This Site and any services offered through it are reserved for persons aged 18 years or over. The Data Controller does not, therefore, collect personal data with respect to persons under the age of 18. At the request of Users, the Controller shall promptly delete all personal data involuntarily collected relating to persons under the age of 18.
- Registered letter with return receipt to be sent to the Controller’s registered office at Via Val d’Enza 134 – Sant’Ilario d’Enza (RE), 42049 – Italy;
- An e-mail to firstname.lastname@example.org or an electronic e-mail to email@example.com
1. Purpose of data processing
User data shall be lawfully processed by the Controller in accordance with Article 6 of the Regulation for the following purposes:
c) performance of marketing activities: processing data provided in the form for the purposes of sending (by post, telephone, e-mail, fax or text message) personalised marketing announcements, carrying out market research and sending commercial or direct sales communications by Dalter Alimentari S.p.A. Processing is carried out with the consent of the User.
d) processing of “work with us” requests: activities connected or instrumental to the company’s internal selection processes for the purpose of assessing the profiles of candidates as employees, trainees or collaborators for professional work assignments as well as for the evaluation and filing of CVs. User data collected by the Controller for this purpose include name, surname, e-mail address, any further User data published in the “work with us”section and his/her CV.
e) administrative-accounting purposes: the performance of activities of an organisational, administrative, financial and accounting nature, such as internal management activities and activities functional to the fulfilment of contractual and pre-contractual obligations.
f) legal obligations: compliance with obligations laid down by law, by an authority, in a regulation or legislation and establishment of liability in the event of conceivable computer crimes to the detriment of the Site.
However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each processing operation and in particular to verify whether processing is based on the law, required by a contract or necessary to conclude a contract.
The provision of personal data for the above-mentioned processing purposes is optional but necessary, as failure to supply such data will mean that the User will be unable to make his/her request to the Controller.Personal data necessary for the pursuit of the processing purposes described in this point 1) are indicated with an asterisk in the request form.
2. Processing methods and data retention periods
The Data Controller shall process the personal data of Users by means of manual and IT tools, with logics strictly related to the data processing purposes themselves and, in any case, in such a way as to guarantee the security and confidentiality of the data.
The personal data of the Users of the Site shall be retained for the time strictly necessary to fulfil the primary purposes illustrated in point 1) above or, at any rate, for as long as is necessary to protect the interests of both the Users and the Data Controller under tort law. For the purpose referred to in point 1c), the data collected shall be kept for the time necessary to fulfil the purpose described above and, at all events, for no longer than the withdrawal of consent by the Data Subject.
Withdrawal of consent to data processing:Pursuant to Regulation (EU) 2016/679, the Data Subject has the right to withdraw his or her consent at any time. At the end of the requested operation, personal data shall be removed from the records of the undersigned as promptly as possible, without prejudice to the lawfulness of the processing based on the consent given prior to the withdrawal.
3. Communication and dissemination of data
The personal data of Users may be disclosed to persons designated to manage both the Site and User requests. Such designated persons, who have received their instructions from the Controller pursuant to Article 29 of the Regulation, shall process the User’s personal data exclusively for the purposes indicated in this Policy and in compliance with the provisions of the Applicable Legislation.
The personal data of Users can also be disclosed to third parties who may process it on behalf of the Data Controller in their capacity as “External Data Processors”, such as, by way of example, suppliers of IT and logistical services functional to the operation of the Site, suppliers of outsourced or cloud computing services, professionals and consultants.
Users have the right to obtain a list of any Data Processors appointed by the Controller by making a request to the latter in the manner indicated in point 4) below.
4. Data transfer
The Data Controller does not transfer personal data to countries outside the EU.
However, it reserves the right to use cloud services, in which case the service providers shall be selected from among those who provide adequate guarantees, pursuant to Article 46 GDPR 679/16.
5. Rights of Data Subjects
Users may exercise the rights guaranteed to them under Applicable Legislation by contacting the Controller in the following ways:
- registered letter with return receipt to be sent to the Controller’s registered office at Via Val d’Enza 134 – Sant’Ilario d’Enza (RE), 42049 – Italy;
- an e-mail to firstname.lastname@example.org or an electronic email to email@example.com
Pursuant to the Applicable Legislation, the Controller hereby informs Users that they have the right to obtain information on: (i) the origin of the personal data; (ii) the purposes and methods of processing thereof; (iii) the logic applied in the event of processing carried out with the aid of electronic instruments; (iv) the identity of the Data Controllers and Processors; and (v) the parties or categories of party to whom the personal data may be communicated or who may acquire knowledge of said data in their capacity as Data Processors or designated persons.
Furthermore, Users have the right to obtain:
a) access to, updating, rectification or, where of interest, integration of their personal data;
b) the erasure, anonymisation or blocking of personal data that have been processed unlawfully, including personal data the retention of which is not necessary for the purposes for which they were collected or subsequently processed;
c) certification that the operations referred to in points a) and b) have been brought to the attention, including as regards their content, of those to whom the data have been communicated or disseminated, unless this proves impossible or involves a manifestly disproportionate effort compared to the right protected.
In addition, Users have the right:
a) to withdraw consent at any time (if data processing is based on their consent);
B) where applicable, to data portability (i.e. the right to receive all personal data concerning them in a structured, commonly used and machine-readable format), to restriction of the processing of personal data and to erasure (“right to be forgotten”);
c) to object, in whole or in part, on legitimate grounds, to the processing of personal data concerning them, even if said data are relevant to the purpose of their collection;
(d) to lodge a complaint with a supervisory authority (in the Member State in which they have their habitual residence, in the Member State in which they work, or in the Member State in which the alleged breach occurred) if they consider that data processing concerning them is in breach of the Regulation. The Italian supervisory authority is the Garante per la protezione dei dati personali, with headquarters in Piazza Venezia 11, Rome, 00186 – Italy (http://www.garanteprivacy.it/).