Last update on DECEMBER 2018
2. WEBSITE “PRIVACY PROCESSORS”.
3. DATA PROCESSING THROUGH THIS WEBSITE.
4. USER’S RIGHTS.
By means of this privacy statement, “MERCANTI VENETI S.R.L.” with registered office in Via Colomba 3 – 36061 Bassano del Grappa (VI) – Italy, VAT number 01666460249 (hereinafter the Personal Data Controller or the Controller), in the person of its legal representative pro tempore and in its capacity of personal data controller, would like to inform <<the data subject>> about the processing of data that he/she will provide by browsing this website.
THE “PRIVACY PROCESSORS” OF THIS WEBSITE.
The Data Controller
The Data Controller (or the “Controller”) shall mean a natural or legal person, public authority, agency or any other body which alone or jointly with others <<determines the purposes and means of the processing >> of personal data. Moreover, he/she is in charge of the security profiles. In relation to the processing of personal data of the data subject, the data controller is
MERCANTI VENETI S.R.L.
with registered office in Via Colomba 3 – 36061 Bassano del Grappa (VI) – Italy, tax code and VAT number 01666460249. For additional information, as well as to exercise the data subject’s rights, please contact the above-mentioned addresses.
The Data Processor
The Data Processor is a natural or legal person, public authority, agency or any other body, which processes personal data <<on behalf>> of the Data Controller. As regards the processing of personal information of the data subject, the Controller may to the need appoint as an external data processing manager
The WEB AGENCY that has created or manages the website
which may process data subject’s information for the purposes of assistance, maintenance, updating and management of the website.
Moreover, the Controller may to the need appoint as an external data processing manager
an IT COMPANY
which may process data subject’s information for the purposes of assistance, maintenance, updating and management of the systems.
For any further information regarding the company names, the type of data handled and the processing procedures, please contact the above-mentioned addresses. In any event, the appointment of the above said subjects as well as their scope of responsibility are limited to the above-mentioned processing areas.
Persons in Charge of Data Processing
As regards the persons in charge of data processing, namely the natural and legal persons who process the data under the authority and operational direction of the Data Controller, this latter – only in the case that someone of his employees or other third parties process the information that the data subject submits through this website – shall officially appoint them as <<persons in charge of data processing>> and shall instruct them to carefully and lawfully process the data subject’s information.
For any further information relating to the persons in charge of data processing, their appointment or the instructions to give them to properly process the data subject’s information, please contact the above-mentioned addresses.
DATA PROCESSING CARRIED OUT THROUGH THIS WEBSITE.
General information on data processing carried out with the provision of data through this website.
User registration is not required on this website.
The Data Controller shall process only the data strictly required which are marked with the asterisk symbol (*) in the spaces provided on the website. The information provided shall be used exclusively for the purposes specified here below (for example, the data submitted to request information about the business of the Data Controller shall be used only to reply to the user’s request and not for other purposes, unless the data subject gives his/her consent or the Controller has a legitimate interest in using the data for purposes other than that one.
Place of data processing.
User’s Data shall be processed at the registered office of the Data Controller or – in case of appointment – at the registered office of the Data Processor.
Disclosure and transfer of data to non-EU countries.
The data collected shall not be disclosed or transferred to international organizations in any way.
The data collected shall not even be transferred to non-EU countries: in order to provide the data subject with the browsing space, the Controller of data processing uses a hosting company which has located its servers in the EU territory.
The Controller undertakes not to transfer data to non-Eu Countries. However, when the Controller uses third companies to provide specific services for the data subject, some data of the latter could be transferred to non-EU Countries. This is the case when some companies – or their servers – might be based in non_EU Countries. This should not be a concern because, if a data transfer was effectively made, this could only happen with the guarantees provided for by law and therefore in compliance with an adequacy decision adopted by the European Commission, or with all the protections provided for by the GDPR (such as the use of binding corporate rules) or – in the absence of such conditions – with the consent of the data subject, or under a contract between the data subject and the Data Controller, or under a contract between the Data Controller and a third party to carry out a service to the benefit of the data subject. For the avoidance of doubt and for any further information about the transfer of your data to non-EU Countries, please contact the above-mentioned addresses.
Data Processing Methods
Data processing through this website are usually carried out by means of automated and IT systems (by electronic mail, cookies and other similar systems, programs and information systems) and in some cases also using paper systems (i.e., by printing out documents, if needed).
Disclosure of data to third parties
Without prejudice to what has already been provided for in relation to the Data Processor and the Persons in Charge of Data Processing, the Data Controller undertakes not to disclose data subject’s information to third parties, unless it is required by legal or contractual obligation or such disclosure is required for the conclusion of a contract. For example, on the occurence of unlawful cyber offences committed by the data subject, the Data Controller can transmit his/her information to his/her lawyers, to Law Enforcement Agencies or to the Judicial Authority.
The Data Controller undertakes to protect and keep personal data safe by taking all necessary physical and IT security measures to ensure the privacy of personal data supplied. However, no security system can guarantee such protection with absolute certainty. Therefore, except in case of liability due to fault, the data controller shall not be responsible for breaches by third parties who illegally access the systems without due permission.
Personal data of children below the age of 14 years (art. 8 GDPR)
This website offers services also to minors under fourteen years. The EU 679/2016 Regulation provides for an enhanced protection of such subjects. Pursuant to art. 8, the Data Controller shall process personal data of children under fourteen years only after prior consent of or authorisation by the holder of parental responsibility. The Data Controller has adopted tools to lawfully collect such consent or authorisation (please see the clauses at the bottom of the forms for data collection, by which the user is asked to state to be over fourteen years or to have previously been authorized by a parent/guardian. However, the Data Controller will never be able to effectively verify whether or not such prior authorisation by the parent/guardian has been given. Therefore, we highly recommend to monitor closely the activities of your children or minors in custody and ask you to immediately inform us in case of receipt of unsolicited communications since they have not been previously authorised by the parent/guardian: in such a situation, we will proceed to immediately delete the minor’s personal data. In any event, the Data Controller cannot be made liable for any collection of data from children below the age of sixteen years who have given their consent to processing without prior authorisation by the parent/guardian. Finally, should the Data Controller consider that some data unintentionally collected refer to individuals under the age of fourteen, destruction of the same shall be effected without delay.
Data processing carried out during website navigation
Data processing carried out following the compilation of the “Contact” form.
By filling out the “Contact” form, the user provide his/her personal information (name, last name, telephone, email, message, etc.).
The provision of these peronal data is not mandatory, however, failure to complete the form does not allow the Data Controller to reply to the requests of information by the user (for example, inquiry on the activity of the Controller, his way of working, services offered, prices, estimates).
Processing legal basis consists of implementing the pre-contractual measures adopted on the user’s request and the purpose of processing is to supply the information required.
Without prejudice to what has already been provided for in relation to Officers and Persons in Charge of Data Processing, data shall not be disclosed to outsiders.
User personal information shall be kept for the time required to provide the information; after this deadline, data will be deleted immediately.
The Data Controller forthwith informs the user that – in case the contract is concluded – the company shall keep the data for a maximum period of 10 years after the termination of contract to ensure the accounting, fiscal and legal protection to which the Data Controller is subject by law.
Data processing following the use of the contact details published on the website
By using the email address, the telephone number or other contact details that the Data Controller has published on his website, the user provides his/her personal information (i.e. name, last name, telephone number, at the time time of call or while sending an email, etc.).
The provision of these data is optional, but failure to provide them does not allow the Data Controller to reply to the requests of information by the user.
Processing legal basis consists of implementing the pre-contractual measures adopted on the user’s request (requests of information on the activities and services offered by the Data Controller) or of the user’s consent (who shall expressly declare this intention by contacting the Controller) or of the legitimate interest of the processing Data Controller (consent or legitimate interest, only when the required information is not pre-contractual or contractual).
The purpose of processing is to reply to the requests of information by the user.
User’s data shall be kept for the time required by the Data Controller to provide the information; afterwards, the data will be deleted.
Data processing carried out following the compilation of the form
“Share exclusive news”
(form aimed at sending “Newsletters”)
With the subscription to the Newletter service, the user submits his/her personal information (email address).
The user is not obliged to provide such data, however, failure to complete the form does not allow the processing Data Controller to provide the Newletter service to the user. This service consists of sending news and information regarding the business sector of the Data Controller to the subscriber.
Processing legal basis consists of obtaining the user’s consent and the purpose of processing is exclusively to send Newsletters to the subscriber.
This data processing is carried out by information systems and communications shall be sent by electronic mail.
The Data Controller may task a third company with sending electronic mail messages to a large number of users. If required, this third company may be appointed as Person in Charge of Data Processing since it may process user’s data when sending communications.
The duration of processing depends on the choice of the user who can withdraw his/her consent at any time by contacting the above-mentioned addresses or by clicking the button “unsuscribe” shown at the end of the email received. If the data processing is based on the legitimate interest of the Data Controller, it shall be terminated by the user who can exercise his/her right of opposition and enforce it by contacting the above-mentioned addresses.
The user – i.e. the subject who provides his/her personal information to the Data Controller – is entitled to the following rights:
- the right of data subject to ask the data controller to access his/her personal data (art. 15 EU GDPR);
- the right of rectification, that is the right to modify user’s information when changed (art. 16 EU GDPR);
- the right to restriction of his/her data processing, i.e. to limit the use of data by the data controller (art. 18 EU REG.)
- the right to object to data processing on legitimate grounds (art. 21 EU REG.)
- the right to data portability, i.e. the right to obtain a copy of all personal information processed by the controller in a structured format and readable form on electronic media (art. 20 EU GDPR);
- the right to request the deletion of data subject’s personal information by the data controller (art. 17 EU GDPR);
- the right to withdraw at any time the explicit consent previously given, without prejudice to the lawfulness of the data processing carried out until that time (art. 7 – 13 EU GDPR);
- the right to lodge a complaint with the European Data Protection Supervisor in case of infringments on privacy regulation (art. 77 EU GDPR).
Requests, made without a formal procedure, may be sent to the Data Controller at the above-mentioned addresses.
For a more in depth analysis of the rights of data subjects, please refer to art. 7 – 13 – 15 – 16 – 17 – 18 – 20 – 21 – 77 of the EU GDPR. Requests, made without a formal procedure, may be sent to the Data Controller at the above-mentioned addresses or by using the form made available by the European Data Protection Supervisor at the following address:
Last modified DECEMBER 2018
WEB POLICY MOD. 1 – 2018
This Policy may be modified due to the introduction of new rules or to changes of the website, therefore we encourage you to periodically visit this section for the updating.
For any further information or the exercise of the rights listed on this policy, please contact firstname.lastname@example.org. Please send any registered letter with acknowledgement of receipt to: MERCANTI VENETI S.R.L. at its registered office in Via Colomba n. 3 – 36061 Bassano del Grappa (VI) – Italy. Please specify “Cookie Request” on the subject of the communication.
1. GENERAL INFORMATION ABOUT COOKIES.
2. HOW TO SELECT AND/OR DISABLE COOKIES.
3. COOKIES USED IN THIS WEBSITE AND HOW TO MANAGE THIRD PARTY COOKIES.
General information about Cookies
What are cookies?
Cookies are small text files that are sent to users’ terminals when they visit websites (usually to browsers: Google Chrome, Internet Explorer, Mozilla Firefox, etc.), where they are stored and later retransmitted to the same sites upon a subsequent visit by the same users.
Why are Cookies useful?
Cookies are useful because they allow websites to recognise a user’s device and this leads to an improvement of the browsing experience. In fact, one of the primary purposes of cookies is to allow users to effectively browse the website pages, to remind them of their favorite websites, to store the language, etc.; cookies also help to ensure that online advertising contents are targeted to the particular interests of the user.
Cookies are classified in different types:
1) based upon DURATION like the “session” cookies (automatically deleted by the browser when it closes) or “persistent” cookies (active until their expiration date or when deleted by the user)
2) according to their SOURCE, cookies can be “first-party” (sent to the browser directly from the website that user is visiting) or “third-party” (sent to the browser from other websites than the one user is visiting)
3) based upon PURPOSES, cookies can be “technical” or “profiling”. Such classification is worth an in depth analysis.
Profiling cookies are activated only after the user’s consent is given. Consent is given by clicking “OK” (or “continue”, etc.) on the hompage banner or on another page of the same website or by deliberate action of the user (i.e., by selecting any content on the page below the same banner). Profiling cookies are used to improve the services offered by the Data Controller and to select and send advertisements based on user’s preferences shown during navigation. Use of profiling cookies for the purpose to send targeted advertisements does not involve the visualization of many advertisements and the browsing experience shall not be hampered. As a matter of fact, by disabling the profiling cookies the user will visualize only general advertising instead of advertisements in line with his/her interests. As an example, profiling cookies are those third-party statistical – analytic cookies without IP masking and without data crossing or the advertising, tracking or conversion cookies.
How to select and/or disable cookies
Without prejudice to prior user’s consent at the installation of profiling cookies, most browsers are set to automatically accept cookies. Cookies may be limited or blocked by changing the settings of your browser. For the management of cookies please refer to the user’s manual or to the instructions given by your browser at the following links (related to the most common browsers):
If the user uses more than one browser, the procedure to disable cookies shall be carried out for each of them. If the user uses different devices (such as smartphone or tablet), it is recommended to refer to the instruction manual of his/her device to disable cookies. It should be specified that, if you choose to block cookies, the proper running of the website can be compromised or prevented since some cookies are strictly necessary to navigation.
Cookies used on this website
How to manage third-party cookies
First-party technical and profiling cookies.
This website uses first-party “functionality” and “strictly necessary” technical cookies in order to improve the user’s browsing experience by means of:
a speed acceleration service;
the storage of previous actions;
the provision of a multi-language service.
This website does not use first-party profiling cookies.
Third-party technical and profiling cookies.
This website uses third-party tools that may also place profiling cookies.
These cookies are not controlled directly by the Data Controller (our company). Therefore, to disable these cookies and for further information, the user shall follow the procedure here below:
1) By clicking http://www.youronlinechoices.com/it/ the user can have more information about third-party cookies and about the concept of behavioural advertising as well as on the promotional and targeting cookies that may be stored on your terminal. The user can disable all or part of these cookies by clicking the following link: http://www.youronlinechoices.com/it/le-tue-scelte
2) The third-party cookies or systems with similar features used in this website will be listed below. To manage and disable these cookies and systems it is required to access the policies and consent forms of such third parties by clicking on the following links.
Google analytical cookies – “Google Analytics”
This website uses “Google Analytics” to install analytical technical cookies that allow the website Data Controller to obtain statistical data regarding the navigation and therefore allow to improve the services offered to the user. The website Data Controller has adopted special tools to reduce the identification power of the analaytical cookies used by masking substantial portions of the IP address. The data generated by “Google Analytics” are stored under the terms specified on the policy that you can find at the following address:
User can disable Google Analytics by installing on his/her browser the additional opt-out component availabe at the following address:
The analytical technical cookies used in this website are listed here below:
duration: two years
cookie name: _gat
duration: 1 minute
cookie name: _gid
duration: 1 day
By blocking these cookies, the browsing experience is not compromised. However, it should be specified that the statistical data collected anonymously through these technical cookies are used by the Data Controller to improve his/her services to the users.
Facebook Pixel is a tool to collect statistical data which is mainly useful to monitor the modes of interaction of the user with the website (how many times a certain page is visited, the number of accesses). It’s a tool which allows the Data Controller to measure the effectiveness of his/her advetising since Pixel allows to understand the actions of users on the website. For example, when the user visit this website and takes an action, the Pixel logs such behaviour and the Data Controller will be able to “reach” the user by using the advertisements on Facebook.
The user’s data that are logged by Pixel and then sent to Facebook are the reference URL, the browser information and the Facebook user ID. Customized data may also be transmitted, but no confidential information regarding the data subject can be sent.
As a matter of fact, by means of Pixel the Data Controller ensure to show his/her advertisements to the right people, can create public groups to target his/her advertisements and exploit Facebook advertising tools.
Should the user wish to prevent the storage of his/her data, before visiting this website, he/she can access his/her Facebook Account and disconnect from it. If the user has accessed this website without the above said disconnection, please find here below the links to the Privacy Policies of the third party for the management of personal data:
I Facebook Pixels are included in the categories of the profiling systems as they allow the storage of preferences and interests of the user, who will receive targeted advertisements.
“Facebook” profiling cookies used in this website are listed here below:
cookie name: fr
duration: 3 months
cookie name: (cookie image)
Disabling of these systems will not compromise the users’ browsing experience even though they will not receive advertisments in line with their preferences and interests anymore.
Social Network Icons
On the website pages you will find some Social Network buttons (Facebook, Linkedin, Twitter). These are c.d. social network icons that are used to indicate the presence of our company on a certain platform. Such buttons do not place any profiling cookies. However, if you are interested in finding how these Social Networks manage your data, please refer to the following section.
Google Inc. Interactive Map
For any further information and for disabling third-party cookies sent to the user’s browser during navigation on this website please refer to: http://www.youronlinechoices.com/it/
Over time, third parties may change the re-directing addresses of their policies: if the above cited links do not re-direct you to said third-party policies, please contact the Data Controller at the above-mentioned addresses.