Processable personal data

“Personal data”: any information relating to an identified or identifiable natural person (“data subject”); a natural person can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social; (C26, C27, C30 GDPR).

Navigation data

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, the addresses in URI / URL (Uniform Resource Identifier / Locator) notation of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

Data communicated by the interested party

The optional, explicit and voluntary sending of messages to the contact addresses indicated on this site and / or the compilation of data collection forms entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data inserted.

Specific information

Specific information will be present on the pages of the Site in relation to particular services or processing of the data provided.

1.Who is the Data Controller? How to contact him?

Data controller, pursuant to art. 4 and 24 GDPR, is ANGELO CAPPELLINI & C. s.r.l.,sole shareholder, with registered office in Via Milano n. 39, 22060 – Cabiate (CO), VAT number IT01434700132, in the person of the pro-tempore legal representative. Contact details of the owner: e-mail [email protected].

2. Purpose of the processing, legal basis, data retention period and nature of the provision.

PURPOSE A) NAVIGATION ON THE WEBSITE

• LEGAL BASIS: legitimate interest (Article 6, paragraph 1 letter f) and recital 47 GDPR): the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or rights do not prevail and the fundamental freedoms of the interested party who require the protection of personal data, taking into account the reasonable expectations of the interested party based on his relationship with the data controller. Activities strictly necessary for the operation of the site and the provision of the navigation service on the platform.
• DATA RETENTION PERIOD: up to the duration of the browsing session. See the paragraph on cookies.
• NATURE OF THE PROVISION: necessary in order to allow navigation of the website

PURPOSE B) REQUEST FOR CONTACT AND / OR INFORMATION: through the contact details indicated on our website, COLLECT AND FULFILL ANY USER REQUESTS

• LEGAL BASIS: execution of pre-contractual measures also adopted at the request of the interested party (Article 6, paragraph 1 letter b) GDPR).
• DATA RETENTION PERIOD: 1 year
• NATURE OF THE PROVISION: the provision of data is necessary. Failure to provide the data will make it impossible to obtain what is requested and to use the services of the data controller.

PURPOSE C) DIRECT MARKETING: with your consent and up to your opposition, your data will be processed for direct marketing, for promotional, commercial communication and marketing purposes in general, BY USING THE NEWSLETTER / MAILING LIST SERVICE.

• LEGAL BASIS: consent (Article 6 par. 1 letter a GDPR): the interested party has given consent to the processing of their personal data.
• DATA STORAGE PERIOD: until consent is revoked (opt-out)
• NATURE OF THE PROVISION: the provision of data is optional and in the absence of it, your data will not be processed for the pursuit of this purpose. The refusal of the provision will not affect the usability of the other purposes indicated.

PURPOSE D) PROFILING: with prior consent and until opposition, your data will be processed for SENDING BY E-MAIL / MAILING LIST OF PROMOTIONAL COMMUNICATIONS RELATING TO THE ACTIVITIES / PRODUCTS / SERVICES OFFERED BY THE HOLDER OF THE TREATMENT IN LINE WITH YOUR INTERESTS.

• LEGAL BASIS: consent (Article 6 par. 1 letter a GDPR): the interested party has given consent to the processing of their personal data.
• DATA RETENTION PERIOD: 5 years, unless consent is revoked (opt-out), if earlier
• NATURE OF THE PROVISION: the provision of data is optional and in the absence of it, your data will not be processed for the pursuit of this purpose. The refusal of the provision will not affect the usability of the other purposes indicated.

PURPOSE E) SUBSCRIPTION TO THE RESERVED AREA OF THE SITE, to have access to dedicated materials and to save your favorite products

• LEGAL BASIS: execution of pre-contractual measures also adopted at the request of the interested party (Article 6, paragraph 1 letter b) GDPR).
• DATA RETENTION PERIOD: For the entire duration of the registration and six months from its termination.
• NATURE OF THE PROVISION: the provision of data is necessary. Failure to provide the data will make it impossible to obtain what is requested and to use the services of the data controller

3. Cookies

For more information on the cookies used by this website, see the cookies policy at the following link.

4. Who will the personal data provided be disclosed to?

The personal data provided will be communicated to subjects who will process the data as managers (Article 28 of the GDPR) and / or as natural persons acting under the authority of the Data Controller and the Manager (Article 29 of the GDPR), for the purposes listed above. Specifically, the data may be disclosed to recipients belonging to the following categories:

• Subjects who provide services for the management of the data controller’s information system and communication networks, including e-mails, newsletters and website management;
• Freelancers, firms or companies in the context of assistance and consultancy relationships;
• Competent authorities for the fulfillment of legal obligations and / or provisions of public bodies, upon request;

The list of Data Processors is constantly updated and available by writing to [email protected] at the Data Controller’s registered office.

5. Will the data provided be transferred outside the European Union?

The personal data provided will not be transferred to non-EU countries.

6. Is there an automated process?

There is no fully automated decision-making process as, through the intervention of the operator, the owner carries out profiling activities, in particular it processes consumer profiles and analyzes consumption habits and choices in order to improve the commercial offer and the services offered.

7. What are your rights? How can you exercise them?

You will be able to assert your rights as expressed by the articles. 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR, by contacting the Data Controller at the email address [email protected]. You have the right, at any time, to ask the Data Controller to access your personal data, to rectify, cancel them, limit the processing and the portability of your data. Furthermore, you have the right to object, at any time, to the processing of your data based on legitimate interest and, in the cases provided for, you have the right to revoke the consent given without prejudice to the lawfulness of the treatment based on consent before revocation. To stop receiving automated direct marketing communications (for example newsletters) it will be sufficient to write an e-mail to [email protected] at any time with the subject “unsubscribe from automated” or use our automatic cancellation systems provided for sun e-mail. Without prejudice to any other administrative and judicial appeal, if you believe that the processing of data concerning you violates the provisions of the GDPR, you have the right to lodge a complaint with the Guarantor for the protection of personal data (Italian supervisory authority www.garanteprivacy.it ). In the event of a request for data portability, the Data Controller will provide you with your personal data in a structured format, commonly used and readable by an automatic device, without prejudice to paragraphs 3 and 4 of art. 20 of Reg. (EU) 2016/679.

8. Minors

The website is intended for use and consultation by adults. Therefore, any requests from minors will not be taken into consideration.

9. Further informations

The owner reserves the right to modify, update, add or remove parts of this privacy policy at its discretion and at any time. In order to facilitate this verification, the information will contain the update date.