This policy will allow you to discover, before accessing the various sections of the Website, how the Company processes your personal data, including both data you provide directly (such as your first name, surname, postal and e-mail address, date of birth, etc.) and the data collected as described in the section “The personal data we collect and how we collect it” (hereinafter, collectively, the “Personal Data”). Please view the policy before providing your Personal Data.
Identity and contact details of the Controller
The Controller is Carioca Food, viale Europa 22, Ospedalicchio di Bastia Umbra (PG) – firstname.lastname@example.org – +39 075 8004065 (hereinafter “Controller”).
The Controller will process your Personal Data in accordance with Regulation EU no. 2016/679 and national personal data protection regulations (hereinafter the “Privacy Regulation”).
The Personal Data we collect and how we collect it
The Controller may collect and then process your Personal Data when you browse the Website and/or access certain sections of it. When you connect to the Website, the IT systems and the software procedures which allow them to function automatically and indirectly provide and/or acquire certain information (such as the so-called “cookies”, as specified in the section “Cookies”, at the end of this policy document, “IP” addresses, the domain names of the computers used by users who connect to the Website, the “Url” address of the resources requested, the time of the request to the server).
Any requests for information or services you submit could lead to collection and subsequent processing of your Personal Data (such as first name, surname, postal and e-mail address, date of birth, etc.).
In particular, your Personal Data may be collected:
- when you fill out on-line forms; and
- when you fill out on-line registration forms to (possibly) access restricted areas.
If you choose to send a request through the “Contact us” section of the Website, you have to provide certain Personal Data to allow the Controller to satisfy your needs, so the relative boxes of the registration form are marked with an asterisk or otherwise indicated as obligatory. Providing Personal Data which is not marked with an asterisk or otherwise indicated as obligatory is entirely optional and there will be no consequences if this Personal Data is not provided, or is incomplete or imprecise. However, if you do not provide the Personal Data marked with an asterisk or otherwise indicated as obligatory, or said data is incomplete or imprecise, the service you request cannot be supplied. If you fail to provide any of the obligatory Personal Data, an error message will appear listing the missing obligatory Personal Data.
The purposes of processing your Personal Data and the legal basis for processing
Based on the needs you indicate each time on accessing the various sections of the Website, the purposes of processing your Personal Data and the legal basis for processing are indicated below.
Your Personal Data will be processed for the following purposes only with your consent to processing, which may be withdrawn at any moment, by sending a request to the Controller by mail or by email:
- management of your requests and response to them;
- marketing activities such as delivery of promotional materials and/or information by mail and email (i.e. newsletter and DEM);
- management and fulfillment of legal obligations (accounting, administrative, tax obligations, etc.).
How we process your Personal Data
Processing of your Personal Data may include any type of operation, such as collection, recording, organisation, storage, consultation, processing, rectification, selection, extraction, comparison, use, interconnection, blocking, disclosure, erasure and destruction.
Your Personal Data will be processed mainly with automated tools, but also on paper, adopting logic strictly linked to the related purposes, through the use of databases and electronic platforms managed by the Controller or by third parties appointed as external processors for this purpose and/or through the integrated IT systems of the Controller and of said third parties and/or websites owned or used by the Controller.
How long we keep your Personal Data
The Controller keeps the Personal Data for the time strictly necessary to fulfill your request, supply the service you have requested, fulfill legal obligations and, in any case, not beyond the applicable time limits.
The recipients of your Personal Data
Your Personal Data may be communicated to and processed by:
(i) legal or natural persons who act as external processors, performing activity in outsourcing, appointed by the Controller or by the external processors of the Controller (including parties assigned to perform assistance, communication, marketing, advertising, promotion and sale activities relating to products and/or services and also advertisers, advertising agencies, suppliers of IT services, the Website operators, electronic platform operators, partners, professional consultancy firms);
(ii) employees and/or collaborators of the Controller (including system administrators), who operate under its direct authority, who will be authorised to process your Personal Data; and
(iii) employees and/or collaborators of the external processors (including system administrators), who operate under the direct authority of the external processors and will be authorised to process your Personal Data.
Your Personal Data will not be communicated to third parties, except when communicated by the Controller to consultants in order to protect its rights, nor disclosed.
Minors under 16 years of age must not provide information or Personal Data to the Controller without parental consent. If this consent is not provided, minors cannot send requests via the Website. The Controller invites anyone with parental responsibility on minors to inform them on secure and responsible use of the Internet and the Web.
Identity and contact details of the processors
A complete list of the Personal Data processors may be consulted by contacting the Controller at the address indicated in the section “Identity and contact details of the Controller”.
Your rights in relation to processing of your Personal Data
As the data subject, you are granted numerous rights by the Privacy Regulation. In detail, you are entitled to:
- obtain from the Controller confirmation of whether or not your Personal Data exists, even if not registered, and its disclosure in intelligible form, and also access to your Personal Data (by obtaining a copy) and the related information (including the purposes of processing, the categories and origin of the Personal Data, the categories of recipients to whom it has been or could be disclosed, the retention period (when possible), the rights which may be exercised);
- obtain from the Controller the rectification of your Personal Data and supplementing of any incomplete Personal Data;
- obtain from the Controller the erasure of your Personal Data without undue delay, including when the Personal Data is no longer necessary for the purposes for which it has been processed or the legal basis for processing no longer exists;
- obtain from the Controller the conversion into anonymous form or blocking of your Personal Data if it is processed illegally, including data which it is not necessary to store, in relation to the purposes for which the Personal Data was collected or subsequently processed;
- obtain from the Controller the limitation of processing of your Personal Data, also when you dispute its accuracy or object to processing, for the period necessary for the respective checks to be performed;
- receive your Personal Data in a structured, commonly used, machine-readable format, and also transmit or, if technically feasible, obtain transmission of your Personal Data to another controller without impediments, in cases in which processing is carried out by automated means and is based on your consent or when necessary for execution of a contract to which you are a party;
- withdraw consent to processing of your Personal Data for any of the purposes for which it has been provided.
You may exercise your rights with the Controller by sending a letter by ordinary mail or email to the address indicated in the section “Identity and contact details of the Controller”.
Furthermore, if you believe that processing of your Personal Data breaches the Privacy Regulation, you may lodge a complaint with the Data Protection Supervisory Authority in the State in which you reside, where your workplace is located or in which the presumed breach has occurred, or contact said Authority to request information on exercising of your rights under the Privacy Regulation.
The right to object to processing of your Personal Data
At any moment and for reasons linked to your own specific situation, you are entitled to object to processing of your Personal Data which is based on a legitimate interest pursued by the Controller or by third parties. In this case, the Controller abstains from further processing of your Personal Data unless it demonstrates the existence of legitimate and binding reasons which prevail over your interests, rights or freedoms or processing is necessary to ascertain, exercise or protect a legal right.
You are entitled to object to processing of your Personal Data, by sending an ordinary mail or an e-mail.
If you object to processing of your Personal Data for this purpose, the Controller will be unable to carry out the related processing.
Cookies are texts strings which act as computer markers sent by a server (the Website service in this case) to the user’s device (normally an Internet browser) when the user accesses a given page of a website. Cookies, which may also be set by different websites to the one the user is visiting (“third party cookies”), are automatically stored by the browser and retransmitted to the server which generated them each time the user accesses the same web page. In this manner, for example, cookies facilitate access to several web pages in order to improve the user’s browsing (or allow storage of pages visited or other specific information, such as the most frequently consulted pages, connection errors, etc.), or allow profiling. For easy and complete use of a website, the user should therefore configure their browser to accept these cookies.
Browsers are often set to accept cookies automatically. However, users can change the pre-set configuration, to disable or delete cookies (each time or once and for all), although this could prevent optimal use of certain areas of the website. It is also possible to check the cookies modes and types stored on your browser by changing its cookie settings.
Characteristics and purposes of cookies
Our Website uses the following categories of cookies, which may belong to the Controller or to third parties.
These cookies assist you in browsing the Website and using its functions. Technical cookies include what are called “strictly necessary” cookies, which enable functions without which the Website cannot be used in full, or “performance cookies”, which improve the Website functions.
These cookies allow the Website to remember your choices (such as the language or your geographic location) and propose them again on subsequent accesses, in order to provide better and customised services (they can be used to propose similar contents to those you have requested in the past, for instance).
These cookies are used to send advertising messages and services in line with the preferences you have shown.
In particular, they are used to offer you advertising and services potentially reflecting your interests, and also to create individual profiles based on your tastes, preferences and consumption choices, as detected during browsing of the Website or by comparison of your activities via the browser. They are used, for example, to limit the number of times a given advert is shown, or to understand how effective an advertising campaign is from the frequency of views of the relative advert. This Website does not use this kind of cookies.
Description of the methods of consenting to installation of cookies
On your first access to the Website, you will see a banner with brief information containing the link to this extended policy, where you will find further information on the cookies installed by the Controller and by third parties.
This extended policy contains more detailed information on the description and characteristics of the various types of cookies and also allows you to decide independently which cookies you want to authorise.
Your consent is not required for the use of technical and analytical cookies. However, you can disable them using the procedure described in the paragraph “How to enable and disable cookies in your browser”.
Your consent is required for the use of profiling cookies, if used on Website, which are used to send you adverts and services in line with your tastes, preferences and consumption choices.
Links are provided below to the documents and consent forms of third parties who are independent controllers, through which you can obtain more information and manage and disable said cookies.
The Controller uses social buttons on the Website.
Social buttons are digital buttons or direct links with the platforms of Social Networks configured in each individual “button”.
You can click on those links to interact directly with the accounts (social pages) of the Controller.
The operators of the Social Networks to which the buttons redirect you are independent controllers. You can find more information on the individual privacy policies of the Social Network platforms and on the methods of managing and disabling the relative cookies on the Social Network platforms.
How to enable and disable cookies in your browser
You can stop your browser from accepting cookies. However, this could make access to certain functions of pages of the Website more difficult or impossible.
The methods provided by the main browsers to block acceptance of cookies are show below:
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
Further methods for disabling analytical and profiling cookies
In addition to disabling and/or deleting cookies through your browser settings, you can also disable and/or delete individual analytical and profiling cookies by accessing the following websites:
- https://tools.google.com/dlpage/gaoptout?hl=it to disable Google Analytics
- www.youronlinechoices.eu, a website managed by the European Interactive Digital Advertising Alliance (EDAA), for deletion of other cookies for users located in the European Union
- http://www.aboutads.info/choises/, for deletion of other cookies for users located in the United States of America.
These websites are not managed by the Controller, who therefore accepts no liability in relation to the respective contents.