Privacy Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA OF USERS CONSULTING THE WEBSITE OF ­­L’ORTOLANA DI PESCE GERARDO & C. SAS PURSUANT TO ARTICLE 13 OF EU REGULATION 679 OF 2016

1 – WHY THIS INFORMATION

Pursuant to EU Regulation no. 679 of 2016 (GDPR), this page describes the methods for processing the personal data of Users (identified or identifiable natural persons and, therefore, “interested” persons within the meaning of the Regulation) who consult the website of L’ORTOLANA DI PESCE GERARDO & C. SAS telematically accessible by computer at the address www.lortolana.com. The information contained in this statement is provided only for that site and does not concern other sites, pages or online services that may be reached through hypertext links published on the site but referring to resources outside the domain of www.lortolana.com.

Without prejudice to any other informatives provided by the Company (e.g. Customers, Suppliers, Cookies), this notice shall be deemed to apply to personal data provided to the Company via the Company’s email addresses info@lortolana.com, or any other company address, or by Users sending private messages to the Company’s social media profiles/pages.

2 – DATA CONTROLLER

The Data Controller is the Company L’ORTOLANA DI PESCE GERARDO & C. SAS Via Scandolara 126, 31059 ZERO BRANCO, (TV) – Italy C.F./P.I. 02421580263 e-mail: info@lortolana.com, PEC: lortolana.pesce@pec.it, Tel. +39 0422.345033.

3 – TYPES OF DATA PROCESSED

  • Navigation data – The computer systems and software procedures responsible for the operation of this site acquire, during their normal operation, certain personal data of Users whose transmission is implicit in the use of Internet communication protocols. Each time a User accesses this site and each time he or she calls up a content, the access data are stored in the form of protocol files, and each protocol file consists of: the Internet site from which our page was called up; the User’s IP address; the date and time of access; the client‘s request; the http response code; the amount of data transmitted; the browser and operating system used. The personal data of Users collected during their navigation on the site therefore include the IP addresses or domain names of the computers and terminals used by Users, the URI/URL (Uniform Resource Identifier/Locator) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User’s operating system and IT environment.
  • Data provided by the User – Only the personal data necessary to provide the service requested by the User will be requested, such as, for example, the User’s name and surname, company name, fiscal code and VAT number, telephone number and e-mail address, billing and shipping address.
  • Contacts – The User of the website has the possibility to transmit to the Company (by filling in and forwarding the forms on the company website pages: COMPANY, PRODUCTS and CONTACTS) his/her own personal data: the sending of these data implies the subsequent acquisition, by the Company, of the sender’s address, necessary to reply to the requests, as well as other personal data included in the communications.
  • Cookies and other tracking systems – Technical cookies are used on the site, i.e. small text files that are stored locally in the temporary memory of the User’s browser – and therefore on the User’s computer – in order to improve the experience of using the site. For more information about the cookies hosted on our site please refer to the cookie policy available on this site.

4 – PURPOSE OF PROCESSING AND LEGAL BASIS

  • Navigation data: protocol files and the data contained therein are processed by us for:
    1. enable Users to use web services (legal basis under subparagraph B of paragraph 1 of Art. 6 EU Reg. 679/2016)
    2. obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.) as well as monitor the proper functioning of the site and protect our systems, e.g. by identifying possible attacks (legal basis under subpara. F of the first paragraph of Art. 6 EU Reg. 679/2016)
  • Data communicated by the User: with regard to personal data provided voluntarily and explicitly by Users of the website, these may be processed for the following purposes:
    1. process and respond to User requests sent by filling in and forwarding the forms on the company website pages: COMPANY, PRODUCTS and CONTACTS.
      In this case, the legal basis for the processing is the intention to execute a request by the User (subpara. B of paragraph 1 of Art. 6 EU Reg 679/2016).
  • Cookies. For the purposes and legal basis of cookies, please refer to the cookie policy available on this site.

5 – OPTIONAL PROVISION OF DATA

The data voluntarily and expressly communicated by the Users for one or more of the purposes under point 4 letter c are provided by the Users on an absolutely optional basis. Failure to provide the aforementioned data will have the sole consequence of making it impossible to pursue the specific purpose (the Company’s response to Users’ requests).

6 – DATA RETENTION

  • Browsing data: Browsing data do not persist for more than seven days and are deleted immediately after their aggregation (except in the event of the need to ascertain criminal offences by judicial authorities).
  • Data communicated by the User: with regard to personal data voluntarily and explicitly provided by the website Users processed:
    1. in order to process and respond to the User’s requests sent by filling in and forwarding the forms on the company website pages: COMPANY, PRODUCTS and CONTACTS. The data will be kept for as long as necessary to provide the requested service; it will then be kept for a further period of ten years (starting from the request or from any subsequent order placed), without prejudice to the further keeping of the data if this is necessary to fulfil a legal obligation or to ascertain, exercise or defend a right in court;
  • Cookies: the storage of session cookies in terminals or browsers is under the User’s control; on the servers, at the end of HTTP sessions, information relating to cookies remains recorded in the service logs, with a storage period of no more than seven days in any case, in the same way as other browsing data.
    For more information, please consult the cookie policy available on this site.

7 – RECIPIENTS OF DATA

  1. Persons in charge
    The recipient of the data collected as a result of consultation of the website https://www. lortolana.com is the subject designated by the Company, pursuant to Article 28 of the Regulation, as the Data Processor, that is the provider of web platform development and maintenance services.
    An updated list of any other Data Processors can be requested from the Company; the chosen Data Processors have undertaken to implement appropriate technical and organisational measures so that the processing meets the requirements of EU Reg 679/2016 and guarantees the protection of the User’s personal data; the Data Processors have also undertaken, with a specific and signed letter of appointment, to fulfil all the specific obligations under Art. 28 EU Reg. 679/2016 and to act, pursuant to Art. 29 of the same Regulation, under the authority of the Data Controller and subject to his/her instructions, as well as to notify the Data Controller (pursuant to the second paragraph of Art. 33 EU Reg. 679/2016) of any breaches of the User’s personal data.
  2. Appointees
    The personal data collected are also processed by the Company’s staff acting on the basis of specific instructions given on the purposes and methods of data processing (so-called Data Processors or ‘persons authorised to process data’).

8 – TRANSFER OF DATA ABROAD

If the Controller, for the provision of the service, deems it necessary to transfer the personal data being processed outside the EU (by ‘transfer outside the territory of the European Union’ is meant also the use of services, by way of example, hosting, cloud and storage, based on the saving of data on systems located in non-EU countries), the Controller undertakes to adopt guarantees to make the transfer secure and to ensure that the processing complies with the requirements of the Regulation despite the fact that it is carried out outside the EU (adequacy decisions, contractual clauses, consent…)

9 – RIGHTS OF THE INTERESTED PARTIES

Interested parties have the right to obtain from the Company, in the cases provided for, access to their personal data and their rectification or cancellation or the restriction of their processing or to object to their processing (Art. 15 et seq. of the Regulation). The application can be submitted by contacting the company at one of its contact details listed above.

Please also note that Data Subjects who consider that the processing of their personal data carried out through this website violates the provisions of the Regulation have the right to lodge a complaint with the Garante, as provided for in Article 77 of the Regulation, or to take legal action (Article 79 of the Regulation).

10 – COMMUNICATION OF SENSITIVE (SPECIAL) DATA

The Company invites Users to refrain from communicating information that may fall within the categories of so-called special personal data referred to in Article 9 of the GDPR (e.g. data relating to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, sexual orientation, biometric data or data relating to health status).

11 – COMMUNICATION OF DATA RELATING TO THIRD PARTIES

With regard to any hypothesis of communication to the Company of personal data not of its own but of third parties, the User acts as the autonomous Data Controller, assuming all the obligations and all the responsibilities laid down by law and undertaking to indemnify the Company against any dispute, claim or request for compensation for damages that it may receive from third parties whose personal data has been processed in violation of the applicable data protection regulations. In any case, if the User provides personal data of third parties, he/she warrants as of now that this particular hypothesis of processing is based on prior knowledge of the information and prior consent of the third party to the processing of the information concerning him/her.

12 – PRIVACY POLICY UPDATE

The Company reserves the right to amend and/or update the content of this Privacy Policy, in part or in full, for example as a result of changes in applicable legislation.

The changes made to this Privacy Policy will be binding as soon as they are published on the site, and the Company therefore invites Users to visit this section on a regular basis to view the most recent and updated version of the Privacy Policy so that they are always informed about the processing of their data.

13 – FURTHER INFORMATION

The following disclosures can also be found at www.lortolana.com: Customer Policy and Supplier Policy.

Last update of this Privacy Policy: 31/10/2022