Privacy policy
Table of content
A. Types of Personal Data processed
B. Purposes of Personal Data processing
C. Legal basis for processing, mandatory/voluntary provision of Personal Data and consequences of not responding
D. Personal Data transfer and recipients
E. Storage of Personal Data
F. Your rights as a Data Subject
G. Amendments to the Privacy Policy
The following information is provided by GESCO Società Cooperativa Agricola, Via del Rio, 400 – 47522 S. Vittore di Cesena (FC) (the “Company”), in its capacity as Controller of the Personal Data provided directly by you or received or generated through use of the website www.amadori.it and all the minisites relating to Amadori products, promotions and competitions (the “Website”) where no specific privacy policy exists.
The company believes strongly in respecting your privacy and therefore asks you to take a few minutes to read this information (the “Privacy Policy”) in order to ensure that you are providing your informed consent when filling in the sections that may pop up when accessing and registering on sections of the website and using the services offered in an interactive way (for example, registering for the newsletter, entering competitions, taking part in events, campaigns, and so on).
Generally speaking, all the Personal Data (“Personal Data” and/or “Data”) you provide to the Company via the website or which are collected when using services provided by the Company (collectively “Services” and/or individually “Service”), as defined in greater detail in the section Purposes of Personal Data processing of this Privacy Policy, shall be processed in accordance with the principles recognised by the applicable regulations governing Personal Data protection, such as the principles of transparency, fairness, lawfulness, data minimisation, purpose limitation and storage limitation, accuracy, integrity and confidentiality.
This Privacy Policy has been prepared in accordance with the principle of transparency and avoiding excessively legal language, to make it easier to understand the information it contains.
The Privacy Policy is divided into individual sections (collectively “Sections” and/or individually “Section”), each of which deals with a specific area, in order to make it quicker and easier to read and search for specific topics. The Company website may contain links to other applications or websites.
The Company is not responsible for the relative privacy regulations or content of such applications or websites.
A. Types of Personal Data processed
The following types of Personal Data are processed by means of the Website.
- Name, contact details and other Personal Data
If you decide the access the Services and content the Company provides via the Website, the Company may – depending on the type of Service – ask you to provide Personal Data and Identifiers such as: name, surname, home address, email, date of birth, telephone number, etc. You may also be to provide additional Data such as that provided in order to take part in competitions, promotions, interactive games and any type of initiative. Additional Personal Data may be collected when managing any relationship via the Website or may consist of data you decide to provide the Company when using the Contacts/Customer Services area of the Website.
Some sections of the Website have blank fields where it is possible to provide the Company with information that could contain Personal Data. As these are blank fields, you could (including inadvertently) choose to provide us with specific types of Personal Data, such as data revealing your political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data to uniquely identify a natural person, and data relating to your health, sex life or sexual orientation.
The Company asks you not to reveal this type of data to anyone unless you consider it strictly necessary for the purposes of the request you have made to us. As we have stated above, the provision of this information is entirely voluntary, and therefore, if you decide to provide it, the Company will only be able to process this information with your explicit consent and in accordance with current regulations. The Company therefore underlines the importance of giving your explicit consent to the processing of these specific types of Personal Data, should you decide to share this information with the Company.
- Other people’s Personal Data
As mentioned in the previous paragraph, as the Website includes blank fields for sending messages of your choice, such messages could contain other people’s Personal Data. In all cases in which you decide to share such Data, you will be considered an independent Data Controller and, as such, will have to comply with all the relevant legal obligations and responsibilities. Therefore, you hereby fully exonerate the Company from any complaint, claim or request for compensation for damages from processing, etc. that might be made to the Company from people whose Personal Data you have provided in breach of the applicable personal data protection regulations. Given that, in such cases, the Company would not collect such information directly from the Data Subjects but indirectly from you, you guarantee that such specific processing would be based on the consent of said Subjects or other appropriate legal basis that authorises processing of the information in question.
- Personnel search and selection
If you decide to apply for a job opportunity with the Company or to send an application on spec for future positions, refer to the section of the Website “lavora con noi” (https://www.amadori.it/lavora-con-noi). For reference, see the Privacy Policy published here https://www.amadori.it/privacy/privacy-recruiting.
- Navigation data and cookies
The IT systems and the software procedures employed in the functioning of the Website acquire personal data in the course of normal operations, the transmission of which is implicit in the use of internet communication protocols. The information is not collected by the Company in order to be linked with interested parties, but by its very nature could, when processed and linked to data held by third parties, be used to identify users. The Data that fall within this category include the IP addresses or domain names of computers used by users to connect to the Website, the addresses in URI (Uniform Resource Identifier) notation of the resources requested, the time of requests, the methods used to submit requests to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters of the operating system and software environment of the user. These data are used for the sole purpose of obtaining anonymous statistical information about the use of the Website, to monitor its correct operation and to identify anomalies and/or misuse. The data will be stored for no more than the maximum amount of time permitted by law and may in any case by stored for a longer period of time should the data be used to ascertain responsibility in the event of hypothetical cyber crimes against the Website or third parties. Information about the use of cookies is available in our Cookie Policy, which is available for you to read by clicking on the following link (https://www.amadori.com/en/privacy/cookie-policy).
- Personal Data of under-18s
There are no restrictions on users under the age of 18 viewing the Website. However, they may not use Services requiring registration or the provision of Data or information. Registration and the use of Services made available via the Website is permitted only to people over the age of 18. No one under this age may register on the Website or use the Services made available via the Website, unless they have first obtained the prior consent of the holder of parental responsibility (this is because, according to current personal data protection law, if services are offered directly to children by the information company, the child’s personal details may be processed if they are at least 16 years old. When a child is under 16 years old, processing is only lawful when and if consent has been given or authorised by the holder of parental responsibility over the child).
B. Purposes of Personal Data processing
Your Personal Data are processed for the following purposes:
- To enable operations to be carried out that are strictly necessary and related to each service requested and used and in any case managing relations with you, such as managing the responses to queries made using the contact forms; to allow you to enable the reserved sections of the Website; to help you if you lose your Website personal account login/password data; to guarantee that sales and/or services agreements can be processed, to manage and process orders using the e-commerce platform; to allow you to check your purchase history; to guarantee the delivery of purchased products and monitor the status of relations; to allow you to take part in games, initiatives, competitions and prize-winning events (Provision of Services);
- to allow the correct execution of our mutual contractual obligations (Contractual obligations);
- to allow compliance with the obligations of EU legislation, regulations and laws, or guidelines issued by authorities entitled to do so by law and by supervisory and monitoring authorities, and to allow compliance with accounting and tax obligations (Legal obligations);
- to provide information about our products and/or services, e.g. by newsletter or other specific services – and promotional, commercial, market research and marketing activities, such as updates about changes to the Website, recipe information, diet and nutrition facts, news about the world of Amadori, participation in events, competitions and one-off or short-term themed initiatives, etc. – using automated systems without the need for an operator (such as email or text message); to measure the level of customer satisfaction by sending questionnaires or carrying out surveys (Marketing);
- if you are using a service on the Company Website or purchase or have purchased goods or services from the Company, to send commercial information by email about the same type of product and/or service (Commercial information);
- to set up user groups by processing the data sent by the same in order not to send blanket commercial or promotional information of a general nature to all users. This enables us to segment users, creating groups divided by areas of interest based, for example, on their country of origin, language, gender and preferences indicated. The Company is therefore able to develop products and services based as far as possible on customers’ tastes and interests and to send you commercial information – using automated systems without the need for an operator (such as email or text message), but also using traditional methods of contact such as the postal service – which are as relevant and non-invasive as possible, in order to try and ensure that you do not receive messages that are not of interest to you. (Profiling).
C. Legal basis for processing, mandatory/voluntary provision of Personal Data and consequences of not responding
The legal basis used by the Company for processing your Personal Data, for the purposes indicated in the previous Section (“Purposes of Personal Data processing”) is as follows.
The provision of Personal Data and relative processing for the purposes connected to the Provision of Services and Contractual obligations is strictly for the purpose, respectively, of providing the service required and correctly executing the contractual relationship existing with you, and is therefore a necessary condition for entering into the contractual relationship. Consequently, failure to provide the required Personal Data for these purposes, or confirmed errors in the data provided, will make it impossible for the Company to provide the service and enter into the contractual relationship, and will entitle the Company to refuse to do so, or to stop doing so.
The provision of Personal Data and their processing for the purposes required by Legal obligations is mandatory for the Company in order to comply with the relevant legal obligations. When you provide your Personal Data to the Company, the Company has to process them in accordance with the applicable laws, which may include their storage and communication to the competent authorities for compliance with tax, customs or other obligations.
The provision of Personal Data and their processing for the purposes required by Marketing is based on your explicit consent, which requires a specific positive action on your part (e.g. clicking on a specific checkbox). You are not obliged to give your consent to the Company, and if you do so, you are free to withdraw your consent at any time without consequence (other than no longer receiving marketing communications from the Company). You can withdraw your consent as set out in the instructions contained in the section “Rights of the Data Subject” of this Privacy Policy.
The provision of Personal Data and their processing for the purposes of providing Commercial Information is based on the Company’s interest in sending you marketing communications by email about products and services similar to those you have already acquired using the Website. You can stop receiving these communications without consequence (other than no longer receiving communications of this kind from the Company) by using the link for this purpose at the foot of each email received.
The provision of Personal Data and their processing for the purposes required by Profiling is based on your explicit consent, which requires a specific positive action on your part (e.g. clicking on a specific checkbox). You are not obliged to give your consent to the Company, and if you do so, you are free to withdraw your consent at any time without consequence (other than no longer receiving personalised commercial offers from the Company). You can withdraw your consent as set out in the instructions contained in the section “Rights of the Data Subject” of this Privacy Policy.
D. Personal Data transfer and recipients
Personal Data will be processed by the Company in charge of developing and managing the Website, which is authorised to process the data for the purposes indicated above and is committed to confidentiality or has received an adequate legal obligation of confidentiality.
The Personal Data may be shared, used and transferred between companies belonging to the Amadori supply chain for administrative, management and accounting purposes.
The Personal Data will be processed by people appointed as Data Processors because they process data on behalf of the Company (for example, companies that manage and process sales orders, entities with which the Company interacts to provide the Services such as hosting providers, suppliers of platforms for sending emails/text messages, companies responsible for carrying out technical maintenance including maintenance of the network equipment and electronic communications networks, developers of interactive games and competitions, software developers for payment systems and providers of the technology platform and payment gateway for product orders using e-payments).
The Personal Data may be shared with third parties with which the Company has a contractual relationship to provide services required for carrying out activities (such as, for example, product delivery carriers, auditors, individuals, companies or professional firms providing assistance and consultancy services on administrative, legal, taxation, financial and credit recovery matters relating to provision of the Services, etc.)
Finally, where requested, the Personal Data will be provided to the competent financial authorities, or to other Public Administrations, as required by law.
Personal Data will not be published or disseminated. However, in the case of some specific campaigns promoted on the Website, individuals may be asked to provide their Data (including photos and audio-visual content) in order to take part in one-off and short-term events, competitions and themed initiatives, which by their intrinsic nature involve the communication and dissemination of such data. In such cases, the individual will be warned and specifically informed beforehand, and in any case their consent will be obtained before dissemination.
Data will be processed by the Company within the European Union and European Economic Area. Should it be necessary for technical, organisational and/or operational reasons to employ entities (indicated in the above list) located outside of the European Union and European Economic Area, the Company shall ensure that the data processing carried out by such entities takes place in accordance with the applicable laws. Transfers will therefore take place subject to adequate guarantees, such as adequacy decisions, Standard Contractual Clause models approved by the European Commission or other guarantees considered to be adequate. You can ask for more information by sending an email to the following address: privacy@amadori.it.
E. Storage of Personal Data
Personal Data processed for the purpose of the Provision of Services and Contractual obligations will be stored by the Company for the time strictly necessary to provide the service required and correctly execute the contractual relationship with you. The Company will keep your Website Services authentication credentials live until you decide to cancel your Services account. In any case, because such Personal Data are processed to provide the Services and permit the execution of the Contractual relationship, the Company will be able to store them for a longer period, specifically for as long as may be necessary to protect the Company’s interests against potential liability as regards the Services. At the end of this period the data will be deleted. Your requests, and the Data they contain, collected from the Contacts/Customer Services area of the Website will be stored only for the time necessary for the Company to identify that the request has been met and in any case for as long as may be necessary to protect the Company’s interests against potential liability. At the end of this period Data enabling the identification of a natural person, including indirectly (such as their name, surname and email address) will be anonymised and stored in aggregate format for statistical purposes.
Personal Data processed for the purpose of Legal obligations will be stored by the Company for the period allowed by specific legal obligations or the applicable regulations.
Personal Data processed for Marketing or Profiling purposes will be stored by the Company until you withdraw your consent. Once consent has been withdrawn, the Company will no longer use your Personal Data for such purposes, but will be able to store them, specifically for as long may be necessary to protect the Company’s interests against potential liability deriving from such processing.
Personal Data processed for Commercial Information purposes will be stored by the Company until you withdraw your consent for processing by using the link for this purpose at the foot of each Commercial Information email sent.
F. Your rights as a Data Subject
You have the right, at any time:
- to request access to your Personal Data (and/or a copy of said Personal Data), and any other information about ongoing processing of said data;
- to ask your Personal Data processed by the Company to be rectified or updated, where incomplete or not up to date;
- to ask for your Personal Data to be erased from the Company’s database, should you consider processing them to be unnecessary or unlawful;
- to ask for the processing of your Personal Data by the Company to be restricted, should you consider that your Personal Data are incorrect, unnecessary or unlawfully processed, or where you objected to their processing;
- to exercise your right to Data portability, i.e. to obtain a copy of the Personal Data provided to the Company that concern you in a structured, commonly used, machine-readable format (e.g. XML, JSON, CSV, etc.), or to request their transmission to another Controller;
- to object to the processing of your Personal Data, on a legal basis relative to your specific situation, which you consider should prevent the Company from processing your Personal Data;
- to withdraw your consent for Marketing and Profiling purposes and to object to processing for Commercial Information purposes. Note that the express consent for sending promotional communications for Marketing and Profiling purposes extends not only to communications sent using automated systems without the need for an operator (e.g., email or text messages), but also to traditional methods of contact, such as the postal service. It is always possible to withdraw consent to processing separately, for example by deciding only to receive such communications by post and not via automated systems such as email or text message.
Note that the Personal Data you have provided to the Company may be amended at any time by writing to the following email address: privacy@amadori.it. You may exercise the above rights in the manner indicated above.
Note that – for Marketing purposes – you may withdraw from and stop the sending of such commercial information at any time, by writing to the email address provided above or, in the case of communications received by electronic means, by following the procedure indicated at the foot of the communication (using the button “Unregister”), or by sending the word “Stop” in response to a text message received.
You may also stop receiving a Commercial Communications by using the link at the foot of each email received (using the button “Unregister”).
Consent for Profiling purposes may be withdrawn at any time, by writing to the following email address: privacy@amadori.it.
Note that you always have the right to lodge a complaint to the competent Supervisory Authority (for example, the one of the country in which you are habitually resident, which in Italy is the “Garante per la Protezione dei Dati Personali”) if you consider that processing your data contravenes the applicable personal data protection regulations.
G. Amendments to the Privacy Policy
This Privacy Policy (Version 1.0) has been in effect since 29 May 2018. The Company reserves the right to amend or simply update the content, in part or in full, also as a result of changes to the applicable law. Such amendments shall be binding once they have been published on the Website. The Company therefore invites you to visit this section regularly to check the most recent and up-to-date version of the Privacy Policy in order to be up to date on the Personal Data collected and how the Company uses them.