privacy policy

This privacy policy contains important information on the processing and protection of personal data of users of the site https://www.tenutadicornazzano.it/

The data collected through the site are processed according to the principles of correctness, lawfulness, transparency, limitation of purposes and conservation, minimization and accuracy, integrity and confidentiality, as required by EU Regulation 679/2016 (GDPR).

Data Controller
The Data Controller is Azienda Agricola Tenuta di Cornazzano a r.l., Via di Cornazzano 179 – 00123 Rome, VAT number 16435901000, email: info@tenutadicornazzano.it

Website
Azienda Agricola Tenuta di Cornazzano a r.l. is the owner of the site https://www.tenutadicornazzano.it/, hereinafter “Site”.

What personal data is collected and why (type of data, purpose and legal basis)
By browsing this Site, personal data may be collected, as better specified below.
Cookies are also installed, as can be read in the cookie policy.

• Navigation data
  The website’s computer systems implicitly collect, during their operation, some personal data (provided for by Internet communication protocols). These are not associated with specific subjects, except through a complex and complicated system of processing and association with other data, held by third parties. This category of personal data includes IP addresses or domain names of computers used by users who connect to the website, browsers and parameters of the computer system used to connect to the website, navigation data, including the time of the request and response obtained from the server.
  Data processed: IP addresses or domain names of computers used by users who connect to the website, browsers and parameters of the computer system used to connect to the website, navigation data, including the time of the request and response obtained from the server.
  Purpose: use of the website, anonymous statistics on the use of the Website.
  Legal basis: legitimate interest of the Data Controller.

Processing and storage methods
The data processing is carried out in an automated and/or manual form, in compliance with the provisions of art. 32 of the GDPR 2016/679 regarding security measures; that is, the data is processed and managed in such a way as to avoid or in any case limit as much as possible the risks of loss, destruction, theft and in such a way as to allow their recovery, if one of the cases described were to occur.
In accordance with the provisions of art. 4 of the GDPR 2016/679, the data provided may be: collected, recorded, organized, stored, consulted, processed, modified, selected, extracted, compared, used, interconnected, blocked, communicated, deleted and destroyed. Your Data will be stored for the time strictly necessary to achieve the purposes for which they were collected or in compliance with a legal obligation or by order of an authority.

Data retention period
Personal data is retained for the time necessary to manage the answers to user questions, in case of filling out the form on the site. The user has the right to request the destruction or deletion of the data provided. The data may also be retained for a longer period, to fulfill fiscal obligations or the order of an Authority. At the end of the period necessary for storage, the data will be deleted and no longer recoverable.

Communication and dissemination of data
Personal data will never be disseminated and will not be communicated without the explicit consent of the user.

Transfer of personal data
The data will not be transferred either to Member States of the European Union, or to third countries outside the European Union (with the exception of social buttons as the servers could be located in the European Union or outside it).

Rights of the interested party
At any time, the user may exercise, pursuant to articles 15 to 22 of GDPR 2016/679, the right to:

1. request confirmation of the existence or otherwise of personal data concerning him or her;
2. obtain information on the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the retention period;
3. obtain the rectification and erasure of data;
4. obtain the limitation of processing
5. obtain data portability, i.e. receive them from a data controller, in a structured, commonly used and machine-readable format, and transmit them to another data controller without impediments
6. object to processing at any time and also in the case of processing for direct marketing purposes
7. object to an automated decision-making process relating to natural persons, including profiling
8. ask the data controller for access to personal data and for their rectification or erasure or for the limitation of processing concerning them or to object to their processing, in addition to the right to data portability
9. revoke consent at any time without prejudice to the lawfulness of processing based on consent given before its revocation
10. make a complaint with a supervisory authority.

How to exercise your rights
To exercise the aforementioned rights or to receive clarifications or other information regarding the processing of personal data, you can write to the email address info@tenutadiconazzano.it and a response will be given within 30 days.