WHAT TYPES OF DATA DO WE COLLECT?

When you use our services, you agree that our company collects some of your personal data. This page is intended to tell you what data we collect, why and how we use it. We process two types of data:

Data provided by the user

When you register, insert or reply to an article or advert we ask you to provide us with some data needed to use our service.
These are, for example, the data we ask you for:

• email address and password;
• other data relating to the type of content to which you respond.

You can also choose to provide us with the following information:

• name;
• date of birth;
• sex;
• city or municipality of reference;
• telephone number.

Third party data
If you provide personal data of third parties, such as those of your family or friends, you must be sure that these subjects have been adequately informed and have consented to the relevant processing in the ways described in this information.

Data of minors under the age of 16
If you are under 16 years of age you cannot provide us with any personal data nor can you register on our site and in any case we do not assume responsibility for any false declarations provided by you: if we notice the existence of untruthful declarations, we will proceed with the immediate cancellation of any personal data acquired.

Data we collect automatically and digital services in use

We collect the following data through the services you use:

• technical data: for example IP address, browser type, information about your computer, data relating to the current (approximate) location of the tool you are using;
• data collected using cookies or similar technologies: for further information, please visit the “Cookies” section.

These are the digital services currently in use on our site:

• Google Fonts
• Google Tag Manager
• Cloudflare
• Google Analytics 4
• Direct registration

Go to this link for more information.

 

1. HOW DO WE USE THE COLLECTED DATA?

We use the data collected to offer you our service every day, to inform you about our activities or to offer you a more personalized service in line with your interests.

1.1. To inform you about our commercial activities

We use the data collected, if you have expressly given us consent, to inform you about activities that may interest you.

In particular we use them for:

• notify you of activities on events, initiatives or partnerships, via email, sending SMS or “push” notifications; only if you are a professional;
• carry out analysis and reporting activities connected to promotional communication systems, such as for example the detection of the number of emails opened, the clicks made on the links present within the communication, the type of device used to read the communication and the relevant operating system.

2. IS THE PROVISION OF DATA MANDATORY?

The provision of personal data is mandatory exclusively for the processing necessary for the provision of the services offered by us (any refusal, for the purpose of providing our services, makes their use impossible); it is instead optional for promotional and profiling purposes and any refusal to give consent does not have negative consequences on the provision of the services offered within the website and any related applications.

3. WHO ARE THE SUBJECTS OF THE TREATMENT?

3.1. Data controller

The data controller is La Casa del Grano S.r.l., with headquarters in via Cettolini 52/54 – 09030 Z.I. Elmas (CA), Italy.

The data controller uses data processors to achieve the purposes specified in point 1.

3.2. Data Protection Officer (DPO) and contact information

The designated person responsible for the protection of personal data (Data Protection Officer) pursuant to art. 37 of the GDPR is Graziella Rais.

We remind you that you can contact the DPO at any time and send any questions or requests relating to your personal data and respect for your privacy by writing to lacasadelgrano@ lacasadelgrano.com

3.3. Subjects to whom personal data may be communicated

The data collected as part of the provision of the service may be communicated to:

• companies that carry out functions strictly connected and instrumental to the operation – including technical – of our services, such as for example suppliers that provide services aimed at reviewing and verifying adverts, companies that provide archiving, administrative, payment and billing, associated companies that provide technical components for the provision of certain service features;
• administrative and judicial bodies and authorities by virtue of legal obligations.

Your personal data may be transferred outside the European Union for processing by some of our service providers. In this case, we ensure that this transfer takes place in compliance with current legislation and that an adequate level of protection of personal data is guaranteed based on an adequacy decision, on standard clauses defined by the European Commission or on Binding Corporate Rules.

Under no circumstances do we give or sell personal data to third parties.

4. HOW CAN YOU GET INFORMATION ABOUT THE DATA, MODIFY IT, DELETE IT OR GET A COPY OF IT?

4.1. Exercising your rights

Any natural person who uses our service can:

• obtain from the owner, at any time, information about the existence of their personal data, the origin of the same, the purposes and methods of processing and, if present, to obtain access to the personal data and information referred to in Article 15 of the GDPR;
• request updating, rectification, integration, cancellation, limitation of data processing if one of the conditions provided for in Article 18 of the GDPR occurs, transformation into anonymous form or blocking of personal data, processed in violation of the law, including those whose retention is not necessary in relation to the purposes for which the data were collected and/or subsequently processed;
• object, in whole or in part, for legitimate reasons, to the processing of data, even if pertinent to the purpose of the collection and processing of personal data intended for the purposes of commercial information or sending of advertising material or direct sales or for carrying out market research or commercial communication. Each user also has the right to revoke consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation;
• receive your personal data, provided knowingly and actively or through the use of the service, in a structured format, commonly used and readable by an automatic device, and to transmit them to another data controller without impediments;
• submit a complaint to the Guarantor Authority for the protection of personal data in Italy.

We remind you that for any questions or requests relating to your personal data and respect for your privacy you can write to the dedicated address lacasadelgrano@lacasadelgrano.com

5. WHERE IS YOUR DATA? SITE HOSTING AND DIGITAL SERVICES

The hosting of the site and the services associated with them (email, database and backup) are provided by Aruba SpA, an Italian company with registered office in Italy which operates in compliance with Italian and European laws.
Its cloud computing services comply with the Code of CISPE Conduct.
Aruba SpA complies with the logical, physical and organizational security standards imposed by the ISO 27001 certification, in addition to the ISO 9001, ISO 14001, ANSI/TIA 942-A certifications. For more information: www .aruba.it/gdpr-regolamento-europeo-privacy.aspx

6. HOW AND FOR HOW LONG WILL YOUR DATA BE STORED?

Personal data will be stored in paper and/or electronic/computer form and for the time strictly necessary to fulfill the purposes referred to in point 1, in compliance with your privacy and current regulations.

For analysis purposes aimed at developing and improving the service, the user’s personal data may be subject to a retention period of 36 months.

For direct marketing and profiling purposes we keep your data for a maximum period equal to that required by applicable law (24 and 12 months respectively).

Invoices, accounting documents and transaction data are kept for 11 years in accordance with the law (including tax obligations).

In the case of exercising the right to be forgotten through a request for express cancellation of personal data processed by the owner, we remind you that such data will be stored, in a protected form and with limited access, solely for the purposes of ascertaining and suppressing crimes, for a period not exceeding 12 months from the date of the request and will subsequently be securely deleted or irreversibly anonymised.

Finally, we remind you that for the same purposes, data relating to electronic traffic, excluding the contents of communications, will be retained for a period not exceeding 6 years from the date of communication, pursuant to art. 24 of Law no. 167/2017, which implemented EU Directive 2017/541 on anti-terrorism.

If you do not carry out any active action (for example browsing, searches and/or any other way of using the services) on our site for a period of 27 months, you will be classified as an inactive user and your personal data will be automatically deleted.< /p>

7. HOW DO WE ENSURE THE PROTECTION OF YOUR DATA?

The data are collected by the subjects indicated in point 3, according to the indications of the reference legislation, with particular regard to the security measures provided for by the GDPR (art. 32) for their processing using IT, manual and automated tools and with logic strictly related to the purposes indicated in point 1 and in any case in such a way as to guarantee the security and confidentiality of the data themselves.

In compliance with applicable legislation, an anti-spam verification system is active on communications between users. The data entered therein may be verified for the sole purpose of identifying illicit activities or content that does not comply with the General Conditions of the Service, but will not be processed or communicated for commercial or promotional purposes.

8. FURTHER INFORMATION

8.1. Location

When you use applications and services from our site with active location tracking, we may collect and process information about your current (approximate) location. This data is processed anonymously, in a format that does not allow the user to be personally identified and used for the sole purpose of facilitating the use of some location-based features of the service. You can activate/deactivate location services at any time by accessing your browser and/or device settings as follows:

• SAFARI
  Desktop or laptop (portable) type devices
  go to “Preferences” > “Websites” > “Location” and remove our site from the list
  Mobile (smartphone, tablet)
  go to “Preferences” >”Privacy” > “Localization” and turn off localization for Safari
• CHROME
  Desktop or laptop (portable) type devices
  open Chrome chrome://settings/content/location and remove our site from the list
  Mobile (smartphone, tablet)
  open Chrome and select “Site Settings” > “Location” and remove our site from the list
• FIREFOX
  Desktop or laptop (portable) and mobile (smartphone, tablet) devices
  open Firefox and go to about:preferences#privacy, search for “Permission” > “Location” > “Settings” and remove our site from the list
• INTERNET EXPLORER
  Desktop or laptop (portable) type devices
  open Internet Explorer, click on the “gear” icon and select “Internet Options” in the privacy panel, under Position press the “Delete Sites” button

8.2. Search engines

The information relating to the articles and/or advertisements placed on our site will be visible in searches carried out in the internal search engine and may be made available to third party search engines as indexing of the contents by third party engines. If the page relating to the article and/or advertisement has already been removed from our site, it is possible that the cached copy will remain among the search results for a few days. The search results are not managed by our site, but the user can report the removal of the page and request the update of the cache copy directly to the third-party search engine.

9. CAN THE PRIVACY POLICY BE CHANGED OVER TIME?

This information may be subject to changes. If substantial changes are made to the use of data relating to the user by the Owner, the latter will notify the user by publishing them as clearly as possible on their pages or through alternative or similar means.