Sandoleria Caprese S.R.L. with registered office in Rome (RM) - Via dell'Orso 14 is the data controller of personal data provided by users through the website www.lecamerelle.it (the "Website").This Privacy Policy is provided to Users pursuant to and for the purposes of national and European legislation on the protection of personal data (EU Regulation 2016/679), as well as any other legislation on the protection of personal data applicable in Italy, including the provisions of the Garante.
1. DEFINITIONS
Personal Data (or Data)
Personal data is any information that, directly or indirectly, including in connection with any other information, makes a natural person identified or identifiable.
Usage Data
This is the information collected automatically through the Website including, but not limited to: the IP addresses or domain names of the computers used by the User who connects with the Website, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various products added to the shopping cart and possibly purchased, the various temporal connotations of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Website, with particular reference to the sequence of the pages consulted, the parameters relating to the User's operating system and computer environment.
User
The individual using the Web Site who, except where otherwise specified, coincides with the Data Subject.
Interested
The natural person to whom the collected Personal Data refers.
Data Processor (or Manager)
The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set forth in this privacy policy.
Data Controller (or Owner)
Sandoleria Caprese S.R.L. based in Rome (RM), C.F. and P. IVA 11338921007 .
Website
The Web Site www.lecamerelle.it, through which Users' Personal Data are collected and processed.
Service
The Service provided by the Web Site as defined in the relevant terms and conditions of the Web Site.
2. DATA CONTROLLER AND DATA PROCESSORS
The Data Controller is Sandoleria Caprese S.R.L. based in Rome (RM), C.F. and P. IVA 11338921007. The Data Controller may employ data processors to achieve the purposes indicated below and a designated Data Protection Officer or DPO to oversee the protection related to personal data. Please note that you may at any time contact the Data Controller and send any questions or requests regarding your personal data and respect for your privacy by writing to privacy@lecamerelle.it.
3. TYPES OF DATA COLLECTED
By way of example but not limited to, the Personal Data collected by the Website, either independently or through third parties, include: email, first name, last name, date of birth, gender, delivery address, zip code, delivery city, cell phone number, cookies, and Usage Data. If the User signs up through social media authentication methods, Le Camerelle will access certain Personal Data (e.g., first name, last name, email, etc.) in the User's social media account according to the applicable terms of use of the specific social media platform.
Personal Data may be directly provided by the User or, in the case of Usage Data, automatically collected during the use of the Website.
Unless otherwise specified, all Data requested by the Website is mandatory. If the User refuses to communicate them, it may be impossible for Le Camerelle to provide the Service. In cases where the Website indicates certain Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation. Users in doubt about which Data are mandatory are invited to contact the Data Controller.
The User represents and warrants that the Personal Data belongs to and relates to the User, assuming all relative responsibility for such declaration and releasing the Owner from any liability to third parties.
4. MODE AND PLACE OF PROCESSING OF COLLECTED DATA
Mode of treatment
The Controller takes specific security measures in order to ensure that data processing is carried out in compliance with data protection regulations and to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The Personal Data collected on the Website are stored in Italy and are not subject to dissemination, will not be sold, or otherwise transferred to third parties, except in the cases provided for by law.This is without prejudice, in any case, to the communication of Data to companies expressly appointed to perform certain services within the scope of the activity carried out by the Data Controller and/or, in general, in its favor, which will operate as autonomous data controllers and/or managers, as well as the communication and/or dissemination of Data required, in accordance with the law, by police forces, judicial authorities, information and security bodies or other public entities for purposes of defense or state security or the prevention, detection or repression of crimes.
By way of example, the Data Controller may disclose the personal data of Data Subjects to:
- collaborators, employees and suppliers of the same Company, within the scope of their respective duties and/or any contractual obligations with them, inherent in the relationship with the Interested Party;
- Legal, administrative and tax consultants who assist the Company in carrying out its activities;
- banking institutions for the management of collections and payments arising from the execution of the contract with the Interested Party;
- subcontractors and/or subcontractors engaged in activities related to the execution of the contract with the Company, as external data processors;
- Public bodies and/or judicial and/or supervisory authorities, in case of their request, as autonomous data controllers; and
- IT service providers or cloud systems;
- other companies in the Le Camerelle Group.
The full list of data controllers may be requested by the Data Subject, at any time, by sending a written request to the address below.
Location and relocation
The Data is processed at the premises of the Data Controller.
We ensure that it is carried out in accordance with this Privacy Policy and provide adequate protection.
The Data may be transferred outside the territories of the states that are part of the European Union to be stored on the servers used by Le Camerelle or by third parties appointed as external data processors for this purpose. The transfer is put in place by Le Camerelle, subject to the conclusion of standard contractual clauses in accordance with the models prepared by the European Commission with the suppliers of the servers and/or services, or verification of the registration of the external data controller under the system called "Privacy Shield".
Retention period
Data are processed and kept for the time required by the purposes for which they were collected, always taking into account the principle of minimization and for a period of time not exceeding that necessary for the purposes for which they were collected or subsequently processed.
In general terms, data will be kept until the first between:
- the fifth anniversary after the User's last use of the Website or last active interaction with Le Camerelle;
- The fifth anniversary after the account was closed.
The following categories of data may be retained for additional durations:
- financial and accounting data (e.g., invoices, payments, refunds, etc.) are retained for the duration required by applicable tax and accounting laws;
- all user-generated content (e.g., products purchased, behavior patterns) is anonymized, but remains available for our analysis in aggregate.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the expiration of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.
5. PURPOSE OF PROCESSING OF COLLECTED DATA
User Data are collected to enable the Owner to provide and optimize its Services and, in addition, to:
1. the identification of the User necessary for access to the Website and the dedicated products and services, as well as to allow the proper development of the support activity for the User;
2. the completion of the order and the management of the collection;
3. the preparation and delivery of orders;
4. the management of the invoicing of orders and the completion of related administrative and tax processes;
5. the after-sales service and the management of support and contact requests;
6. to assert and defend its rights, including in the context of debt collection procedures; (the purposes referred to in points 1 to 6, "Contractual Purposes");
7. for the fulfillment of obligations arising from applicable legislation, including the execution of communications to the competent authorities and supervisory bodies and to comply with requests from them ("Purposes of Legal Obligations"); and
8. where there is the express consent of the Data Subject, to improve the Data Subject's experience and to indulge the Data Subject's needs, for market analysis and the sending of communications, the development of marketing activities, as well as to analyze and understand customers in order to improve services (including the user interface experience) and optimize the selection of products offered ("Purposes of Legitimate Interest").
To obtain further information and about the Personal Data concretely relevant for each purpose, the User may request information from the Data Controller at privacy@lecamerelle.it.
6. NATURE OF CONSENT
The processing of personal data is mandatory:
- For the execution of the contract in relation to the Contractual Purposes,
- To comply with legal obligations in relation to the Purposes of Legal Obligations.
The Interested Party is free to provide its data and give consent to the processing. However, refusal to provide personal data and consent for the Contractual Purposes and the Purposes of Legal Obligations indicated above would result in preventing the Company from concluding the contract, and if already concluded, from continuing its execution. On the other hand, it is possible to deny the processing for the Purposes of Legitimate Interest.
However, it is always possible to request the Data Controller to clarify the legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.
7. USER RIGHTS
Users may exercise certain rights with respect to the Data processed by the Data Controller. In particular, the User has the right to:
- Revoke consent at any time. The User may revoke the previously expressed consent to the processing of his/her Personal Data.
- Object to the processing of their Data. You may object to the processing of your Data when it is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
- access to your Data. You have the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing and to receive a copy of the Data processed.
- verify and request correction. Users may verify the accuracy of their Data and request that it be updated or corrected.
- Obtain restriction of processing. When certain conditions are met, the User may request the restriction of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its preservation.
- Obtain the deletion or removal of their Personal Data. When certain conditions are met, the User may request the deletion of their Data by the Data Controller.
- Receive their Data or have their Data transferred to another owner. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred unimpeded to another data controller. This provision is applicable when the Data are processed by automated means and the processing is based on the User's consent, a contract to which the User is a party or contractual measures related thereto.
- propose complaint. The User may bring a complaint to the relevant data protection supervisory authority or take legal action.
Should the Data Subject wish to exercise the rights provided for in this Section 7, he or she may contact the Data Controller at privacy@lecamerelle.it.
Details of the right to object
When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or in pursuit of a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.Users are reminded that, at any time and without providing any reasons, they may stop receiving newsletters from the Data Controller by following the instructions indicated in the newsletter.
How to exercise rights
To exercise the User's rights, Users may address a request to the contact details of the Controller set out in this document. Requests are processed by the Owner as quickly as possible.
COOKIE POLICY
This Web Site makes use of Cookies.
Cookies are small text files that the Web Site sends to the user's terminal, where they are stored and then transmitted back to the Web Site the next time the same user visits.
The computer systems and software procedures in charge of the operation of the Website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.This is information that is not collected to be associated with identified subjects, but which by its very nature could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error) and other parameters relating to the user's operating system and information environment.These data, collected in aggregate form using so-called "analytics" cookies, are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check that it is working properly. The data could also be used where it is necessary to ascertain responsibility for computer crimes to the detriment of the Web Site.
The use of so-called session cookies (which are not stored persistently on the user's computer and vanish when the browser is closed) is strictly limited to the transmission of such session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the Site. In addition to these so-called "technical" cookies, which may be used by the Data Controller in the absence of the user's consent without prejudice to the need to make this disclosure, the Website also uses cookies for profiling and direct marketing purposes, to make You look at advertisements on the Website or send You newsletters about personalized products and/or services closer to Your interests and needs. There are also third-party cookies on the Website that have the same purposes described above and that the Owner does not control in any way. Processing by cookies for profiling and marketing purposes may be accepted or rejected. Most browsers accept cookies automatically and, therefore, you will have to intervene directly on your browser settings to change the settings.
ADDITIONAL INFORMATION ON TREATMENT
Litigation defense
The User's Personal Data may be used by the Owner in legal proceedings or in the preparatory stages to its possible establishment for the defense against abuse in the use of the Website or the Services offered therein to the User.
The User declares that he/she is aware that the Data Controller may be obliged to disclose the Data by order of public authorities.
Any information not contained in this policy
Any further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using privacy@lecamerelle.it.
Changes to the privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page. Therefore, please consult this page regularly, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this privacy policy, you must cease using the Website and may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that point.
This Privacy Policy is provided to Users pursuant to and for the purposes of national and European legislation on the protection of personal data (EU Regulation 2016/679), as well as any other legislation on the protection of personal data applicable in Italy, including the provisions of the Garante.
1. DEFINITIONS
Personal Data (or Data)
Personal data is any information that, directly or indirectly, including in connection with any other information, makes a natural person identified or identifiable.
Usage Data
This is the information collected automatically through the Website including, but not limited to: the IP addresses or domain names of the computers used by the User who connects with the Website, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (successful, error, etc.) the country of origin, the characteristics of the browser and the operating system used by the visitor, the various products added to the shopping cart and possibly purchased, the various temporal connotations of the visit (e.g. the time spent on each page) and the details of the itinerary followed within the Website, with particular reference to the sequence of the pages consulted, the parameters relating to the User's operating system and computer environment.
User
The individual using the Web Site who, except where otherwise specified, coincides with the Data Subject.
Interested
The natural person to whom the collected Personal Data refers.
Data Processor (or Manager)
The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set forth in this privacy policy.
Data Controller (or Owner)
Sandoleria Caprese S.R.L. based in Rome (RM), C.F. and P. IVA 11338921007 .
Website
The Web Site www.lecamerelle.it, through which Users' Personal Data are collected and processed.
Service
The Service provided by the Web Site as defined in the relevant terms and conditions of the Web Site.
2. DATA CONTROLLER AND DATA PROCESSORS
The Data Controller is Sandoleria Caprese S.R.L. based in Rome (RM), C.F. and P. IVA 11338921007. The Data Controller may employ data processors to achieve the purposes indicated below and a designated Data Protection Officer or DPO to oversee the protection related to personal data. Please note that you may at any time contact the Data Controller and send any questions or requests regarding your personal data and respect for your privacy by writing to privacy@lecamerelle.it.
3. TYPES OF DATA COLLECTED
By way of example but not limited to, the Personal Data collected by the Website, either independently or through third parties, include: email, first name, last name, date of birth, gender, delivery address, zip code, delivery city, cell phone number, cookies, and Usage Data. If the User signs up through social media authentication methods, Le Camerelle will access certain Personal Data (e.g., first name, last name, email, etc.) in the User's social media account according to the applicable terms of use of the specific social media platform.
Personal Data may be directly provided by the User or, in the case of Usage Data, automatically collected during the use of the Website.
Unless otherwise specified, all Data requested by the Website is mandatory. If the User refuses to communicate them, it may be impossible for Le Camerelle to provide the Service. In cases where the Website indicates certain Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation. Users in doubt about which Data are mandatory are invited to contact the Data Controller.
The User represents and warrants that the Personal Data belongs to and relates to the User, assuming all relative responsibility for such declaration and releasing the Owner from any liability to third parties.
4. MODE AND PLACE OF PROCESSING OF COLLECTED DATA
Mode of treatment
The Controller takes specific security measures in order to ensure that data processing is carried out in compliance with data protection regulations and to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The Personal Data collected on the Website are stored in Italy and are not subject to dissemination, will not be sold, or otherwise transferred to third parties, except in the cases provided for by law.This is without prejudice, in any case, to the communication of Data to companies expressly appointed to perform certain services within the scope of the activity carried out by the Data Controller and/or, in general, in its favor, which will operate as autonomous data controllers and/or managers, as well as the communication and/or dissemination of Data required, in accordance with the law, by police forces, judicial authorities, information and security bodies or other public entities for purposes of defense or state security or the prevention, detection or repression of crimes.
By way of example, the Data Controller may disclose the personal data of Data Subjects to:
- collaborators, employees and suppliers of the same Company, within the scope of their respective duties and/or any contractual obligations with them, inherent in the relationship with the Interested Party;
- Legal, administrative and tax consultants who assist the Company in carrying out its activities;
- banking institutions for the management of collections and payments arising from the execution of the contract with the Interested Party;
- subcontractors and/or subcontractors engaged in activities related to the execution of the contract with the Company, as external data processors;
- Public bodies and/or judicial and/or supervisory authorities, in case of their request, as autonomous data controllers; and
- IT service providers or cloud systems;
- other companies in the Le Camerelle Group.
The full list of data controllers may be requested by the Data Subject, at any time, by sending a written request to the address below.
Location and relocation
The Data is processed at the premises of the Data Controller.
We ensure that it is carried out in accordance with this Privacy Policy and provide adequate protection.
The Data may be transferred outside the territories of the states that are part of the European Union to be stored on the servers used by Le Camerelle or by third parties appointed as external data processors for this purpose. The transfer is put in place by Le Camerelle, subject to the conclusion of standard contractual clauses in accordance with the models prepared by the European Commission with the suppliers of the servers and/or services, or verification of the registration of the external data controller under the system called "Privacy Shield".
Retention period
Data are processed and kept for the time required by the purposes for which they were collected, always taking into account the principle of minimization and for a period of time not exceeding that necessary for the purposes for which they were collected or subsequently processed.
In general terms, data will be kept until the first between:
- the fifth anniversary after the User's last use of the Website or last active interaction with Le Camerelle;
- The fifth anniversary after the account was closed.
The following categories of data may be retained for additional durations:
- financial and accounting data (e.g., invoices, payments, refunds, etc.) are retained for the duration required by applicable tax and accounting laws;
- all user-generated content (e.g., products purchased, behavior patterns) is anonymized, but remains available for our analysis in aggregate.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the expiration of this period, the right of access, deletion, rectification and the right to Data portability can no longer be exercised.
5. PURPOSE OF PROCESSING OF COLLECTED DATA
User Data are collected to enable the Owner to provide and optimize its Services and, in addition, to:
1. the identification of the User necessary for access to the Website and the dedicated products and services, as well as to allow the proper development of the support activity for the User;
2. the completion of the order and the management of the collection;
3. the preparation and delivery of orders;
4. the management of the invoicing of orders and the completion of related administrative and tax processes;
5. the after-sales service and the management of support and contact requests;
6. to assert and defend its rights, including in the context of debt collection procedures; (the purposes referred to in points 1 to 6, "Contractual Purposes");
7. for the fulfillment of obligations arising from applicable legislation, including the execution of communications to the competent authorities and supervisory bodies and to comply with requests from them ("Purposes of Legal Obligations"); and
8. where there is the express consent of the Data Subject, to improve the Data Subject's experience and to indulge the Data Subject's needs, for market analysis and the sending of communications, the development of marketing activities, as well as to analyze and understand customers in order to improve services (including the user interface experience) and optimize the selection of products offered ("Purposes of Legitimate Interest").
To obtain further information and about the Personal Data concretely relevant for each purpose, the User may request information from the Data Controller at privacy@lecamerelle.it.
6. NATURE OF CONSENT
The processing of personal data is mandatory:
- For the execution of the contract in relation to the Contractual Purposes,
- To comply with legal obligations in relation to the Purposes of Legal Obligations.
The Interested Party is free to provide its data and give consent to the processing. However, refusal to provide personal data and consent for the Contractual Purposes and the Purposes of Legal Obligations indicated above would result in preventing the Company from concluding the contract, and if already concluded, from continuing its execution. On the other hand, it is possible to deny the processing for the Purposes of Legitimate Interest.
However, it is always possible to request the Data Controller to clarify the legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.
7. USER RIGHTS
Users may exercise certain rights with respect to the Data processed by the Data Controller. In particular, the User has the right to:
- Revoke consent at any time. The User may revoke the previously expressed consent to the processing of his/her Personal Data.
- Object to the processing of their Data. You may object to the processing of your Data when it is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
- access to your Data. You have the right to obtain information about the Data processed by the Data Controller, certain aspects of the processing and to receive a copy of the Data processed.
- verify and request correction. Users may verify the accuracy of their Data and request that it be updated or corrected.
- Obtain restriction of processing. When certain conditions are met, the User may request the restriction of the processing of its Data. In this case, the Data Controller will not process the Data for any purpose other than its preservation.
- Obtain the deletion or removal of their Personal Data. When certain conditions are met, the User may request the deletion of their Data by the Data Controller.
- Receive their Data or have their Data transferred to another owner. The User has the right to receive his or her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred unimpeded to another data controller. This provision is applicable when the Data are processed by automated means and the processing is based on the User's consent, a contract to which the User is a party or contractual measures related thereto.
- propose complaint. The User may bring a complaint to the relevant data protection supervisory authority or take legal action.
Should the Data Subject wish to exercise the rights provided for in this Section 7, he or she may contact the Data Controller at privacy@lecamerelle.it.
Details of the right to object
When Personal Data are processed in the public interest, in the exercise of public powers vested in the Data Controller or in pursuit of a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.Users are reminded that, at any time and without providing any reasons, they may stop receiving newsletters from the Data Controller by following the instructions indicated in the newsletter.
How to exercise rights
To exercise the User's rights, Users may address a request to the contact details of the Controller set out in this document. Requests are processed by the Owner as quickly as possible.
COOKIE POLICY
This Web Site makes use of Cookies.
Cookies are small text files that the Web Site sends to the user's terminal, where they are stored and then transmitted back to the Web Site the next time the same user visits.
The computer systems and software procedures in charge of the operation of the Website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols.This is information that is not collected to be associated with identified subjects, but which by its very nature could allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users connecting to the Site, the URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error) and other parameters relating to the user's operating system and information environment.These data, collected in aggregate form using so-called "analytics" cookies, are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check that it is working properly. The data could also be used where it is necessary to ascertain responsibility for computer crimes to the detriment of the Web Site.
The use of so-called session cookies (which are not stored persistently on the user's computer and vanish when the browser is closed) is strictly limited to the transmission of such session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the Site. In addition to these so-called "technical" cookies, which may be used by the Data Controller in the absence of the user's consent without prejudice to the need to make this disclosure, the Website also uses cookies for profiling and direct marketing purposes, to make You look at advertisements on the Website or send You newsletters about personalized products and/or services closer to Your interests and needs. There are also third-party cookies on the Website that have the same purposes described above and that the Owner does not control in any way. Processing by cookies for profiling and marketing purposes may be accepted or rejected. Most browsers accept cookies automatically and, therefore, you will have to intervene directly on your browser settings to change the settings.
ADDITIONAL INFORMATION ON TREATMENT
Litigation defense
The User's Personal Data may be used by the Owner in legal proceedings or in the preparatory stages to its possible establishment for the defense against abuse in the use of the Website or the Services offered therein to the User.
The User declares that he/she is aware that the Data Controller may be obliged to disclose the Data by order of public authorities.
Any information not contained in this policy
Any further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using privacy@lecamerelle.it.
Changes to the privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page. Therefore, please consult this page regularly, taking as reference the date of last modification indicated at the bottom. If you do not accept the changes made to this privacy policy, you must cease using the Website and may request the Data Controller to remove your Personal Data. Unless otherwise specified, the previous privacy policy will continue to apply to Personal Data collected up to that point.