- Mediterranea Quality Food Srl con sede a Praia a Mare (CS), Via Filippo Turati n. 11,
in its capacity as Data Controller of personal data pursuant to EU Regulation 679/2016 applicable from May 25, 2018 – the General Data Protection Regulation (GDPR) - and the relevant applicable National Legislation (hereinafter collectively referred to as the "Applicable Legislation") recognizes the importance of the protection of personal data and considers its protection one of the main objectives of its activity. In compliance with the Applicable Legislation, we are providing the necessary information regarding the processing of personal data provided; therefore, Mediterranea Quality Food Srl, invites you to read this information notice carefully as it contains important information on the protection of personal data and the security measures taken to ensure privacy in full compliance with Applicable Legislation Mediterranea Quality Food Srl, informs you that the processing of personal data will be based on the principles of lawfulness, fairness, transparency, limitation of purpose and storage, data minimization, accuracy, integrity and confidentiality. Personal data will therefore be processed in accordance with the legislative provisions of the Applicable Legislation and the obligations of confidentiality therein.
According to the Applicable Legislation, the data controller is Mediterranea Quality Food Srl, with headquarters Via F. Turati n. 11 – 87028 Praia a Mare (CS), IT.
In turn, Mediterranea Quality Food Srl has appointed a Data Protection Manager, who is available at firstname.lastname@example.org for any information relating to the processing of personal data carried out by the Data Controller, including requests for the list of data processors who process data on behalf of the Data Controller.
"Personal Data" means any information relating to an identified or identifiable natural person, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more features of their physical, physiological, mental, economic, cultural or social identity.
"Sensitive Data" means personal data that may reveal racial or ethnic origin, religious or philosophical beliefs, or trade union membership, as well as generic and biometric data, data relating to a person's health or sex life or sexual orientation. "Judicial Data" means personal data relating to criminal convictions and offenses or related security measures.
"Processing" means any operation or set of operations, whether or not by automatic means, applied to personal data or a set of personal data, such as collection, recording, organization,
structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, deletion or destruction.
The processing of data takes place at the abovementioned headquarters of the data controller, at third parties duly identified or through the website.
The processing has as its object the personal and identification data voluntarily provided by the data subject (by way of example but not limited to: name, surname, address, VAT number, tax code, landline or mobile phone number, e-mail address, bank details, cookies, usage data, etc.).
The data will be processed for institutional purposes, connected or instrumental to the activity of our company, namely:
A: Administrative-accounting. For the purposes of the application of the provisions on the protection of personal data, the forms of processing carried out for administrative-accounting purposes are those related to the performance of activities of an organizational, administrative, financial and accounting nature, regardless of the nature of the data processed. In particular, these purposes are pursuing by internal organizational activities, which are functional for the fulfillment of contractual and pre-contractual obligations, for the management of the employment relationship in all its phases, for the keeping of accounts and the application of the rules on taxes, trade unions, social security and welfare, health, hygiene and safety at work. B: Informative and promotional. The use of electronic mail addresses provided by the customer in the context of the finalization of the registration and for the subsequent execution of the contractual relationship is allowing for sending information/promotional communications.
Any refusal to provide data for the purposes referred to in paragraph A may prevent the stipulation or execution of contractual relations or the fulfillment of legal obligations by Mediterranea Quality Food Srl, while any refusal to provide data for the purposes referred to in paragraphs B does not prevent the stipulation or execution of the contract, but does not allow the pursuit of the purposes specified therein.
The data subject may at any time oppose the processing of personal data by exercising the rights provided for by the Applicable Legislation in the forms and ways indicated herein.
In accordance with the provisions of this document, the Customer declares that he/she gives his/her consent to the processing of his/her personal data for the purposes set out in points A and B by means of acceptance via the website.
The processing will be carried out in automated and manual form, with methods and tools to ensure maximum security and confidentiality, by persons appointed as processors and appointed persons under the
applicable legislation. The data will be kept for a period not exceeding the purposes for which it was collected and subsequently processed, and in any case in relation to the contractual or commercial relationship in place, except as required for administrative/accounting purposes.
The data subject to processing will not be disclosed, unless explicitly authorized by the data subject, following the appropriate information notice. The data may instead be communicated to companies contractually bound to the Data Controller and, where necessary to subjects inside and outside the European Union, in accordance with and within the limits of the Applicable Legislation.
The data may be communicated in this sense to third parties belonging to the following categories:
- Subject that provide services for the management of the information system used by the Data Controller and of the telecommunication networks, and which work on the maintenance of the technological part (including the e-mail and the newsletter service);
- freelancers, firms or companies in the area of support and consulting; subjects that carry out control, review and certification of the activities carried out by the data controller;
- subjects carrying out control, audit and certification of the activities carried out by the data controller;
- competent authorities for the fulfillment of legal obligations and/or the provisions of public bodies, at their request.
The identification data processed in application of the company's security procedures is not subject to communication, except in the case of express and specific requests made by the competent judicial and investigative authorities. The subjects belonging to the above-mentioned categories act as Data Processors, or operate completely independently as separate Data Controllers. The list of data processors is constantly updated and available on request at the headquarters of the Data Controller. Any further communication or dissemination will take place only with the express consent of the data subject. Moreover, during the ordinary activities of processing, the persons expressly designated by the company as responsible for processing, authorized according to their roles, can access personal and identification data and thus come into the knowledge of it.
LFinally, we inform you that at any time, you may exercise your rights towards the Data Controller in accordance with the Applicable Legislation, and thus obtain confirmation of the existence or non-existence of such data, know its content and origin, verify its accuracy, request its integration, updating or correction. If the conditions set out in the Applicable Legislation are met, you have the right to request deletion, limitation of processing, portability, as well as to oppose the processing for legitimate reasons. If the conditions set out in the Applicable Legislation apply, you have the right to lodge a complaint with the Control Authority.