privacy policy
Page under update
This page contains the site management methods regarding the processing of personal data of users who consult it.
Privacy Policy pursuant to art. 13 of Regulation (EU) no. 679/2016 (“GDPR”).
The information is provided only for this site (cialdemania.it) and not for other websites that may be consulted by the user via links.
Progressofood SRL (hereinafter Progressofood) protects the confidentiality of personal data and guarantees them the necessary protection from any event that could put them at risk of violation.
As required by European Union Regulation no. 679/2016 ( “GDPR”), and in particular art. 13, the following information is provided to the user (”Interested Party”) as required by law regarding the processing of their personal data.
SECTION I
Who we are and what data we process (art. 13, 1st paragraph, letter a, art. 15, letter b GDPR)
nakone distribuzione, with registered office in Via mazzini 57, 91022 Castelvetrano (tp), operates as Data Controller and can be contacted at nakonedistribuzione@gmail.com and collects and/or receives information concerning the interested party, such as:
Personal data: name, surname, physical address, nationality, province and municipality of residence, landline and/or mobile telephone number, fax, tax code, e-mail address(es)
Bank details IBAN and bank/postal details (with the exception of the credit card number), telematic traffic data Log, IP address of origin.
Progressofood does not require the interested party to provide so-called “special” data, that is, as provided for by the GDPR (art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to health or sexual life or sexual orientation of the person. In the event that the service requested from Progressofood requires the processing of such data, the interested party will receive specific prior information and will be asked to provide specific consent.
SECTION II
For what purposes do we need the data of the interested party (art. 13, 1st paragraph GDPR)
The data is used by the Data Controller to follow up on the request for registration and the contract for the supply of the chosen Service and/or purchased Product, manage and execute the contact requests forwarded by the Interested Party, provide assistance, fulfill the legal and regulatory obligations to which the Data Controller is bound in relation to the activity carried out.
Under no circumstances does Progressofood resell the personal data of the interested party to third parties or use them for undeclared purposes.
In particular, the interested party's data will be processed for:
a) registration and requests for contact and/or information material
The processing of the interested party's personal data takes place in order to carry out preliminary and consequent activities to the request for registration, to manage requests for information and contact and/or sending of informative material, as well as to fulfill any other obligation arising therefrom.
The legal basis for such processing is the fulfillment of the services relating to the request for registration, information and contact and/or sending of informative material and compliance with legal obligations.
b) management of the contractual relationship
The processing of the interested party's personal data takes place in order to carry out preliminary and consequent activities to the purchase of a Service and/or a Product, the management of the related order, the provision of the Service itself and/or the production and/or shipment of the purchased Product, the related invoicing and payment management, the handling of complaints and/or reports to the assistance service and the provision of the assistance itself, the prevention of fraud as well as the fulfillment of any other obligation deriving from the contract.
The legal basis for such processing is the fulfillment of the services inherent to the contractual relationship and compliance with legal obligations.
c) promotional activities on Services/Products similar to those purchased by the Data Subject (Recital 47 GDPR)
The data controller, even without your explicit consent, may use the contact details communicated by the interested party for the purposes of direct sales of its own Services/Products, limited to the case in which they are Services/Products similar to those being sold, unless the interested party explicitly objects.
d) commercial promotion activities on Services/Products different from those purchased by the interested party
The personal data of the interested party may also be processed for commercial promotion purposes, for market research and surveys with regard to Services/Products that the Data Controller offers only if the interested party has authorised the processing and does not oppose it.
This processing may take place, in an automated manner, using the following methods: e-mail; sms; telephone contact.
And it can be done:
1. if the interested party has not revoked his/her consent for the use of the data;
2. if, in the event that the processing is carried out by contacting a telephone operator, the interested party is not registered in the register of objections pursuant to Presidential Decree no. 178/2010;
The legal basis for such processing is the consent given by the interested party prior to the processing itself, which can be revoked by the interested party freely and at any time (see Section III).
e) cyber security
The Data Controller, in line with the provisions of Recital 49 of the GDPR, processes, also through its suppliers (third parties and/or recipients), the personal data of the Data Subject relating to traffic to a strictly necessary and proportionate extent to ensure network and information security, i.e. the ability of a network or information system to resist, at a given level of security, unforeseen events or illicit or malicious acts that compromise the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted.
The Data Controller will promptly inform the Interested Parties, if there is a particular risk of violation of their data without prejudice to the obligations arising from the provisions of art. 33 of the GDPR relating to notifications of personal data violations.
The legal basis for such processing is compliance with legal obligations and the legitimate interest of the Data Controller to carry out processing related to the purposes of protecting company assets.
f) Subject to specific and separate consent from the one above, personal data are collected to send newsletters, commercial communications and/or advertising material regarding products and/or services offered by the owner
g) profiling
The personal data of the interested party may also be processed for profiling purposes (such as analysis of the data transmitted and of the chosen Services/Products, proposing advertising messages and/or commercial proposals in line with the choices expressed by the users themselves) exclusively in the event that the interested party has provided explicit and informed consent.
The legal basis for such processing is the consent given by the interested party prior to the processing itself, which can be revoked by the interested party freely and at any time (see Section III).
h) fraud prevention (recital 47 and art. 22 GDPR)
The personal data of the interested party, with the exception of special data (Art 9 GDPR) or judicial data (Art 10 GDPR) will be processed to allow checks for the purposes of monitoring and preventing fraudulent payments, by software systems that carry out a check in an automated manner and prior to the negotiation of Services/Products;
Failure to pass these checks will make it impossible to carry out the transaction; the interested party may in any case express his/her opinion, obtain an explanation or contest the decision by motivating his/her reasons to the Customer Service;
Personal data collected for anti-fraud purposes only, unlike the data necessary for the correct execution of the requested service, will be immediately deleted at the end of the control phases.
i) the protection of minors
The Services/Products offered by the Owner are reserved for legally capable entities, on the basis of the relevant national legislation, of entering into contractual obligations.
The Data Controller, in order to prevent illegitimate access to its services, implements preventive measures to protect its legitimate interest.
Communication to third parties and categories of recipients (art. 13, 1st paragraph GDPR)
The communication of the interested party's personal data occurs mainly towards third parties and/or recipients whose activity is necessary for the performance of the activities inherent to the established relationship and to respond to certain legal obligations, such as: Administrative, accounting and contractual performance-related obligations, assistance, maintenance,
delivery/shipping of products, provision of additional services, suppliers of electronic communication networks and services) connected to the requested service, management of collections, payments, refunds connected to the contractual service, Fulfilment of legal obligations, exercise of rights, protection of contractual rights, debt collection, Fulfilment of legal obligations, defence of rights, lists and registers kept by public authorities or similar bodies, based on specific legislation, in relation to the contractual service
Legal representatives, curators, guardians, etc.
* The Data Controller requires its third party suppliers and Data Processors to comply with security measures equal to those adopted with respect to the Data Subject, restricting the scope of action of the Data Processor to processing connected to the requested service.
The Data Controller does not transfer your personal data to countries where the GDPR is not applied (non-EU countries) unless otherwise specifically indicated for which you will be informed in advance and, if necessary, your consent will be requested.
The legal basis for such processing is the fulfillment of the services inherent to the established relationship, compliance with legal obligations and the legitimate interest of Progressofood SRL to carry out the processing necessary for these purposes.
SECTION III
What happens if the interested party does not provide his/her data identified as necessary for the performance of the requested service? (Art. 13, 2nd paragraph, letter e GDPR)
The collection and processing of personal data is necessary to follow up on the requested services as well as the provision of the Service and/or the supply of the requested Product. If the Interested Party does not provide the personal data expressly indicated as necessary within the order form or the registration form, the Data Controller will not be able to follow up on the processing related to the management of the requested services and/or the contract and the Services/Products connected to it, nor to the obligations that depend on them.
What happens if the interested party does not provide consent to the processing of personal data for commercial promotion activities on Services/Products other than those purchased?
In the event that the interested party does not give his/her consent to the processing of personal data for such purposes, said processing will not take place for the same purposes, without this having any effect on the provision of the requested services, nor on those for which he/she has already given his/her consent, if required.
In the event that the interested party has given consent and subsequently revokes it or opposes the processing for commercial promotion activities, his/her data will no longer be processed for such activities, without this entailing consequences or detrimental effects for the interested party and for the requested services.
How we process the data of the interested party (art. 32 GDPR)
The Data Controller arranges for the use of adequate security measures in order to preserve the confidentiality, integrity and availability of the personal data of the Data Subject and imposes similar security measures on third-party suppliers and Processors.
Where we process the data of the interested party
The personal data of the interested party are stored in paper, computer and telematic archives located at the headquarters of Progressofood SRL.
How long are the interested party's data stored? (art. 13, 2nd paragraph, letter a GDPR)
Unless the interested party explicitly expresses his/her will to remove them, the personal data of the interested party will be retained until they are necessary with respect to the legitimate purposes for which they were collected.
In particular, they will be retained for the entire duration of your registration and in any case no longer than a maximum period of 12 (twelve) months of your inactivity, or if, within this period, no Services are associated and/or Products purchased using the registration itself.
In the case of data provided to the Owner for the purposes of commercial promotion for services other than those already acquired by the Interested Party, for which he initially gave consent, these will be retained for 24 months, unless the consent given is revoked.
In the case of data provided to the Owner for profiling purposes, these will be retained for 12 months, unless the consent given is revoked.
It should also be added that, in the event that a user forwards to Progressofood personal data that are not requested or not necessary for the purpose of carrying out the requested service or for the provision of a service strictly connected to it, Progressofood cannot be considered the owner of this data, and will proceed to delete it as soon as possible.
Regardless of the interested party's determination to remove them, personal data will in any case be stored according to the terms established by current legislation and/or national regulations, for the exclusive purpose of guaranteeing specific fulfillments.
Furthermore, personal data will in any case be retained for the fulfillment of obligations (e.g. fiscal and accounting) that remain even after the termination of the contract (art. 2220 cc); for these purposes the Data Controller will retain only the data necessary for the related pursuit.
This does not apply to cases where rights arising from the contract and/or from registration in the registry office need to be asserted in court, in which case the personal data of the interested party, exclusively those necessary for such purposes, will be processed for the time necessary to pursue them.
What are the rights of the interested party? (articles 15 – 20 GDPR)
The interested party has the right to obtain from the data controller the following:
a) confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data and the following information:
1. the purposes of the processing;
2. the categories of personal data concerned;
3. the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular
if recipients are from third countries or international organisations;
4. where possible, the envisaged period for which the personal data will be stored, or, if this is not possible, the criteria
used to determine this period;
5. the existence of the right of the interested party to ask the data controller for rectification or erasure
of personal data or the limitation of the processing of personal data concerning him or to oppose their processing;
6. the right to lodge a complaint with a supervisory authority;
7. where the personal data are not collected from the data subject, any available information as to their source;
8. the existence of automated decision-making, including profiling, and, at least in those cases,
meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing
for the interested party.
9. the appropriate guarantees provided by the third country (outside the EU) or an international organisation for the protection of
of any data transferred
(b) the right to obtain a copy of the personal data undergoing processing, provided that this right does not adversely affect the rights and freedoms of others; For further copies requested by the data subject, the controller may charge a reasonable fee based on administrative costs.
c) the right to obtain from the data controller the rectification of inaccurate personal data concerning him or her without undue delay
d) the right to obtain from the data controller the erasure of personal data concerning him or her without undue delay, if the reasons set out in Article 17 of the GDPR exist, including, for example, when they are no longer necessary for the purposes of the processing or if the processing is deemed unlawful, and if the conditions set out by law exist; and in any case if the processing is not justified by another equally legitimate reason;
e) the right to obtain from the data controller the limitation of processing, in the cases provided for by art. 18 of the GDPR, for example where you have contested the accuracy of the data, for the period necessary for the Data Controller to verify the accuracy of the data.
The interested party must also be informed, within appropriate timeframes, of when the suspension period has expired or the cause of the limitation of processing has ceased to exist, and therefore the limitation itself has been revoked;
f) the right to obtain communication from the owner of the recipients to whom the requests for any corrections or cancellations or limitations of the processing carried out have been transmitted, unless this proves impossible or involves a disproportionate effort.
g) the right to receive the personal data concerning him or her in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from the controller to whom the personal data have been provided, in the cases provided for by art. 20 of the GDPR, and the right to obtain direct transmission of personal data from one controller to another, where technically feasible.
For any further information and in any case to send your request you must contact the Owner at amministrazione@cialdemania.it. In order to guarantee that the above-mentioned rights are exercised by the Interested Party and not by unauthorized third parties, the Owner may request the same to provide any further information necessary for the purpose.
How and when can the interested party object to the processing of his/her personal data? (Art. 21 GDPR)
For reasons relating to the particular situation of the interested party, the same may oppose at any time the processing of his/her personal data if it is based on legitimate interest or if it occurs for commercial promotion activities, by sending the request to the Owner at the address nakonedistribuzione@gmail.com
The interested party has the right to the cancellation of his/her personal data if there is no legitimate reason prevailing on the part of the Data Controller with respect to the one that gave rise to the request, and in any case in the event that the interested party has opposed the processing for commercial promotion activities.
To whom can the interested party lodge a complaint? (Art. 15 GDPR)
Without prejudice to any other administrative or judicial action, the interested party may submit a complaint to the competent supervisory authority in the Italian territory (Autorità Garante per la protezione dei dati personali) or to the one that carries out its duties and exercises its powers in the Member State where the violation of the GDPR occurred.
Any update to this Policy will be communicated promptly and through appropriate means and will also be communicated if the Data Controller processes the interested party's data for purposes other than those referred to in this Policy before proceeding and following the manifestation of the interested party's consent if necessary.
COOKIE POLICY
Information on the use of cookies pursuant to Provision no. 229 of 8 May 2014
This site uses cookies to make its services simple and efficient for users who view the pages of the site. What are cookies Cookies are small text files that the sites visited by users send to their terminals, where they are stored before being re-transmitted to the same sites on the next visit. They are used for different purposes: performing computer authentication, monitoring sessions, storing information on specific configurations regarding users who access the server, storing preferences, etc.
Types of cookies
Cookies can be of two types: technical cookies and profiling cookies .
Technical cookies : they are used, for example, to perform navigation, correctly display pages, memorize language settings and more generally to improve the user experience or provide a requested service. They are not used for other purposes, they are normally installed directly from the website and the consent of users is not required. Profiling cookies : first-party if installed directly from the site, third-party if generated and managed by parties other than the manager of the website on which the user is browsing. They are used to track the user's navigation on the network and create profiles on their tastes, habits, choices, etc. With these cookies, advertising messages can be transmitted to the user's terminal in line with the preferences already expressed by the same user during online navigation. Then there are analytics cookies which , although third-party profiling, are similar to technical cookies only if used for the purpose of optimising the site directly by the owner of the site itself, who may collect information in aggregate form on the number of users and how they visit the site.
Types of cookies used on this site
Technical navigation cookies
Also called own technical cookies: used to improve the browsing experience and necessary to correctly display the site on different browsers and different devices (computers, tablets, smartphones); for these cookies, the user's consent is not required as they are essential for the correct functioning of the site.
Cookie analytics
On this site, the cookies used by the Google Analytics service are intended , which the site uses as an anonymous and aggregate analysis tool , to track the number of users and how they visit the site, the software and hardware characteristics inherent to the devices used and their browsing habits, such as the number of daily views of each page.
All this data is essential to make a site update plan that takes into account the real needs of users and the technologies they use.
These cookies are managed directly by Google .
- privacy policy: https://www.google.com/intl/it/policies/privacy/
- instructions for managing or disabling cookies: https://support.google.com/accounts/answer/61416?hl=it.
Third party profiling cookies
For Facebook cookies:
- privacy policy: https://www.facebook.com/privacy/explanation
- instructions on how to manage or disable cookies: https://www.facebook.com/help/cookies/
For Youtube cookies:
-privacy policy: https://www.youtube.com/intl/it/yt/about/policies/#community-guidelines
- instructions for managing or disabling cookies: https://support.google.com/accounts/answer/61416?hl=it.
Anonymous browsing (Do Not Track option) of the browser in use
Below are links to instructions on how to enable this option in various browsers:
-
How to Disable Cookies by Browser Configuration
You can disable cookies using the configuration tools made available by various browsers. Below are links to the instruction pages to set this specific option in various browsers:
Chrome
– Run the Chrome browser – Click on the chrome settings menu on the browser toolbar next to the URL entry window for navigation – Select Settings – Click on Show Advanced Settings – In the “Privacy” section click on the “Content settings” button – In the “Cookies” section you can change the following cookie settings: – Allow local data to be saved – Change local data only until the browser is closed – Prevent sites from setting cookies – Block third-party cookies and site data – Manage exceptions for some websites – Delete one or all cookies
For more information visit the dedicated page .
Mozilla Firefox
– Run the Mozilla Firefox browser – Click on the Firefox settings menu in the browser toolbar next to the URL entry window for navigation – Select Options – Select the Privacy panel – Click on Show Advanced Settings – In the “Privacy” section click on the “Content settings” button – In the “Tracking” section you can change the following settings relating to cookies:- Ask sites not to perform any tracking – Communicate to sites that you are willing to be tracked – Do not communicate any preference regarding the tracking of personal dataFrom the “History” section you can:- By enabling “Use custom settings” select to accept third-party cookies (always, from the most visited sites or never) and to store them for a specific period (until they expire, until Firefox is closed or to ask each time) – Remove individual cookies stored
For more information visit the dedicated page .
Internet Explorer
– Run the Internet Explorer Browser – Click on the Tools button and choose Internet Options – Click on the Privacy tab and in the Settings section change the slider according to the desired action for cookies: - Block all cookies – Allow all cookies – Select the sites from which to obtain cookies: move the cursor to an intermediate position so as not to block or allow all cookies, then press on Sites, in the Website Address box enter a website and then press on Block or Allow
For more information visit the dedicated page .
Safari 6
– Run the Safari Browser – Click on Safari, select Preferences and press Privacy – In the Block Cookies section specify how Safari should accept cookies from websites. – To see which sites have stored cookies click on DetailsFor more information visit the dedicated page . Safari iOS (mobile devices)- Run the Safari iOS Browser – Tap on Settings and then Safari – Tap on Block Cookies and choose between the various options: “Never”, “Third-party and advertisers” or “Always” – To delete all cookies stored by Safari, tap on Settings, then on Safari and finally on Delete Cookies and data
For more information visit the dedicated page .
Opera
– Run the Opera Browser – Click on Preferences then on Advanced and finally on Cookies – Select one of the following options:- Accept all cookies – Accept cookies only from the site you are visiting: third-party cookies and those sent from a domain other than the one you are visiting will be rejected – Never accept cookies: all cookies will never be saved.
For more information visit the dedicated page .
Disabling Cookies through the configuration of third-party services
In addition to the possibility of disabling cookies through the browser configuration, it is possible to manage or disable third-party or marketing cookies from the website www.youronlinechoices.com .This page is visible through links on all pages of the Site pursuant to art. 122 second paragraph of Legislative Decree 196/2003 and following the simplified procedures for the information and acquisition of consent for the use of cookies published in the Official Journal no. 126 of 3 June 2014 and related register of provisions no. 229 of 8 May 2014.
Last updated: May 2018