Personal data are processed with automated tools for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The data controller for Giò e Giuà is: Salumificio Gerini S.p.A., VAT number 01230300483, Viale Hanoi, 50 - 50065 Pontassieve (FI), telephone +39 055 8368559 / +39 055 8315207, fax + 39 055 8368397, email info@gerinispa.com.
Giò e Giuà adopts security measures appropriate to the type and sensitivity of the data being stored (from encryption to integrated security programs). As with any Internet-enabled system, there is always the risk of unauthorized access: it is therefore very important to protect your passwords. Giò e Giuà takes appropriate security measures to ensure protection against unauthorized access, modification, disclosure or destruction of the personal data it collects and stores.
Giò e Giuà processes the User's personal data in in the case of:
The data collected by Giò and Giuà are processed and stored for the time required by the purposes for which they were collected, such as the execution of a contract between the owner of the site and the user which will be kept until the completion of the contract. , for purposes related to legitimate interest will be kept until the interest is satisfied. For processing based on the User's consent, the data can be kept longer, until the consent is revoked. The site owner may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority. The User can always request further information on the legitimate interest pursued by the owner of the site directly from the owner himself.
At the end of the retention period, the Personal Data will be deleted.
The User has the right to:
It is possible to access this site without the user being asked for any personal data. The computer systems detect some data during the course of their normal operation, data that are used during the use of Internet communication protocols and that are not associated with directly identifiable users. The collected data includes, for example, the IP addresses of the users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request and the numerical code indicating the status of the response given by the server ( successful, error, etc.) together with other parameters relating to the operating system and the user's IT environment.
This information does not provide the user's personal data and is not collected to be associated with identified data subjects: it is technical / IT information collected and used in an aggregate and anonymous manner for the purpose of verifying correct functioning and monitoring and security. of the site or improve the quality of the service and provide statistics concerning the use of the site or proceed to ascertain responsibility in the event of hypothetical computer crimes against the site.
The optional, explicit and voluntary sending of messages to contact addresses or the compilation and sending of messages from the contact forms on the site involves the acquisition of contact data and related personal data included in the communications. These data are necessary to respond to requests sent and / or provide the requested service. Failure to provide consent or its revocation does not entail any consequences, except for the impossibility of using the site and / or the provision of the requested service or obtaining more detailed information on the Company's activities.
In any case, the processing of personal data may be carried out, if necessary, for the pursuit of a legitimate interest of the owner or on the basis of a legal obligation. In particular, obtaining consent to the processing referred to in the previous point relating to navigation and log data is not necessary as the data is treated as responding to a legitimate interest.
User data will not be disclosed, but may be disclosed to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data are stored on servers located within the European Union and in any case it is understood that the owner, if necessary, will have the right to move the servers even outside the EU GDPR. In this case, the owner ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission and the user will be informed.
The data may be disclosed to third parties belonging to the following categories: