Who we are and what we do with your personal data?
Savino Del Bene S.p.A., with registered office in Scandicci (FI) (50018), Via del Botteghino 24/26, (hereinafter also the Controller), in the capacity of Data Controller, is concerned about the confidentiality of your personal data and to ensure it the necessary protection from every event that can put it at risk of violation.
For this purpose, the Controller puts into practice policies and practices having regard to the collection and use of personal data and on the exercise of the rights that you are granted by the applicable legislation. The Controller attends to updating policies and practices for the protection of personal data whenever this is necessary and in any case in the event of changes in legislation and organisational changes that can affect the processing of your personal data.
How does the controller collect and process your data?
Personal information concerning you will be processed for:
1) Browsing the website www.savinodelbene.com
The processing of your personal data, such as browsing data for example the IP address and cookies issued by browsing the website www.savinodelbene.com are processed by the Controller for a follow-up to the management of the website and to gather information also of an aggregate nature.
Your personal data will not be in any way disclosed or disseminated to undetermined subjects.
2) Communication to third parties and recipients
The communication of your personal data takes place mainly in respect of third parties and/or recipients whose activity is necessary for the performance of activities related to the purposes above, and also to respond to certain legal obligations. Every communication that does not respond to these purposes will be subject to your consent.
In particular, your data will be communicated to third parties/recipients for:
1. the conduct of the service (e.g. provider of IT services);
2. notifications in respect of the financial administration and public supervisory and control bodies in respect of which the controller must meet specific obligations arising from the specific nature of the activity pursued;
The personal data that the Controller is for this purpose is:
– browsing data (IP address)
3) IT security reasons
The Controller processes, including by means of its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or traffic collected or obtained in the case of services exposed on the website to the extent strictly necessary and proportionate in order to ensure the security and the ability of a network or servers connected thereto to resist, at a given level of safety, unforeseen events or unlawful acts or malicious actions that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.
For these purposes the Controller provides procedures for the management of the violation of the personal data (data breach).
What are cookies and for what purposes can they be used
A “cookie” is a small text file created by some websites on the user’s computer at the moment in which this latter accesses a particular website, with the purpose of storing and transporting information. The cookies are sent by a web server (which is the computer that is running the web site visited) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the computer of this latter; they are then re-sent to the website at the time of subsequent visits.
Cookies may remain in the system even for long periods and may also contain a unique identification code. This allows you to sites that use them to keep track of user browsing within the site itself, for statistical or advertising purposes, in other words to create a custom profile of the user starting from pages that the same has visited and show and/or send and then targeted advertising (so called Behavioural Advertising).
What cookies are used and for what principal purposes
The Controller sets out below the specific categories of cookies used, the purposes and the consequence that derives from their de-selection:
|TYPE OF COOKIE||FIRST/THIRD PART||PURPOSE||RETENTION TIME||CONSEQUENCE IN THE EVENT OF DESELECTION|
|Technical cookies||First||Management of the website. Allow the operation and the safe and efficient exploration of the website.||Valid for the browsing session.||The full consultation of the website would not be possible.|
|Functionality cookies||First||Facilitate browsing and the service delivered to the user as a function of a series of criteria selected by this latter.||Valid for the browsing session.||It would not be possible to maintain the choices made by the user during browsing.|
|Cookie analytics||Third||Collect information in aggregate form regarding browsing by users to optimize the experience of browsing and the services themselves.||Established by the third party||It would no longer be possible for the Controller to acquire the aggregated information.|
Third-party cookies are also operational on this website, i.e. cookies created by a different website than the one that the user is currently visiting.
In particular, we would like to inform users that the website uses the following services that issue cookies:
On the website www.savinodelbene.com there are particular “buttons” (called “social buttons/widgets”) depicting the icons of social networks (e.g. Facebook, linkedin, etc.) and other web services (e.g. Youtube, etc.). The same allow users who are browsing on the Controller’s web page to access the social networks of reference with a “click”. In this case the social networks and web services acquire the data related to the user, while the Controller does not share any browsing information or data of the user acquired through its website with the social networks and web services accessible thanks to the social buttons/widgets. Such services issue “third party cookies”. Below are the links to the privacy policies of the most used social networks and of the web sites to which the buttons refer:
– for Facebook: https://www.facebook.com/help/cookies
– for Linkedin: https://www.linkedin.com/legal/cookie-policy
Deselection and activation of cookies
By going beyond the initial banner containing the short policy, the user has given their express consent to the use of website’s cookies, as detailed above.
This section allows the User to change the website’s cookies setting. To change the settings, you must click the SAVE button.
Necessary for the use of the Website, blocking them does not allow the operation thereof. Your consent is not necessary for their installation.
Allow browsing to be facilitated and the service delivered to the user. Your consent is not necessary for their installation.
Allow information to be collected in aggregate form regarding browsing by users to optimize the experience of browsing and the services themselves. Blocking them would not allow the Controller to optimize the user’s experience of navigation, but the website would still be capable of being browsed.
Once enabled, individual cookies can be deselected freely including through your browser (by selecting the settings menu, by clicking on Internet options, opening the tab relative to privacy and choosing the desired level of cookies block). For more information, see the following links: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Internet Explorer.
You can also activate the “Do Not Track” option present in most browsers of the latest generation.
Disabling “third party” cookies does not compromise browsing of this website in any way.
What happens if you do not provide us with your data?
We invite you to view the consequences resulting from the deselection of individual cookies, as set out in the table above.
How, where and for how long is your data kept?
How we process your data
The processing of personal data is carried out through computerized procedures by specially authorized and trained internal subjects. They are allowed access to your personal data to the extent and within the limits in which it is necessary for the conduct of the processing activities that concern you.
The Controller will periodically check the instruments by means of which your data is processed and the security measures laid down for these for which constant updating is envisaged; verification, also by means of the persons authorised to process the data, that data for which processing is not necessary is not collected, processed, stored or preserved; verifies that the data is stored with the guarantee of integrity and authenticity and its use for the purposes of the processing actually carried out.
Where we process your data
The data is kept in computer and digital archives located within the European Economic Area.
The length of time for we will process your data
We invite you to view the terms of conservation of personal data as indicated in the previous table.
– Site browsing:
Personal data is stored for the time necessary to allow the website to be browsed except in the cases in which occurrence of events that involve the intervention of the competent Authorities, also in collaboration with the third parties/recipients to whom the task of computer security of the Controller’s data is requested, to carry out any enquiries about the causes that have led to the event, as well as to protect the interests of the Controller relative to possible liability related to the use of the website and the related services.
What are your rights?
In essence, at any time and free of charge and without special formalities and burdens for your request, you can:
– obtain confirmation of the processing performed by the Controller;
– access your personal data and know the origin thereof (when data is not obtained directly from you), the aims and purposes of the processing, the data of the subjects to which it is communicated, the retention period for your data or the criteria useful to determine that period;
– update or correct your personal data so that it is always correct and accurate;
– erase your personal data from the databases and/or from the archives including backup archives of the Controller in the event, among others, in which it is no longer needed for the purpose of processing or if this is assumed as unlawful and always if they meet the conditions laid down by law; and in any case if the processing is not justified by another equally legitimate reason;
– limit the processing of your personal data in certain circumstances, for example where you have challenged the accuracy thereof, for the period necessary to the controller to verify the accuracy thereof. You must be informed within a reasonable time frame, including of when the period of suspension is accomplished or the cause of the limitation of the processing no longer exists, and therefore the therefore the said limitation is revoked;
– obtain your personal data, if received or processed by the Controller with your consent and/or if the processing thereof takes place on the basis of a contract and with automated tools, in electronic format in
order to transmit to another data controller.
The Controller must do so without delay, and in any case not later than one month after receipt of your request. The time limit may be extended by two months, if necessary, taking account of the complexity and the number of requests received by the Controller. In such cases the Controller, within one month of receipt of your request, will inform you and will make you aware of the reasons for the extension. For the exercise of your rights write to the address firstname.lastname@example.org
How and when can you object to the processing of your personal data?
For reasons related to your particular situation, you can object at any time to the processing of your personal data if it is based on legitimate interest by sending your request to the Controller at the address email@example.com
You have the right to the erasure of your personal data if a prevalent legitimate reason with respect to that which has given rise to your request does not exist.
To whom can you make a complaint?
Without prejudice to any other action in administrative or court proceedings, you can submit a complaint to the competent supervisory authority or to that which carries out its duties and exercises its powers in Italy where you have your habitual residence or work or, if different, in the Member State where violation of Regulation (EU) 2016/679 took place.