privacy-policy

Terms and Conditions

Information on the processing of personal data of website users

Arts. 13 and 14 of Regulation 2016/679/EU (hereinafter also “GDPR”)

FATTORIA ROSE ROSSE S.S.A (hereinafter also referred to as the “Data Controller”) is committed to respecting and protecting your privacy and wants you to feel secure both when simply browsing the site and if you decide to register by providing your personal data to use the services made available to its Users. On this page, the Data Controller intends to provide some information regarding the processing of personal data relating to users who visit or consult the website accessible online (the “Site”). The information on the processing of personal data is provided only for the Data Controller’s website and not for other websites that may be consulted by the user via links (for which reference should be made to the respective privacy information/policies). The reproduction or use of pages, materials, and information contained within the Site, by any means and on any medium, is not permitted without the prior written consent of the Data Controller. Copying and/or printing is permitted for exclusively personal and non-commercial use only (for requests and clarifications, contact the Data Controller at the contact details provided below). Other uses of the contents, services, and information present on this site are not permitted.

With regard to the content offered and the information provided, the Owner will endeavor to keep the contents of the Site reasonably updated and reviewed, without offering any guarantee as to the adequacy, accuracy, or completeness of the information provided, explicitly disclaiming any liability for any errors or omissions in the information provided on the Site.

BROWSING DATA

The Data Controller informs you that the personal data you provide and acquired at the same time as the request for information and/or contact, registration on the site and use of the services via smartphone or any other tool used to access the Internet, as well as the data necessary for the provision of such services, including browsing data and data used for any purchase of products and services offered by the Data Controller but also only so-called "browsing" data of the site by Users, will be processed in compliance with the applicable regulations. The computer systems and software procedures used for the operation of this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet. This is information that is not collected to be associated with identified data subjects, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes "IP addresses" or domain names of the computers used by users who connect to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. These data are used solely for the purpose of obtaining anonymous statistical information on the use of the site and to check the correct functioning of the Data Controller's website. It should be noted that the aforementioned data could be used to ascertain responsibility in the event of computer crimes against the Data Controller's site or other sites connected or linked to it: except for this eventuality, at present the data on web contacts do not persist for more than a few days.

DATA PROVIDED BY THE USER

The Data Controller collects, stores and processes your personal data in order to provide the products and services offered on the Site, or to comply with legal obligations. With regard to certain specific Services, Products, Promotions, etc., the Data Controller may also process your data for commercial purposes. In such cases, specific, separate, optional and always revocable consent will be requested in the manner and at the contacts indicated below.

The optional, explicit, and voluntary sending of emails to the addresses indicated in the appropriate section of the Website, as well as the completion of questionnaires (e.g., forms), communication via chat, push notifications via APP, social networks, call center, etc., entails the subsequent acquisition of some of your personal data, including those collected through the use of the Apps and related services, necessary to respond to requests. We also inform you that when using a mobile connection to access digital content and services offered directly by the Data Controller or by our Partners, it may be necessary to transfer your personal data to such third parties. We highlight that you may access the Site or connect to areas where you may be enabled to post information using blogs or bulletin boards, communicate with others, for example from the Data Controller’s page on Facebook®, LinkedIn®, YouTube®, and other social networking sites, review products and offers, and post comments or content. Before interacting with such areas, we invite you to carefully read the General Terms of Use, bearing in mind that, in certain circumstances, the information published may be viewed by anyone with Internet access and all information you include in your posts may be read, collected, and used by third parties.

PURPOSE OF THE PROCESSING

The data are processed for the following purposes:

strictly connected and necessary for registration on the site, to the services and/or Apps developed or made available by the Data Controller, for the use of the related information services, for the management of contact or information requests, for making purchases of products and services offered through the Data Controller's website;

for ancillary activities related to the management of User requests and the sending of responses, which may include the transmission of promotional material; for the completion of the purchase order of the products and services offered, including aspects related to payment by credit card, management of shipments, the possible exercise of the right of withdrawal provided for distance purchases, and updates on the availability of products and services that are temporarily unavailable;

related to the fulfillment of obligations provided for by community and national regulations, to the protection of public order, to the investigation and repression of crimes;

direct marketing, that is, sending advertising material, direct sales, conducting market research or commercial communication of products and/or services offered by the Data Controller; this activity may also concern the Data Controller's products and services and be carried out by sending advertising/information/promotional material and/or invitations to participate in initiatives, events, and offers aimed at rewarding users, using "traditional" methods (such as paper mail and/or operator calls), or through "automated" contact systems (such as SMS and/or MMS, telephone calls without operator intervention, e-mail, fax, interactive applications), pursuant to art. 130 paragraphs 1 and 2 of Legislative Decree 196/03 and subsequent amendments;

The provision of data for the purposes referred to in points 1), 2), and 3), related to a pre-contractual and/or contractual phase or functional to a user request or required by a specific legal provision, is mandatory and, if not provided, it will not be possible to receive information and access the services requested; with regard to point 4) of this Information on the processing of personal data, the user's consent to data processing is instead free and optional and always revocable without consequences on the usability of products and services, except for the impossibility for the Data Controller to keep users updated on new initiatives or on any special promotions or benefits that may be available.

The Data Controller may send commercial communications relating to products and/or services similar to those already provided, pursuant to Directive 2002/58/EC, using the email addresses or postal addresses you provided on such occasions, to which you may object using the methods and contacts indicated below.

DATA RETENTION PERIODS

The processing is also carried out with the aid of electronic or otherwise automated means and is performed by the Data Controller and/or by third parties whom the Data Controller may use to store, manage, and transmit the data. The processing of the data will be carried out with organizational and processing logic of your personal data, including those related to logs generated from access and use of the services made available via the web, of the products and services used related to the purposes indicated above and, in any case, in such a way as to guarantee the security and confidentiality of the data. The personal data processed will be retained for the periods provided for by the applicable legislation over time.

Also regarding data security, in the sections of the website set up for particular services, where personal data is requested from the user, the data is encrypted using a security technology called Secure Sockets Layer, abbreviated as SSL. SSL technology encodes the information before it is exchanged over the Internet between the user's computer and the Data Controller's central systems, making it incomprehensible to unauthorized persons and thus ensuring the confidentiality of the information transmitted; furthermore, transactions carried out using electronic payment instruments are made directly using the platform of the Payment Service Provider (PSP) and the Data Controller retains only the minimum set of information necessary to handle any disputes. Specifically regarding the protection of personal data, the user is invited, pursuant to art. 33 of the GDPR, to report to the Data Controller any circumstances or events that may result in a potential "personal data breach" in order to allow an immediate assessment and the adoption of any actions aimed at countering such an event by sending a communication to the Data Controller at the contacts indicated below. The measures adopted by the Data Controller do not exempt the user from paying the necessary attention to the use, where required, of passwords/PINs of adequate complexity, which must be updated periodically, especially if the user suspects they have been breached/known by third parties, as well as carefully stored and made inaccessible to third parties, in order to avoid improper and unauthorized use.

AREAS OF COMMUNICATION AND DATA TRANSFER

For the pursuit of the purposes indicated above, the Data Controller may communicate and have users' personal data processed, in Italy and abroad, to third parties with whom we have relationships, where these third parties provide services at our request. We will provide these third parties only with the information necessary to perform the requested services, taking all measures to protect your personal data. Data may be transferred outside the European Economic Area if this is necessary for the management of your contractual relationship. In such cases, the recipients of the data will be required to comply with protection and security obligations equivalent to those guaranteed by the Data Controller. In the case of services offered directly by Partners, we will provide only the data strictly necessary for their performance. In any case, only the data necessary for the achievement of the intended purposes will be communicated, and, where required, the applicable safeguards for data transfers to third countries will be applied. We may also disclose personal data to our commercial service providers, for marketing purposes, who are appointed as external data processors for this purpose. Furthermore, personal data may be communicated to the competent public bodies and authorities for the fulfillment of legal obligations or for the ascertainment of liability in the event of computer crimes against the site, as well as communicated to, or allocated with, third parties (as data processors or, in the case of electronic communication service providers, as independent data controllers), who provide IT and telematic services (e.g.: hosting services, website management and development) and whom the Data Controller uses to carry out tasks and activities of a technical and organizational nature instrumental to the operation of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Data Processors specifically appointed by the Data Controller.

Personal data may also be accessed by employees/consultants of the Data Controller who are specifically trained and appointed as Authorized Persons for processing.

The categories of recipients to whom the data may be communicated are available by contacting the Data Controller at the contact details indicated below.

RIGHTS OF THE DATA SUBJECTS

You may exercise at any time the rights granted to you by law, including the right to:

a) to access your personal data, obtaining evidence of the purposes pursued by the Data Controller, the categories of data involved, the recipients to whom the data may be communicated, the applicable retention period, and the existence of automated decision-making processes;

b) to obtain without delay the rectification of inaccurate personal data concerning you;

c) to obtain, in the cases provided for, the deletion of your data;

d) to obtain the restriction of processing or to object to it, when possible;

e) to request the portability of the data you have provided to the Data Controller, that is, to receive them in a structured, commonly used and machine-readable format, also in order to transmit such data to another controller, within the limits and under the conditions provided for by Article 20 of the GDPR;

Furthermore, you may lodge a complaint with the Data Protection Authority pursuant to Article 77 of the GDPR.

For the processing referred to in point 4) of the purposes, the user may always withdraw consent and exercise the right to object to direct marketing (in both "traditional" and "automated" forms). Unless otherwise indicated, the objection will apply to both traditional and automated communications.

The above-mentioned rights may be exercised at the request of the Data Subject using the contact details indicated below.

DATA CONTROLLER

The data controller, pursuant to art. 4 of the GDPR, is FATTORIA ROSE ROSSE S.S.A, via Valchete 23, 65020 San Valentino in Abruzzo Citeriore (PE).

The use of the Website, including those intended for tablets and/or smartphones, by the User implies full knowledge and acceptance of the content and any indications included in this version of the Personal Data Processing Information published by the Data Controller at the time the site is accessed. The Data Controller informs that this information on the processing of personal data may be modified without any notice and therefore recommends periodic reading.

Privacy PolicyCookie Policy