In line with articles 12, 13, 14 and ff. of the General Data Protection Regulation 2016/679 (GDPR hereafter) with regard to the protection of natural persons in relation to the processing of personal data, Società Agricola Susafa Ltd, the Controller, will provide the following information:
- The personal data of the user will be processed for purposes relating to the services provided on the website https://shop.susafa.com/it/ for activities of a commercial nature and those relating to direct sales, marketing, promotion and statistics, to reveal consumer preferences, as well as relevant contractual obligations (including the purchase of products online and the management of the order, the management of customer care activities and the verification and investigation of reports, complaints and legal action, carrying out activities prior to the contract and the contractual obligations, the fulfilment of administrative and accounting procedures).
Following specific separate consent, the data will be processed for the following purposes:
- activities related to advertising, promotion and marketing (including sending newsletters and promotional material about products and services offered by Società Agricola Susafa Ltd);
- defining the profile or personality of the interested parties and analysing their habits and/or consumer choices, including electronically.
- The legal basis of Processing consists of the obligations taken on by the Controller towards the User if the processing is necessary to fulfil a contract (like for example the sale of goods) and/or for pre-contractual relations relating to buying and selling or other services offered. For processing for the purposes of direct marketing, on the other hand, the legal basis consists of the legitimate interest of the Controller (“processing necessary for pursuing a legitimate interest of the controller”), in a similar way to the legitimate interest to process personal data, again for the purposes of direct marketing. For any other processing that might be carried out by the Controller, the legal basis consists of the consent of the interested User.
- The Controller is Società Agricola Susafa Ltd, VAT n. 06063890823, Via Gen. G. Arimondi 2 90143 Palermo - firstname.lastname@example.org. The Controller can be contacted by email at the certified email address: email@example.com
- To register on the Website, enter the reserved area of the Website or get assistance for a purchase from the Controller, it is necessary to provide the following information: full name and email address. With the consent of the User, the aforesaid information will allow the Controller to send newsletters (with commercial and promotional information) and/or proceed with the purchase of products. If the User refuses to provide the personal information indicated (full name and email address), they will not be able to access the services offered by the Website.
- Giving information relating to the personal details of the interested party (full name and email address) is necessary:
- to allow the Controller to fulfil its contractual obligations to deliver any purchase orders made;
- for after-sale assistance and customer service;
- to issue and invoice;
- Other personal information requested, like telephone numbers or mobile numbers, is optional, but if provided, it will allow the Controller to contact the interested party for communications relating to purchase orders, to check that the service has been satisfactory or, subject to consent, to receive offers, on the basis of preferences and through marketing activities, by ordinary post, email or text message
- The data may be communicated to companies in the internet security sector. Personal data is also processed through the creation of a centralized data bank, with internet and computer instruments. The database containing personal data is only accessible to authorized individuals. Specifically appointed individuals, such as employees of other collaborators, may become aware of information during processing that is necessary or connected to the administering of purchase orders and the activity of marketing.
As well as the Controller, in some cases, other individuals involved in the organization of the Website (administrative, commercial, marketing and administrative personnel and systems administrators) or external individuals (including providers of administrative and accounting services, couriers and logistics operators, hosting providers and providers of systems engineering services, providers of cashier services, IT and online marketing companies) may also be made responsible for Processing by the Controller, and have access to the Data.
Specific directives about data processing are given to all those involved, and they are obliged to follow them in order to avoid disciplinary measures and/or legal action. Società Agricola Susafa Ltd. confirms that no personal data communicated by the interested party will be used for any purposes other than those indicated herein.
- Period of conservation of the information on the basis of the purposes it is used for. Data is processed and conserved for the length of time necessary to fulfil the objectives for which it is being processed. Data relating to the details of purchases that refer to identifiable customers will be kept for the purposes of profiling or marketing, for a period of time of up to twelve and twenty-four months respectively, unless it is transformed into an anonymous form, which does not allow the interested parties to be identified, even indirectly or by connecting other data banks.
Personal data (personal details, contact details, contractual and pre-contractual information) connected to the contractual relations with customers of Società Agricola Susafa Ltd are kept in accordance with the law for purposes related to civil law, accounting or administration, to provide possible sources of evidence in the case of legal action, and to deal with specific requests by the competent Authorities. At the end of the period of conservation, the Personal Data will be cancelled. As a result, when this time limit expires, the right to access, cancel, rectify or move the Data to another device can no longer be exercised.
- By monitoring the browsing of Users on the Website, and also using cookies, Società Agricola Susafa Ltd will be able to:
- count visitors to a web page or to a service provided by the Website;
- work out aggregate statistics regarding the functioning of the Website and the services on it;
- improve the performance of the Website, making Users’ searches more effective;
- collect information relating to Users’ browsing to identify tendencies;
- memorise information about the preferences of Users and then personalise the Website on the basis of it;
- avoid repetitive advertising messages
- recognise the computer when the user enters the Website again;
- memorise the products already purchased and added to the User’s shopping cart;
- anonymously evaluate the approval rating of the services available on the Website, including those related to advertising;
- improve the browsing experience of the User by suggesting better products and promotions on the basis of the browsing they have carried out;
- identify and collect the personal consumer preferences of registered Users, with their consent, which can be withdrawn at any time, and record the data collected, with a view to targeted promotions;
- collect anonymous statistical data concerning percentages of email deliveries relating to sending, reading, opening messages, forwarding to others, numbers of “clicks” etc..
- to access their personal data, receive information about the data processed and receive a copy of it (art. 15);
- to have incorrect personal data relating to them corrected (art.16);
- to have personal data relating to them cancelled without unjustified delays, under the conditions indicated in art. 17;
- to limit the processing of their own data in the presence of the conditions set out in art. 18
- to object to their personal data being processed for direct marketing purposes and profiling insofar as it is connected to such direct marketing (art. 21);
- in cases in which the legal basis of the processing is in the consent, to revoke consent at any time, without prejudice to the lawfulness of the processing based on consent before the revocation;
- To have their data moved (art. 20), that is, to receive their personal data from the Controller in a structured format in common use that can be read by an automatic device, and to send it to another Controller without impediment from the Controller providing it. As part of their rights relating to having data moved, the interested party also has the right to have personal data directly transferred from one Controller to another, if this is technically feasible;
- To make a complaint to the data protection supervisory authority or to take legal action.
These rights can be exercised by the interested party at any time, by writing to the Controller, Società Agricola Susafa Ltd, for the attention of the Privacy Office of the company, or by sending an email to firstname.lastname@example.org, which will make the necessary arrangements in the shortest possible time.
Pursuant to art. 77 of the GDPR, the right of the interested party to apply to the Data Protection Authority, whose contact details can be found on the website https://www.garanteprivacy.it, is guaranteed in any case.