GENERAL DATA PROTECTION REGULATION (GDPR)

Cotto del Perugino srl considers the protection of personal data of its own and / or potential users to be fundamental, ensuring that the processing of personal data, carried out in any way, both automated and manual, takes place in full compliance with the protections and rights recognized in the 2016 EU Regulation / 679 (hereinafter also “GDPR”), concerning the protection of natural persons, with regard to the processing of personal data, as well as to the free circulation of such data and the additional applicable rules on the subject of personal data protection.

This document is intended to provide you, in a simple and intuitive, all the useful and necessary information so that you can provide your Personal Information in a conscious and informed and, where necessary, request and obtain clarifications and / or corrections about this last.

Please note that this information remains exclusive to the aforementioned site and not for other websites that may be consulted by the user through a link or other association.

Tenure:

The data controller is Cotto del Perugino srl.

Registered office in Via Trasimeno 48, 06061 Panicarola (PG)

e mail:  info@cottodelperugino.com

Type of data processed

Browsing data:

The computer systems and software procedures used on this website acquire, during their normal use, some data whose transmission is implicit in the use of Internet communication protocols.

These are information, IP addresses, domain names, time data, etc. which are not collected to be associated with identified individuals, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This data may be used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site: except for this eventuality, at present the web data are not archived.

No personal user data is acquired by the site.

We do not use cookies to transmit information of a personal nature, nor are systems for tracking users.

Data provided voluntarily by the user:

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to your requests, as well as any other personal data voluntarily sent for example: Curriculum vitae, data contact.

Mode and place of data processing:

Personal data are processed using IT tools for the time strictly necessary to achieve the purposes for which they were collected.Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.The treatments connected to the web services of this site take place at the Panicarola (Pg) office of the Data Processing Manager and are only handled by internal technical staff and no data deriving from the web service is communicated or disclosed to third parties.If for technical and / or operational reasons it becomes necessary to use entities located outside the European Union, we inform you from now on that these subjects will be appointed as Data Processors pursuant to and for the purposes of art.28 GDPR and the transfer of your Personal Data to such subjects, limited to the performance of specific treatment activities, will be regulated in accordance with the provisions of Chapter V of the GDPR and, in particular, all necessary precautions will be taken to ensure the more complete protection of your Personal Data basing this transfer:

a. on adequacy decisions of the third country recipients expressed by the European Commission;
b. on appropriate guarantees expressed by the third party recipient pursuant to art. 46 GDPR.The personal data provided by users who request dispatch of informative material (Info, brochures, newsletters, complaints, etc.) are used only to perform the service or provision requested and are not communicated or disclosed to third parties, except as required by laws and / or regulations.
Rights of interested parties:

As foreseen by the art. 15 of the GDPR, you will be able to access your Personal Data, request its correction and update, if incomplete or erroneous, request its cancellation if the collection occurred in violation of a law or regulation, as well as oppose the processing for legitimate reasons and specific.

In particular, we list below all your rights that you can exercise, at any time, against the Data Controller:

Right of access: you will have the right, according to the art. 15, paragraph 1, GDPR, to obtain from the Data Controller confirmation that a Personal Data Processing is being processed and in this case, to obtain access to such Personal Data and to the following information: a) the purposes of the treatment; b) the categories of Personal Data in question; c) Recipients or categories of Recipients to whom your Personal Data have been or will be communicated, in particular if Recipients of third countries or international organizations; d) whenever possible, the retention period of the Personal Data provided or, if not possible, the criteria used to determine this period; e) the existence of the right of the interested party to request the Data Controller to rectify or delete Personal Data or limit the processing of personal data concerning him or to oppose their processing; f) the right to lodge a complaint with a supervisory authority; g) if the Personal Data are not collected from the Data Subject, all information available on their origin; h) the existence of an automated decision-making process, including profiling pursuant to art. 22, paragraphs 1 and 4, GDPR and, at least in such cases, significant information on the logic used, as well as the importance and the expected consequences of such treatment for the interested party. All this information can be found in this information that will always be available to you within the Privacy section of each of the Web sites.

Right of rectification: you can obtain, pursuant to the art. 16 GDPR, the correction of your Personal Data that are incorrect. Taking into account the purposes of the processing, moreover, you can obtain the integration of your Personal Data that are incomplete, also by providing an additional declaration.

Right to cancellation: you can obtain, pursuant to art. 17, paragraph 1, GDPR, the cancellation of your Personal Data without undue delay and the Data Controller will have the obligation to delete your Personal Data, if there is even one of the following reasons: a) Personal Data are no longer required with respect to the purposes for which they were collected or otherwise processed; b) you have withdrawn the consent on which the processing of your Personal Data is based and there is no other legal basis for their processing; c) you are opposed to the processing pursuant to Article 21, Paragraph 1 or 2 GDPR and there is no longer any legitimate overriding reason to proceed with the processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data in order to comply with a legal obligation provided for by a community or national law. In some cases, as foreseen by art. 17, paragraph 3 of the GDPR, the Data Controller is entitled not to provide for the cancellation of your Personal Data if their processing is necessary, for example, for the exercise of the right to freedom of expression and information, for the fulfillment of a legal obligation, for reasons of public interest, for purposes of archiving in the public interest, scientific or historical research or for statistical purposes, for the assessment, exercise or defense of a right in court.

Right to limit the processing: you can obtain the limitation of treatment, pursuant to art. 18 GDPR, in the event that one of the following hypotheses occurs: a) you have contested the accuracy of your Personal Data (the limitation will continue for the period necessary for the Data Controller to verify the accuracy of such Personal Data); b) The processing is illegal but you are opposed to the deletion of your Personal Data asking, however, that it is limited use; c) although the Data Controller no longer needs it for the purposes of processing, your Personal Data are used for the assessment, exercise or defense of a right in court; d) you are opposed to the treatment pursuant to art. 21, paragraph 1, GDPR and you are awaiting the verification of the possible prevalence of the legitimate reasons of the Data Controller with respect to yours. In case of limitation of treatment, your Personal Data will be processed, except for storage, only with your consent or for the assessment, exercise or defense of a right in court or to protect the rights of a other natural or legal person or for reasons of significant public interest. We will inform you, in any case, before this limitation is revoked.

Right to data portability: you can, at any time, request and receive, pursuant to art. 20, paragraph 1 of the GDPR, all of your Personal Data processed by the Data Controller in a structured format, commonly used and readable or request transmission to another data controller without impediment. In this case, it will be your responsibility to provide us with all the exact details of the new data controller to whom you intend to transfer your Personal Data by providing written authorization.

Opposition law: pursuant to art. 21, paragraph 2 GDPR and as also reiterated by Recital 70, you may object, at any time, to the processing of your Personal Data if these are processed for direct marketing purposes, including profiling in so far as it is related to such direct marketing.

Right to lodge a complaint with the supervisory authority: without prejudice to your right to appeal to any other administrative or jurisdictional office, if you believe that the processing of your Personal Data carried out by the Data Controller is in violation of the GDPR and / or applicable legislation, you can lodge a complaint with the competent Data Protection Authority.

To exercise all your rights as identified above, simply contact the Data Controller in the following ways sending an email attaching the following draft.

This document constitutes the “Privacy Policy” of this site which will be subject to updates.