Client service

From Monday to Friday


8.30-13.00 /14.00-17.30

Do you need help?

Shopping Cart Toggle navigation
  • Home /
  • Privacy policy

GDPR PRIVACY POLICY (Articles 13 and 14 Reg. (EU) 679/2016 GDPR)

In fulfillment of Articles 13 (for data collected from the data subject) and 14 (for data not collected from the data subject) of Regulation (EU) 2016/679 (GDPR), the following information is provided to the Users of this Website, Data Subjects of the processing, referring exclusively to the processing carried out through this Website and not through other websites that may be visited through links. Please refer to the other websites to view the relevant disclosures made available by the respective Data Controllers.

DATA CONTROLLER AND CONTACT DETAILS

The Data Controller is Quellogiusto s.r.l., Tax Code and VAT No. 04154520284, with registered office in 35010 San Giorgio delle Pertiche (PD), Via Piovego no. 89.

DATA PROTECTION OFFICER (DPO) AND CONTACT DETAILS

The Data Controller has appointed the firm of Avvocati Cervato Law & Business s.r.l. in Padua as DPO, whose contact details are: dpo.quellogiusto@cervato.it.

CATEGORIES OF PROCESSED DATA AND SOURCES OF ORIGIN

The Data Controller may primarily process general navigation data, as well as cookies, for which we invite you to read the specific Cookie Policy linked in the footer.
The Data Controller may also process personal data provided voluntarily by the user, for example through the contact form or by sending communications via e-mail, including common personal data (identification, personal, fiscal and similar data), special data pursuant to art. 9 GDPR, exceptionally to the extent that this is made necessary by the request itself.
Data could come from automated or voluntary sources, as well as public sources. For example, they could come from the user's navigation, which could bring with it information relating to previous navigation of other websites, including in particular cookies and other similar technologies as specified in the Cookie Policy linked in the footer, which can also be referred to in this case. The data may also be provided voluntarily by the user or by related parties. Other data may come from public sources, such as data processed as part of public records searches and from public reports, certificates, public registrations and the like.
In any case, the canons of confidentiality and professional secrecy on user information that fall under legal and ethical obligations are scrupulously observed.

PURPOSE OF THE DATA PROCESSING

The personal data of the Users of the Website, as described above, will be processed in the manner and in the form prescribed by the GDPR, in general for the performance of the functions of the Website, the consultation of its contents and the use of its services.

In particular, the processing of personal data pursues the following purposes:

  • for visiting the Website, consulting the information published therein and using the related services, including the e-commerce services performed therein and the related services of sale of goods and services as offered on the Website, delivery and the like;
  • for the management of navigation data and for functional or technical reasons that allow the same use of content, including through technical cookies, for reasons of aggregate statistical survey, including through analytics cookies, for the provision of personalized content or services, including through profiling cookies, if provided and with prior consent; in any case, under the conditions set out in the Cookie Policy linked in the footer, which recalls the Guidelines of the Italian Data Protection Authority of June 10, 2021, published on July 9, 2021;
  • to respond to requests made by the User through the Website and its communication tools (contact forms, information request forms and the like) and for any subsequent, related, connected, consequential and similar communication and processing for the better management of the request itself;
  • for any newsletter subscription, where applicable, and the consequent sending of various informative communications concerning the sector in which the Data Controller operates;
  • for legal obligations and other mandatory purposes, such as invoicing or anti-money laundering profiles;
  • for other ancillary or connected purposes or purposes that are consequential to those indicated above and that fall within the activities of the Website;
  • for the processing of the e-mail address, provided by the User in the context of a previous relationship of sale (intended in every meaning, supply, return and similar) of goods or services, also aimed at sending, without further consent, communications for subsequent similar information, pursuant to and within the limits of art. 130 paragraph 4 of the Privacy Code (Legislative Decree 196/2003); the data subject may in any case express their refusal and oppose such processing, both initially and subsequently, in an easy manner and free of charge, following the instructions given in each of these subsequent communications;
  • for the possible receipt of Curricula Vitae from candidates who intend to apply for a role at the Data Controller.

LEGAL BASIS FOR PROCESSING

For all personal data, the processing of personal data is based on the following conditions of lawfulness (legal bases):

  • art. 6 par. 1 lett. a) GDPR = consent: for the management of profiling cookies referred to in purpose no. 2 and for other processing subject to consent, including purposes ancillary to the main ones that do not fall under the other legal bases, as per purpose no. 6; for newsletter subscription referred to in purpose no. 4, if ancillary or additional to other processing;
  • art. 6 par. 1 lett. b) GDPR = contractual or pre-contractual obligation: for the same visit to the Website or for access to services also of an informative nature published on the Website itself and for the processing of related navigation information, as well as for all e-commerce services performed therein and related services of sale of goods and services as offered on the Website, delivery and the like, as per purpose no. 1; for the management of cookies as per purpose no. 2 other than those of profiling; for the processing of requests made by the data subject and the related responses referred to in purpose no. 3; for the subscription to the newsletter when this is the sole or main purpose of the provision of personal data, in particular the e-mail address, as per purpose no. 4; for other processing related, functional and consequential to those just mentioned, as per purpose no. 6; for the management of curricula vitae and related requests, as per purpose no. 8;
  • art. 6 par. 1 lett. c) GDPR = fulfillment of a legal obligation: for the processing of all data necessary to fulfill legal obligations, including the processing of tax data related to billing profiles or other processing required by law, such as those related to anti-money laundering, as per purpose no. 5; for other processing related, functional and consequential to those just mentioned, as per purpose no. 6;
  • art. 6 par. 1 lett. f) GDPR = legitimate interest, for all processing included in information company’s services, as well as for information purposes of the Data Controller. In this regard, the Data Controller invokes the legitimate interest for further communications sent to the email address of the Data Subject pursuant to art. 130 paragraph 4 of the Privacy Code as per purpose no. 7, except for the free right of opposition of the data subject as explained therein.;

For special data pursuant to art. 9 GDPR that may be conferred spontaneously by the data subjects through navigation and also through contact forms or similar, the Data Controller indicates the following additional conditions of lawfulness pursuant to art. 9 GDPR:

  • art. 9 par. 2 lett. a) GDPR: consent, for processing for which it has been expressly given
  • art. 9 par. 2 lett. e) GDPR: data made manifestly public by the data subject, for data independently communicated or disclosed by the data subject
  • art. 9 par. 2 lett. f) GDPR: ascertaining, exercising or defending a right in court or whenever judicial authorities exercise their judicial functions, for the exercise of a right by the Data Controller.

LEGITIMATE INTEREST

The processing of personal data is also based on the legitimate interest of the Data Controller pursuant to art. 6 par. 1 lett. f) GDPR, such as the exercise of one's information rights in the context of the information company, the performance of the services indicated on the Website or the possible implementation of direct marketing operations pursuant to Recital 47 of the GDPR. The Data Controller also invokes the right to use the processing of the e-mail address of the data subject provided in the context of a sale of goods and services, to send further communications addressed to the data subject and relating to similar goods or services pursuant to art. 130 paragraph 4 of the Privacy Code, subject always to the free right of opposition of the data subject, as per purpose no. 7.

COMPULSORY OR OPTIONAL NATURE OF PROVIDING DATA

The provision of navigation data by Users, for the above purposes, depends on the level of privacy that the User has enabled or disabled through his/her browser, or has managed through the appropriate commands of the Cookie Banner regarding the management of cookies. Disabling technical cookies may affect the navigation of the Website. The provision of certain data is in any case necessary for the structure of the Website itself and for the provision of some of its services. In particular, by way of example:

  • to send messages via contact form or to subscribe to any newsletter, in any case, the minimum data requested therein are required, such as the name/surname and/or e-mail address and/or other identification data of the sender and/or the USERNAME; in any case, the contact form indicates which data are required (with an asterisk "*") and which are not;
  • for registration and access to any reserved area of the Website, the USERNAME and PASSWORD are in any case required.

The provision of all other data is optional.

CONSEQUENCES OF FAILURE TO PROVIDE DATA

Failure to provide obligatory personal data prevents the Data Controller from sending the information requested or from carrying out further processing requested by the User or, in some cases, from being able to provide the services offered by the Website.
Failure to provide optional data does not entail these consequences, but could affect the processing of the request made by the User or the very ability to browse the Website.

RECIPIENTS OF ANY COMMUNICATIONS AND DATA TRANSFERS

The data may be disclosed to companies, professionals and other consultants who operate in relation to the purposes set out in this statement or related purposes, both within the EU and outside the EU (in the latter case, it will be exclusively to subjects for which there is an adequacy decision or there are adequate safeguards including Standard Contractual Clauses or consent has been collected or there are additional exemptions under Art. 49 GDPR, in accordance with the dictates of the Court of Justice's Schrems II Judgment of July 16, 2020).
In any case, the data may be communicated to data processors and persons authorized to process the data, always for the same purposes of the Website or for purposes related to the services offered by the Website, as well as to any other autonomous Data Controllers within the limits of the related purposes.
Recipients include in particular: the Data Controller's operators as authorized persons to process data, its Data Processors and related persons authorized to process data for related purposes, for example of a managerial or fiscal nature, Google Ireland Limited e Google LLC for Google Analytics, Google Ads, Google Maps e YouTube, Meta Platforms Ireland Limited for Facebook Ads, Instagram Ads, Messenger and Whatsapp, Yandex LLC for Yandex.Metrica for the management of this Website and related services.
No generalized communications of data will be carried out for further purposes and no dissemination of personal data will take place.
Navigation data and the like (for which reference is made to the above), as well as profiling cookies of third parties (for which reference is made to the Cookie Policy linked in the footer), will be communicated to the respective third parties concerned, where these do not already manage them directly as independent data controllers, within the limits of the consents given.

RETENTION PERIOD

The data provided voluntarily by the Data Subject will be retained until such time as the consent given by the Data Subject is revoked, or until such action as the Data Subject may take on his/her browser, including deleting cookies.
Navigation data and technical cookies will be stored for the technical time necessary to perform the functions for which they were collected.
For cookie retention times in general, please refer to the specific policy accessible from the Cookie Banner.
For any other personal data, the retention period is limited to the limitation period of the relevant rights or the end of the relevant legal or contractual obligations, including those related to billing and the like.

RIGHTS OF THE DATA SUBJECT

The Data Subject has the right of access, rectification, erasure (right to be forgotten), restriction, receipt of notification in the event of rectification, erasure or restriction, portability, objection and not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects them personally, pursuant to Articles 15 to 22 of the GDPR.
These rights may be exercised in the forms and terms provided for in Article 12 GDPR, by written notice sent to the Data Controller by e-mail to the above address.
The Data Controller will provide an adequate response as soon as possible and in any case within 1 month from receipt of the request, except in cases of extension or justified refusal as per art. 12 GDPR.

RIGHT TO REVOKE ANY CONSENT GIVEN

Where the processing is based on consent, the data subject may revoke such consent at any time by sending an email to the email address of the Data Controller referred to above, or by using the appropriate controls on the Website in particular for the management of profiling cookies, as well as in any case by means of express communication to the offices of the Data Controller.

RIGHT TO LODGE A COMPLAINT

The Data Subject has the right to lodge a complaint pursuant to Articles 77 et seq. of the GDPR with a supervisory authority, which for the Italian State is identified in the Italian Data Protection Authority for the protection of personal data. The forms, methods and terms of proposition of the actions of complaint are provided for and governed by national legislation in force, for Italy by specific regulation of the Italian Data Protection Authority. The complaint is without prejudice to any other administrative or jurisdictional recourse; for jurisdictional actions for damages in Italy, the action is brought before the competent Tribunal.

PROFILING

The personal data provided through browsing on this Website may be subject to profiling by third party providers by means of third party profiling cookies, subject to the User's consent expressed through the appropriate Cookie Banner commands.
For further information, please read the Cookie Policy linked in the footer.

Last update: April 2022

Compare

Loading, please wait...