Identification Details of the Data Controller, Processor, and Privacy Officer

The Data Controller is Mr. Fernando Antioco Fois, owner of the company Solky Affumicati e Salati di Fois Fernando Antioco, with registered office at Via Camillo Benso di Cavour 164, 09017 Sant'Antioco (SU), Italy.
Contact email: antioco.fois@tiscali.it.

Warning about consent.

Where required by Regulation (EU) 2016/679, the user’s consent will be requested before processing their personal data. If the user provides personal data of third parties, they must ensure that the communication of such data to the Data Controller and the subsequent processing for the purposes specified in the applicable privacy notice comply with Regulation (EU) 2016/679 and the applicable laws.

Types of Data Processed

Visiting and browsing the Site generally does not involve the collection or processing of the user’s personal data, except for browsing data and cookies as specified below. In addition to the so-called “browsing data” (see below), personal data voluntarily provided by the user when interacting with the Site’s features or requesting the services offered on the Site may also be processed. In accordance with the Privacy Code, the Data Controller may also collect the user’s personal data from third parties in the course of its business activities.

Cookies and Browsing Data
The Website uses “cookies.” By using the Website, the user consents to the use of cookies in accordance with this Privacy Policy. Cookies are small files stored on the user’s computer hard drive. There are two main categories of cookies: technical cookies and profiling cookies.
 

Technical cookies are necessary for the proper functioning of a website and to enable user navigation; without them, the user may not be able to view pages correctly or use certain services.
Profiling cookies are used to create user profiles in order to send advertising messages in line with the preferences expressed during browsing.
 

Cookies can also be classified as follows:
* “Session” cookies, which are deleted immediately upon closing the web browser;

* “Persistent” cookies, which remain in the browser for a set period of time. They are used, for example, to recognize the device connecting to a website, making user authentication easier;

* “First-party” cookies, generated and managed directly by the operator of the website the user is browsing;

* “Third-party” cookies, generated and managed by entities other than the operator of the website being visited.

Cookies used on the Site.

The Site uses the following types of cookies:
a. First-party cookies, both session and persistent, necessary to allow navigation on the Site, for internal security purposes and system administration;
b. Third-party cookies, both session and persistent, necessary to allow the user to use multimedia elements present on the Site, such as images and videos;
c. Third-party persistent cookies used by the Site to send statistical information to the Google Analytics system, through which the Data Controller can perform statistical analyses of access/visits to the Site. The cookies used serve exclusively statistical purposes and collect information in aggregate form. Through a pair of cookies, one persistent and one session-based (which expires when the browser is closed), Google Analytics also keeps a log of the start and end times of the visit to the Site. It is possible to prevent Google from tracking data via cookies and the subsequent data processing by downloading and installing the browser plugin available at the following address: http://tools.google.com/dlpage/gaoptout?hl=en
d. Third-party persistent cookies used by the Site to include on its pages buttons of certain social networks (Facebook, Twitter, and Google+). By selecting one of these buttons, the user can publish the contents of the webpage they are visiting on their personal page of the relevant social network.

The Site may contain links to other websites (so-called third-party sites). The Data Controller does not access or control cookies, web beacons, or other user tracking technologies that may be used by third-party sites accessible from the Site; the Data Controller does not control content and materials published by or obtained through third-party sites, nor their data processing methods, and expressly disclaims any responsibility for such cases. The user is responsible for reviewing the privacy policies of third-party sites accessed through the Site and for informing themselves about the conditions applicable to the processing of their personal data. This Privacy Policy applies only to the Site as defined above.

How to Disable Cookies in Browsers

If you wish, you can manage cookies directly through your browser settings. However, deleting cookies from the browser may remove the preferences you have set for the Site, so it is advisable to visit this page periodically to review your preferences.

For further information and support, you can also visit the specific help page for the web browser you are using:

• Internet Explorer;

• Firefox;

• Safari;

• Chrome;

• Opera

Storage of Personal Data

Personal data are stored and processed through IT systems owned by the Data Controller and managed either directly or by third-party technical service providers; for more details, please refer to the section “Scope of Accessibility of Personal Data” below. Data is processed exclusively by specifically authorized personnel, including staff assigned to carry out extraordinary maintenance operations. Personal data will be retained for the duration of the contract and after its termination in order to fulfill the Data Controller’s legal obligations, including claims for any disputes, in accordance with applicable law, and will then be deleted or anonymized.

If we consent to the processing of our products and services for direct marketing purposes after the contract has expired, we will process the data until consent is revoked.

Purposes and Methods of Data Processing.

The Data Controller may process the user’s common and sensitive personal data for the following purposes: use by users of the services and features available on the Site, including the purchase of products sold through the Site, management of requests and reports from users, sending newsletters, managing applications received through the Site, etc.

Furthermore, with the additional and specific optional consent of the user, the Data Controller may process personal data for marketing purposes, that is, to send the user promotional materials and/or commercial communications related to the Data Controller’s services, to the contact details provided, both through traditional contact methods and/or means (such as postal mail, operator telephone calls, etc.) and automated means (such as communications via internet, fax, email, SMS, applications for mobile devices such as smartphones and tablets – so-called APPS –, social network accounts – e.g., via Facebook or Twitter –, operator automated calls, etc.).

Personal data are processed both in paper and electronic form and entered into the company’s information system in full compliance with EU Regulation 2016/679, including security and confidentiality profiles, and guided by principles of fairness and lawfulness of processing. In accordance with EU Regulation 2016/679, data are stored and kept for the time necessary to achieve the purposes for which they are processed and in any case for as long as you decide to remain registered on our website.

Security and Quality of Personal Data

The Data Controller is committed to protecting the security of the user’s personal data and complies with the security provisions required by applicable regulations to prevent data loss, unlawful or unauthorized use of data, and unauthorized access, with particular reference to the Technical Guidelines on minimum security measures. Furthermore, the IT systems and software used by the Data Controller are configured to minimize the use of personal and identifiable data; such data are processed solely to achieve the specific purposes pursued at any given time. The Data Controller employs multiple advanced security technologies and procedures to help safeguard users’ personal data; for example, personal data are stored on secure servers located in protected and controlled access locations. The user can assist the Data Controller in updating and maintaining accurate personal data by communicating any changes regarding their address, role, contact information, etc.

Scope of Communication and Access to Data

The user’s personal data may be communicated to:

• all entities authorized to access such data by virtue of legal provisions;

• our collaborators and employees, within the scope of their respective duties;

• all natural and/or legal persons, public and/or private, when the communication is necessary or functional to carrying out our activities and in the ways and for the purposes described above;

Nature of Providing Personal Data

The provision of certain personal data by the user is mandatory to allow the Data Controller to manage communications, the sale of products, their delivery, and requests made by the user or to contact the user again. These types of data are marked with an asterisk symbol [*], and in such cases, providing the data is compulsory to enable the Data Controller to process the request, which otherwise cannot be fulfilled. Conversely, the collection of other data not marked with an asterisk is optional: failure to provide them will not result in any consequences for the user.

The provision of personal data by the user for marketing purposes, as specified in the section “Purposes and Methods of Processing,” is optional, and refusal to provide such data will have no consequences. Consent given for marketing purposes is understood to extend to sending communications through both automated and traditional contact methods, as exemplified above.

RIGHTS OF THE DATA SUBJECT

Article 15 (right of access), 16 (right to rectification) of Regulation (EU) 2016/679.

The data subject has the right to obtain from the data controller confirmation as to whether or not personal data concerning them is being processed and, where that is the case, access to the personal data and the following information:

a. the purposes of the processing;

b. the categories of personal data concerned;

c. the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organizations;

d. the envisaged period for which the personal data will be stored or, if not possible, the criteria used to determine that period;

e. the existence of the right of the data subject to request from the controller rectification or erasure of personal data or restriction of processing concerning the data subject or to object to such processing;

f. the right to lodge a complaint with a supervisory authority;

h. the existence of automated decision-making, including profiling, and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Right under Article 17 of Regulation (EU) 2016/679 – Right to erasure (“right to be forgotten”).

The data subject has the right to obtain from the data controller the erasure of personal data concerning them without undue delay, and the data controller is obliged to erase personal data without undue delay if one of the following grounds applies:

a. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;

b. the data subject withdraws consent on which the processing is based according to Article 6(1)(a) or Article 9(2)(a), and there is no other legal ground for the processing;

c. the data subject objects to the processing pursuant to Article 21(1), and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2);

d. the personal data have been unlawfully processed;

e. the personal data must be erased to comply with a legal obligation under Union or Member State law to which the data controller is subject;

f. the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of Regulation (EU) 2016/679.

Right under Article 18 – Right to restriction of processing.

The data subject has the right to obtain from the data controller the restriction of processing when one of the following conditions applies:

a. the data subject contests the accuracy of the personal data, for the period necessary for the data controller to verify the accuracy of such personal data;

b. the processing is unlawful and the data subject opposes the erasure of the personal data and requests instead the restriction of their use;

c. although the data controller no longer needs the personal data for the purposes of processing, the data subject requires them for the establishment, exercise, or defense of a legal claim;

d. the data subject has objected to the processing pursuant to Article 21(1) of Regulation (EU) 2016/679 pending the verification whether the legitimate grounds of the data controller override those of the data subject.

Right under Article 20 – Right to data portability.

The data subject has the right to receive the personal data concerning them, which they have provided to a data controller, in a structured, commonly used, and machine-readable format, and has the right to transmit those data to another data controller without hindrance from the original data controller.

Revocation of consent to data processing.

The data subject has the right to revoke consent to the processing of their personal data by sending a registered letter with return receipt (A/R) to the following address:
Solky Affumicati e Salati di Fois Fernando Antioco, via Camillo Benso di Cavour 164, 09017 Sant'Antioco (SU), Italy, accompanied by a photocopy of their identity document, with the following text: <<revocation of consent to the processing of all my personal data>>, or by email to the address antioco.fois@tiscali.it. Upon completion of this procedure, your personal data will be removed from the records as soon as possible.

If you wish to obtain more information about the processing of your personal data, or to exercise the rights referred to in the previous point 7, you may send a registered letter with return receipt (A/R) to the following address:
Solky Affumicati e Salati di Fois Fernando Antioco, via Camillo Benso di Cavour 164, 09017 Sant'Antioco (SU), Italy, accompanied by a photocopy of your identity document, with the following text: <<revocation of consent to the processing of all my personal data>>, or by email to info@ilmigliortonno.it. Before providing or modifying any information, it may be necessary to verify your identity and respond to some questions. A reply will be given as soon as possible.

We kindly thank you for reading this document and remind you to periodically check the website for any updates on this matter.