1. About us – Data controller and contact information

With this information on the processing of personal data, made pursuant to Art. 13 of the EU Regulation 2016/679 “GDPR” (hereinafter “Regulations”), Cantine Europa S.c.a. (hereinafter “the Company”), with registered office on SS 115 Km 42, 400 – 91020 PETROSINO (TP), registered in the Register of Cooperative Companies under no. A118112, REA no. TP38405, P.IVA 00060170818, as the Data Controller, would like to explain to you the purposes and methods by which the Company collects and processes your personal data, what categories of data are processed, what rights you are granted as a data subject and how they can be exercised.

The Company may be contacted at any time with reference to this policy and for any questions regarding the processing of your data by sending an email to the following address: info@cantineeuropa.net.

This information is provided solely for this website “
https://www.cantineeuropa.it
” (hereinafter referred to as the Site), therefore the Company assumes no responsibility for other websites that may be consulted through hyperlinks on the Site.

Users, by using this Site, accept this policy and are, therefore, encouraged to read it before providing personal information of any kind.

In accordance with privacy regulations, the processing of your personal data will be governed by the principles of lawfulness, fairness, transparency, purpose limitation and storage, minimization and confidentiality, as well as the principle of accountability under Art. 5 of the Regulations.

2. What personal data we collect and why we collect it

Personal data collected at the conclusion of the contract and during the course of the contractual relationship

1) biographical data, such as full name, place and date of birth, residence/billing address, an online identifier(username);

2) contact information, such as shipping address, telephone number, and e-mail address;

3) bank details (e.g., IBAN), if provided for possible reimbursement;

4) browsing data, such as IP address, time of access to the site and/or registration to the Site platform, possible registration referer, server access methods, numerical code indicating the status of the response given by the server (successful, error, etc.). This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and/or abuses. This is information that is not collected to be associated and/or to identify, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. The data could be used to ascertain liability in case of hypothetical computer crimes against the Site or third parties.

5) purchase data, such as average purchase value, type of product purchased, frequency of purchase, total amount purchased over time, and total number of orders placed.

The Holder will not acquire data of a sensitive nature or otherwise belonging to the special categories referred to in Art. 9 of the GDPR or data related to criminal convictions or offenses.

The Company will use your Data for the following purposes:

(a) for the execution of the contract

The Data indicated in the paragraph of this policy, will be processed by the Company to enable registration to the Site and the use of services specifically related to it. By way of example, the Data will be processed for the management of purchase orders, for maintenance and technical assistance, and in order to improve the quality of the services offered. The Data will then be processed for the execution of the existing contract with the Owner.

The provision of Data is necessary to enable the establishment and management of the contractual relationship; failure to do so will make it impossible for us to execute the contract and provide you with the requested service.

(b) for marketing purposes

Direct sale. Subject to your specific consent, the Company may process your Data to send advertising material or commercial communications regarding any promotions or for market research. These communications may be sent through the use of automated systems (e.g., e-mail, SMS, push notifications) and traditional systems (e.g., paper mail).

For this processing purpose, the Data referred to in 1) and 2) will be used. The consent given is revocable at any time, including with regard to automated contact systems only, by writing to ordini@cantineeuropa.net.

Newsletter. Subject to your specific consent, the data indicated in point 2), provided when subscribing to the newsletter will be used by the Company for the sole purpose of providing the requested newsletter service. The Data will then be processed for the purpose of providing the requested service to the Data Controller. You may at any time request to unsubscribe from the newsletter by following the instructions given from time to time in any communication made for the purposes mentioned in this section.

Soft spam. Subject to your specific consent, the data referred to in point 2), acquired in the context of the sale of the Company’s products or those controlled by them (e.g. Sibiliani Vini Srl), through the platform may be used to send commercial communications relating to products similar to those being sold. Such processing does not require your express consent under Art. 130 of Leg. June 30, 2003, no. 196. You may, however, object to such processing at any time by following the instructions given from time to time in any communication made for the purposes referred to in this section.

(c) for profiling purposes

Subject to your specific consent, the Company may process your Data to understand your purchasing habits and preferences in relation to the products and services offered through the platform in order to offer you products and services in line with your profile. In pursuit of this purpose, the Company may process the Data referred to in 2) and 5) above. Such Data will be processed by the Company on the basis of its legitimate interest in optimizing its purchasing procedures by offering products and services that are more functional and useful to specific customer needs.

We remind you that, pursuant to Art. 21 of the GDPR, you may object to such processing at any time, for reasons related to your particular situation, by writing ordini@cantineeuropa.net. In this case, deletion of data will also result in deactivation of accounts for services for which registration with the Site was required.

(d) for the communication of your data to third parties for marketing purposes

Where provided for on the Site and subject to your specific consent,the Company may disclose your Data to third parties who may process it for the purpose of sending their own commercial communications, including by SMS/MMS/VMS,push notifications and/or e-mail.

Comments

When visitors leave comments on the site, we collect the data shown in the comment form in addition to the visitor’s IP address and browser user agent string to facilitate spam detection.

An anonymized string created from your email address (otherwise called a hash) can be provided to the Gravatar service to see if you are using it. The privacy policy of the Gravatar service is available here: https://automattic.com/privacy/. After your comment is approved, your profile picture is publicly visible in the context of your comment.

Media

If you upload images to the website, you should avoid uploading images that include embedded location data (EXIF GPS). Visitors to the website can download and extract any location data from the images on the website.

Contact form and data voluntarily provided by the user

this privacy policy shall also be understood to apply to the processing of data you voluntarily enter in the forms contained within the Site. With reference to the latter, we urge you not to include information that may fall under the special categories of personal data referred to in Art. 9 of the Regulation ([…]personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data intended to uniquely identify a natural person, data concerning a person’s health or sex life or sexual orientation).

Third-party data voluntarily provided by the user

In the use of the Site’s services, there may be a processing of Personal Data of third parties, communicated by you to the Controller (such as, for example, in the case of purchasing products to be shipped to third parties). With respect to these assumptions, you stand as an autonomous data controller, assuming all legal obligations and responsibilities. In this regard, you confer on this point the broadest indemnity with respect to any dispute, claim, claim for damages from treatment, etc. that should be received by the Controller from third parties, whose personal data has been processed through its use of the Site services in violation of the applicable Personal Data protection regulations. In any case, should you provide or otherwise process personal data of third parties in the use of the Site, you warrant as of now, assuming all related responsibility, that this particular hypothesis of processing is based, where necessary, on your prior acquisition, on your part, of the third party’s consent to the processing of the information concerning him.

Cookie

If you leave a comment on our site, you can choose to save your name, email address, and website in cookies. They are used for your convenience so that you do not have to re-enter your information when you leave another comment. These cookies will last for one year.

If you have an account and access this site, a temporary cookie will be set to determine if your browser accepts cookies. This cookie contains no personal data and is deleted when you close the browser.

When you log in, several cookies will be set to save your login information and screen display options. Login cookies last two days while screen option cookies last one year. If you select “Remember Me,” your access will persist for two weeks. If you log out of your account, your login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include any personal data, but simply indicates the ID of the newly modified item. Expires after 1 day.

A more in-depth information on the use of cookies can be found on the Cookie Policy page.

Embedded content from other websites

Articles on this site may include embedded content (e.g., videos, images, articles, etc.). Content embedded from other websites behaves exactly the same way as if the visitor had visited the other website.

These websites may collect data about you, use cookies, integrate additional third-party tracking, and track your interaction with them, including tracking your interaction with embedded content if you have an account and are logged in to those websites.

Analytics

3. With whom we share your data

Europa Sca wineries puts privacy first. For this reason, it does not give your Personal Data to third parties for commercial purposes, which instead are processed exclusively by the Owner and group companies where you consent.

Your Personal Data for the above purposes may be disclosed only to the following recipients (the “Recipients“):

  • Individuals typically acting as data controllers under Art. 28 of the Regulations, namely: (i) persons, companies or professional firms that provide assistance and advice to the Holder in accounting, administrative, legal, tax and financial matters; (ii) parties delegated to carry out technical maintenance of the site and information system; (iii) service providers used by data controllers to achieve the purposes set out in point 4 (e.g., app developers and providers of server hosting services, mailing list dispatch, electronic communication systems, chatbots, dispatchers); always in compliance with the principle of minimization by limiting processing to only the data strictly necessary to achieve the specific purpose;
  • Subjects, entities or authorities to whom it is mandatory to communicate your Personal Data by virtue of legal provisions or orders of the authorities;
  • persons authorized by the Owner, in accordance with Article 29 of the Regulations, to process personal data necessary to carry out activities closely related to the provision of services, who have committed to confidentiality or have an appropriate legal obligation of confidentiality;
  • Group companies, limited to the pursuit of the purposes set forth in paragraph 2(a).

The full list of data controllers is available by sending a written request to the Controller.

4. How long we keep your data

Your Personal Data will be stored primarily at the dataservers of the

Aruba S.p.A., via S.Clemente 53 – 24036 Ponte San Pietro (BG) Italy.

Personal Data, for the needs mentioned in paragraph 2(a), are also stored at the Company’s dataserver,

Your Data will be stored for the duration of your contractual relationship with the Company. Following the termination of the relationship, the Data will be retained for the maximum legal period exclusively for the needs of protecting the rights of the Owner and for the fulfillment of legal obligations.

With reference to the processing for marketing purposes indicated in paragraph 2(b), we inform you that the Data will be processed for the entire duration of the contract unless you withdraw your consent or exercise your right to object to the processing.

Your credit card information will not be processed by the Company as it is processed and/or stored directly by the banking circuit. The Company also uses the professional payment services of the PayPal Inc. group. and Stripe Inc. that ensure maximum protection and confidentiality for the consumer.

With reference to the data processed for profiling purposes, we inform you that the Data will be processed for a maximum period of 12 months or for such different period as may be provided for by law or by measures of the Supervisory Authority, unless you exercise your right to object to the processing. After this period or in case of opposition, the data will be retained if necessary to pursue other purposes or will be permanently deleted.

If you leave a comment, the comment and its metadata are retained indefinitely. This is how we can automatically acknowledge and approve any subsequent comments instead of keeping them in a moderation queue. Visitor comments can be checked through an automatic spam detection service.

For users who register on our website (if any), we also store the personal information they provide in their user profile. All users can see, change, or delete their personal information at any time (except their user name, which they cannot change). This data will be kept until your account is closed. Website administrators can also see and edit this information.

4.What rights do you have over your data

In accordance with current regulations, it has the right to:

– to request and obtain information about the existence of its data in the availability of Cantine Europa SCA and access to such data;

– Request transfer to another owner, for data processed by automated systems;

– To request and obtain amendment and/or correction of your personal data if you believe it is inaccurate or incomplete;

– to request and obtain the deletion – and/or restriction of processing – of your personal data if it is data or information that is not needed – or no longer needed – for the above purposes, then after the retention period indicated in the preceding paragraph has elapsed.

Such requests may be forwarded to the Holder by writing to ordini@cantineneuropa.net or by registered mail A/R addressed to Cantine Europa SCA, SS 115 Km 42, 400 – 91020 PETROSINO (TP).

We would also like to inform you that in accordance with the regulations in force, you may lodge any complaints regarding the processing of your personal data with the Data Protection Authority.

If you have an account on this site, or have left comments, you can request to receive an exported file from the site with the personal data we have on you, including the data you have provided to us. You can also request that we delete all personal data about you. This does not include data that we are obliged to keep for administrative, legal, or security purposes.

Additional information

How we protect your data. Preventing data breaches

The security of data storage used for the purposes set forth are left to the technology offered by the provider of hosting services, of CMS (WordPress). For software/frameworks/databases that manipulate and/or store data, the Company will periodically (within the limits of mutual compatibility and services offered by service providers) perform security updates and monitor access and requests made by telematics services.

From which third parties we receive data

The Society does not directly use data provided by third parties.

Industry regulatory disclosure requirements

The Owner reserves the right to change or simply update the content of this privacy policy, in part or in full, including due to changes in applicable legislation. The Data Controller therefore invites you to visit this section regularly to familiarize yourself with the most recent and updated version of the privacy policy so that you are always up-to-date on the Personal Data collected and its use.

Information on the processing of customers’ personal data: last modified on 14/10/2021.