Link copiato negli appunti
privacy policy
INDEX
A- Personal Data processed
B- Purpose of Personal Data processing
C- Legal basis of processing
D- Recipients and transfer of Personal Data
E- Storage of Personal Data
F- Your rights as a Data Subject
G- Changes to the Privacy Policy
The following Privacy Policy is provided to you by GESCO Società Cooperativa Agricola based in Via del Rio, 400 – 47522 S. Vittore di Cesena (FC) (the ‘Company’) as Data Controller of the personal data provided directly by you, or received or generated following the use of the site www.amadori.it and all the mini-sites attributable to Amadori products, promotions and competitions (the 'Website') if there is no appropriate and specific Privacy Policy.
The Company has appointed as Data Protection Officer (DPO) Emanuela Arduini, who can be contacted at the address dpo.gesco@amadori.it.
The Company considers respect for your privacy to be essential and therefore asks you to read this Privacy Policy carefully to make an informed choice when filling in the fields that may sometimes be presented to you when accessing, registering for sections of the Website and using the services offered interactively (e.g. subscription to the newsletter, registration for contests, participation in events, campaigns, etc.).
In general, all personal data ('Personal Data' and/or 'Data') you provide to the Company through the Website or which will be collected in the context of using the Company's services (defined collectively 'Services' and/or individually 'Service') as better defined in the Personal Data Processing Purposes Section of this Privacy Policy, will be processed in compliance with the principles recognised by current legislation on data protection, such as transparency, correctness, lawfulness, data minimisation, purpose and retention limitation, accuracy, integrity and confidentiality.
This Privacy Policy has been drawn up based on respect for the principle of transparency and trying to avoid excessively legalistic language for greater ease in understanding the information shown.
The Privacy Policy is divided into individual sections (collectively 'Sections' and/or individually 'Section'), each of which deals with a specific area to allow you to read and search the topics quickly and easily. The Company Website may contain links to other applications or websites. The Company is not responsible for their privacy policies or related contents.
A. Personal Data processed
The Personal Data processed through the Website consist of the following categories.
Name, contact details and other Personal Data
Suppose you decide to access the Services and content provided by the Company through the Website. In that case, the Company may ask you - depending on the type of Service - to indicate personal and identification data and information such as name, surname, residence-domicile address, email, date of birth, telephone number, etc. Likewise, you may be asked to provide additional Data, such as those provided when participating in contests, promotions, interactive games and initiatives of any kind. Additional Personal Data may be collected during the management of each relationship through the Website or may comprise data you decide to provide to the Company through the use of the Website's Contact/Customer Service area.
Some sections of the Website include free text fields in which you can provide the Company with information that may contain Personal Data. Since these are free fields, you may choose to communicate to us (even inadvertently) particular categories of Personal Data, such as data revealing political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to identify unique a natural person, data relating to health or sex life or sexual orientation.
The Company asks you not to disclose any of these types of data, unless you consider it strictly necessary to fulfil the request made to us. Since the provision of such information is, as mentioned, totally optional, if you choose to do so, the Company may process such information only with your explicit consent and in compliance with current legislation. The Company, therefore, emphasises the importance of expressing your explicit consent to processing these particular categories of Personal Data, should you decide to share such information with the Company.
Personal Data referring to other people
As mentioned in the previous paragraph, since the Website provides free text fields in which it is possible to forward any type of message, these could contain Personal Data relating to other interested persons. Whenever you decide to share such Data, you will be considered an independent Data Controller. As such, you must assume all the related legal obligations and liabilities. Therefore, in this regard, you grant the widest possible indemnity for any objection, claim, request for compensation for damage from processing, etc. that should reach the Company from persons whose Personal Data you have forwarded in violation of the applicable personal data protection regulations. Since, in such a case, the Company would not collect this information directly from the Data Subjects (but, indirectly, from you), please ensure that this specific processing is based on the consent of those Data Subjects or on another appropriate legal basis legitimising the processing of the information concerned.
Job applications and selection
If you decide to apply for a job within the Company or to apply for future open positions, you must refer to the 'work with us' section of the Website (https://www.amadori.it/lavora-con-noi). Regarding this you can refer to the Privacy Policy published here https://selezione.amadori.it/privacy_policy.php.
Navigation data and cookies
During their regular operation, the IT systems and software procedures used to operate the Website acquire some Personal Data whose transmission is implicit in Internet communication protocols. This is information not collected by the Company for association with identified Data Subjects but which, by its nature, could, through processing and association with data held by third parties, allow users to be identified.
This Data category includes the IP addresses or domain names of the computers used by users who connect to the Website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's IT environment.
These data are used to obtain anonymous statistical information on the use of the Website, to check its correct functioning and identify anomalies and/or abuses. The data will be kept in compliance with the maximum time permitted by law. The data may, in any case, be kept for longer if it is used to ascertain liability in the event of hypothetical computer crimes against the Website or third parties.
Information relating to the use of cookies is available in our Cookie Policy which we invite you to read by clicking on the following link (https://www.amadori.it/cookie-policy).
Personal data of minors under the age of 18
A user who has not yet turned 18 can freely browse the Website. What they cannot do is use Services that require registration or the provision of Data and information. Registration and use of the Services made available through the Website is only permitted for people over the age of 18. No one under this age can register on the Website or use the Services made available through it unless they have previously obtained the consent of the holder of parental responsibility (this because, pursuant to current legislation concerning the processing of personal data, with the direct offer of information society services to minors, the processing of personal data of the minor is lawful where the minor is at least 16 years old. Where the minor is under 16, the processing is lawful only if and if such consent is given or authorised by the parent or guardian).
B. Purpose of the processing of Personal Data
The purposes of processing of your Personal Data are:
- to allow the performance of operations strictly connected and instrumental to each service requested and used and, in any case, to the management of relations with you, such as manage the answer to questions received with the contact forms; allow you to access the private sections of the Website; help you in case you lose the login data/password of your personal account on the Website; guarantee the completion of contracts for the sale of goods and/or services, manage and fulfil orders through E-Commerce platforms; allow you to consult your purchase history; ensure the delivery of the purchased products and the verification of the progress of the relationships; allow you to take part in games, initiatives, competitions and prize events (Provision of Services);
- allow the correct performance of the contractual obligations assumed by us towards you and vice versa (Contractual obligations)
- allow the fulfilment of the obligations established by laws, regulations and community regulations, or provisions issued by authorities legitimated by the law and by supervisory and control bodies, as well as allow accounting and tax obligations (Legal obligations);
- carry out activities information about our products and/or services – e.g. through newsletters or other specific services - as well as promotional, commercial, market research and marketing activities - such as updates on site news, information about recipes, dietary and nutritional aspects, news about the Amadori world, participation in exhibitions, events, competitions and thematic initiatives of an extraordinary and temporary nature, etc. - through the use of automated systems without operator intervention (for example, email or SMS); carry out activities to measure customer satisfaction by sending questionnaires, carrying out surveys or conducting surveys (Marketing);
- carry out, if you are using a service on the Company's Website or proceed or have purchased one of the Company's goods or services, commercial information activity by email concerning the same type of product and/or service (Commercial Information);
- set up user groups by processing the data provided by them so as not to send generalised commercial and promotional communications to all users indistinctly. This allows us to segment users, creating groups divided into interest-based groups, for example, based on the country of origin, language, gender, and preferences expressed. This allows the Company to develop products and services considering the tastes and interests of customers as much as possible and to send you commercial communications - through the use of automated systems without operator intervention (for example, email or SMS), but also through traditional methods of contact, such as the postal service - which are as relevant and least invasive as possible, limiting as far as possible the receipt of messages not relevant to you. (Profiling).
C. Legal basis of the processing, mandatory/optional nature of the provision of Personal Data and consequences in case of no response
The legal bases the Company uses to process your Personal Data, according to the purposes indicated in the previous Section ('Purpose of processing Personal Data'), are as follows.
The provision of Personal Data, and the related processing for the Supply of Services and contractual Obligations, is strictly functional, respectively, to the performance of the requested service and to the correct performance of the contractual relationship existing with you and therefore represent a necessary condition to the establishment of the contractual relationship itself. Failure to provide the Personal Data requested for this purpose, or the ascertained erroneousness of the data provided, will make it impossible for the Company to perform the service and the contractual relationship and will allow the Company to refuse its performance or to interrupt the performance.
The provision of Personal Data, and the related processing for the purposes attributable to legal obligations, is necessary for the Company to comply with the related legal obligations. When you provide Personal Data to the Company, it must process it in compliance with applicable laws, which may include retention and communication to the competent authorities for compliance with tax, customs or other obligations.
The provision of Personal Data, and the related data processing for the purposes relating to the Marketing activity, is based on your explicit consent collected through your specific positive action (e.g. click on a specific checkbox). You are not obliged to provide this consent to the Company and, if you do, you are free to revoke it at any time without suffering any consequence (except that of not receiving marketing communications from the Company). You can revoke the consent given for this purpose by following the instructions contained in the 'Rights of the Data Subject' section of this Privacy Policy.
The provision of Personal Data, and the related processing for the purposes relating to the Commercial Information activity, is based on the Company's interest in sending you marketing communications via email regarding products and services similar to those you have already purchased through the Website. You can stop receiving these communications without suffering any consequence (except that of not being able to receive further communications of this kind from the Company) by using the link at the bottom of each email received for this purpose.
The provision of Personal Data, and the related data processing for the purposes relating to the Profiling activity, is based on your explicit consent collected through your specific positive action (e.g. click on a specific checkbox). You are not obliged to provide this consent to the Company and, if you do, you are free to revoke it at any time without suffering any consequence (except that of not being able to benefit from the personalisation of the Company's commercial offers). You can revoke the consent given for this purpose by following the instructions contained in the 'Rights of the Data Subject' section of this Privacy Policy.
D. Recipients and transfer of Personal Data
The Personal Data will be processed by the personnel of the Company in charge of developing and managing the Website who are authorised to process them to achieve the purposes previously indicated and who have committed themselves to confidentiality or have received an adequate legal obligation of confidentiality.
Personal Data may be shared, used and transferred within the companies belonging to the Amadori supply chain in relation to internal administrative, management and accounting purposes.
The Personal Data will be processed by subjects appointed as Data Processors, as they process Data on behalf of the Company (for example, companies responsible for managing and fulfilling sales orders, subjects with whom it is necessary to interact for the provision of Services such as hosting providers, platform providers for sending emails/SMS or, again, subjects delegated to carry out technical maintenance activities including the maintenance of network equipment and electronic communication networks, subjects for the development of interactive games and competitions, software developers for making payments, entities that provide the technological platform and payment gateway for product orders in the e-payments field).
Personal Data may be shared with third parties with whom the Company has contractual relationships concerning services linked to the performance of the activity (such as, for example, carriers for the delivery of products, auditing firms, individuals, companies or professional firms that provide assistance and consultancy on the subject, administrative, legal, tax, financial and debt collection in relation to the provision of the Services, etc.)
Finally, the Personal Data will be communicated, where required, to the competent financial offices, or to other Public Administrations, based on the provisions of the laws in force.
Personal Data is not intended for publication or dissemination. However, in some cases, as part of specific campaigns promoted through the Website, the Data Subject could be called upon to release their Data (including photographic and audio-video images) for the purpose of participating in events, competitions and thematic initiatives of an extraordinary and temporary nature, which by their intrinsic nature provide for their communication and dissemination. In these cases they will be warned in advance and specifically informed, and in any case the diffusion will be preceded by the prior acquisition of their consent.
The Company will process the data within the territory of the European Union and the European Economic Area. If for reasons of a technical, organisational and/or operational nature it becomes necessary to make use of subjects (among those indicated in the previous list) located outside the European Union or the European Economic Area, we inform you that the Company will ensure that the processing of Data from these subjects takes place in compliance with the applicable legislation. Therefore, the transfers will be carried out with adequate guarantees, such as adequacy decisions, models of Standard Contractual Clauses approved by the European Commission or other guarantees considered adequate. You can request more information by writing to the following email address: privacy@amadori.it.
E. Retention of Personal Data
The Personal Data processed for the purpose of Provision of Services and Contractual Obligations will be kept by the Company for the time strictly functional to the performance of the requested service and the correct performance of the contractual relationship with you. The Company will keep your authentication credentials active for the Website Services until you decide to cancel your account from the Services. In any case, since these Personal Data are processed to provide you with the Services and allow the performance of the contractual relationship, the Company may keep them for a longer period, in particular for what may be necessary in order to protect the interests of the Company from liability relating to the Services. At the end of this period the data will be deleted.
Your requests, and the Data contained therein, collected through the Contact/Customer Service area of the Website will be kept for the time necessary to allow the Company to identify the correct closure of the request, and in any case for as long as it may be necessary in order to protect the interests of the Company from possible liability. At the end of this period, the Data that allow for the identification, even indirectly, of a natural person (such as name, surname, email) will be anonymised and kept, in the form of aggregated data, for statistical purposes.
Personal Data processed for legal obligations will be kept by the Company for the period established by specific legal obligations or by applicable legislation.
The Personal Data processed for Marketing and Profiling purposes will be kept by the Company until the consent given by you is revoked, or in any case no later than 2 years and 1 year from the collection of consent respectively for marketing and profiling purposes. Once the consent has been revoked, the Company will no longer use your Personal Data for these purposes, but may still keep them, in particular for what may be necessary in order to protect the interests of the Company from possible liabilities based on such processing.
The Personal Data processed for the purpose of Commercial Information will be kept by the Company until you object to their processing through the link at the bottom of each Commercial Information email sent.
F. Your rights as a Data Subject
You have the right, exercisable at any time:
- to request access to your Personal Data (and/or a copy of such Personal Data), and further information on the processing in progress on them;
- to request the rectification or update of your Personal Data processed by the Company, where they are incomplete or outdated;
- to request the deletion of your Personal Data from the Company's databases, where you deem the processing unnecessary or illegitimate;
- to request the limitation of the processing of your Personal Data by the Company, where you believe that your Personal Data are not correct, necessary or are being processed unlawfully, or where you object to their processing;
- to exercise the right to data portability, i.e. to obtain in a structured format (for eg. XML, JSON, CSV, etc.), in common use and readable by an automatic device, a copy of the Personal Data provided to the Company concerning you, or to request its transmission to another Data Controller;
- to object to the processing of your Personal Data, using a legal basis relating to your particular situation, which you believe should prevent the Company from processing your Personal Data;
- to revoke your consent for Marketing and Profiling purposes and to oppose the processing for Commercial Information purposes. We remind you that the express consent for the forwarding of promotional communications referred to the Marketing and Profiling purposes extends not only to communications sent through the use of automated systems without operator intervention (for example, email or SMS) but also to traditional methods of contact, such as the postal service. It is always possible to revoke the consent to the processing even separately, for example, by deciding to receive such communications only through the postal service and not automated systems such as email or SMS.
We point out that the Personal Data you have provided to the Company can be modified at any time by writing to the following email address privacy@amadori.it. You will be able to exercise the above rights by means of the methods indicated above.
We inform you that - for Marketing purposes - you can revoke and stop the sending of this commercial information at any time, by writing to the email address indicated above or, in the case of communications received via IT tools, by following the procedure indicated in at the bottom of the communication itself (via the 'Unsubscribe' button), or by sending the word 'Stop' in response to a text message received.
You can also stop receiving Commercial Communications by using the appropriate link at the bottom of each email received (using the 'Unsubscribe' button).
The consent for the Profiling purpose can be revoked at any time by writing to the following email address privacy@amadori.it.
Such requests may also be sent to the Data Protection Officer at the following address dpo.gesco@amadori.it.
The Company also informs you that you always may complain to the competent Supervisory Authority (for example, that of the State in which you have your habitual residence, in Italy, the Data Protection Authority) if you believe that the processing of your Data is contrary to the legislation on the protection of personal data applicable.
G. Changes to the Privacy Policy
This Privacy Policy (Version 3.0) is effective as of April 7, 2022. The Company reserves the right to change or update its content, in part or completely, also because of changes in the applicable legislation. These changes will be binding as soon as they are published on the Website. The Company, therefore, invites you to visit this section regularly to read the most recent and updated version of the Privacy Policy to continually be updated on the Personal Data collected and the Company's use.