What are you looking for?
Search
INFORMATION FOR THE PROCESSING OF PERSONAL DATA
NUOVO PASTIFICIO ITALIANO S.r.l. with registered office in z.i. Equipped axis km. 4 03013 FERENTINO (FR) – Italy - P.Iva and C.F. 02509360604 , as data controller for the execution of contractual relationships, comes into possession of data, also acquired verbally, qualified as "personal data" by EU Regulation no. 2016/679 (so-called GDPR). The owner informs you pursuant to art. 13 EU Regulation no. 2016/679 that your data will be processed in the manner and for the following purposes.
1. Object of the Treatment
NUOVO PASTIFICIO ITALIANO S.r.l. processes personal data (name and surname, address, telephone number - landline and/or mobile - data of an economic nature aimed at billing the object of the contract, any particular data communicated by you) as well as e-mail (for subscription to the newsletter, only if such treatment has been explicitly authorized)
2. Purpose of the treatment
Your personal data are processed:
A) without your express consent (art. 6 letter b), e) GDPR), for the following Service Purposes:
- conclude the contracts for the services of the Data Controller;
- fulfil the pre-contractual, contractual and tax obligations deriving from existing relationships with you;
- fulfil the obligations established by law, by a regulation, by community legislation or by an order of the Authority (such as for example in the matter of anti-money laundering);
- exercise the rights of the Data Controller, for example the right of defense in court;
B) Only with your specific and distinct consent (Articles 23 and 130 of the Privacy Code and Article 7 of the GDPR), for the following Marketing Purposes:
- send you via e-mail newsletters and commercial communications and/or advertising material on products or services offered by the Data Controller.
3. Processing methods and technologies used
The processing of your personal data is carried out by means of the operations indicated in art. 4 no. 2) GDPR and precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data is subjected to both paper and electronic and/or automated processing.
Data processing takes place through the use of tools and procedures suitable for guaranteeing security and confidentiality.
The computer systems and computer programs used to operate the site collect some personal data whose transmission is implicit in the use of Internet communication protocols (e.g. IP addresses or domain names of the computers used by users who connect to the site, the addresses and times of the requests, method of connection to the server, numerical result code as well as parameters relating to the user's operating system). Although this is information that is not collected to be associated with identified interested parties, by their nature they could, through processing and association with data held by third parties, allow users to be identified. These data are used for the sole purpose of obtaining statistical information (not associated with any user identification data) on the use of the site and to check its correct functioning. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the Site.
NUOVO PASTIFICIO ITALIANO S.r.l. does not use automated IT decision-making processes, does not carry out any profiling activity, therefore, does not record, store and does not process data relating to the choices, habits and purchasing preferences of its Customers, nor does it create profiles (individual and/or aggregated) for the purpose to propose targeted offers.
Access to the website https://www.nuovopastificioitaliano.it activates methods of automatic collection of information (technical cookies) necessary for correct navigation on the aforementioned sites which are automatically canceled upon expiry or when the session is closed.
4. Duration of treatment
The data processing will take place for the time necessary to pursue the purpose referred to in point 2. for which it is authorized and in any case no later than the term set out in the contract/assignment in place between the parties, as well as, after the conclusion of the specific treatment, to comply with the legal obligations of a civil and fiscal nature applicable to the existing relationship, as well as with any other legal fulfillment/obligation to which the Data Controller is required. – The Data Controller will process personal data for no more than 10 years from the collection of consent for Marketing Purposes.
5. Data access
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):
- to employees and collaborators of the Owner of NEW PASTIFICIO ITALIANO S.r.l. , in their capacity as persons in charge and/or internal data processors and/or system administrators;
- to third-party companies or other subjects (as an indication, credit institutions, professional firms, consultants, insurance companies for the provision of insurance services, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as external managers of the treatment.
6. Data communication
The following categories of internal and external persons in charge and/or managers, identified in writing and to whom specific written instructions have been given, may become aware of the personal and identification data relating to the processing in question, as far as the undersigned Company is concerned:
• management and administrative office employees, for the purposes referred to in point 2, letter A;
• management and purchasing and sales office employees for the purpose referred to in point 2, letter B;
• professionals or service companies for the performance of corporate, tax and accounting obligations, business administration and management, including their employees, who operate on behalf of the Company;
• System administrator;
• professionals or service companies for the management and maintenance of the IT system who operate on behalf of the Company, limited to the task undertaken, after signing obligations and constraints of confidentiality and security in the processing of data, such as for example the companies listed below :
• IT hosting (current provider: Aruba)
Furthermore, the personal data in question, within the limits and for the purposes of point 2 above, may be communicated to:
• Public entities;
• Credit institutions;
• Insurance institutions;
• service companies that deal with financial information and credit recovery.
Personal data are not subject to public disclosure or transfer to a non-EU state or to an international organization.
Your information will not be disseminated.
7. Data transfer
Personal data is stored on remote servers located within the European Union.
8. Nature of data provision and consequences of refusal to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we will not be able to guarantee you the Services of the art. 2.A).
The provision of data for the purposes referred to in art. 2.B) is instead optional. You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided: in this case, you will not be able to receive newsletters, commercial communications and advertising material relating to the Services offered by the Data Controller. However, you will continue to be entitled to the Services pursuant to art. 2.A).
9. Rights of the interested party
In your capacity as an interested party, you have the rights referred to in art. 7 Privacy Code and art. 15 GDPR and precisely the rights of:
the. obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
ii. obtain the indication: a) of the origin of the personal data; b) the purposes and methods of processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) of the identification details of the owner, of the managers and of the designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as designated representative in the territory of the State, managers or agents;
iii. obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed;
c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means manifestly disproportionate to the protected right;
iv. object, in whole or in part: a) for legitimate reasons, to the processing of your personal data, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising material or direct sales or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and/or by traditional marketing methods by telephone and/or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition also only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication.
Where applicable, you also have the rights pursuant to articles 16-21 GDPR (Right to rectification, right to be forgotten, right to limitation of treatment, right to data portability, right to object), as well as the right to complain to the Guarantor Authority.
10. Methods of exercising rights
You can exercise your rights at any time by sending:
- a registered letter with return receipt to NUOVO PASTIFICIO ITALIANO S.r.l. – Registered office z.i. Equipped axis km. 4 03013 FERENTINO (FR) – Italy
- an email to: info@nuovopastificioitaliano.it
11. Owner, manager and appointees
The Data Controller is the pro-tempore legal representative with registered office in z.i. Equipped axis km. 4 03013 FERENTINO (FR) – Italy, Fiscal Code and VAT number: 02509360604
The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.