FULL DISCLOSURE FOR WEBSITE USERS - COOKIES
Who are we and what do we do with your personal data?
Savino Del Bene S.p.A., with registered office in Scandicci (FI) (50018), Via del Botteghino 24/26, (hereinafter also The Data Controller), as the data controller, is responsible for the confidentiality of your personal data and for ensuring that it is protected from any event that might put it at risk of being breached. For this purpose, the Controller implements policies and practices regarding the collection and use of personal data and the exercise of your rights under applicable law. The Data Controller takes care to update the policies and practices adopted for the protection of personal data whenever necessary and in any event in the case of regulatory and organizational changes that may affect the processing of your personal data.
How does the Data Controller collect and process your data?
Personal information about you will be processed in relation to:
1) The navigation of the website savinodelbene.com
The processing of your personal data, such as browsing data, for example, your IP address, and cookies issued by browsing the www.savinodelbene.com website, are processed by the Data Controller to follow up on the management of the site and to collect information, including aggregate information.
Your personal information will not be disseminated or disclosed to unspecified parties in any way.
2) Communication to third parties and recipients
The communication of your personal data is mainly to third parties and/or recipients whose work is required to carry out the activities inherent to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not fall under these purposes will be subject to your consent.
Specifically, your data will be communicated to third parties/recipients for:
- The performance of the service (e.g. IT service provider);
- Communications to the financial administration, and to the public supervisory and control bodies against which the Data Controller must fulfill specific obligations deriving from the specific nature of the activity carried out.
The personal data that the Controller processes for this purpose are:
- navigation data (IP address)
3) Cyber security reasons
The Data Controller processes, including through its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or traffic data collected, or obtained, in the case of services displayed on the website to the extent strictly necessary and proportionate to ensure the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or unlawful or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted.
For these purposes, the Data Controller provides procedures for handling personal data breaches (data breaches).
What are cookies and for what purposes can they be used
A “cookie” is a small text file created by some websites on the user’s computer at the time the user accesses a particular site, for the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the user’s computer; they are, then, re-sent to the website on subsequent visits.
Cookies can remain in the system for long periods of time and can also contain a unique identification code. This allows sites that use them to keep track of the user’s navigation within the site itself, for statistical or advertising purposes, that is, to create a personalized profile of the user from the pages the user has visited and then show and/or send him or her targeted advertisements (so-called Behavioural Advertising).
Which cookies are used and for what main reasons
The Data Controller reports below the specific categories of cookies used, the purpose and the consequence of de-selecting them:
|FIRST/THIRD PARTY||PURPOSE||STORAGE TIME||CONSEQUENCE IN THE EVENT OF DESELECTION|
|Technical cookies||First||Site Management. Enable the safe and efficient operation and exploration of the website.||Valid for the browsing session.||These are cookies necessary to use the site blocking them results in the site not working.|
|Functionality cookies||First||Facilitate navigation and service rendered to the user according to a set of criteria selected by the user.||Valid for the browsing session.||It would not be possible to keep the choices made by users while browsing without them.|
|Cookie analytics||First||Collect information in aggregate form on navigation by users to optimize the browsing experience and the services.||2 years.||It would no longer be possible for the Collector to acquire aggregate information.|
Third-party cookies, that is, cookies created by a website other than the one the user is currently visiting, are operational on this website.
On the www.savinodelbene.com website there are special “buttons” (called “social buttons/widgets”) that depict icons of social networks (e.g. Facebook, linkedin, etc.) and other web services (e.g. Youtube, etc.). These buttons allow users who are browsing the Data Controller’s webpage to access the relevant social networks with a “click”. In this case, the social media networks and web services acquire data relating to the user’s visit, however the Data Controller will not share any navigation information or user data acquired through their Website with the social media networks and web services accessed via the social media buttons/widgets. These services release “third party cookies”. Below are the links to the privacy policies of the most used social networks and the websites that the buttons refer to:
Deselection and activation of cookies "Cookie preferences"
This section allows the User to change the site’s cookie settings. Having changed the settings, you need to click on the SAVE button.
Necessary for use of the Web site, blocking them does prevents them from functioning. Your consent is not required for their installation.
These cookies allow for easier navigation and better service for the user. Your consent is not required for their installation.
They enable the collection of information in aggregate form about users’ browsing to optimize the browsing experience and the services themselves. Blocking them would not allow the Data Controller to optimize the user’s browsing experience, but the website would still be navigable.
The selection/deselection of individual cookies can be done freely through your browser (by selecting the settings menu, clicking on the Internet options, opening the privacy tab and choosing the desired cookie blocking level). For more information, see the following links: Google Chrome, Mozilla Firefox, Apple Safari , and Microsoft Internet Explorer.
In addition, you can enable the “Do Not Track” option found in most of the latest generation of browsers.
Disabling “third-party” cookies in no way affects the navigability of this site.
What happens if you do not provide your data?
Please see the consequences of deselecting individual cookies as listed in the table above.
How, where and how long is your data stored?
How we process your data
The processing of personal data is carried out through computer procedures by specially authorized and trained internal individuals. They are allowed access to your personal data to the extent and to the degree that it is necessary for the performance of data processing activities concerning you.
The Data Controller periodically verifies the means by which your data is processed and the security measures provided for it, the updating of which it provides for on an ongoing basis; verifies, including through the persons authorized to process it, that no personal data is collected, processed, stored or retained for which processing is not necessary; verifies that the data is stored to ensure its integrity and authenticity and its use for the purposes of the processing actually carried out.
Where we process your data
Data are stored in computer and telematic archives also located outside the European Economic Area. More specifically:
U.S. – Preparation of standard contractual clauses aimed at ensuring adequate safeguards, including with regard to the rights of data subjects regarding the extra-EU transfer of personal data.
How long do we process your data?
You are invited to read the terms of storage of personal data as indicated in the previous table.
Personal data is stored for as long as necessary to allow the navigation of the site, except in cases where events occur that involve the intervention of the competent Authorities, also in collaboration with third parties/recipients who are entrusted with the data security activities of the Data Controller, to carry out any investigations into the causes that led to the event, as well as to protect the interests of the Data Controller related to a possible liability related to the use of the site and its services.
What are your rights?
In essence you, at any time and free of charge and without special charges and formalities regarding your request, can:
- Obtain clarifications from the Data Controller about the data processing being carried out;
- Access your Personal Data and learn about when and where it was acquired (whenever the data are not obtained directly from you), the purpose of the processing, details of the individuals/entities to whom they are sent to, their retention period and the criteria used to determine such retention period;
- Update or correct your Personal Data so that it is always accurate;
- Delete your Personal Data from the Data Controller’s databases and/or archives, including backups of archives, should this be no longer necessary for the purposes of the processing or if the processing is assumed to be illicit and, in any case, if there are the necessary legal grounds, unless the processing is justified by an equally legitimate reason;
- Limit the processing of your Personal Data under certain circumstances (for example, when you have challenged its accuracy) for the period necessary for the Data Controller to check it. You must also be informed, in a reasonable time, of when the period of suspension has ended or the cause for the restriction of processing has ceased, and thus the restriction itself lifted;
- Obtain your Personal Data, if received or otherwise processed by the Data Controller with your consent and/or if its processing is carried out based on a contract and with automated tools, in electronic format, as this would allow transmission to another Data Controller.
The Data Controller must comply with such a request without delay and, in any case, no later than one month after receiving your request. The deadline may be extended by two months if necessary, considering the complexity and number of requests received by the Data Controller. In such cases, the Data Controller will, within one month of receiving your request, inform you and make you aware of the reasons for the extension. Please write to firstname.lastname@example.org to exercise your rights.
How and when can you object to the processing of your personal data?
For reasons related to your unique situation, you can object at any time to the processing of your personal data if it is based on legitimate interest by sending your request to the Data Controller at email@example.com
You have the right to have your personal information deleted unless there is a legitimate reason overriding your request.
Who can you send a complaint to?
Without prejudice to any other action in administrative or judicial proceedings, you may lodge a complaint with the competent supervisory authority or the authority that performs its duties and exercises its powers in Italy where you have your permanent residence or work or if different in the member state where the violation of Regulation (EU) 2016/679 occurred.