- Directive 2002/58/EC – on “personal data processing and protection of private life in the field of electronic communications”.
- Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation”).
The Data Controller is Pastificio Rana S.p.A., Via Antonio Pacinotti n. 25 – 37057 San Giovanni Lupatoto (VR).
TYPE OF DATA PROCESSED
The information systems and the software procedures necessary for the functioning of this web site acquire, during their normal exercise, some personal data whose transfer is implicit in the employment of communication protocols on the Internet. These information are not collected to be associated to identified Data Subjects, but – due to its nature – it could, through processing and association with data held by third parties, allow the identification of the users. To this category belong the IP addresses and the domain names of the PCs used by the users that connect to the web site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the dimension of the file obtained, the numeric code indicating the status of the answer given by the server (successful, error, uest, the metho etc.) and other parameters concerning the operation system and the user’s information environment.
These data are used only to obtain anonymous statistic information on the employment of the web site and to control it works correctly and are cancelled immediately after the processing.
Anonymous or aggregated data
Anonymization is configured as a treatment that has the purpose of preventing the identification of the interested party. Anonymized data do not fall within the scope of data protection legislation. The aggregate data may derive from personal data provided by the user but are not considered personal data as, as specified, they do not allow the identification of the interested party either directly or indirectly.
LINKS TO OTHER WEBSITES
This site may contain links or references for access to other sites. We inform you that the Data Controller does not control the cookies or other monitoring technologies of these websites to which this Policy does not apply. We therefore suggest that you consult the individual privacy policies relating to these websites.
PURPOSE AND LEGAL BASIS OF THE PROCESSING
The data collected will be used to obtain anonymous statistical information on the use of the website and to check its correct functioning.
PROCESSING METHODS and STORAGE TIMES
Personal data are processed through the use of automated tools for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The Data Controller has taken all appropriate security measures and is inspired by the main international standards to minimize the risks relating to the confidentiality, availability and integrity of the personal data collected and processed.
SHARING, COMMUNICATION AND DISCLOSURE OF DATA
The process connected to the web services of this website take place at the aforementioned headquarters of the Data Controller and are handled by employee expressly authorized. The data collected may be shared, transferred or communicated to other companies for activities strictly connected and instrumental to the purposes indicated above, such as the management of the IT system or to any third party suppliers in charge of occasional maintenance operations. In the aforementioned cases, the Data Controller proceeds to appoint these third parties as Data Processors pursuant to Article 28 of the GDPR. Except for these cases, personal data will not be disclosed to third parties unless required by contract or by law, or unless specific consent is requested from the interested party. In this sense, personal data may be transmitted to third parties, but only and exclusively in the event that:
a) there is explicit consent to share data with third parties;
b) there is a need to share information with third parties in order to provide the requested service;
c) this is necessary to fulfil requests from the judicial or public security authorities.
No data deriving from the web service is disseminated.
TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
Personal data will not be transferred to third countries, namely countries not belonging to the European Union or to the European Economic Area. If this happens, the Data Controller declares and guarantees to comply with the provisions of articles 44 and following of the GDPR.
RIGHTS OF INTERESTED PARTIES
The legislation for the protection of personal data expressly provides some rights for the subjects to whom they refer (interested party). In particular, pursuant to articles 15 and following of Regulation (EU) 2016/679, each interested party has the right to obtain confirmation of the existence or not of data concerning him/her and in this case, to obtain access to personal data, to obtain rectification, cancellation, the limitation of the treatment, the portability of the data, as well as to oppose the treatment.
RETENTION OF DATA
The Data Controller informs you that the personal data collected will be kept only for the time necessary to fulfil the specific purposes indicated. Any further retention of data or part of the data may be arranged to assert or defend the Data Controller’s rights in any eventual venue and in particular in judicial offices.
CHANGMENT TO THIS PRIVACY POLICIES
The Data Controller periodically checks its own privacy and security policy and, if necessary, revises it according to regulatory, organizational or technological changes. In the event of a change of the policy, the new version will be published on this page of the site.
QUESTIONS, COMPLAINTS, SUGGESTIONS AND EXERCISE OF RIGHTS
Anyone who is interested in more information, that wants contribute with suggestions or make complaints about privacy policies, about the way in which the Data Controller processes personal data, as well as to exercise their rights about the protection of personal data, can contact the Data Controller by writing to Pastificio Rana SpA, Via Antonio Pacinotti n. 25 – 37057 San Giovanni Lupatoto (VR), or by sending an e-mail to the address firstname.lastname@example.org.
Without prejudice to any other administrative or judicial appeal, the interested party who believes that the processing that concerns him / her is in breach of the GDPR has the right to lodge a complaint with a supervisory authority, in particular in the Member State where he/she usually lives, works or where the alleged infringements has occurred.