Privacy Policy

Information pursuant to Article 13 REGULATION (EU) 2016/679

La Preferita O.P. Pugliese Soc. Cons. a.r.l. (“La Preferita”), Data Controller, pursuant to Article 13 of the EU Regulation 2016/679 (hereinafter, “GDPR”) and Legislative Decree 196/2003, as amended by Legislative Decree 101/18, with the following information intends to describe the methods of processing of personal data of users who consult the website accessible by electronic means at the following URL:

www.lapreferitaop.it

This information does not pertain to other sites, pages, or online services that can be reached through hypertext links that may be posted on the site.

In this document we wish to explain:

1. What is meant by ‘data processing’?

According to Art. 4 of EU Reg. 2016/679 the term processing of personal data means “any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction.”

2. Who is the Data Controller of your data?

The Data Controller is La Preferita O.P. Pugliese Soc. Cons. a.r.l., P. IVA 06799760720, located in SP. 30 km 2, 70033 – Corato (BA).

The Data Controller can be reached at the email address:

info@lapreferitaop.it

3. What data are processed?

La Preferita uses two types of personal data, namely those related to accessing our website (“browsing data”) and those communicated directly by the user (“identification data”).

  1. Navigation Data

    This category of data includes all those data whose transmission is implicit in the use of Internet communication protocols and, in particular, IP addresses or domain names of the computers and terminals used by users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc. ) and other parameters related to the users’ operating system and computer environment.

    This data may also be collected through the use of cookies. In this case the information is not collected for the purpose of making an association with identified interested parties, but, despite this̀, given their very nature, they could still allow third parties to identify the user, through processing and associations with other data alreadỳ in their possession.

    Information on cookies and automated systems similar to cookies is made available to the user by clicking the appropriate link called “COOKIE POLICY” on the website.

  2. Identifying data

    The optional, explicit and voluntary sending of messages to the contact addresses of the Data Controller, private messages sent by users to related profiles/pages on social media (where this possibility is provided), as well as the completion and submission of the contact form on the site, involve the acquisition of the sender’s contact data, necessary to respond, as well as all personal data included in the communications.

    In particular, data such as name, surname, place and date of birth, residence, telephone number, email address may be acquired.

4. Why do we process your data?

The purposes for processing browsing data are as follows:

  1. allow navigation through the website;
  2. obtain statistical information on the use of services (most visited pages, number of visitors by time slot or daily, geographical areas of origin, etc);
  3. monitor the proper functioning of the services offered.

The purposes for processing personal identifying information provided by the user are as follows:

  1. Use of the services offered by La Preferita.
  2. Responding to requests for information. In fact, the website indicates the contact details of the Data Controller (email, registered office, telephone, other possible). The user who uses these contact details to collect information about the activity of the Data Controller, provides the latter with his personal data (such as first name, last name, personal data that will be processed exclusively to evade to the request for clarification, doubts, other);
  3. Respond to requests for information made by the user through the contact form. The user’s data (name, email, telephone, other) provided by filling out the contact form will be processed by the Owner for the purpose of processing the information request made by the user;
  4. Sending of advertising communications (so-called Direct Marketing). The following information will be applied whenever, in the course of browsing this website, the user is asked to provide his or her data and consent for the Holder to send to the data subject advertising material or commercial communications, offers and promotions, direct sales, or to carry out market research or opinion polls (henceforth, collectively referred to as “direct marketing” activities). The purpose of the processing is to carry out “direct marketing” activities towards the user.

In addition, users’ personal identification data may also be processed according to the following purposes stipulated by law:

  1. fulfillment of legislative obligations. The data provided by the data subject will be used to fulfill legislative obligations under national, European or supranational legislation.
  2. needs for the establishment, exercise or defense of rights. The data provided by the data subject will also be processed, if necessary, for the establishment, exercise or defense of the Holder’s rights in court.

5. On what legal basis we process your data?

The processing of personal data indicated on this page finds its legal basis in the cases described in Article 6 of the GDPR.

In particular, with regard to navigation data, the legal basis of the processing resides in Article 6, no. 1, letter f) of the GDPR, which prescribes the lawfulness of the processing if it is necessary for the pursuit of the legitimate interest of the data controller or third parties.

With reference, on the other hand, to the personal identification data communicated by the user (aimed at the use of services or the request for information), the legal basis of the processing is identified in Article 6, no. 1, lett. a) of the GDPR, according to which the same is lawful when the data subject has given his or her consent to the processing of his or her personal data for one or more specific purposes, as well as in Article 6, no. 1, lett. b) of the GDPR, which indicates as the legal basis the execution of pre-contractual or contractual measures taken at the request of the data subject.

The processing of personal data for commercial purposes (sending commercial communications) is based on the following legal bases: in the (optional) consent provided by the data subject pursuant to Art. 6, no. 1, letter a) of the GDPR; in Art. 130, para. 4, of the new Privacy Code, but only in the case of processing by e-mail and for sending communications regarding services similar to those already “sold” to the Client; in the legitimate interest ex art. 6, no. 1, lett. f) of the GDPR (in combination with Recital no. 47), when the data subject expects such processing by the Controller and this does not infringe his rights and freedoms.

Finally, the processing of personal data in cases of compliance with legislative obligations and requirements for the establishment, exercise or defense of rights, finds its legal basis in Article 6, no. 1(c) of the GDPR, according to which it resides in the fulfillment of a legal obligation to which the Data Controller is subject, and in Article 6, no. 1(f) of the GDPR.

6. What are the processing, communication and dissemination methods of your data?

The data will not be disclosed but communicated to the subjects formally appointed as data processors (for example, employees, if any) or designated as data processors (for example, company providing the hosting service, web agency managing the website), who will proceed with the processing by adopting appropriate and adequate security measures to prevent unauthorized access, disclosure, modification or destruction of your data.

In order to comply with legal or contractual obligations, the data subject’s data may be disclosed to the following entities: to insurance institutions in the case of claims; to public entities where required by law; to Lawyers, Law Enforcement, Judicial Authorities (for example) in the case of wrongdoing, breach of contract, other legally relevant fact caused by the data subject or by the Data Controller itself against the data subject.

For all of the aforementioned purposes, the data may be known by subjects who carry out, on behalf of the Data Controller, also as data processors, certain technical and organizational activities, such as administrative, accounting and tax services.

Pursuant to Article 28 of the GDPR, the Controller will appoint as data processors third parties who process personal data on its behalf; a list of external data processors is available at the Controller’s office.

For more information on the appointed parties or data processors, please contact the Controller at the email address indicated in the epigraph.

7. How long is your data kept?

Regarding browsing data, except what will be said about cookies or other tools similar to cookies, the Owner does not retain any data potentially provided through simple browsing.

The personal data provided by the data subject for the request for information will be kept for the time necessary to carry out the service of issuing information: once this period has expired, the data will be immediately deleted.

Personal data provided for the use of services in case of the conclusion of a contract, on the other hand, will not be deleted but properly managed in compliance with the GDPR. For all information regarding such processing, please refer to the appropriate privacy policy.

In cases of processing due to compliance with legislative obligations, the retention period dependent on the standard applied by the Data Controller at the time of processing.

In the case of processing due to the need to establish, exercise or defend rights, the Data Controller will retain the data of the data subject for this exclusive purpose only if there is a reasonable likelihood̀ of having to take judicial action. In the event of litigation, the data will be retained until the finalitỳ of the judgment.

Finally, personal data processed for commercial purposes will be retained, in the case of consent, until it is revoked under Article 7 of the GDPR. Whereas, in the case of processing carried out pursuant to Article 130(4) of the new Privacy Code and Article 6(1)(f) of the GDPR, the data will be retained for that purposè until the data subject objects under Article 21 of the GDPR, to be asserted from the beginning of the processing or during its protraction.

8. Where is your data processed? Is it possible to transfer your data to countries outside the EU?

Data processing is carried out at the operational offices of the Data Controller and in any other place where the parties involved in the processing are located.

The Controller undertakes not to transfer user data to countries outside the EU. In the case of transfers, the Controller guarantees the application of the rules set forth in Articles 44 et seq. of the GDPR.

For any information, please contact the email address already reported.

9. What are your rights?

The data subject may assert his or her rights as expressed in Articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR.

In particular, the data subject has the right to:

  • request confirmation of the existence of their personal data, among the from data collected by the company;
  • know their origin, logic and purpose of their processing;
  • obtain the updating, rectification and integration;
  • request their cancellation and oblivion, transformation into anonymous form or blocking in case of unlawful processing;
  • oppose their processing for legitimate reasons or in the case of use of the data for
  • sending advertising material, commercial information, market research, direct
  • sales and interactive commercial communication if consent has not been given;
  • request the transfer of their data to third parties where possible and necessary;
  • revoke the consent given at any time;

The exercise of the aforementioned rights may be made by direct request from the interested party to the Data Controller, using the references indicated in this notice.

The Data Controller, upon receipt of the communication from the data subject, will take charge of his/her request, processing it in the time necessary to process it (maximum 14 days) and, subsequently, will confirm it to the data subject.

If the data subject is aware of a violation of the rules on the processing of personal data, or of the unlawful loss or dissemination of personal data, he or she must make urgent communication with the Data Controller, using one or more of the contacts listed in this notice;

The Data Controller must, within 72 hours, notify the Privacy Authority of the violation, together with the measures taken to deal with the violation.

The data subject has, also, the right to file a complaint with the Supervisory Authority. For more information on the procedures, the user is invited to visit www.garanteprivacy.it.

The Data Controller who becomes aware from other sources of control (DPO where present – Data Processor – Processors) of the breach, loss, accidental diffusion, shall notify within 72 hours the Privacy Authority, also indicating the measures to cope with the breach, as well as the data subject;

The Privacy Authority www.garanteprivacy.it is competent for reports regarding the violation of one’s personal data or damages suffered, as a result of the same.

In case of disputes relating to the interpretation of this document, competent will be, pursuant to Legislative Decree 206/2005, the Consumer’s Court.

Cookie policy

Information about cookies and cookie-like automated systems is made available to you by clicking the appropriate link called “COOKIE POLICY” located in the footer of the website.

For any information, clarification, exercise of rights please contact the Owner at the above mentioned email address.

La Preferita O.P. Pugliese Soc. Cons. a.r.l.
SP. 30 km 2, 100 – 70033, Corato (BA)
Phone: +39 080 872 4468
Mail: info@lapreferitaop.it
P. Iva: 06799760720

PRIVACY POLICY | COOKIE POLICY | TERMINI E CONDIZIONI – Made by Phi Comunicazione

Free shipping to Italy available on orders over €100 (excluding islands).

Shop now ❯