PRIVACY POLICY

Policy regarding the processing of personal data pursuant to Article 13 of Regulation (EU) 2016/679 (“GDPR”)

Pursuant to Art. 13 of EU Reg. 2016/679 (General Data Protection Regulation, hereinafter “GDPR”), this page collects information about those who, as data subjects, interact with the services of Cucina Nostrana S.r.l. Unipersonale, as per Art. 4, letter. 1 of the GDPR (“User/s”). This web site is accessible electronically via the following address: www.secondonatura.it (“Site”).

This information is provided solely for the Cucina Nostrana S.r.l. Unipersonale website, and not for any other websites that may be accessed by Users via links present at www.secondonatura.it 

  1. DATA CONTROLLER:

Secondo Natura is a registered trademark owned by Cucina Nostrana S.r.l. Unipersonale. The Data Controller Cucina Nostrana S.r.l. Unipersonale, whose contact details are detailed below.

  1. CONTACT DETAILS OF DATA CONTROLLER:

For any requests related to the processing of personal data or to exercise rights granted under Articles 15-21 of the GDPR, data subjects may contact our Privacy Department:

Cucina Nostrana S.r.l. Unipersonale, with registered office in via Toniolo 3, 30030, MARTELLAGO (VE) Italy; email: privacy@cucinanostrana.it

If it is not possible to properly identify the request, the Privacy Department may ask for additional information for the sole purpose of correctly identifying the data subject.

  1. TYPE OF PERSONAL DATA PROCESSED:
  • Browsing data

During the ordinary course of operations, the computer systems and software procedures for running this Site acquire some data whose forwarding is implied in the use of the communication protocols of the Internet. This concerns information that is not collected to be associated with specific individuals, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. IP addresses or domain names of computers utilised by Users to connect to the site, geolocation data, the URI/URL (Uniform Resource Identifier/Locator), the time of the request, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system and the User’s information environment are kinds of data which fall within this category. These data are used for the sole purposes of obtaining anonymous statistical information on the use of the Site and ensuring that it functions properly, and are only stored for periods of time laid down by the relevant legal regulations. The data could be used to determine responsibility in the case of hypothetical computer crimes against the Site.

  • Data submitted by the User on a voluntary basis

In some instances, in order to enable you to take advantage of the various services on the Site, we will ask you to provide us with personal data based on the service in question. Providing said data is entirely voluntary but, in some cases, failure to share this information will prevent us from providing the relevant service.

  • Cookies

For all information about how cookies are used on the Site, you can access our Cookie Policy directly.

  1. PURPOSES AND LEGAL BASIS OF PROCESSING:

The Data Controller shall process personal data relating to the User for the following purposes:

  1. responding to User inquiries about this Site. Your personal data will be processed in order to fulfil your requirements or requests. The legal basis for processing your data is the performance of a contract or pre-contractual measures (Art. 6, par. 1, letter b) of the GDPR).

Your personal data may also be processed in order to fulfil a legal obligation to which the Data Controller is subject, or for the legitimate interests of the data controller of obtaining statistical data and ensuring this Site is secure.

  1. DATA RETENTION:

None of the personal data acquired may be used for purposes other than those indicated above, and will be held for the period of time necessary for said purposes. After this period, personal data will be deleted or anonymised. 

  1. SCOPE OF PERSONAL DATA DISCLOSURE:

The personal data is processed at the operational sites of the Data Controller and in any other place where the parties involved in the processing are located. Your personal data may be transferred to a country other than that in which you are located. If the User’s data is transferred in a way described above they may request information from the Data Controller by contact them via the details provided at section 2. In addition to the Data Controller, in some cases, other parties involved in the organisation of this Site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, hosting providers, IT companies, media agencies) appointed by the Data Controller, if necessary, Data Processor and they may also have access to the Data. The updated list of Data Processors can be requested from the Data Controller.

  1. RIGHTS OF DATA SUBJECTS:

As per Articles 15-21 of the GDPR, the data subject has the right to ask the Data Controller for access to their personal data, to have said data rectified or deleted, to limit the processing of data concerning them, or to object to said data being processed, as well as having the right to data portability. Any such request can be made by email or registered email to the Data Controller with the subject line: “data subject request”. The request should specify the right that the data subject wishes to exercise (deletion, rectification, portability, the right to be ‘forgotten’) and provide a valid email/certified email address to which the response can be sent. The Data Controller or whoever is appointed by them will satisfy the request within 30 days of receipt. If the answer is complex, the response time may be extended by a further 30 days after the data subject is promptly informed. If the User considers enforcing their rights an appropriate course of action, they have the right to lodge a complaint with the competent supervisory authority: The Italian Data Protection Authority (Piazza Venezia 11, Rome).