WHY THIS NOTICE?
On this page, we outline how the website is managed in regards to the processing of personal data of its users. This Policy is issued pursuant to Articles 13 and 14 of Regulation (EU) 679/2016, otherwise known by the acronym GDPR (General Data Protection Regulation), being pursuant to and for the effects of Legislative Decree 196/2003, transposing the standards laid out in the cited regulation.
This regulation refers to the protection of natural persons with regard to the processing and free movement of personal data, as well as the pertinent standard of adaptation to all those who interact with the web service of the Data Controller, Rocky-Agri S.r.l., electronically accessible from the address rocky-agri.com that corresponds to the homepage of the official website of the Data Controller.
The Policy is issued only for the website of the Data Controller and not for other websites that the user may consult via any links.
The Policy is also based on Recommendation no. 2/2001 that the European personal data protection authorities, united in the Group established by Article 29 of Directive no. 95/46/EC, adopted on 17th May 2001 to identify certain minimum requirements for the collection of personal data online, as well as the means, timing and nature of the information in particular that Data Controllers must provide users when connecting to web pages, regardless of the purposes of the link.
THE DATA CONTROLLER
The Data Controller and Data Processor is Rocky-Agri S.r.l., in the person of the legal representative pro tempore, with registered office in Via Dino Fochesato 1 – 36040 Meledo di Sarego (VI).
DATA PROCESSING LOCATION
The processing related to the web services of this website takes place at the aforementioned headquarters of the Data Controller and at the operational headquarters, located in Via Dino Fochesato 1 – 36040 Meledo di Sarego (VI).
Such processing is only managed by staff of the department in charge of processing, having access to the email inbox email@example.com.
Electronic data is stored in the Infomaniak hosting server.
TYPE OF DATA PROCESSING
During normal operation, the computer systems and software procedures used to operate this website acquire certain personal data, the transmission of which is implicit in the use of internet communication protocols. Such information is not collected to be associated with identified data subjects but by its very nature could – through processing and association with data held by third parties – allow users to be identified. This category of data includes IP addresses or domain names of computers utilised by users connecting to the website, addresses in Uniform Resource Identifier (URI) notation of the resources requested, the time of the request, the method utilised to submit the request to the server (success, error and so on) and other parameters relative to the operating system and computer environment of the user. The data is utilised for the sole purpose of obtaining anonymous statistical information about the utilisation of the site and to check its proper functioning before being deleted immediately after processing. The data could be used to ascertain liability in the event of hypothetical computer crimes against the website. Save for this eventuality, as things stand, the data on web contacts does not persist for more than seven days.
Data Voluntarily Provided by the User
The optional, explicit and voluntary sending of email to the addresses indicated on this website or the user’s insertion of data in the contact form in order to contact the company involves the subsequent acquisition of such data, being necessary to respond to requests, and the processing of the same. We collect or detect the name, surname, address, email, telephone number, any company name and VAT number directly from the user. Such data is retained indefinitely in the Data Controller’s databases.
PURPOSE OF PROCESSING
The Data Controller process the user’s data to facilitate navigation and to provide the services requested by the user through the forms specially set up on the website. Apart from that specified for navigation data and technical cookies, within the sections of the site dedicated to particular services at the user’s request, personal data can be provided for the purposes set out in the respective policies, being aware that the failure to provide such may result in the impossibility of obtaining the requested service.
PERSONAL DATA PROCESSING METHODS
The processing is carried out through operations conducted with the aid of electronic instruments and consists in the collection, registration, organisation, retention, consultation, processing, modification, selection, extraction, comparison, utilisation, interconnection, blocking, communication, erasure and destruction of data. Processing is carried out by the Data Controller and the appointed persons expressly authorised by the Data Controller, for the time strictly necessary to achieve the purposes for which such has been collected. Specific safety measures are observed to prevent data loss, unlawful or incorrect utilisation and unauthorised access.
DISCLOSURE OF DATA
The Data Controller and Data Processors may become aware of the contents of the data subject to processing. The details may also be communicated to internal or external collaborators, such as accounting, logistics and technical companies, payment service providers, warehouses, packaging and order shipping businesses.
The aforementioned navigation data can be partially processed on the systems of the provider Google LLC (currently Google Analytics, Google Conversion Tracking, Google Ads and Zendesk Inc.), which in any case, declare using systems that offer guarantees of compatibility with respect to the GDPR and the legislation pertaining to the protection of personal data. Finally, the data may be communicated to the competent authorities upon request and in compliance with obligations arising from legal regulations.
RIGHTS OF THE DATA SUBJECT
The Data Subject has the right:
– to rectification, erasure, limitation and opposition to the processing of data;
– to obtain the data in a format that is structured, commonly used and readable by automatic devices to transmit such to another Data Controller;
– to withdraw consent to the processing, without prejudice to the lawfulness of the processing based on the consent acquired prior to revocation;
– to lodge a complaint with the Data Protection Authority.
Exercise of the Data Subject’s rights can occur through communication to be sent:
via email to firstname.lastname@example.org