Data Controller
Maglio Arte Dolciaria S.r.l.
Name and Surname of the Data Processor
__Maglio Arte Dolciaria srl____
e-mail address of the Data Processor
____info@www.cioccolatomaglio.it_____
Types of Data Collected
Your privacy is important to us. We would like to inform you that this website collects various data, either independently or through third parties. That data includes: Cookie, Usage data, name, surname, email, phone number, address, zip code, country, city, company name, gender, date of birth, VAT number, shipping address, billing address.
Details on the types of data collected will be provided later in this Privacy Policy or through specific disclosure documents that can be viewed before completing various forms.
Personal data can be freely provided by the user or, in the case of usage data, collected automatically as you browse the website.
Unless specified otherwise, all data requested is compulsory. If the user refuses to provide this data, it may be impossible to provide them the requested service. If the website indicates some data as optional, the users are free to abstain from providing this data, without there being any consequences on the availability or operation of the service.
Users who have any doubts regarding which data are compulsory, please contact the data controller.
Cookies – or other tracking tools – are used by this website or by the data controllers of third party services used by this website, unless otherwise specified, to provide the service requested by the user, as well as for other means described in this document or in the Cookie Policy, that can be used as reference.
The user is responsible for third party personal data acquired, published or shared on this website and guarantees to have the right to provide or share this, assuming all responsibility from the data controller regarding third parties.
Place and procedure of processing of collected Data
Location
All collected data is stored in secure facilities by the Controller to which only authorized persons have access. For more information one should contact the Data Controller.
When Personal Data is transferred to a country other than the User’s country, the User has the right to obtain more information about where the Data is processed and the Legal Basis for the data transfer outside the European Union and the measures taken by the Data Controller to protect the Data. The User is referred to the section on details on the processing of Personal Data.
For the transfer of Data outside the European Union we refer to the relevant sections of this document. The User can always or request information from the Data Controller.
Duration of processing
The Data collected will always be kept for the duration strictly necessary to achieve the purposes for which it is collected and will not be disseminated.
The collected Data may also be kept for longer periods when the User gives consent to the Processing and until this consent is revoked or when it is necessary to comply with a legal obligation or by order of an authority.
With reference to a contract between the Data Controller and the User, the Data will be retained until the contract is fully executed. With regard to Data collected solely for purposes attributable to legitimate interest, it will be retained until such interest is satisfied. In any case, the User, may contact the Controller to obtain more information regarding the legitimate interest or refer to the relevant section of this document.
Once the retention period for Personal Data has expired, it will be deleted and it will no longer be possible to access it or exercise any right of transfer.
How and where is your Data processed?
The Data Controller employs security measures necessary to prevent Personal Data from being improperly disclosed by preventing unapproved access, modification or destruction.
Personal Data is processed using telematic and computerized tools. Security measures are observed to prevent data loss, unlawful use, disclosure and unauthorized access.. It may happen that the Data Controller appoints other subjects as Data Processors in cases where it is necessary. These parties may be directly involved, e.g. sales, marketing department, administration, legal or external parties such as third party service providers, hosting providers, communication agencies, postal couriers. The Data Controller shall always have the list of these subjects updated should it be requested.
What is the legal basis of Data processing?
The legitimate interest of the Data Controller or third parties is the legal basis for the processing of the Data
The User’s Data are processed by the Data Controller only when the User has given consent for the processing of the Data for one or more purposes, in order for the contract with the User to be executed and/or to the performance of pre-contractual information obligations, for the fulfillment of a legal obligation, for the performance of a task of public interest or for the exercise of public powers vested in the Data Controller.
The User also has the right to request at any time from the Controller information about the concrete legal basis of each processing and to ask to specify whether the processing is based on law or if it is required by a contract or if it is necessary to conclude a contract