Privacy Policy
PRIVACY POLICY
In compliance with the new EU Regulation 2016/679 (hereinafter GDPR), containing provisions relating to the protection of natural persons with regard to the processing of personal data, pursuant to Art. 13 of the same, we wish to inform you that the personal data provided will be processed in compliance with the aforementioned legislation.
Data controller
Azienda Agrituristica Nestola Emanuela, Via Padre Pio da Pietrelcina, 73043 – Copertino (LE), P.IVA IT04372770752, mail info@legrancie.it
Legal basis and purpose of processing
Personal data is collected, recorded, stored, communicated and archived for: contractual purposes, connected and instrumental to the establishment and management of relationships with customers, such as for example the acquisition of preliminary information for the possible conclusion of a sales contract [art.6, par.1, l.b) GDPR]; for purposes related to obligations deriving from laws, regulations, community legislation (for example: tax and accounting obligations) [art.6, par.1, l.c) GDPR]; for the management of requests received from interested parties via the contact form [art.6, n.1, l.a) GDPR]; they may also be used to send communications relating to the services offered/products and promotional initiatives [art.6, n.1, l.a) GDPR].
Data Categories
To achieve the Purposes indicated in point 2 letter a), the following categories of data will be used: name and surname, residence, company name, VAT number, telephone number, e-mail address, PEC. To achieve the Purposes indicated in point 2 letter b), the following categories of data will be used: name and surname, company name, tax code, residence, SDI code, pec. To achieve the Purposes indicated in point 2 letter c), the following categories of data will be used: name and surname, telephone number, e-mail address. To achieve the Purposes indicated in point 2 letter d) the following categories of data will be used: e-mail address.
Assignment and Storage
The provision of data, for the purposes indicated in point 3 letter a) and b), is essential and instrumental to the definition and implementation of the contractual relationship, therefore your consent is not required; any refusal or incorrect communication of any of the information requested by the company will make it impossible to establish, execute and manage the aforementioned relationship. Consent for the processing of data for the purposes indicated in point 3 letters c) and d), can be freely denied but such refusal will make it impossible to proceed with the processing (for these limited purposes). The consent given may be subsequently revoked at any time. The data will be processed for the entire duration of the contractual relationships established, and, subsequently, only for the duration necessary to fulfill legal obligations (10 years). In the event of a dispute with the interested party and/or third parties, the data will be processed for as long as strictly necessary to exercise the protection of one’s rights.
Dissemination, Any recipients or categories of recipients of the data
Diffusion. The data will not be disclosed or the data could, with the consent of the interested party, be communicated to other companies in the group for the purpose of sending commercial communications. Recipients. The data provided will be processed exclusively by persons authorized to process and appropriately trained, as well as by Data Processors linked to the Data Controller by specific contract (for example: accountant, legal consultant and other professionals who, providing goods or services, operate on behalf of the Data Controller) . The data will not be transferred outside the EU territory (if this were to happen in the future, we will provide a separate prior information relating to the illustration of the appropriate legal guarantees that must support such transfer). The data may be communicated to third parties, in compliance with legal obligations or deriving from regulations or other community legislation, or at the request of judicial offices or other third parties to whom the right is recognized by the aforementioned provisions. The updated list with the identification details of all Data Processors may be requested at any time from the Data Controller, who will immediately make it available.
Automated decision-making processes
The data is not processed through automated decision-making processes.
Treatment methods
Rights of the interested party
At any time, through a request to be sent to the Data Controller’s contact details indicated in point 1, it will be possible to ask to: Access your personal data; Have them rectified; Have them canceled if one of the following conditions applies: The data are no longer necessary with respect to the purposes for which they were collected, The processing is based only on consent and not on legal or contractual obligations, There was opposition pursuant to art.21 of EU Regulation 679/2016, The data were acquired without prior consent and processed without compliance with legal obligations, The data was acquired for commercial offers aimed at minors relating to online services Limit the processing to some data, if compatible with the purposes for which they were collected, Transfer data to another Data Controller (data portability). It will be possible to object at any time, for reasons related to your particular situation, to the processing of personal data (unless the Data Controller demonstrates the existence of compelling legitimate reasons to proceed with the processing which prevail over the interests, rights and freedoms of the interested party or for the establishment, exercise or defense of a right in court). In addition to the rights listed above, it will be possible to lodge a complaint with the Guarantor Authority for the Protection of Personal Data (www.garanteprivacy.it).