www.sacchettovini.it – Privacy Policy
This application collects some personal data of its users.
In compliance with EU Regulation 679/2016, containing provisions for the protection of natural persons with the respect to the processing of personal data, Sacchetto S.r.l., holder of the domain name www.sacchettovini.it, email mail_at_sacchettovini.it, based in Via Roma 44 – 35010 Trebaseleghe (PD) hereafter defined as “Data Controller”, is required to provide some information about the use of personal data and cookies.
This privacy policy applies only to the online activities of this site and is valid for visitators/users/customers who can also simply be called “interested” here below. It doesn’t apply to any information collected through means different from this website.
The purpose of this Privacy Policy is to provide the maximum trasparency about the information that the website collects and how it uses it.
This document can be printed using the print command in any browser’s settings.
WHICH KIND OF DATA ARE PROCESSED?
Among the personal data collected by this application, independently or through third parties, there are: Cookies; Usage data; Name; Last name; Address; Country; Email; ZIP code; City; unique identifiers of advertising devices (Google Advertiser ID or IDFA Identifier , for example).
Full details on each type of data collected are provided in the dedicated sections of this privacy policy or through specific informative texts displayed before the data collection.
Personal data may be freely provided by you or, in the case of Usage Data, automatically collected during the use of this application.
Unless otherwise specified, all data required by this application are compulsory. If you refuse to disclose them, it could be impossibile for this application to provide the Service. When this application indicates some data as optional, users are free to refrain from communicating such data, without any effect on the availability of the service or its operation. Users who have doubts about which data are mandatory, are encouraged to contact the Data Controller.
Any use of cookies – or other tracking tools – by this application or by third party service owners used by this application, unless otherwised specified, is intended to provide the service requested by you, in addition to the further purposes described in this Document and in the Cookie Policy.
You assume responsability for the Personal Data of third parties obtained, pubblished o shared through this application and guarantee your right to communicate or disseminate them, freeing the Data Controller for any responsibility to third parties.
How and where the collected data are processed?
How the data are treated
The Data Controller shall take appropriate security measures to prevent unauthorized access, disclosure, change or destruction of personal data.
The processing is carried out through IT and/or telematic tools, with organizational methods and with logics closely related to the indicated purposes. In addition to the the Data Controller, in some cases, other parties involved in the organization of this application potrebbero avere accesso ai Dati altri soggetti coinvolti nell’organizzazione di questa Applicazione (administrative, commercial, marketing, legal, system admnistrator) or external subjects (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed if necessary Data Controllers by the Data Controller, may have access to the data. The updated list of Managers can always be requested to the Data Controller.
Legal basis for processing
The Data Controller treats Personal Data relating to the User in case there is one of the following conditions:
- you have given your consent for one or more specific purposes; Note: in some legal systems the Data Controller may be authorized to process Personal Data without the user’s consent or any other of the legal basis specified here, untel the User objects (“opt-out”) to such processing. However, this is not applicable if the processing of Personal Data is regulated by European Legislation on the protection of Personal Data;
- the processing is necessary il trattamento è necessario all’esecuzione di un contratto con l’Utente e/o all’esecuzione di misure precontrattuali;
- the processing is necessary to fulfill a legal obligation to which the Data Controller is subject;
- the processing is necessary for the performance of a task of public interest or for the exercise of public authority vested in the Data Controller;
- the processing is necessary for the pursuit of the legitimate interest of the Data Controller or third parties.
- However, it is always possible to ask the Owner to clarify the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.
Place
The Data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. For more information, contact the owner.
The User’s Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the place of processing, the User can refer to the section relating to the details on the processing of Personal Data.
The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization governed by public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
The User can check whether one of the transfers described above takes place by examining the section of this document relating to the details on the processing of Personal Data or request information from the Data Controller by contacting him at the opening details.
Retention period
The Data are processed and stored for the time required by the purposes for which they were collected.
Therefore:
Personal Data collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed.
Personal data collected for purposes related to the legitimate interest of the owner will be retained until this interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Owner in the relevant sections of this document or by contacting the Owner.
When the processing is based on the User’s consent, the Data Controller can keep the Personal Data longer until such consent is revoked. Furthermore, the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, at the end of this term the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Purpose of processing the collected data and methods of conservation
The User’s Data are collected to allow the Owner to provide the Service, fulfill legal obligations, respond to requests or executive actions, protect their rights and interests (or those of Users or third parties), identify any malicious activities or fraudulent, as well as for the following purposes: Statistics, Contacting the User, Interaction with external social networks and platforms, SPAM protection, Displaying content from external platforms, Tag Management, Remarketing and behavioral targeting and Advertising. In particular, the data may be processed for the following purposes:
- in an exclusively aggregated and anonymous form in order to verify the correct functioning of the site. None of this information is related to the natural person-User of the site, and does not allow identification in any way (from 25 May 2018 this information will be treated according to the legitimate interests of the Data Controller);
- for security purposes (spam filters, firewalls, virus detection), the automatically recorded data may possibly also include personal data such as the IP address, which could be used, in accordance with the laws in force on the subject, in order to block attempts to damage the site itself or to cause damage to other users, or in any case harmful activities or constituting a crime. These data are never used for the identification or profiling of the user, nor crossed with other data, nor provided to third parties, but used only for the purpose of protecting the site and its users (from 25 May 2018 this information will be processed based on the legitimate interests of the owner);
- commercial and contractual obligations and the consequent fulfillment of legal and contractual obligations deriving from the online purchase of products included on the site, as well as to achieve effective management of the commercial relations themselves. The processing to which your personal data will be subjected is aimed exclusively at the performance by us of all the activities inherent and instrumental to a correct management and execution of the fiscal and accounting obligations of management and execution of any contracts, administration and management of the payments;
- techniques necessary for the survival of the website;
- the Owner also uses the User’s data for promotional / advertising purposes, to send information on the items offered on the sacchettovini.it website. The User’s e-mail address will be used exclusively within the limits prescribed by the applicable legislation or, where necessary, after the release of specific authorization by the same. The Data Subject, as a User of www.sacchettovini.it, will regularly receive “advice on purchases” by e-mail. You can stop sending the aforementioned promotional messages free of charge by making a request via e-mail to mail@sacchettovini.it.
The data received will be used exclusively for the fulfillment of the purchase order or for the requests made by the User and only for the time necessary for the provision of the service. However, it should be noted that when the User visits the website www.sacchettovini.it, some data is collected and saved. The domain name or IP address of the accessing computer are temporarily saved for security reasons and deleted after a maximum of 7 (seven) days. Other data can also be saved such as the access date, the response code as well as the amount of data (Bytes) that have been transmitted. The data analysis takes place only in a strictly anonymous form (for example: 45% of newsletter readers have read the message xy). This process allows the Data Controller to adapt the information contained in the offers to the interests of the subscribers to the newsletter, which is sent in this way: the customer will receive the newsletters only if he clicks, in the information e-mail, on the link that confirms the activation of the newsletter service.
It is up to the User to verify that he has permission to enter personal data of third parties or content protected by national and international regulations.
In any case, the data collected by the site during its operation are used exclusively for the purposes indicated above and kept for the time strictly necessary to carry out the activities specified.
In any case, the personal data collected from the site will never be provided to third parties, for any reason, unless it is a legitimate request by the judicial authority and only in the cases provided for by law. However, the data may be provided to third parties if this is necessary for the provision of a specific service requested by the User or for the execution of security checks or site optimization.
To obtain detailed information on the purposes of the processing and on the Personal Data processed for each purpose, the User can refer to the “Details on the processing of Personal Data” section.
Scope of dissemination and categories of subjects
Personal data will be known and processed, in compliance with current legislation on the subject, by the staff of the Data Controller, identified as the person in charge of processing, in service at the relevant offices. The personal data collected by the Data Controller may be communicated, within the limits strictly relevant to the aforementioned purposes, also to the following subjects or categories of subjects:
- subjects to whom communication is required by law, by regulation or by national and community legislation (for example public administrations and bodies whose duties include those of protection and safety in the workplace) as well as, for the execution of contractual or pre-contractual obligations (Credit Institutions, Insurance Companies and similar entities);
- subjects to whom it was essential to communicate such data for activities strictly related to the existing relationship with the Data Controller, for example consultants, professionals, collaborators or suppliers who collaborate with the organization for aspects related to the management of activities;
- legal, accounting and labor consultants also for the purpose of studying and resolving any legal problems relating to the existing contractual position (for example Lawyers, for the purposes of managing criminal, civil and administrative disputes; Judicial Authorities of any order and degree, arbitrators ; freelancers, for legal aid or consultancy purposes, including those of the counterparty when due; Insurance companies, in the case of insurance policies that provide for such communications).
Details on the processing of Personal Data
Personal Data is collected for the following purposes and using the following services:
Contact the user
Contact form (this Application)
By filling in the contact form with their data, the User consents to their use in response to requests for information, quotes, or any other nature indicated by the form header.
Personal Data processed: CAP; city; surname; e-mail; address; nation; first name.
Mailing list or newsletter (this Web site)
By subscribing to the mailing list or newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to this Website may be transmitted. User’s email address may also be added to this list as a result of registering on this Website or after making a purchase.
Personal Data processed: email; first name.
Manage contacts and send messages
This type of service allows you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User.
These services may also allow the collection of data relating to the date and time the messages are displayed by the User, as well as to the User’s interaction with them, such as information on clicks on links in the message.
Mailchimp (The Rocket Science Group LLC)
Mailchimp is an address management and email message service provided by The Rocket Science Group LLC.
Personal Data processed: email; first name.
Place of processing: United States – Privacy Policy.
Interaction with data collection platforms and other third parties
This type of service allows Users to interact with data collection platforms or other services directly from the pages of this Website in order to save and reuse data.
In the case that one of these services is installed, it is possible that, even if the Users do not use the service, it collects Usage Data relating to the pages in which it is installed.
Widget Mailchimp (The Rocket Science Group LLC)
The Mailchimp widget allows you to interact with the email address management and mailing service Mailchimp provided by The Rocket Science Group LLC.
Personal Data processed: email; first name.
Place of processing: United States – Privacy Policy.
Registration and authentication
By registering or authenticating, the User allows this Website to identify him and give him access to dedicated services.
Depending on what is indicated below, the registration and authentication services could be provided with the help of third parties. If this happens, this Website will be able to access some Data stored by the third party service used for registration or identification.
Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to learn more, please refer to the description of each service.
Mailchimp OAuth (The Rocket Science Group LLC)
Mailchimp OAuth is a registration and authentication service provided by The Rocket Science Group LLC and connected to the Mailchimp service.
Personal Data processed: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
Tag management
This type of service is functional to the centralized management of the tags or scripts used on this Application.
The use of these services involves the flow of User Data through them and, if necessary, their retention.
Google Tag Manager (Google Ireland Limited)
Google Tag Manager is a tag management service provided by Google Ireland Limited.
Personal Data processed: Usage data.
Place of processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Interaction with social networks and external platforms
This type of service allows interaction with social networks or other external platforms directly from the pages of this Application.
The interactions and information acquired by this Application are in any case subject to the User’s privacy settings relating to each social network.
This type of service may still collect traffic data for the pages where the service is installed, even when Users do not use it.
It is recommended to log out of the respective services to make sure that the data processed on this Application is not connected back to the User’s profile.
Like button and Facebook social widgets (Facebook, Inc.)
The “Like” button and Facebook social widgets are interaction services with the Facebook social network, provided by Facebook, Inc.
Personal Data processed: Cookies; Usage data.
Place of processing: United States – Privacy Policy. Subject adhering to the Privacy Shield.
SPAM protection
This type of service analyzes the traffic of this Application, potentially containing Users’ Personal Data, in order to filter it from parts of traffic, messages and contents recognized as SPAM.
Google reCAPTCHA (Google Ireland Limited)
Google reCAPTCHA is a SPAM protection service provided by Google Ireland Limited.
Use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use.
Personal Data processed: Cookies; Usage data.
Place of processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Advertising
This type of service allows the User Data to be used for commercial communication purposes. These communications are shown on this Application in the form of banners and other forms of advertising, also in relation to the interests of the User.
This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.
Some of the services listed below may use cookies or other identifiers to identify the user or use the behavioral retargeting technique, ie display personalized advertisements based on the interests and behavior of the user, also detected outside this application. For more information about this, we suggest you to check the privacy policies of the respective services.
In addition to the opt-out features offered by the services listed below, the User can opt-out by visiting the opt-out page of the Network Advertising Initiative.
Users can also choose not to participate in certain advertising features through the corresponding device configuration options, such as the mobile device advertising configuration options or the generic advertising configuration.
Facebook Lookalike Audience (Facebook, Inc.)
Facebook Looalike Audience is an advertising and behavioral targeting service provided by Facebook, Inc. that uses Data collected through the Facebook Custom Audience service in order to show advertisements to Users with similar behavior to Users who are already in a list. Custom Audience based on their previous use of this Application or their interaction with relevant content through Facebook applications and services.
Based on this Data, personalized ads will be shown to Users suggested by Facebook Lookalike Audience.
Users can choose not to use Facebook cookies for ad personalization by visiting this opt-out page.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.
Remarketing e behavioral targeting
This type of service allows this Application and its partners to communicate, optimize and serve advertisements based on the past use of this Application by the User.
This activity is facilitated by the tracking of Usage Data and the use of Cookies and other Identifiers to collect information which is then transferred to the partners who manage the remarketing and behavioral targeting activities.
Some services offer a remarketing option based on email address lists.
In addition to the opt-out features offered by the services listed below, the User can opt-out by visiting the opt-out page of the Network Advertising Initiative.
Users can also choose not to participate in certain advertising features through the corresponding device configuration options, such as the mobile device advertising configuration options or the generic advertising configuration.
Facebook custom audience (Facebook, Inc.)
Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Application with the Facebook advertising network.
Users can choose not to use Facebook cookies for ad personalization by visiting this opt-out page.
Personal Data processed: Cookies; email.
Place of Processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.
Facebook Remarketing (Facebook, Inc.)
Facebook Remarketing is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Application with the Facebook advertising network.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.
Remarketing Google Ads (Google Ireland Limited)
Google Ads Remarketing is a remarketing and behavioral targeting service provided by Google Ireland Limited that connects the activity of this Application with the Google Ads advertising network and the DoubleClick Cookie.
Users can choose not to use Google cookies for ad personalization by visiting the Google ad settings.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.
Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics (Google Ireland Limited)
Google Analytics is a web analytics service provided by Google Ireland Limited (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, filling in reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualize and personalize the ads of its own advertising network.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield.
Facebook Analytics for Apps (Facebook, Inc.)
Facebook Analytics for Apps is a statistics service provided by Facebook, Inc.
Personal Data processed: Usage data; various types of data as specified in the privacy policy of the service.
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Facebook Ads conversion tracking (Facebook pixel) (Facebook, Inc.)
Facebook Ads conversion tracking (Facebook pixel) is a statistics service provided by Facebook, Inc. which connects data from the Facebook ad network with actions performed within this Application. The Facebook pixel tracks conversions that can be attributed to Facebook, Instagram and Audience Network ads.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Google Analytics demographics and interests reports (Google Ireland Limited)
Google Analytics Demographics and Interests Reports is an advertising reporting feature that makes Demographics and Interest Data available within Google Analytics for this Application (Demographics means Age and Gender Data).
Users can choose not to use Google cookies by visiting the Google Ads Settings.
Personal Data processed: Cookies; unique identifiers of devices for advertising (Google Advertiser ID or IDFA identifier, for example).
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Viewing content from external platforms
This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service may still collect data on web traffic relating to the pages where the service is installed, even when users do not use it.
Google Fonts (Google Ireland Limited)
Google Fonts is a font style visualization service managed by Google Ireland Limited that allows this application to integrate such content within its pages.
Personal Data processed: Usage data; various types of data as specified in the privacy policy of the service.
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Widget Video YouTube (Google Ireland Limited)
YouTube is a video content viewing service managed by Google Ireland Limited that allows this Application to integrate such content within its pages.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
Widget Google Maps (Google Ireland Limited)
Google Maps is a map viewing service managed by Google Ireland Limited that allows this Application to integrate such content within its pages.
Personal Data processed: Cookies; Usage data.
Place of Processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield.
User’s rights
Users can exercise certain rights with reference to the Data processed by the Owner.
In particular, users can:
- withdraw their consent at any time. Users can withdraw the consent to the processing of their Personal Data previously expressed.
- object to the processing of their data. Users can object to the processing of their data when it occurs on a legal basis other than consent. Further details on the right to object are indicated in the section below.
- access their data. Users have the right to obtain information on the data processed by the owner, on certain aspects of the processing and to receive a copy of the data processed.
- verify and request changes. Users can verify the correctness of their Data and request its updating or correction.
- obtain the limitation of the processing. When certain conditions are met, Users can request the limitation of the processing of their Data. In this case, the Data Controller will not process the Data for any other purpose than their conservation.
- obtain the cancellation or removal of their Personal Data. When certain conditions are met, the User can request the cancellation of their Data by the Owner.
- receive their data or have them transferred to another owner. Users have the right to receive their Data in a structured format, commonly used and readable by an automatic device and, where technically feasible, to obtain its unhindered transfer to another owner. This provision is applicable when the Data is processed with automated tools and the processing is based on the User’s consent, on a contract to which the User is a party or on contractual measures connected to it.
- propose a complaint. Users can lodge a complaint with the competent personal data protection supervisory authority or act in court.
Right of objection
When Personal Data are processed in the public interest, in the exercise of public authority vested in the Owner or to pursue a legitimate interest of the Owner, Users have the right to object to the processing for reasons related to their particular situation.
Users are reminded that, if their data are processed for direct marketing purposes, they can oppose the processing without providing any reasons. To find out if the Data Controller processes data for direct marketing purposes, Users can refer to the respective sections of this document.
How to exercise your rights
To exercise their rights, Users can send a request to the contact details of the Owner indicated in this document. Requests are filled free of charge and processed by the Owner as soon as possible, in any case within one month.
Cookie Policy
This Application uses Tracking Tools. To find out more, the User can consult the Cookie Policy.
Further information on the treatment
Legal Defence
The User’s Personal Data may be used by the Owner in court or in the preparatory stages for its eventual establishment for the defense against abuse in the use of this Application or related Services by the User.
The User declares to be aware that the Owner may be obliged to disclose the Data by order of the public authorities.
Specific information
At the request of the User, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.
System log and maintenance
For needs related to operation and maintenance, this Application and any third party services used by it may collect system logs, which are files that record the interactions and which may also contain Personal Data, such as the User IP address.
Information not contained in this policy
Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Response to requests “Do Not Track”
This Application does not support requests “Do Not Track”.
To find out if any third-party services used support them, the User is invited to consult the respective privacy policies.
Changes to this privacy policy
The Data Controller reserves the right to make changes to this privacy policy at any time by notifying Users on this page and, if possible, on this Application as well as, if technically and legally feasible, by sending a notification to Users through one of the extremes of contact he has. Please therefore consult this page frequently, referring to the date of the last modification indicated at the bottom.
If the changes concern treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.
Definitions and legal references
Personal Data (or Data)
Any information that, directly or indirectly, also in connection with any other information, including a personal identification number, makes a natural person identified or identifiable constitutes personal data.
Usage Data
This is information collected automatically through this Application (also from third-party applications integrated into this Application), including: IP addresses or domain names of the computers used by the User who connects with this Application, addresses in URI notation ( Uniform Resource Identifier), the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (for example the time spent on each page) and the details of the itinerary followed within the Application, with particular reference the sequence of pages consulted, the parameters relating to the operating system and the IT environment of the User.
User
The person using this Application who, unless otherwise specified, coincides with the Data Subject.
Interested Party
The natural person to whom the Personal Data refers.
Data Processor (or Manager)
The natural person, legal person, public administration and any other body that processes personal data on behalf of the Data Controller, as set out in this privacy policy.
Data Controller (or Owner)
The natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data and the tools adopted, including the security measures relating to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.
This application
The hardware or software tool through which the Personal Data of Users are collected and processed.
Service
The service provided by this application as defined in the relative terms (if available) on this site / application.
European Community (or EU)
Unless otherwise specified, any reference to the European Union contained in this document is intended as extended to all current member states of the European Union and the European Economic Area.
Cookie
Small quantities of data stored in the User’s device.
Legal References
This privacy notice is written on the basis of multiple legislative systems, including Articles 13 and 14 of Regulation (EU) 2016/679.
Unless otherwise specified, this privacy statement only concerns this Application.
Last Update: 12/07/2020