Owner and manager of the treatment
The Data Controller is Biodynamic srl
The updated list of data processors and persons in charge of processing is kept at the registered office of the Data Controller.
The Data Controller and Data Processor are responsible for adopting decisions regarding the purposes and methods of data processing, as well as the appropriate technical and organizational measures to adopt pursuant to Article 32 of the Regulation, to ensure that the processing of the data is carried out in accordance with the provisions of the latter. Purpose of processing User data is collected and used exclusively for the purposes summarized below: 1. Account creation and activation on the site; 2. conclude the contracts for the services of the owner; 3. operation and access to the services provided by the Owner and reserved for the registered user; 4. registration on the site for the use of the related services; 5. sending to the e-mail address provided by the user of discount coupons or promotions that can be used when sending the purchase order for the selected products; 6. sending via the e-mail address provided by the user of the answers to the questions and / or requests for clarification formulated by the user himself, about any products marketed and services offered by the site; 7. processing of statistics in anonymous form Only with your specific and distinct consent (articles 23 and 130 of the Privacy Code and article 7 of the GDPR), for the following Marketing Purposes: 1. send them via e-mail, post and / or text message and / or telephone contacts, newsletters, commercial communications and / or advertising material on products or services offered by the Data Controller and detection of the degree of satisfaction with the quality of services; 2. send you commercial and / or promotional communications from third parties (for example, business partners, insurance companies, etc.) via e-mail, post and / or sms and / or telephone contacts.
Types of data processed
The Data Controller collects, manages and stores the identification, personal and sensitive data of the User, who, by freely providing his data, declares his will to become a Registered User following the completion of the registration process provided for on the site.
The user’s identification and personal data are collected exclusively for the purposes described above. The processing of data in addition to having as its object personal data (by way of example only name, surname, e-mail address), may also include sensitive data.
Upon registration, the user may provide data of a sensitive nature such as information suitable for revealing his racial and ethnic origin. Data provided voluntarily by the user electronically The data that the user spontaneously communicates to the Data Controller using the e-mail address firstname.lastname@example.org, will be processed in compliance with the principles of correctness, lawfulness, transparency and adequacy to which the treatment must be conformed, in order to guarantee the protection of the confidentiality and rights of the user. These data are used for the sole purpose of performing the service and / or performance requested by the user and may be disclosed to third parties only if this is strictly necessary for the execution of the user’s request.
The user’s personal data may be disclosed to specific subjects, appointed by the Owner to provide services that are instrumental or necessary for the execution of the obligations related to registration on the site and online purchase, within the limits and in accordance with the instructions given. In particular, the data may be disclosed to: 1. people, companies or professional firms, which provide – by way of example – assistance, consultancy or collaboration to the Data Controller in accounting, administrative, legal, tax and financial matters; 2. third parties (couriers, shippers) in charge of packaging, shipping and / or delivery of the products ordered by the registered user; 3. all those subjects (including public authorities) who have access to personal data by virtue of regulatory or administrative measures.
The user’s data will be stored both on computer media and, where necessary, on paper supports in compliance with the provisions contained in the Regulations: they will be processed through registration, consultation, communication, storage, cancellation, rectification, updating operations, carried out mainly with the aid of electronic tools, ensuring the use of adequate measures to guarantee the security of the data processed and the confidentiality of the same. Following periodic checks, the Data Controller will verify the strict relevance and non-excess of the data collected with respect to the obligations and purposes of the processing. The user will be held responsible for the accuracy of the data; It is therefore up to the user to verify the correctness of the data concerning him and, if necessary, to proceed with the correction, updating or, in any case, the modification of the data during the processing. The user’s data are stored and processed for the time necessary to perform the services requested by the user in compliance with the purposes listed above in this information, in compliance with civil, fiscal and tax obligations. In the event of deletion of disabling of the user’s account, the user’s data will be kept only for the time required and required to comply with specific legal obligations on the conservation of accounting and tax documentation.
The subjects to whom the personal and identification data processed refer enjoy the rights provided for by the Regulations which are summarized below: • ask the Data Controller for access to personal data concerning him; • obtain an indication of the origin of the data, the purposes of the processing, the logic applied in the case of processing carried out with the aid of electronic tools, the identification details of the owner, the data processors and the designated representative; • obtain an indication of the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representatives in the territory of the state, managers or agents; • obtain updating, rectification or, when interested, the integration of data; • the cancellation, transformation into anonymous form or pseudonymisation or blocking of data processed in violation of the law, including those for which conservation is not necessary in relation to the purposes for which the data were collected or subsequently processed; • lodge a complaint with the Guarantor for the protection of personal data, following the procedures and indications published on the official website of the Authority on garanteprivacy.it; • object in whole or in part for legitimate reasons to the processing of data concerning him, even if pertinent to the purpose of the collection. ◦ by registered letter with return receipt to biodynamic, via Bassetta 3 – 43037 Lesignano de ‘Bagni (PR) – Italy; ◦ by e-mail to email@example.com
In the event of a computer accident involving the violation of the data processed, the Data Controller, pursuant to Article 33 of the Regulation, is responsible for communicating and notifying the fact to the Guarantor within 72 hours from the moment in which he became aware of it and at his address of e-mail following the instructions available on the website https://web.garanteprivacy.it/rgt/NotificaTelematica.php