The new regulation in the European Union, called EU General Data Protection Regulation 2016/679 ("GDPR") entered into force on 25 May 2018. It provides strict and specific guidelines on how personal data is collected and managed. This also applies to companies and people who live outside the European Union but collect data from EU citizens.
WHO WE ARE
|Sargo Cooperative Society
|Registered office address
|Via Calamandrei, 54 – 52100 Arezzo
|Personal data processing manager
|+39 0583 1646122
What personal data we collect?
When you use our services, you accept that our company collects some of your personal data. We deal with two types of data:
- personal data provided by the user for the use of our services
- technical data that we automatically collect to improve the service we give you.
Data provided by the user
a) Contact form – newsletter
With this application we collect the following data:
- Your name (mandatory data)
- Your phone
- Your email (mandatory data)
- When you prefer to receive our contact? (Will be, ore sure…)
- Your message (mandatory data)
If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to their treatment in the manner described in this statement.
We store this data only in order to provide you with the requested service (request information and send information).
We do not disclose this data to third parties.
b) Data collected via online chat
The data provided (in the chat dialogue and / or in the fields to be contacted) will be treated in manual mode, IT and / or telematics only to process your request and assist you in booking. Only in case of your express consent, optionally provided through a specific form during the chat itself, your data may also be used for sending commercial and / or marketing information by using both traditional methods (paper mail addresses, calls with operator), both in automated mode (e-mail, sms).
The provision of personal data is optional, but filling in the fields with an asterisk is necessary to process your request and failure to provide them will make it impossible for Stomatikos Srl to provide the service. The content of the dialogue of this chat can be downloaded through the appropriate function and will be recorded for legal proof needs for 90 days.
c) Data collected automatically
- data collected using cookies or similar technologies: for more information, please visit the page “Cookie”.
How we use your data?
We use the collected data, if you have expressly given us consent, per:
- respond directly to your request for contact / quote and communicate promotional activities, commercial and advertising on events / offers by e-mail.
We process the data collected, if you have expressly given us consent, to analyze your habits or consumption choices in order to offer you an increasingly personalized service in line with your interests and to improve our commercial offer. In any case, these analyzes are not related to an automated decision-making process.
The provision of data is mandatory?
The provision of personal data is mandatory only for the treatments necessary for the provision of the services offered (any refusal for the purpose of providing the service makes it impossible to use the service itself); it is instead optional for promotional and profiling purposes and any refusal to give consent does not have negative consequences on the provision of the service offered within the website and related applications.
Who are the subjects of the data processing?
The data controller is Sargo Cooperative Company in the person of its pro tempore legal representative, with registered office located in Via Calamandrei, 54 – 52100 Arezzo, Beers 02082240512
The designated responsible for the protection of personal data (Dthey Protection Officer) pursuant to art. 37 of the GDPR is Paolo Tintori.
We remind you that you can contact the DPO at any time and send any question or request regarding your personal data and respect for your privacy by writing by writing through the appropriate form.
The data collected as part of the provision of the service may be communicated to:
- companies that perform functions strictly connected and instrumental to the operation - also technical - of our services, such as suppliers who provide services aimed at reviewing and verifying advertisements, direct marketing and customer care service providers;
- administrative and judicial bodies and authorities by virtue of legal obligations.
Your personal data may be transferred outside the European Union to be processed by some of our service providers. In this case, we make sure that this transfer takes place in compliance with current legislation and that an adequate level of protection of personal data is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules.
In no case do we transfer or sell personal data to third parties.
The owner adopts the appropriate security measures to prevent access, disclosure, unauthorized modification or destruction of personal data.
The treatment is carried out using IT and / or telematic tools, with organizational methods and with logic strictly related to the purposes indicated. In addition to the owner, in some cases, other subjects involved in the organization of this application may have access to the data (administrative staff, commercial, marketing, Legal, system administrators) or external subjects (as third party technical service providers, couriers, hosting provider, IT companies, communication agencies) also named, if necessary, responsible for the treatment by the owner. The updated list of managers can always be requested from the data controller.
What rights do you have on your data?
Users can exercise certain rights with reference to the data processed by the owner.
In particular, the user has the right to:
- withdraw consent at any time. The user can withdraw consent to the processing of their personal data previously expressed.
- object to the processing of your data. The user can object to the processing of their data when it takes place on a legal basis other than consent. Further details on the right to object are indicated in the section below.
- access their data. The user has the right to obtain information on the data processed by the owner, on certain aspects of the treatment and to receive a copy of the data processed.
- check and request correction. The user can verify the correctness of his data and request its updating or correction.
- obtain the limitation of the treatment. When certain conditions are met, the user can request the limitation of the processing of their data. In this case, the owner will not process the data for any other purpose other than their conservation.
- obtain the cancellation or removal of your personal data. When certain conditions are met, the user can request the cancellation of their data by the owner.
- receive your data or have it transferred to another holder. The user has the right to receive his data in a structured format, commonly used and readable by automatic device e, where technically feasible, to obtain the unhindered transfer to another holder. This provision is applicable when the data are processed with automated tools and the treatment is based on the user's consent, on a contract to which the user is a party or on contractual measures connected to it.
- propose a complaint. The user can lodge a complaint with the competent personal data protection control authority or take legal action.
How long and how we keep your data?
The data are processed and stored for the time required by the purposes of the services used and for which they were collected.
- Personal data collected for purposes related to the execution of a contract between the owner and the user will be retained until the execution of this contract is completed.
- The personal data collected for purposes related to the legitimate interest of the owner will be retained until the satisfaction of this interest. The user can obtain further information regarding the legitimate interest pursued by the owner in the relevant sections of this document or by writing to the DPO through the appropriate form.
When the treatment is based on the user's consent, the owner can keep personal data longer until such consent is revoked. Furthermore, the owner may be obliged to keep personal data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, personal data will be deleted. Therefore, upon expiry of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
If the changes concern treatments whose legal basis is consent, the owner will collect the user's consent again, if necessary.