INFORMATION ON PROCESSING THE PERSONAL DATA of users who visit the websites of DEA FLAVOR SRL
pursuant to Article 13 of Regulation (EU) 2016/679
Pursuant to the GDPR (Regulation No. 679/2016 EU), the methods for processing the personal data of those who visit the website belonging to DEA FLAVOR SRL, accessible by electronic means at the following address, are described herein:
The information in this statement exclusively concerns the aforementioned site and no other page or service that may be reached through hypertext links present on the websites but not owned by DEA FLAVOR SRL.
The personal data controller is DEA FLAVOR SRL with registered office in Via Galileo Galilei No. 33 - 38015 Lavis (Trento) - VAT number: 02254110220, PEC: email@example.com
The data controller has not appointed a Data Protection Officer.
TYPES OF DATA PROCESSED AND PURPOSE OF THE PROCESSING
According to the provisions of the GDPR, the processing of personal data is based on principles of correctness, lawfulness, transparency, protection of the user's privacy as well as protection of their rights, and DEA FLAVOR SRL undertakes to ensure that all personal data entering into its possession is processed in a lawful manner and according to the cardinal principles outlined above, as well as to comply with the regulations and laws concerning the protection of personal data in all places and all activities in which it operates.
The data can be acquired in the following ways:
- D ATA COMMUNICATED BY THE USER: data sent from the user to DEA FLAVOR SRL, through voluntary messages to the contact addresses belonging to that company or through the compilation of contact formats, or through the stipulation of a contract for the purchase and sale of products directly via the website (e-commerce section), involving the acquisition of user contact details necessary to respond and any other data voluntarily sent and necessary for the conclusion of the aforementioned contract (including personal data related to delivery, contact details and references, as well as administrative data for billing and contract details).
- NAVIGATION DATA: S imply browsing the websites belonging to DEA FLAVOR SRL will not lead to any identifying data being collected. However, for the website's normal operation it is possible that the computer system acquires some information whose transmission is implicit in internet communication protocols (e.g. log files, IP addresses, URI/URL addresses of requested resources, timing of requests, as well as parameters relating to the user's IT and operational environmental systems). The data acquired through navigation, necessary for the website's operation, is processed for statistical purposes (number of visitors to each website belonging to DEA FLAVOR SRL, geographic area of origin of visitors, number of visitors for each time slot), as well as for checking normal operation of the web services offered.
The data processing is aimed at correct and complete execution of the contract with DEA FLAVOR SRL; the data collected will also be processed in order to fulfil the necessary obligations related to tax and accounting, as well as any other obligation required by current legislation. In order to execute the contracts, the sensitive data processed could potentially concern state of health as well as some lifestyle habits; processing this type of data is particularly sensitive and DEA FLAVOR SRL implements all physical and IT measures necessary to guarantee its protection.
LEGAL BASIS OF THE PROCESSING
The data controller DEA FLAVOR SRL processes the data in a lawful manner and to the extent that it is:
Necessary to fulfil obligations imposed by law;
Necessary for the correct execution of a contract to which you are party, as well as for the pre-contractual phase;
based on your express consent
The data collected may also be communicated, for the purposes indicated above, to:
1. Employment consultants, accountants, legal advisers, security consultants, for functional services to comply with tax and accounting obligations;
2. IT companies for functional services to manage IT management systems and equipment necessary to conduct business activities;
3. Shipping company for the delivery of the purchased goods;
CONSEQUENCES OF FAILURE TO COMMUNICATE PERSONAL DATA
With regard to personal data relating to the formation or execution of a contract to which you are party or necessary to fulfil a regulatory obligation (by way of example: obligations related to keeping accounting and tax records), failure to disclose personal data prevents fulfilment of the contractual relationship itself.
Personal data collected and processed for the aforementioned purposes will be kept for the entire duration of the contract, as well as for as long as the data controller remains subject to a legal obligation to store it imposed for tax purposes or for any other purpose required by current standards or regulations.
DATA SUBJECT'S RIGHTS
The data subjects have the right, in the cases provided for by the current legislation:
to ask the data controller to access personal data, correct it or delete it (in the cases provided for by Art. 17 of the GDPR) or limit the processing that concerns them (in the cases provided for by Art. 18 of the GDPR) as well as oppose its processing (Art. 13 paragraph 2 letter b);
to transfer data, that is, to request and obtain from the data controller the personal data processed by the latter, which must be returned in a structured form readable by automatic device (Art. 13 paragraph 2 letter b);
to revoke consent to the processing, at any time and in the event that the processing is based on your consent for a more specific purpose and concerns common personal data (e.g. residence, date of birth) or particular categories of data (see Art. 9 of the GDRP), without this affecting the lawfulness of the processing based on the consent given prior to the revocation (Art. 13 paragraph 2 letter c);
to make a complaint to a supervisory authority (Guarantor Authority for the protection of personal data - www.garanteprivacy.it)