Privacy

Privacy policy

This page describes the procedures used for managing the website in terms of the processing of users’ personal data. It is a notice pursuant to article 13 of the EU Regulation 2016/679 (also known as GDPR), provided to those who interact with the web services of Consorzio di Tutela “Bresaola della Valtellina”, and accessible online at: http://www.bresaolavaltellina.it/

We inform users that the information provided by this website can be subject to variation, in order to be always updated in accordance with new law provisions. We therefore advise users to read this privacy policy periodically.

1. Type of data processed

The data processed are navigation data and data provided voluntarily by the user, as defined hereafter.

Navigation data

The information systems and software procedures relied upon to operate this website acquire personal data as part of their standard functioning; the transmission of such data is implicit in the use of Internet communication protocols. Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.

This category of data include: IP addresses or domain names of the computers used by users connecting with this website; URI addresses (Uniform Resource Identifier) of requested resources; time of request; method used to forward the request to the server; response file size; server response status code number; users’ operating system parameters and IT environment.

These data are used solely for the purpose of obtaining anonymous statistical information about website usage and to verify its correct operation, and they are erased immediately after processing.

Data provided voluntarily by the user

The entry of optional data by filling in the forms contained in this website, as well as optional, explicit and voluntary submission of data through web forms or emails sent to addresses indicated in the website, for the purpose of obtaining specific services (e.g. newsletters) and/or communication and information, implies the subsequent collection of the sender’s address – which is necessary for replying to inquiries or providing services, communicatin and information requested – and the other personal data entered. Specific summary information will be provided or displayed on the website pages dedicated to on-demand services, to draw the users’ attention on their personal data processing.

2. Purpose of data processing

The processing of personal data exclusively has the following purposes:

a) purposes related to the use of the services provided for the site navigation;

b) activities connected with and instrumental to the management of customer relations (contact requests, sending deals, contracts, carrying out orders);

c) marketing and profiling activities, only with the specific consent of the user, for market research; economic an statistical analyses; sending advertising/information/promotional material, sending newsletters related to programmes and promotions (even online), communication, development and follow-up of commercial relations;

d) processing data related to curricula for the evaluation of job applications.

Submitting data for the purposes specified at paragraph c) and d) is optional and is subject to the provisions contained in article 7 of the GDPR. Communication related to marketing activities can be pursued by traditional means (e.g. mail, telephone calls with an operator) and computerised means (e.g. e-mail). If you are already a customer of Consorzio di Tutela “Bresaola della Valtellina”, we may send you commercial information related to services that are similar to those that you are already using, unless you express your dissent.

3. Data processing method

In addition to collecting, the processing of data may consist in registering, organising, filing, viewing, handling, modifying, selectioning, extracting, comparing, using, interconnecting, blocking, communicating, deleting and destructing the data, as per article 4 n° 2) of the GDPR. Data processing will be carried out in hardcopy, paper form, or with the aid of computers and electronic devices, with appropriate tools to guarantee the safety and privacy of data. In particular, all technical and organizational measures for data protection will be implemented so that the level of security required by law is met and the rights of the people concerned are protected.

4. Data retention time

Personal data are stored for the time strictly required for the purposes for which they are collected, in accordance with existing regulations and legal requirements.

Upon request of deletion by the user concerned, all the user’s personal data will be deleted, unless further retention is required by law.

Except in case of retention obligations as mentioned above, the Data controller adopts a personal data retention policy that limits retention time to a maximum of two years, in accordance with the principle of data processing minimisation.

5. Spreading and sharing data

The data will not be spread or shared and will be handled by the Company’s employees operating as authorised data processing operators in accordance with the duties involved in their tasks, for which they will receive adequate instructions. The data can be shared with third parties, among which the Data Processing Managers appointed as per article 28 of the GDPR. More specifically, the data may be communicated to the subjects including but not limited to the following categories: banks and companies specialized in payment management and credit insurance, law firms and consulting firms, companies in charge of the revision and/or analysis of our company’s budget review, public authorities or administrations to fulfil the relevant obligations under the law, Italian and foreign suppliers, financing companies and carrier companies.

For all purposes indicated in this privacy notice, your data can also be shared abroad, within or out of the European Union, in accordance with the rights and guarantees provided by law, and only after veryfing that the country concerned guarantees an appropriate level of protection as per the GDPR.

6. Data subject rights and withdrawal of consent

With reference to the above mentioned data, users can exercise all the rights set forth in article 7 of the Privacy Code and articles 15, 16, 17, 18, 20, and 21 of the GDPR, and specifically:

a) Right to access personal data;

b) Modification of personal data in case they are not correct;

c) Deletion of data;

d) Restrictions to data processing;

e) Objection to processing;

f) Right to data portability, which means the right to receive the personal data provided in structured, common and readable format from an automatic device and to obtain the transfer of data to another Data controller without hindrance. In case of violation of these provisions, the data subject has the right to lodge a complaint with the relevant Supervisory Authority.

The consent to personal data processing can be withdrawn at any tyme, without prejudice to the legitimacy of data processing carried out in the period before the withdrawal of consent, or to other processing based on legal grounds other than consent.

For further clarification on this privacy policy or on the topic of privacy, or to exercise your rights or withdraw your consent, you can write to email: info@bresaoladellavaltellina.it

7. Data Controller and Data Processing Manager

The Data Controller is “Consorzio di Tutela Bresaola della Valtellina” Via Piazzi 23 – 23100 SONDRIO Tel. +39 0342 201 984 C.F./P.IVA 00735490146 email: info@bresaoladellavaltellina.it

Please note that a detailed list of the Data Processing Managers is available at the registered office indicated above.