Privacy notices for Customers in accordance with D.Lgs. 30.6.2003 n. 196 (“Codice Privacy”) and EU Regulation n. 2016/679 (“GDPR”).
The information we have provided below gives an overview of Azienda Vitivinicola Eredi Ing. N. Guglierame approach to processing Customers’ personal data and Customers’ rights under the provisions of data protection legislation in connection with the use of our website (www.ormeasco-guglierame.it).
1 – Data controller and contact
2 – Processing purposes and data categories
3 – Customers’ rights
4 – Data security
5 – Storage period
1. Information on the data controller
Data controller under Article 4(7) GDPR:
Azienda Vitivinicola Eredi Ing. N. Guglierame
Via Castello 4
18024 Pornassio (IM)
The easiest way to reach our data protection officer is by sending an email to firstname.lastname@example.org or writing to the above address.
2. Processing purposes and data categories
In order to be able to buy on our website we ask Customers to provide some personal data:
• Name and Surname
• Billing address
• Shipping address
• Email address
• Phone number
The personal data requested at the time of sending the order is collected and processed by computer and paper media, in order to satisfy the obligations arising from the contract entered into with Customers and it will not be disclosed or communicated to third parties not employed by Azienda Vitivinicola Eredi Ing N. Guglierame, except to entities who require that data in order to implement the contractual activity of the winery itself: bank institutions for handling payments; shipping agents for transportation of the purchased products to the location specified by Customers; third parties who provide activities and services required to implement the services that Customers have requested from or authorised Azienda Vitivinicola Eredi Ing. N. Guglierame to provide.
Customers’ data, unless otherwise specified by the latter, will be communicated to the person to whom they have decided to send a gift of one or more products purchased via the website. That communication is necessary so as to avoid engendering distrust in the recipient of an anonymous package.
Customers’ personal data is processed without the explicit consent (Article 24 Codice Privacy and Article 6 GDPR) for the following purposes:
• Conclude contracts for the services of Azienda Vitivinicola Eredi Ing. N. Guglierame
• Fulfill the pre-contractual, contractual and tax obligations deriving from existing relations with the Customer
• Fulfill the obligations established by law
• Exercise the rights of Azienda Vitivinicola Eredi Ing. N. Guglierame, for example the right of defense in court
3. Your rights
Customers have the right to request information from us at any time about their personal data we have stored and the origin, recipients or categories of recipients to whom these data are forwarded or otherwise disclosed, the purpose of the storage and processing, the planned storage period, our automated decision-making procedure, the right to data portability, the existence of a right to rectification, erasure, restriction of or objection to processing, and any existing right to lodge a complaint with a supervisory authority.
Customers also have the right to rectification of incorrect data and, in cases where the legal requirements are met, to blocking and erasure, as well as to restrict the processing of data.
Customers may also send requests for information, withdrawals of consent, objections and other concerns regarding data processing by email to email@example.com or to the address stated in section 1.
4. Data security
We have taken appropriate technical and organizational measures to guarantee data security, in particular to protect Customers’ personal data against access by third parties, as well as accidental or intentional modification, loss or destruction. Such measures are reviewed periodically and adapted in line with the state of the art.
5. Storage period
In principle, we process and store Customers’ data for the duration of the contractual relationship. In addition, we are subject to various retention and documentation requirements. The required periods, e.g. from tax law, can be up to 10 years. Moreover, special statutory provisions can make a longer retention period necessary, e.g. evidence in the context of statutory periods of limitation.
If data are no longer required for compliance with contractual or statutory requirements, they are regularly deleted, unless their limited further processing is necessary for the purposes listed above.