Privacy Policy

Issued under Articles 13 of Regulation (EU) 2016/679
General Data Protection Regulation
Browsing on the website www.terredelcima.it

Below, we provide individuals who interact with our Company (the “Interessati”) a concise description of the essential features of the processing of their personal data concerning browsing on the website www.terredelcima.it by Maria Gava Azienda Agricola, with registered office at Via Teatro Vecchio, 1B – 31015 Conegliano (TV) and main operational headquarters at Via Cucco, 7 – 31058 Susegana (TV), VAT No. 04665000263, acting as the Data Controller (hereinafter the “Titolare”). The processing will be carried out in compliance with Regulation (EU) 2016/679 – General Data Protection Regulation (the “Regolamento”) and Legislative Decree 30 June 2003, No. 196 as amended by Legislative Decree 101/2018 (hereinafter the “Codice”).

By “data,” we mean “any information relating to an identified or identifiable natural person,” and by “processing,” “any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or interconnection, restriction, erasure or destruction.“

For further details, please refer to the detailed information that follows.

Who is the Data Controller?

Maria Gava Azienda Agricola, with registered office at Via Teatro Vecchio, 1B – 31015 Conegliano (TV) and main operational headquarters at Via Cucco, 7 – 31058 Susegana (TV), VAT No. 04665000263; contact details info@terredelcima.it.

What personal data do we process?

• Usage data (browsing data);
• Personal data such as identification and contact data (e.g., name, surname, address, email, phone);
• Data voluntarily provided by the user;
• Data possibly collected through cookies and/or other tracking tools.

Why do we process personal data? (Purposes)

1. To send informational material or other communications following the completion of the appropriate form on the website by the user (contact form) or following the sending of an email by the user to the addresses indicated on the site and generally for the conclusion and proper execution of a contract with the data subject and/or for the execution of pre-contractual activities and measures at the request of the data subject;
2. To comply with legal obligations or to comply with orders from public authorities;
3. To ascertain, exercise or defend a right in court or whenever authorities exercise their functions, as well as to identify any fraudulent or malicious activities.

What is the basis for processing? (Legal Basis)

1. The processing is necessary for the execution of a contract or pre-contractual measures adopted at the request of the user.
2. The processing is necessary to comply with the legal or regulatory obligations of the Controller.
3. The processing is connected to the legitimate interest of the Controller.

How do we process personal data?

In electronic, telematic and/or paper form, observing all precautionary measures applied by the Controller to ensure their security, confidentiality, and control.

The data are generally stored within the EU, but may also be stored and processed on servers located outside the European Community in compliance with current regulations.

To whom do we disclose personal data? (Categories of Recipients)

1. Collaborators, subjects appointed and authorised by the Controller;
2. External subjects (e.g., service providers) acting as Data Processors under Art. 28 GDPR, such as, for example, the subject managing the website;
3. Subjects legally entitled to access the data;
4. Subjects to whom communication is necessary for the fulfilment of contractual obligations;
5. Public authorities;
6. Third parties.

The personal data processed by the Controller are in no way subject to disclosure.

How long do we keep personal data?

Personal data will be stored for the time necessary to achieve the purposes listed above. In any case, the processing will not last longer, for each processed data, than the statute of limitations for exercising the rights connected to that data. Criteria used to determine the additional retention period of the data: a. Pursuit of the purposes related to processing. b. Retention time required by law. c. Withdrawal of consent by the data subject (in case of processing based on consent). d. Maximum term allowed by current legislation to protect the rights and/or interests of the Controller.

Is the provision of personal data mandatory or optional? What happens in case of refusal to provide personal data?

To browse the site, the user must provide us with browsing data and data contained in some cookies (technical cookies). In the case of failure to provide this data, the user may have a suboptimal browsing experience on this website, and we may not be able to meet their requests.

The voluntary provision of other data, e.g., by filling out the form on the site, is optional, but in case of refusal to provide data indicated as mandatory, we may not be able to meet your requests.

What rights does the data subject have?

The data subject has the right to:

• Access the data in our possession and request its communication in an intelligible form;
• Request updating, rectification and/or integration;
• Request erasure (“right to be forgotten”);
• Request restriction of processing;
• Request notification of any updates, rectifications, erasures, or restrictions;
• Request data portability;
• Object to processing;
• Revoke consent at any time for processing purposes that require it.
• File a complaint with a supervisory authority.

1) Identity and contact details of the Data Controller and Data Processor

Maria Gava Azienda Agricola, with registered office at Via Teatro Vecchio, 1B – 31015 Conegliano (TV) and main operational headquarters at Via Cucco, 7 – 31058 Susegana (TV), VAT No. 04665000263; contact details info@terredelcima.it.

2) Types of Data Processed

Visiting and consulting the website generally involve the collection and processing of the user’s common personal data, connected to browsing data. Furthermore, by filling out the appropriate form on the site, personal data such as identification and contact data (e.g., name, surname, email, phone), information related to the requested service, and additional data voluntarily provided by the user may be collected.

For data possibly collected through cookies, please refer to the Cookie Policy.

3) Purposes and Legal Basis for Data Processing

The Controller will carry out the processing for the following purposes:

• To provide the requested service following the completion of the appropriate form (contact form) on the website by the user and generally for the conclusion and proper execution of a contract with the data subject and/or for the execution of pre-contractual activities and measures requested by the user;
• Compliance with legal obligations to which the Controller is subject;
• The need to ascertain, exercise or defend a right in court or whenever authorities exercise their functions, based on the legitimate interest of the Controller, as well as to identify any fraudulent or malicious activities;

4) Methods of Data Processing

Data processing will take place with the support of electronic, telematic, and/or paper means in compliance with the Regolamento and the Codice, and in any case, to ensure the security and confidentiality of the data and prevent its disclosure or unauthorised use, alteration, or destruction. Therefore, personal data will be processed and stored in full compliance with the principles of necessity, data minimisation, and limitation of the retention period, through the adoption of adequate technical and organisational measures corresponding to the level of risk of the processing.

5) Data Recipients

The data may be disclosed (limited to their respective areas of competence and solely for the purpose of implementing the purposes described):

• To subjects to whom data communication is necessary for the operation of the site, acting as Data Processors under Art. 28 GDPR, such as, for example, the subject managing the website;
• To persons authorised by the Controller who have committed to confidentiality or are subject to an appropriate legal obligation of confidentiality (e.g., employees or collaborators of the Controller);

The data will not be subject to disclosure.

To comply with legal, regulatory, or contractual obligations, as well as to exercise any rights in court, the following third parties may have access to the data subject’s data: (i) banks, credit institutions, credit and financial entities; (ii) consultants in tax, legal, or accounting matters; (iii) companies providing the Controller with instrumental services for managing the contractual relationship (e.g., providers of management software); (iv) public authorities and bodies, both public and private, for supervision and control (e.g., Revenue Agency, judiciary, etc.). (v) companies providing the Controller with instrumental services for credit recovery.

6) Data Retention Period

Within the scope of the purposes outlined above, the data will be stored for the time strictly necessary to achieve the purposes for which they were collected and processed. The criterion for determining the actual data retention period will be represented by the statute of limitations for actions arising from the relationship with the data subject. Unless necessary to retain the data to comply with legal obligations on the part of the Controller or for the establishment, exercise, or defence in court of the rights of the Controller, the data subject’s data will not be stored for a period longer than 10 years from the termination of the relationship or the completion of the intended purpose, except for specific interruption of the statute of limitations, after which the data will be destroyed or irreversibly anonymised, unless their further retention is necessary to comply with legal obligations or to comply with orders issued by Public Authorities and/or Supervisory Bodies.

Browsing data is deleted immediately after processing (except for log data that must be retained for legal obligations, including the possible need to ascertain a crime by the competent Authorities); for cookies, please refer to the specific “Cookie Policy”.

7) Mandatory and Optional Nature of Data Provision

The user, in order to browse the website, must provide browsing data and data contained in some cookies (technical cookies). In the case of failure to provide this data, the user may have a suboptimal browsing experience on this website, and we may not be able to meet their requests.

The voluntary provision of other data, e.g., by filling out the form on the website, is optional; however, the refusal to provide the aforementioned data may result in the inability to meet the user’s request, as communication is essential and necessary for this purpose.

Data provision is mandatory for the purposes of complying with legal obligations; in case of your refusal, our company will not be able to proceed with the contractual relationship and related legal obligations.

8) Rights of the Data Subject

By sending a communication to the registered office of the Controller or to the email address info@terredelcima.it, each data subject may at any time exercise the rights under Articles 15 et seq. of the Regulation, including: (i) obtaining confirmation of whether or not data processing concerning them is underway; (ii) obtaining access to their data and the information indicated in Article 15 of the Regulation; (iii) obtaining the rectification of inaccurate data concerning them without undue delay or the integration of incomplete data; (iv) requesting the deletion of data concerning them without undue delay; (v) requesting the limitation of data processing concerning them; (vi) being informed of any rectifications, deletions, or limitations of processing carried out concerning the data that concerns them; (vii) receiving their data in a structured, commonly used, and machine-readable format; (viii) objecting at any time, for reasons related to their particular situation, to data processing concerning them carried out based on the legitimate interest of the Controller; (ix) revoking at any time and free of charge the previously granted consent, without affecting the lawfulness of the processing carried out until the revocation.

9) Complaint to the Supervisory Authority

If the data subject believes that the processing concerning them violates the provisions of the Regulation, they can always file a complaint with the Data Protection Authority (www.garanteprivacy.it), or with the Data Protection Authority of the country in which they habitually reside, work, or where the alleged violation occurred.

The Controller reserves the right to make changes to this privacy policy at any time by notifying users on this website, and, where technically and legally feasible and not excessively burdensome, by sending a notification to users through one of the contact details in their possession. Therefore, please frequently consult this page, referring to the date of the last modification indicated at the bottom.

This information is in effect from October 1, 2023.