INFORMATION ON THE PROCESSING OF PERSONAL DATA

This communication is made available to you - pursuant to Articles 13 and 14 of the European Regulation 2016/679 on the protection of personal data (“Regulation” or “GDPR”) - and is addressed to those who interact with the web services accessible electronically from this website (“website” or “site”). The purpose of this Information Notice is to inform the user about the methods used to process their personal data.

DATA CONTROLLER

The Data Controller of your personal data is Consorzio Zampone e Cotechino Modena IGP with head office in Strada 4, Palazzo Q8 - 20089 Rozzano - Milanofiori (MI);  

Tel.: 02 8925901 E-mail: info@modenaigp.it

GENERAL PRINCIPLES AND COMMITMENT TO DATA PROTECTION

Consorzio Zampone e Cotechino Modena IGP undertakes to protect all the personal data it processes, adhering to the following general principles.

All data is processed lawfully, correctly and transparently with respect to the data subject, in accordance with the general principles laid down in EU Reg. No. 2016/679 and in the applicable data protection legislation:

  • all data is processed and collected only for the purposes indicated in this Information Notice or for the specific purposes already shared with the data subject, with the aim of collecting, processing and using as little personal data as possible;
  • if the personal data collected is no longer required for any purpose or by legal obligations, every effort will be made to delete, destroy or anonymise it;
  • specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorised access;
  • personal data will not be shared, sold, made available or communicated to parties other than those indicated in the Information Notice.

TYPES OF DATA COLLECTED

The website offers informative and, sometimes, interactive content. While browsing the Site, it may therefore acquire information about the visitor in the following ways:

Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data, whose transmission is implicit in the communication protocols of the Internet. This information is not collected to be associated with identified data subjects, but by its very nature it could, through processing and association with data held by third parties, allow users to be identified. 

This category of data includes IP addresses or domain names of computers used by users who connect to the site, URIs (Uniform Resource Identifiers) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the operating system and the computer environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and it is deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Cookies

In order to make its services as efficient and easy to use as possible, this Site makes use of cookies. Therefore, when you visit the Site, a minimal amount of information is placed on your device as small text files called “cookies” that are stored in the directory of your web browser. There are different types of cookies, but essentially the main purpose of a cookie is to make the Site work more efficiently and to enable certain features of it. For further information, please refer to the Site’s Cookie Policy at the end of this document. 

Data Provided Voluntarily by the User

We do not collect or use personal information about anyone who visits the website. Visitors remain anonymous. The only exception concerns the information voluntarily provided by the user in the site’s forms, necessary to comply with contractual obligations to provide the services requested or to process user requests.

The optional, explicit and voluntary sending of e-mail to the addresses indicated on this site involves the subsequent acquisition of the sender's e-mail address, as well as any other personal data included, necessary to respond to requests.

OPTIONALITY OF PROVIDING DATA

Apart from what stated above regarding browsing data, the user is free to provide their personal data through the collection Form, or otherwise provide it to us in the contact section in order to use the services offered, to receive information and other communications. Failure to provide their personal data may make it impossible to obtain what has been requested. The submission of data involves the subsequent acquisition of the sender's e-mail address, as well as any other personal data entered, necessary to respond to requests.

PURPOSE AND LEGAL BASIS OF PROCESSING

The processing of Users’ personal data is carried out for the following purposes:

  1. to ensure access to the Site, its browsing and use of online services made available in connection with the Site itself;
  2. for requirements relating to the authorisation, enabling and personalisation of access to the various areas and related content of the Site for the use of the services offered;
  3. where the activity is foreseen and subject to the User's consent, to send informative and promotional communications via e-mail, as well as to satisfy user requests;
  4. ascertainment of responsibility in case of hypothetical computer crimes against the site.

The legal basis for the processing is made up of the following:

  • for the purposes referred to in points a) and b) above, by the legitimate interest of the data controller, in this case embodied in the offer of access to the site and its services;
  • for the purposes referred to in point c) above, by the consent freely expressed by the data subject;
  • for the purpose referred to in point d) above, by the legitimate interest of the Data Controller.

METHODS, PLACE AND DURATION OF PROCESSING

Personal data is processed via computer and/or telematic tools. The processing is carried out by means of organisational methods and logic strictly related to the purposes indicated.

The Data Controller has implemented technical and organisational measures to provide an adequate level of security and confidentiality to personal data. These measures take into account the state of the art of the technology, the costs of its implementation, the nature of the data and the risks associated with its processing. The purpose is to protect data against accidental or unlawful destruction or alteration, accidental loss, unauthorised disclosure or access, and other unlawful forms of processing.

In addition, when handling your personal data, the Data Controller collects and processes personal data that is adequate, relevant and not excessive, as required to meet the above-mentioned purposes and ensures that such personal data remains current and accurate.

The data is processed at the operational headquarters according to which the Data Controller is organised by authorised internal subjects, and at external subjects duly appointed as Data Processors. 

In any case, the disclosure of your personal data is completely excluded.

TRANSFER OF DATA OUTSIDE THE EUROPEAN UNION

In general, processed data is not transferred outside the European Union. In any case, it is understood that the Data Controller, if necessary, will have the right to move the location of the servers in Countries outside the EU or to use cloud services also located outside the EU. In this case, the Data Controller assures as of now that the transfer of data will take place in compliance with the applicable legal provisions by entering into agreements that guarantee an adequate level of protection, if necessary.

The processing of data is carried out for the time strictly necessary for the pursuit of the above-mentioned purposes, without prejudice to any retention periods provided for by law or regulations.

CATEGORIES OF SUBJECTS TO WHOM THE DATA MAY BE COMMUNICATED

The data collected by the Data Controller will only be shared for the above-mentioned purposes; we will not share or transfer your personal data to third parties other than those indicated in this Information Notice. In the course of our activities and exclusively for the same purposes as those listed in this Information Notice, your personal data may be transferred to the following categories of recipients:

  • partners and organisations connected to the Data Controller, to whom the same communicates the data exclusively to ensure the provision of services;
  • hosting providers, IT companies, communication agencies, third party technical services, postal couriers;
  • persons, companies or professional firms that provide assistance and consultancy to the Data Controller in accounting, administrative, legal, tax and financial matters;
  • subjects whose right to access the data is recognised by law or by orders of the authorities.

With these subjects, if necessary, agreements may be signed by the Data Controller that identify them as Data Processors. The updated list of Data Processors can always be requested from the Data Controller.

RIGHTS OF USERS WITH REGARD TO THEIR PERSONAL DATA

The data subject, i.e. the natural person to whom the personal data refers, has the right to ask the Data Controller to access their personal data, to rectify or erase it, and to request the restriction or object to its processing. The data subject also has the right to data portability. To exercise these rights, please refer to the contacts indicated in this information notice.

All the requests received will be processed and verified in accordance with the provisions of the applicable regulations, also with reference to the actual existence of the conditions for their acceptance. In the absence of these conditions, the Data Controller may not follow up on the requests. The Data Controller shall make every effort to respond to legitimate and well-founded requests within one month of their receipt. Depending on the complexity and number of requests and on what stated above, this time limit may be extended by two months. At the conclusion of the management of the request and against the same, the data subject has the option to complain to the supervisory authority at www.garanteprivacy.it and to file a judicial appeal.

CHANGES TO THIS INFORMATION NOTICE

The Data Controller reserves the right to make changes to this information notice in order to incorporate changes in the legislation or to adapt to technological innovations. Any changes will be reported on this web page, which can be consulted at any time through the hypertext link located on the home page of the Site.