP address. 

COMMUNICATION OF PERSONAL DATA

c.01 – The Owner processes user data in accordance with the highest principles of fairness and propriety. Appropriate technical and organizational measures are therefore always taken to ensure the security of information. In particular, the processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. 

c.02 – In addition to the owner, in some cases, categories of employees involved in the organization of the Portal (administrative, commercial, marketing, legal, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data. Employees, and any related parties,are bound by the principles of confidentialityand have accepted stringent duties of conduct. The user can be reassured, therefore, that only authorized personnel can view and process personal data. In any case, given modern times, no operator can guarantee 100 percent security of any information transmitted over the network. For this reason, it is essential that the user is aware of this, and accepts the associated risk by holding the Owner harmless. 

c.03 – Without the need for express consent (Art. 6 lett. (b) and (c) GDPR), the Data Controller may disclose your data for the purposes set forth in this Notice to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those parties to whom disclosure is required by law for the fulfillment of the said purposes. These parties will process the data in their capacity as autonomous data controllers. Your data will not be disseminated. 

USER RIGHTS 

c.01 – The Controller wishes to inform you of the existence of a fairly broad spectrum of rights under Regulation (EU) 2016/679. More specifically, based on:

(a) in Art. 15, of the data subject’s right to ask the data controller for access to personal data;

(b) in Art. 16,of the possibility of rectifying the data provided;

(c) in Article 18,of the possibility of supplementing or limiting the processing of data concerning the user, or of opposing, for legitimate reasons, the processing;

(d) in Art. 21, of the right to data portability in compliance with Art. 20 Regulation (EU);

e) in Article 17, of the right to request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed;

(f) the right to obtain certification that the operations of updating, rectification, integration of data, deletion, blocking or transformation have been properly performed or initialized.

In the event of a violation of the regulations, the user should be advised that he/she has the right to file a complaint with the Garante per la Protezione dei Dati Personali, as the authority in charge of monitoring the processing in the Italian State.

c.02 – The User may at any time exercise the rights by sending a notice to the Data Controller in which the right asserted and the operation requested is clearly and incontrovertibly stated. 

CONCLUSIONS AND ACCEPTANCE 

c.01 – By providing us with any personal data, using our Portal and Services in any way and expressly accepting this Policy where required, you create a mandatory relationship with the Owner. As such, you agree that any e-mail sent by us or affiliated third parties, even unsolicited e-mail, should not be specifically considered as SPAM, according to the legal definition of that term. 

c.02 – By continuing to use the Portal, you acknowledge that you have had an opportunity to review and consider this Privacy Policy and acknowledge that you accept it. Where you do not understand this Privacy Policy or do not accept it, you should immediately desist from using the Site. 

c.03 – This document may be subject to change or update. 

The document was updated on Nov. 28, 2023 to comply with the relevant regulatory provisions, and in particular in accordance with Regulation (EU) 2016/679.