Privacy policy
PRIVACY POLICY www.altamontagnabio.it Article 13 of EU Regulation 2016/679 (“GDPR”)
Dear User,
In accordance with Article 13 of EU Regulation 2016/679 (“GDPR”), and regarding the data that Alta Montagna Bio s.s. Azienda Agricola, as the Data Controller, will acquire during your navigation on the website www.altamontagnabio.it, we inform you of the following:
1. Categories of Personal Data Processed
a) Automatically Collected Browsing Data: The IT systems and applications dedicated to the functioning of this website automatically acquire certain personal data during normal operations, which are implicitly transmitted through the use of Internet communication protocols. Such information, by their very nature, could allow for the identification of users through processing and associations with data held by third parties. Collected data includes IP addresses and domain names of the computers used by users connecting to the site, URI (Uniform Resource Identifier) addresses of the requested resources, request time, the method used to submit the request to the server, the size of the file received in response, the numeric code indicating the status of the server's response (successful, error, etc.), and other parameters regarding the operating system, browser, and computing environment used by the user. This data is processed for the time strictly necessary for the sole purpose of obtaining statistical information about site usage and to control its proper functioning. The provision of such data is mandatory as it is directly related to the web browsing experience. Browsing data is deleted immediately after processing or, at the latest, within 7 days.
b) Cookies: The site uses technical cookies, analytical cookies, and third-party analytical cookies, which may collect users’ browsing data. The data collected via cookies serves to enhance future browsing experiences, aiming to evaluate user behavior and adjust content offerings accordingly. For more information, please consult our Cookie Policy.
2. Purposes and Legal Basis for Processing
The data will be processed for the following purposes:
a) For Browsing Data: To monitor and ensure the functioning of the site. This processing is considered lawful under Article 6 of the GDPR as it is necessary for the legitimate interest of the Data Controller in ensuring the security and functionality of the website; the provision of browsing data is mandatory as it is directly related to the web browsing experience.
b) For Data Provided Voluntarily by Users: To fulfill user requests. This processing is considered lawful under Article 6 of the GDPR as it is necessary for the legitimate interest of the Data Controller in responding to user requests.
c) For Analytical Cookies: To improve the services offered and gather information about the number of users and how they visit the site. These processes are considered lawful under Article 6 of the GDPR as they are necessary for the legitimate interests of the Data Controller in legal defense and enhancing the services provided.
3. Processing Methods
The processing is carried out through operations or a set of operations indicated in Article 4, no. 2) of the GDPR, specifically: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion, and destruction of data.
Specific security measures are taken to ensure the availability, integrity, and confidentiality of the data.
4. Data Recipients
To the extent relevant to the stated processing purposes, the data in this Privacy Policy may be communicated to employees and collaborators within the Data Controller's organization in their capacity as data processors, who process the data according to specifically instructed guidelines. Outside the Data Controller's organization, data may be communicated to external collaborators and companies that provide services to the Data Controller as Data Processors, such as companies providing technical support and website maintenance. An updated list of Data Processors is available by sending an email to katia.dapostolo@gmail.com.
Users’ personal data will be communicated to third parties only if such communication is necessary to fulfill user requests. Finally, data may be communicated to all public and private entities whose right to access the data is recognized by law or by orders from authorities.
5. Data Transfer Abroad
If necessary for the fulfillment of the purposes, the Data Controller may transfer data to a third country. In such cases, the Data Controller ensures that the transfer of extra-EU data will be conducted in compliance with applicable legal provisions, subject to the signing of standard contractual clauses as provided by the European Commission.
6. Data Retention Period
The collected data will be retained for the following periods:
a) Browsing data is deleted immediately after processing or, at the latest, within 7 days.
b) Data provided voluntarily by the user will be retained for as long as necessary to respond to the request and for up to 6 months thereafter.
c) Data collected from analytical cookies: the Data Controller may choose how long Analytics will retain the data before proceeding with automatic deletion; in any case, the retention period will not exceed 50 months.
7. Rights of the Data Subject
The data subject has the right to request access to their data from the Data Controller, to rectify or delete it, to restrict processing, to object to processing, to request data portability, and to withdraw consent to processing, exercising these and other rights provided by the GDPR by simply contacting the Data Controller at katia.dapostolo@gmail.com.
8. Nature of Data Provision
Providing browsing data is mandatory and automatic.
Providing voluntarily supplied data is optional. Failure to provide personal data may result in the inability to obtain the requested service.
9. Data Controller
The Data Controller is Azienda Agricola Alta Montagna Bio s.s. Località Madonna delle Coste, 2 02011 Accumoli (RI).