PRIVACY POLICY FOR THE USER

Forno d’Asolo S.p.A. with registered office in via Nome di Maria,1 – 31010 Maser(Treviso)- Italy, taxpayer’s code / VAT number. 00852810266, owner of the website http://www.fornodasolo.it , as the Data controller in charge of processing personal data of the user browsing and registered on the Website(hereinafter also “User”) provides herein the privacy policy pursuant to art. 13 of Italian Legislative Decree no. 196/2003 (hereinafter also “Privacy Code”) and pursuant to art. 13 of the EU Regulation 2016/679 dated 27th April 2016.
This Website and any service whatsoever offered through this Website are dedicated only to subjects who are eighteen years of age or older. The Data controller therefore does not collect personal data regarding subjects who are under the age of 18. Upon request of the User, the Controller shall promptly delete all personal data involuntarily collected and regarding subjects who are under the age of 18.
The Data controller takes into the account the right to privacy and to the protection of the User’s personal data. For any information regarding this privacy policy, the Users can contact the Data Controller at any time, in the following ways:
● by registered letter with return receipt to the Data Controller’s registered office
● by electronic mail to the web address privacy@fornodasolo.it
1. Purposes of the processing
The User’s personal data shall be treated lawfully by the Data controller pursuant to art. 6 of the Regulation for the following processing purposes:
a. Website browsing, concerning the possibility to collect the User’s personal data necessary from a technical point of view, as, for example, the IP address during website browsing.
b. Issuing of newsletters, upon specific request of the User.
c. Reply to the User’s information requests received via the dedicated contact form.
d. Registration to the website’s personal area, through which access to technical and commercial documents, operational Supports, Statements and certifications, Specifications, Access to the quoting programme, Catalogues and price lists is possible.
e. Law obligations, or to fulfil obligations provided for by law, an authority, any regulation or European legislation.
f. Receipt of CVs for personnel recruitment, via the dedicated form. A specific policy is available on the relevant page.
2. Legal basis for data processing
The provision of personal data for the processing purposes stated above is optional, however necessary as failure to provide them will make it impossible for the User to browse the Website, register on the Website and use the services offered by the Controller on the Website.
With reference to the purposes as per points 1/a, 1/c, 1/d, 1/f, the legal basis for data processing is indeed the provision of the services offered through the Website and requested by the User (pursuant to article 6, paragraph , letter b of the Privacy Policy Regulation 2016/679); with reference to the optional purposes as per point 1/b of the previous paragraph, the legal basis for data processing is your potential, freely-expressed consent (pursuant to article 6, paragraph 1, letter a of the Privacy Policy Regulation 2016/679);with reference to the purposes as per point 1/e of the previous paragraph, the legal basis for data processing is to fulfil a legal obligation which the Data controller is subject to (pursuant to article 6, paragraph 1, letter c of the Privacy Policy Regulation 2016/679).
3. Processing methods and data retention period
The Data controller shall process the User’s personal data through manual and electronic means, and use it only to fulfil the same purposes and, in any case, in order to protect the security and the privacy of such personal data.
The website User’s personal data shall be retained for the period necessary to pursue the purposes stated in paragraph 1 above, or in any case for the period necessary to protect the interests of both the User and the Data Controller in civil matters. With reference to the purposes as per point 1.b, data shall be retained until the User opposes to the issuing of newsletters, via the dedicated link thereby contained or through the procedures to exercise his/her rights, as stated in paragraph 5.
4. Scope of communication and dissemination of data
The User’s personal data may by disclosed to the Data controller’s employees and/or collaborators who were appointed to administer the Website. Said subjects, who are formally referred to by the Data controller as “subjects in charge of the processing”, shall process the User’s data exclusively for the purposes stated herein and as provided for by the Applicable Laws in this matter..
The User’s personal data may by disclosed to third-party subjects who may process personal data on behalf of the Data controller and acting in their quality of “External Persons Responsible for Data Processing”, as, for example, suppliers of IT and logistics services necessary for the operation of the website, suppliers of outsourced or cloud computing services, professionals, and advisors.
The User has the right to obtain a list of any possible person responsible of data processing appointed by the Data Controller, upon request to the Data controller through the methods described in the following paragraph 5.
5. Rights of the User
The User can exercise his/her rights, as granted by the Applicable Laws on this matter, by contacting the Data controller through the methods described below:
● by registered letter with return receipt to the Data Controller’s registered office
● by electronic mail to the web address privacy@fornodasolo.it
With reference to the Applicable Law, the Data controller informs that the Users have the right to obtain information on (i) the origin of personal data; (ii) the purposes and methods of processing; (iii) underlying reasoning of data processing through electronic media; (iv) Identification details of the data controller and of data processors; (v) the subjects or categories of subjects whom personal data can be communicated to or who may become aware of such data as data processors or people appointed for the processing.
Moreover, the User has the right to obtain:
a) access, updating and correction or, when interested, completion of personal data;
b) deletion, transformation into anonymous form or blocking of personal data unlawfully processed, including any data whose conservation is not required in relation to the purposes for which it has been collected or subsequently processed;
c) Proof that the operations described in letters a) and b), also concerning their content, were brought to the attention of those whom personal data were communicated or disseminated to, in the case in which said obligations proves to be impossible to achieve or entails the use of means clearly out of proportion considering the Users’ right that is being protected.
Moreover, the User has:
a) the right to withdraw consent at any moment, should the processing be based on his/her consent;
b) the right to data portability (right to receive all personal data regarding his/her person in a structured, commonly used and machine-readable format), the right to limit the processing of his/her personal data and the right to erasure (“right to be forgotten”);
c) the right to withdraw consent:
i. fully or partially, for legitimate purposes, to the processing of his/her personal data, even if pertaining to the purposes of the collection;
ii. fully or partially, for legitimate purposes, to the processing of his/her personal data for the purpose of sending advertising or direct sale material or for the performance of market research or commercial communication activities;
iii. at any moment, in the event that personal data are processed for direct marketing purposes, to the processing of his/her personal data for such purposes, including profiling activities to the extent that they are linked to such direct marketing purposes.
d) in the event that s/he believed that the processing of his/her personal data breaches the Regulation, to lodge a complaint with a Controlling Authority (in the Member State where s/he remains habitually resident, where s/he works or where s/he claims the breach occurred). The Italian Controlling authority is the Personal Data Protection Officer, with premises in Piazza di Monte Citorio no.121, 00186 – Rome (http://www.garanteprivacy.it/).