Skip to main content
0

Information on the processing of personal data
(pursuant to Article 13 of the GDPR – EU Regulation 2016/679)

This Information on the processing of personal data relating to the website “www.orodirufolo.it” is made pursuant to Article 13 of the EU Regulation 2016/679 (so-called GDPR) and describes how the site is managed about the processing of personal data ) conferred by the User through the form on the Owner’s website, acquired in accordance with the current legislation.

The information is given, for those who access the site, exclusively for the site “www.orodirufolo.it” and not also for other websites that may be consulted by users through links on the site.

Data controller and data processor.
The data controller and person in charge of the site is Azienda Agricola Ortoplant di Depalo Michele & C. s.s. Via Saverio Daconto 41 70054 Giovinazzo (BA) – P.IVA 05062190722. The Data Controller may be contacted by e-mail at info@orodirufolo.it.

Purpose legal basis of data processing.
The data provided by the User are collected to enable the Data Controller to provide feedback to the request of the data subject and for related and instrumental activities.

The Controller informs the User that the processing has its legal basis in the performance of the service requested by the User and in the execution of contractual and pre-contractual measures.

Types of data collected and mandatory.
Among the personal data collected at “www.orodirufolo.it” there are also “Cookies”. For details regarding this type of data, please refer to the appropriate section “Cookie policy”.

Personal data may be freely provided by the User and, unless otherwise specified, are mandatory. If the User refuses to communicate them, it is impossible for the site “www.orodirufolo.it” to provide feedback to the User’s request. In cases where some data are reported as “optional” the User is free to refrain from communicating them without this having any consequence on the availability of the service or its operation.

Users who have any doubts about which data are mandatory are encouraged to contact the Data Controller at the contact details indicated above.

Method and place of processing of collected data.
The Data Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of personal data. The personal data collected will not be transferred or used by third parties.

The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. In addition to the Data Controller and Data Processor, other subjects involved in the company’s organization (administrative, commercial, marketing, legal, system administrators) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) may have access to the data. The list of said subjects can always be requested from the Data Controller.

The data are processed at the Data Controller’s operational offices and in any other place where the parties involved in the processing are located. For further information, the Data Controller may be contacted at the contact details indicated in this policy.

Data Retention Period.
The data communicated by the User are processed and kept for the time required by the purposes for which they were collected and, therefore, will be retained until the execution of the service requested by the User is completed, and in any case until their deletion is requested.

The Data Controller may keep the collected personal data for a longer period in case this is imposed by a legal obligation or by order of an authority.

At the end of the retention period, personal data will be deleted: at the expiration of this period, the right of access, deletion, rectification and the right to portability can no longer be exercised.

User Rights.
The User may exercise certain rights with reference to the data processed by the Controller. In particular, the User has the right to:

  • access to their own data (Art. 15 GDPR): the User has the right to obtain information about the data processed by the Controller on certain aspects of the processing and to receive a copy of it;
  • object to the processing of their data (Art. 21 GDPR): the User may object to the processing of their data when it is done on a legal basis other than consent;
  • verify and request rectification (Art. 16 GDPR):The User can verify the correctness of their data and request that it be updated or corrected;
  • Obtain restriction of processing (Art. 18 GDPR) in cases where:
  • the accuracy of the personal data is disputed,
  • the User believes that the processing is unlawful,
  • the User objects to the deletion of the personal data,
  • the data are necessary to the data subject for the establishment, exercise or defense of a right in a court of law, while the data controller no longer needs the data for processing purposes,
  • the User has objected to the processing and is awaiting the necessary verifications to determine whether the data controller’s legitimate reasons prevail over those of the data subject,

The User may request the restriction of the processing of his/her data. In this case, the Controller will not process the data for any purpose other than its storage;

  • Obtain the deletion or removal of their personal data (Art. 17 GDPR) in cases where:
  • personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed,
  • the User revokes the consent on which the processing is based, if there is no other legitimate reason for the processing,
  • the User objects to the processing and there is no further legitimate reason for the processing to proceed,
  • personal data have been processed unlawfully;
  • personal data must be erased in order to comply with a legal obligation under Union or Member State law to which the data controller is subject,
  • personal data have been collected in connection with the provision of information society services to children,

The user may request the deletion of his or her Data by the Data Controller;

  • receive their Data or have it transferred to another Data Controller (art. 20 GDPR):the User has the right to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred unhindered to another Data Controller;
  • file a complaint (Art. 77):The User may file a complaint with the competent data protection supervisory authority or take legal action.

Methods of exercising the User’s rights.
To exercise his or her rights, the User may address a request to the contact details of the Controller indicated in this document. Requests are filed free of charge and processed by the Owner as soon as possible, in any case within one month.

Changes to this Privacy Policy.
The Data Controller reserves the right to make changes to this privacy policy on the processing of personal data at any time by giving notice to Users as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. If the changes affect processing whose legal basis is consent, the Controller will re-collect the User’s consent if necessary.