NOTICE 0N PROCESSING DATA OF USERS OF AN
INTERNET WEBSITE
Dear User, we welcome you to our website (the “Website”) and ask you to look at this notice (the “Notice”), which has been issued in accordance with article 12 of Regulation (EU) 2016/679 governing the protection of the personal data of natural persons and the free circulation of these data (“GPDR”).
WHO IS THE DATA CONTROLLER?
The data controller (i.e. the controller that determines the purposes and means of processing personal data) is CAVIT S.C., 38123 Trento, via Dal Ponte, 31 – F.R. Ravina, VAT NUMBER 00107940223, tel. 0461-381711.
WHAT DATA DO WE PROCESS?
Browsing data
The computer systems and software procedures used to run this website acquire in the course of normal operations some personal data whose transmission is implicit in the use of Internet communication protocols.
This is information that is not gathered to be associated with identified interested parties but that, by its very nature, could, through processing and associations with data possessed by third parties, enable the users to be identified.
This category of data includes IP addresses or the dominion names of the computers used by the users that visit the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numeric code indicating the status of the reply given by the server (successful, error, etc) and other parameters relating to the operating system and the user’s computing environment.
These data are used only to obtain anonymous statistical information on the use of the website and to check that it is operating correctly and the data are erased immediately after processing. The data could be used to ascertain responsibility in the event of any cyber crimes committed against the website: if the data are used to investigate cyber crime, website contact data are not kept for more than seven days at present.
Data volunteered by the user
Explicitly and voluntarily dispatching messages explicitly to the email addresses shown on the website results in the email address being subsequently acquired that is necessary for meeting the requests, and any other personal data that will be disclosed spontaneously.
In addition, in order to use other website functions (on-line shop, restricted area of the website), the Data Controller could process the user’s following personal data:
- user’s personal and contact data (first name, surname, date of birth, address, tax code/VAT number, telephone number, email address);
- bank and payment details;
- data on e-commerce purchases.
In the event of purchases and participation in events organized by the Data Controller or in which the Data Controller is involved, any personal data provided by the interested party can be used for marketing activities (see specific point in this notice).
Cookies
Our website will also process your personal data via the use of cookies. For more information on our cookie policy, click on https://www.cavit.it/cookie-policy/
IS IT COMPULSORY TO PROVIDE US WITH THESE DATA?
Apart from browsing data requirements, providing the data is optional but if you do not provide them, we might not be able to meet your requests or provide you with the services you require.
WHY (LEGAL PURPOSE AND BASIS) AND HOW FAR WE PROCESS YOUR DATA
Managing requests emailed via the website
We will process your data to meet your requests emailed to the address found on the website.
The legal basis of this processing is the need to meet your request in compliance with article 6, paragraph 1, letter b) GDPR. It is accordingly not necessary to obtain your prior consent to processing.
We will process your data for this purpose for the time strictly necessary to meet your request and will subsequently store your data for a year.
E-commerce
If you use the website section dedicated to online purchases (“shop”), your personal data will be processed for:
- meeting the order,
- payment,
- complying with accounting, administrative and tax requirements.
The legal basis of the processing for purposes a) and b) is performing a contract, in compliance with article 6, paragraph 1, letter b) GDPR.
The legal basis of the processing for purpose c) is fulfilling statutory requirements.
In this case, your personal data will be stored until the end of the ordinary ten-year period specified by article 2946 of the [Italian] Civil Code governing contractual liability.
Marketing
Your contact data will also be used to promote products offered by the Data Controller.
The legal basis of the processing is the Data Controller’s legitimate interest in marketing.
Consent is not required in the event of transmission via the email addresses supplied in the context of a previous purchase, direct communications relating to the direct sale of products similar to those purchased, provided that the recipient has been properly informed and does not reject this use initially or during subsequent communications.
In this case, your personal data will be processed until your request not to receive any more promotion communications or for no more than twelve months from your last purchase.
Using the website’s restricted area
If the interested party has been given access to a restricted area of the website, the personal data provided will be used to enable the restricted area to be used.
The legal basis is performing a contract, in compliance with article 6, paragraph 1, letter b) GDPR.
Managing events and initiatives
The personal data of parties attending events, tastings or other initiatives run by the Data Controller may have to be processed in order to run the event (registration, dispatch of messages, etc).
The legal basis is performing a contract, in compliance with article 6, paragraph 1, letter b) GDPR.
Using browsing data
Browsing data will also be processed by the Data Controller for:
- technical maintenance of the website;
- ascertaining responsibility in the event of cyber crimes harming the website.
The legal basis of this processing is the Data Controller’s legitimate interest in ensuring the correct use of the website and preventing any possible cyber crime.
We will store these data for the period specified by the law, and in all cases, for a maximum period of 12 months.
HOW WILL WE PROCESS YOUR DATA?
Your data will be processed by hardcopy and electronic, manual and automated means that are suitable for ensuring their protection, security and compliance with the principles of the GDPR, in particular the principles of transparency, legality and propriety.
WHOM DO WE DISCLOSE OUR DATA TO?
In order to achieve the purposes described previously, our employees and associates will know your personal data.
For management or maintenance of our computer systems, your data may also be disclosed to computer system technicians.
Apart from these cases, your personal data will not be disclosed.
WHERE WILL WE PROCESS YOUR DATA?
Your personal data will be processed within the EU.
WHAT ARE YOUR RIGHTS?
We must reply to your requests to know how and why your data are processed; to correct incorrect data, supplement incomplete data and update inaccurate data; to erase data and limit data processing; provide you with personal data concerning you in a commonly used and legible electronic format or transmit the personal data to another Data Controller indicated by you. Further, from the moment that you give your consent to a specific form of processing, you can request the interruption of processing if you are no longer in agreement.
HOW CAN YOU EXERCISE YOUR RIGHTS?
For contacts that specifically relate to protecting personal data, including exercising your rights, use the email address info.privacy@cavit.it to email your requests.
WHOM CAN YOU CONTACT TO LODGE A COMPLAINT ABOUT US?
You are also entitled to lodge a complaint with the Data Protection Authority for the protection of personal data, Piazza Venezia 11, 00187, Roma (RM), protocollo@pec.gpdp.it , www.garanteprivacy.it .
Share
sui social network