PRIVACY POLICY
Pursuant to European Regulation concerning the protection of Personal Data, the CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE-hereinafter the Company-respects the right to privacy of its users and is committed to protect the Personal Data they confer to the Company.
In particular, the user may navigate around the Company website without providing any personal information. The collection and processing of Personal Data take place when the user decides to pass on said information to access the services offered and, thereafter, when it is necessary for the Company in relation to the performance of such services.
Under these circumstances, the present privacy policy outlines nature and modality of Personal Data’s collection and processing. The Company processes the User’s Personal Data according to the principles of law in force.
Data Controller and Data Processor
Here follow the identification details of the Data Controller:
CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE
Vicolo Resia 1 / 2 – 33033 Codroipo (Ud)
Address for the exercising of the subject’s rights: info@formaggiomontasio.net
The complete and updated list of the Data Controllers is available at the head office of the Data Controller at the address given above.
Mode and Place of Data Processing
The Data Controller adopts the appropriate security measures aimed to prevent the unauthorized access, divulgation, modification or destruction of Personal Data. The data processing is carried out by means of IT and/or electronic tools with the organizational arrangements and logics strictly related to the purposes indicated. In certain cases, other subjects involved in the organization of this Application-in addition to the Controller-may have access to the Data (administrative, commercial, marketing, legal, system administrative staff), otherwise external subjects (suppliers of technical services to third parties, courier services, hosting providers, It companies, communication agencies). When necessary, the Data Controller may appoint them Data Processors. The updated list of the Data Processor may be required to the Controller, at any time.
Data are processed at the Controller’s operating headquarters or in any other venues where they are located and are processed by specially appointed technical staff in charge of the processing and maintenance of the technological part of the website.
Types of Data Processed
Navigation Data
The Company’s website allows anonymous surfing. Information systems and software procedures used to operate this website-during normal functioning-acquire some Personal Data whose transmission is implicit in the communication protocols of the Internet. The information they collect does not refer to specific subjects, nonetheless-by their very nature-they could identify Users through processing and association with other data held by third parties. This category of data includes the following: IP addresses or domain names of the user’s computers connecting the site; URI addresses (Uniform Resource Identifier) identifying the required resources; time of request; method used to submit the request to the server; size of the file obtained in reply; numeric code indicating the status of the response from the server (successful, error, etc.); other parameters relating to the operative system and the user’s IT environment.
The aforementioned data are used to obtain anonymous statistic information only, as for the site’s usage, and to control its correct functioning; therefore, they are deleted immediately after processing. Said data may be used to ascertain responsibility in the event of hypothetical computer crimes against the site: with the exception of this case, at the current stage, data regarding web contacts are not retained for more than seven days.
Data provided voluntarily by users. The optional, explicit and voluntary sending of emails to the addresses present on the website implies the subsequent acquisition of the sender’s email-which is necessary to answer any query-as well as eventual additional data contained in the letter. The user has access to progressively new specific information summaries on the website’s pages hosting on-demand services. The Company may use such data if they have been legitimately collected in compliance with the present Privacy Policy and law in force.
Cookies
Cookies are text files working as markers and sent by a server (in this case, the one of the present site) to a user’s device (generally to the Internet browser) in the moment in which the user has access to a specific page on a website. The user’s browser automatically stores and re-transmits cookies to the site’s server each time the user accesses the same Internet page. Therefore, for example, cookies allow and facilitate access to determined pages in order to enhance the user’s browsing experience. Moreover, they allow the memorization of visited pages and other specific information, such as the most frequently visited pages, connection errors, etc. Hence, to facilitate the use of this Site, it would be appropriate for the user to configure the browser so that it accepts cookies automatically. Browsers are usually set to accept cookies automatically. Nonetheless, users may modify the default configuration in order to disable or cancel cookies (from time to time or once for all). Consequently, the optimal use of some sections of the site may be precluded. Furthermore, users may verify forms and types of cookies stored in their browser and modify the cookie settings of their browser.
Types and Management of Cookies Used by Our Site:
Our Site makes use of the following type of cookies:
- Technical cookies:
- 1. Strictly necessary cookies: are necessary to enable the user to move around a Website and use its features, such as viewing the content properly or accessing secure areas (when present) and language options (multi-language sites). Therefore, disabling these cookies does not allow the users to perform said activities.
- 2. Analytics cookies: anonymized cookies of Google for gathered statistical purposes.
- 3. Third-party cookies:
- 1. are used and set to gather anonymous information related with the use of the site aimed to improve efficiency and for statistical purposes (Google Analytics with anonymized IP). With this setting they are comparable to technical cookies
- 2. cookies related with the use of Social Networks allow the user’s social account to interact with the present site and are not necessary for its functioning. The most common use is the sharing of contents of social networks. The presence of plugins involves the transmission of cookies from and to third-party sites. The management of data collected from “third parties” shall be governed by the relevant policies, to read carefully. For the sake of clarity and transparency, here follow specific web addresses and ways of processing cookies.
Google Analytics with Anonymized IP (Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses Personal Data collected with the aim of tracking and examining the use of such Application compiling reports and sharing them with other services developed by Google.
Google may use Personal Data to contextualize and customize advertising of its network.
By adopting this integration, the CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE anonymizes the users’ IP address. The anonymization functions by shortening the users’ IP address within the borders of Member States of the European Union or other signatories countries of the European Economic Area. In exceptional circumstances, the Google’s server will receive shortened IP addresses within the United States.
Information on data processing activities implemented by Google Analytics are available at the following address: https://support.google.com/analytics/answer/6004245; Further information on the IP anonymizing functionality of Google Analytics: https://support.google.com/analytics/answer/2763052?hl=it
Disabling (“opt-out”) Cookies:
Rules on the protection of Personal Data ensure that the user’s authorize the use of cookies (“opt-in”) by continuing browsing a page after having read the window with the relevant information on cookies. Moreover, the user is allowed to disable “technical cookies” (art. 122 of Code), and the-previously accepted (“opt-in”)-“non-technical cookies” (when present).
By virtue of this distinction, the user may proceed to disable and/or delete cookies (“opt-out”) by means of the specific browser’s settings and disable and/or delete single “non-technical” cookies at the following pages:
- 1. https://tools.google.com/dlpage/gaoptout?hl=it for disabling Google Analytics
- 2. youronlinechoices.eu, website managed by the European Interactive Digital Advertising Alliance (EDAA), for removing other cookies in case of users within the European Union, http://www.aboutads.info/choises/, for deleting other cookies in case of users within the United States.
Said sites are not managed by the CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE, which does not assume any responsibility with respect to their contents.
How enabling/disabling cookies from the browser:
The user is allowed to block cookies by means of the browser. Nonetheless, this activity may lead to a decrease in the site’s efficiency, or preclude access to any functionalities or pages of the Site itself. Here follow the modalities for opting out session cookies.
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Chrome: https://support.google.com/chrome/answer/95647?hl=it
Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT
External platforms for data visualization:
through this website users may visualize contents of external platforms and interact with them. Moreover, they may likely collect traffic data as for the pages in which they are present, even though they are not used. In any case, contents of other pages are subject to their relevant privacy policies. This site may allow to visualize the following contents:
Social Network External Platforms
Users may visualize contents hosted on external platforms of social networking and interact with them. Moreover, they may collect traffic data relative to the pages in which they are hosted, even though not activated by the user. However, contents of other pages are subject to their relevant privacy policies. This site may allow visualizing the following contents of external Social Networks:
Facebook – monitoring visits coming from Facebook and eventual conversions (form).
To learn more about the privacy policy of Facebook Inc. browse the page: https://www.facebook.com/about/privacy/
Linkedin – monitoring visits coming from LinkedIn and eventual conversions (form).
To learn more about the privacy policy of Linkedin Corporation browse the page: https://www.linkedin.com/legal/privacy-policy
Links to Third-party Websites.
The CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE is not responsible for policies adopted by linked websites, nor for the information and contents that they propose. Links to other sites are often mere “information points” with reference to precise subject matters in the users’ interest. We remember that when the user leaves our website browsing another site through a link, our privacy policy is no more effective. Third-party sites, included those connected with our websites are subject to their own rules and policies. Therefore, we recommend reading carefully norms and policies before continuing navigation. Browsing third-party sites is at your own risk. The link to third-party sites, or any product, publication processes, third-party services or offers do not provide, nor include approval or recommendation of products or services by the CONSORTIUM FOR THE PROTECTION OF MONTASIO CHEESE.
Communication of Personal Data
In case of collection of Personal Data, the Company will inform the user about the purposes for which data were collected at the time of collection of said data and, where necessary, will ask for the consent of the interested party. The Company will not disclose the user’s Personal Data to third parties without prior consent, except in exceptional circumstances, as specified in the section “Scope of Communication and Disclosure of Data”. When the user decides to disclose to the Company his/her Personal Data, the Company has the right to spread them within its organization or to third parties, which provide services, with respect to anyone that needs to know them by virtue of their tasks and, where necessary, with prior consent of the users.
Purposes and Modalities for Processing the Collected Data
Main purpose:
We use your data for granting access to our services, among them:
- respond to requests with respect to specific products and services;
- communications related to the delivery of service
- administrative, financial and accounting purposes, as for example products’ purchases and eventual credit recovery activities
- request for information by means of the contact form
Secondary purpose:
We use collected data, if the user has voluntarily submitted consent, to give information about promotional activities of interest.
In particular:
- • provide information on promotional, commercial and advertising activities about events, initiatives by email or SMS
Optional Supply of Data
Apart from what has been specified with respect to navigation data; the user may freely provide Personal Data in request forms or in various correspondence with the Office to request informative materials and/or information.
As for the above-mentioned main purpose, the failure to confer said data may make it impossible to provide the service required, on the contrary, with respect to secondary purpose data, consent is optional and without prejudice to the delivery of services or purchases of products.
For the sake of completeness, we remember that in particular cases (not under the ordinary management of this site); the Authority (the Guarantor) may request news and information with the aim of monitoring the Personal Data processing. In this case, the feedback is compulsory in order to avoid an administrative penalty.
Scope of Communication and Disclosure of Data
User’s Personal Data shall not be communicated outside the Company’s organization without prior consent of the interested party, except as provided below.
Within the organization, data are stored on controlled servers. In compliance with law in force protecting Personal Data, access to them is limited. The Company may disclose the user’s Personal Data to third parties in one of the following cases:
- the interested party has given his/her agreement to communication of data;
- the communication is necessary in relation to third parties who work on behalf of the Company to provide the service required by the user (the Company will provide only relevant information with respect to the service required, moreover, they shall not process data for different purposes);
- in order to provide the user with information the Company believes he/she is interested to know on the side of the Company itself and other related bodies (the user may request to stop receiving such information at any time).
Moreover, the Company will disclose the user’s Personal Data when law requires it.
Right of access to Personal Data and other rights –
Under articles 13, para 2, letters (b) and (d), 15, 18, 19 and 21 of the EU Regulation; we hereby inform the interested party that:
- he/she has the right to obtain from the Data Controller the access to Personal Data, the correction or erasure of such data, the restriction or even refusal of processing, as well as the right to data portability;
- he/she has the right to lodge a complaint to the Data Protection Authority in accordance with procedures and modalities published on the official website of the Authority www.garanteprivacy.it;
- eventual corrections, erasures or restrictions to the processing requested by the interested party-unless this proves impossible or involves a disproportionate effort-shall be transmitted by the data Controller to all recipients of said data. Upon explicit request of the interested party, the data Controller shall inform of the recipients of Personal Data.
- The exercise of rights shall be free and not subject to any formal restrictions.
For the sake of the user’s benefit art. 7 of the Privacy Code is here reported in full
Art. 15 EU Regulation 679/2016 – Right of access to Personal Data and other rights –
The interested party has the right to obtain confirmation of existence of his/her Personal Data, even though not yet registered, and their transmission in an intelligible form. The interested party shall have the right to obtain information about:
- the origin of Personal Data;
- purposes and modalities of treatment;
- the logic applied in case of processing carried out by means of electronic instruments;
- identification details of the Data Controller and Data Processor appointed pursuant to art. 5 para 2;
- subjects and categories of persons entitled to receive said information in their capacity of representative within the national borders, Data Processors or persons appointed to process data;
The interested party shall have the right to obtain:
- update, modification and-where interested therein-integration of data;
- erasure, transformation into anonymous form, blockage of the data processed in violation of the law including those no longer necessary for the purpose for which they were collected or subsequently treated;
- certification that the operations referred to in points a. and b. have been notified, as for their contents as well, to those to whom data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
The interested party shall have the right to oppose, in whole or in part:
- for legitimate reasons, to the treatment of Personal Data, even though they are relevant to the purpose of the collection;
- to the treatment of his/her Personal Data for the purpose of sending advertising material, direct selling, markets researches or direct marketing.
In particular, the interested party may require-at any time-the Data Controller to access, modify or erase his/her Personal Data, as well as to limit the processing or even oppose to it, without prejudice to the right of portability of data.
The interested party has the right to withdraw their consent at any time, without compromising the lawfulness of the processing based on consent before its withdrawal. Moreover, he/she has the right to lodge a complaint to the competent authority. The above-mentioned right may be exercised by writing to the email or the aforementioned addresses.
The present notice does not exclude that further information are transmitted orally to interested parties at the time of data collection.
Data Security
User’s information are password protected to ensure security and confidentiality. The Company adopts the necessary security measures and physical, electronic and organizational procedures required by current regulations. Despite the fact that the Company shall do everything reasonably practicable to ensure the protection of the user’s Personal Data, it cannot grant a complete and total security of data transmitted by the users during communication. Therefore, we recommend the users to adopt all precautionary measures aimed to protect their Personal Data when browsing the Internet.