PRIVACY  POLICY

WEBSITE  WWW.BRIANDALES.COM

Last update on DECEMBER 2018

WEB PRIVACY POLICY MOD. 1 – 2018

This privacy policy may be amended following to the introduction of new law requirements or to changes to the website. We therefore recommend users to check regularly this section for any updates.

For any request and/or information and more generally to exercise the rights set forth in this Privacy & Cookie Policy, please contact info@mercantiveneti.it or send a registered letter with acknowledgement of receipt to MERCANTI VENETI S.R.L., with registered office in Via Colomba 3    36061 Bassano del Grappa (VI) – Italy. Please specify “Website Privacy Request” in the subject of the communication.

CONTENTS

1. PRIVACY POLICY GENERAL INFORMATION.

2. WEBSITE “PRIVACY PROCESSORS”.

3. DATA PROCESSING THROUGH THIS WEBSITE.

4. USER’S RIGHTS.

5. COOKIE POLICY.

1.

PRIVACY  POLICY  GENERAL  INFORMATION

By means of this privacy statement, “MERCANTI VENETI S.R.L.” with registered office in Via Colomba 3 – 36061 Bassano del Grappa (VI) – Italy, VAT number 01666460249 (hereinafter the Personal Data Controller or the Controller), in the person of its legal representative pro tempore and in its capacity of personal data controller, would like to inform <<the data subject>> about the processing of data that he/she will provide by browsing this website.   

The EU REG. 679/2016 (“GDPR”) sets out the rules to protect individuals in relation to the processing of their personal data and this Privacy Policy has been drawn up in accordance with the new Regulation. This Policy applies exclusively to the above-mentioned website. The websites you can access from this website are not covered by this Privacy Policy; the Data Controller disclaims any and all liability with respect of the same.  Notably, the categories of cookies that are used in those websites and the type of personal data processing carried out by such companies (third parties) shall be governed by the privacy policy of those companies (please refer to the Cookie Policy).

In accordance with the law, processing of personal data shall be based on principles of fairness, lawfulness, transparency and protection of confidentiality and rights of users. Data Controller undertakes to fully comply with said principles and to this end hereby informs the data subject that – except for those purposes of data processing for which his/her explicit consent to the release of data is required by law – by browsing this website, uploading or providing personal information, he/she acknowledges and agrees to be bound by the terms and conditions of this Privacy Policy.

2.

THE “PRIVACY PROCESSORS” OF THIS WEBSITE.

2.1

The Data Controller

The Data Controller (or the “Controller”) shall mean a natural or legal person, public authority, agency or any other body which alone or jointly with others <<determines the purposes and means of the processing >> of personal data. Moreover, he/she is in charge of the security profiles. In relation to the processing of personal data of the data subject, the data controller is

MERCANTI VENETI S.R.L.

with registered office in Via Colomba 3 – 36061 Bassano del Grappa (VI) – Italy,  tax code and VAT number 01666460249. For additional information, as well as to exercise the data subject’s rights, please contact the above-mentioned  addresses.

2.2

The Data Processor

The Data Processor is a natural or legal person, public authority, agency or any other body, which processes personal data <<on behalf>> of the Data Controller.  As regards the processing of personal information of the data subject, the Controller may to the need appoint as an external data processing manager

The   WEB AGENCY  that has created or manages the website

which may process data subject’s information for the purposes of assistance, maintenance, updating and management of the website.

Moreover, the Controller may to the need appoint as an external data processing manager 

an  IT  COMPANY

which may process data subject’s information for the purposes of assistance, maintenance, updating and management of the systems.

For any further information regarding the company names, the type of data handled and the processing procedures, please contact the above-mentioned addresses. In any event, the appointment of the above said subjects as well as their scope of responsibility are limited to the above-mentioned processing areas.

2.3

Persons in Charge of Data Processing

As regards the persons in charge of data processing, namely the natural and legal persons who process the data under the authority and operational direction of the Data Controller, this latter – only in the case that someone of his employees or other third parties process the information that the data subject submits through this website – shall officially appoint them as <<persons in charge of data processing>> and shall instruct them to carefully and lawfully process the data subject’s information.

For any further information relating to the persons in charge of data processing, their appointment or the instructions to give them to properly process the data subject’s information, please contact the above-mentioned addresses.

3.

DATA PROCESSING CARRIED OUT THROUGH THIS WEBSITE.

3.1

General information on data processing carried out with the provision of data through this website.

User registration is not required on this website.

The Data Controller shall process only the data strictly required which are marked with the asterisk symbol (*) in the spaces provided on the website. The information provided shall be used exclusively for the purposes specified here below  (for example, the data submitted to request information about the business of the Data Controller shall be used only to reply to the user’s request and not for other purposes, unless the data subject gives his/her consent or the Controller has a legitimate interest in using the data for purposes other than that one.

Place of data processing.

User’s Data shall be processed at the registered office of the Data Controller or – in case of appointment – at the registered office of the Data Processor.

Disclosure and transfer of data to non-EU countries.

The data collected shall not be disclosed or transferred to international organizations in any way.

The data collected shall not even be transferred to non-EU countries: in order to provide the data subject with the browsing space, the Controller of data processing uses a hosting company which has located its servers in the EU territory.

The Controller undertakes not to transfer data to non-Eu Countries. However, when the Controller uses third companies to provide specific services for the data subject, some data of the latter could be transferred to non-EU Countries. This is the case when some companies – or their servers – might be based in non_EU Countries. This should not be a concern because, if a data transfer was effectively made, this could only happen with the guarantees provided for by law and therefore in compliance with an adequacy decision adopted by the European Commission, or with all the protections provided for by the GDPR (such as the use of binding corporate rules) or – in the absence of such conditions – with the consent of the data subject, or under a contract between the data subject and the Data Controller, or under a contract between the Data Controller and a third party to carry out a service to the benefit of the data subject. For the avoidance of doubt and for any further information about the transfer of your data to non-EU Countries, please contact the above-mentioned addresses.

Data Processing Methods

Data processing through this website are usually carried out by means of automated and IT systems (by electronic mail, cookies and other similar systems, programs and information systems) and in some cases also using paper systems (i.e., by printing out documents, if needed).

Disclosure of data to third parties

Without prejudice to what has already been provided for in relation to the Data Processor and the Persons in Charge of Data Processing, the Data Controller undertakes not to disclose data subject’s information to third parties, unless it is required by legal or contractual obligation or such disclosure is required for the conclusion of a contract. For example, on the occurence of unlawful cyber offences committed by the data subject, the Data Controller can transmit his/her information to his/her lawyers, to Law Enforcement Agencies or to the Judicial Authority.

Security measures

The Data Controller undertakes to protect and keep personal data safe by taking all necessary physical and IT security measures to ensure the privacy of personal data supplied. However, no security system can guarantee such protection with absolute certainty. Therefore, except in case of liability due to fault, the data controller shall not be responsible for breaches by third parties who illegally access the systems without due permission.

Personal data of children below the age of 14 years (art. 8 GDPR) 

This website offers services also to minors under fourteen years. The EU 679/2016 Regulation provides for an enhanced protection of such subjects. Pursuant to art. 8, the Data Controller shall process personal data of children under fourteen years only after prior consent of or authorisation by the holder of parental responsibility. The Data Controller has adopted tools to lawfully collect such consent or authorisation (please see the clauses at the bottom of the forms for data collection, by which the user is asked to state to be over fourteen years or to have previously been authorized by a parent/guardian. However, the Data Controller will never be able to effectively verify whether or not such prior authorisation by the parent/guardian has been given. Therefore, we highly recommend to monitor closely the activities of your children or minors in custody and ask you to immediately inform us in case of receipt of unsolicited communications since they have not been previously authorised by the parent/guardian: in such a situation, we will proceed to immediately delete the minor’s personal data. In any event, the Data Controller cannot be made liable for any collection of data from children below the age of sixteen years who have given their consent to processing without prior authorisation by the parent/guardian.  Finally, should the Data Controller consider that some data unintentionally collected refer to individuals under the age of fourteen, destruction of the same shall be effected without delay.

Profiling

Please refer to the cookie regulation as detailed in the “Cookie Policy” that is published at the end of this Privacy Policy.

3.2

Data processing carried out during website navigation

Personal information shall not be collected during website navigation. However, during the ordinary course of operation of the website, the IT system may acquire some information whose transmission is implicit in the communication protocols of the Internet (i.e. log files). Furthermore, information that the user doesn’t provide directly shall be collected through the use of cookies (please refer to the Cookie Policy). In any event, it concerns information that is not collected to be associated with specific identified data subjects, but by their own very nature could, through the processing and association with data held by third parties, allow users to be identified.

3.3

Data processing carried out following the compilation of the “Contact” form.

By filling out the “Contact” form, the user provide his/her personal information (name, last name, telephone, email, message, etc.).

The provision of these peronal data is not mandatory, however, failure to complete the form does not allow the Data Controller to reply to the requests of information by the user (for example, inquiry on the activity of the Controller, his way of working, services offered, prices, estimates).

Processing legal basis consists of implementing the pre-contractual measures adopted on the user’s request and the purpose of processing is to supply the information required.

Without prejudice to what has already been provided for in relation to Officers and Persons in Charge of Data Processing, data shall not be disclosed to outsiders.

User personal information shall be kept for the time required to provide the information; after this deadline, data will be deleted immediately.

The Data Controller forthwith informs the user that – in case the contract is concluded – the company shall keep the data for a maximum period of 10 years after the termination of contract to ensure the accounting, fiscal and legal protection to which the Data Controller is subject by law.

3.4

Data processing following the use of the contact details published on the website

By using the email address, the telephone number or other contact details that the Data Controller has published on his website, the user provides his/her personal information (i.e. name, last name, telephone number, at the time time of call or while sending an email, etc.).

The provision of these data is optional, but failure to provide them does not allow the Data Controller to reply to the requests of information by the user.

Processing legal basis consists of implementing the pre-contractual measures adopted on the user’s request (requests of information on the activities and services offered by the Data Controller) or of the user’s consent (who shall expressly declare this intention by contacting the Controller) or of the legitimate interest of the processing Data Controller (consent or legitimate interest, only when the required information is not pre-contractual or contractual).

The purpose of processing is to reply to the requests of information by the user.

User’s data shall be kept for the time required by the Data Controller to provide the information; afterwards, the data will be deleted.

3.5

Data processing carried out following the compilation of the form

“Share exclusive news”

(form aimed at sending “Newsletters”)

With the subscription to the Newletter service, the user submits his/her personal information (email address).

The user is not obliged to provide such data, however, failure to complete the form does not allow the processing Data Controller to provide the Newletter service to the user. This service consists of sending news and information regarding the business sector of the Data Controller to the subscriber.

Processing legal basis consists of obtaining the user’s consent and the purpose of processing is exclusively to send Newsletters to the subscriber.

This data processing is carried out by information systems and communications shall be sent by electronic mail.

The Data Controller may task a third company with sending electronic mail messages to a large number of users. If required, this third company may be appointed as Person in Charge of Data Processing since it may process user’s data when sending communications.

The duration of processing depends on the choice of the user who can withdraw his/her consent at any time by contacting the above-mentioned addresses or by clicking the button “unsuscribe” shown at the end of the email received. If the data processing is based on the legitimate interest of the Data Controller, it shall be terminated by the user who can exercise his/her right of opposition and enforce it by contacting the above-mentioned addresses. 

4.

USER’S  RIGHTS

The user – i.e. the subject who provides his/her personal information to the Data Controller – is entitled to the following rights:

  • the right of data subject to ask the data controller to access his/her personal data (art. 15 EU GDPR);
  • the right of rectification, that is the right to modify user’s information when changed (art. 16 EU GDPR);
  • the right to restriction of his/her data processing, i.e. to limit the use of data by the data controller (art. 18 EU REG.)
  • the right to object to data processing on legitimate grounds (art. 21 EU REG.)
  • the right to data portability, i.e. the right to obtain a copy of all personal information processed by the controller in a structured format and readable form on electronic media (art. 20 EU GDPR);   
  • the right to request the deletion of data subject’s personal information by the data controller (art. 17 EU GDPR);
  • the right to withdraw at any time the explicit consent previously given, without prejudice to the lawfulness of the data processing carried out until that time (art. 7 – 13 EU GDPR);
  • the right to lodge a complaint with the European Data Protection Supervisor in case of infringments on privacy regulation (art. 77 EU GDPR).

Requests, made without a formal procedure, may be sent to the Data Controller at the above-mentioned addresses.

For a more in depth analysis of the rights of data subjects, please refer to art. 7 – 13 – 15 – 16 – 17 – 18 – 20 – 21 – 77 of the EU GDPR. Requests, made without a formal procedure, may be sent to the Data Controller at the above-mentioned addresses or by using the form made available by the European Data Protection Supervisor at the following address:

http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1089924

5.

COOKIE POLICY

Users can find information on cookies and relevant automated systems by clicking on the link “Cookie Policy” on this website. For the purpose of providing complete information, the Data Controller provides here below the following cookie policy.

***

COOKIE POLICY

WEBSITE WWW.BRIANDALES.COM

Last modified DECEMBER 2018

WEB POLICY MOD. 1 – 2018

The above Website Privacy Policy forms an integral part of the following Cookie Policy, also with respect of the rights that the user may enforce by contacting the above-mentioned addresses.

This Policy may be modified due to the introduction of new rules or to changes of the website, therefore we encourage you to periodically visit this section for the updating.

For any further information or the exercise of the rights listed on this policy, please contact info@mercantiveneti.it. Please send any registered letter with acknowledgement of receipt to: MERCANTI VENETI S.R.L. at its registered office in Via Colomba n. 3 – 36061 Bassano del Grappa (VI) – Italy. Please specify “Cookie Request” on the subject of the communication.

CONTENTS

1. GENERAL INFORMATION ABOUT COOKIES.

2. HOW TO SELECT AND/OR DISABLE COOKIES.

3. COOKIES USED IN THIS WEBSITE AND HOW TO MANAGE THIRD PARTY COOKIES.

1.

General information about Cookies

In compliance with UE Reg. 679/2016 as well as provided by the Personal Data Protection Supervisor with the resolution of the 8th May 2014 for identifying simplified procedures for the information policy and the acquisition of consent to the use of cookies – published in the Official Bulletin nr. 126 of the 3rd of June 2014 – and subject to any further amendment, the Data Controller hereby provides information with this “Cookie Policy”.

The purpose of this “Cookie Policy” is to provide users with all information relating to art. 13 of the GDPR and to describe in a specific and analytical manner the features and purposes of cookies being installed on the website where users can select/deselect cookies.

Processing through the use of cookies is carried out by means of automated instruments and the data retention period depends on the type of cookie used.

What are cookies?

Cookies are small text files that are sent to users’ terminals when they visit websites (usually to browsers: Google Chrome, Internet Explorer, Mozilla Firefox, etc.), where they are stored and later retransmitted to the same sites upon a subsequent visit by the same users.

Why are Cookies useful?

Cookies are useful because they allow websites to recognise a user’s device and this leads to an improvement of the browsing experience. In fact, one of the primary purposes of cookies is to allow users to  effectively browse the website pages, to remind them of their favorite websites, to store the language, etc.; cookies also help to ensure that online advertising contents are targeted to the particular interests of the user.

Cookie classification.

Cookies are classified in different types:

1) based upon DURATION like the “session” cookies (automatically deleted by the browser when it closes) or “persistent” cookies (active until their expiration date or when deleted by the user)

2) according to their SOURCE, cookies can be “first-party” (sent to the browser directly from the website that user is visiting) or “third-party” (sent to the browser from other websites than the one user is visiting)

3) based upon PURPOSES, cookies can be “technical” or “profiling”. Such classification is worth an in depth analysis.

Technical cookies

Technical cookies help to improve the user browsing experience. In fact, without the use of technical cookies, some operations would be much more complex and almost impossible to be carried out. These cookies – which can be first-party or third-party, session or permanent cookies – do not require prior user’s consent to be installed. Technical cookies are “strictly necessary” when they allow you to effectively navigate the website and use the essential features, such as to carry out electronic authentications or storage of previous actions. If user blocks these cookies, the browsing experience could be compromised. Technical cookies are “functionality” cookies when they allow to improve the browsing experience by storing the user’s preferences, such as the language, the name and the location. If user blocks these cookies, browsing experience will not be compromised, but the user will not be able to use these useful services. Technical cookies are “analytical” when they allow to collect information on how visitors interacts with the website by analyzing the number of pages visited, the time spent on the website, the most visited pages and any other details monitored during navigation such as errors coming from the visited page. These cookies allow the data controller to obtain statistical data regarding navigation and to improve the services offered to the users. Analytical cookies are technical – (not profiling) – only when the website data controller has adopted specific tools to decrease the identifying power of the analytical cookies used, through the masking of significant portions of the IP address. Prior user’s consent is not required to install technical cookies. Therefore, when the website uses only technical cookies, the data controller doesn’t need to have such consent through the cookie banner. However, this cookie policy (that the user is reading now) is mandatory.

Profiling cookies.

Profiling cookies are activated only after the user’s consent is given. Consent is given by clicking “OK” (or “continue”, etc.) on the hompage banner or on another page of the same website or by deliberate action of the user (i.e., by selecting any content on the page below the same banner). Profiling cookies are used to improve the services offered by the Data Controller and to select and send advertisements based on user’s preferences shown during navigation. Use of profiling cookies for the purpose to send targeted advertisements does not involve the visualization of many advertisements and the browsing experience shall not be hampered. As a matter of fact, by disabling the profiling cookies the user will visualize only general advertising instead of advertisements in line with his/her interests. As an example, profiling cookies are those third-party statistical – analytic cookies without IP masking and without data crossing or the advertising, tracking or conversion cookies.

2.

How to select and/or disable cookies

Without prejudice to prior user’s consent at the installation of profiling cookies, most browsers are set to automatically accept cookies. Cookies may be limited or blocked by changing the settings of your browser. For the management of cookies please refer to the user’s manual or to the instructions given by your browser at the following links (related to the most common browsers):

Explorer:

https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies

Safari:

support.apple.com/mobile
support.apple.com/desktop

Chrome:

https://support.google.com/chrome/answer/95647?co=GENIE.Platform%3DDesktop&hl=it

Firefox:

https://support.mozilla.org/it/kb/Eliminare%20i%20cookie

If the user uses more than one browser, the procedure to disable cookies shall be carried out for each of them. If the user uses different devices (such as smartphone or tablet), it is recommended to refer to the instruction manual of his/her  device to disable cookies. It should be specified that, if you choose to block cookies, the proper running of the website can be compromised or prevented since some cookies are strictly necessary to navigation.

3.

Cookies used on this website

How to manage third-party cookies

3.1

First-party technical and profiling cookies.

This website uses first-party “functionality” and “strictly necessary” technical cookies in order to improve the user’s browsing experience by means of:

a speed acceleration service;

the storage of previous actions;

the provision of a multi-language service.

To disable these cookies please see point 2) of this cookie policy.

This website does not use first-party profiling cookies.

3.2.

Third-party technical and profiling cookies.

This website uses third-party tools that may also place profiling cookies.

These cookies are not controlled directly by the Data Controller (our company). Therefore, to disable these cookies and for further information, the user shall follow the procedure here below:

1) By clicking http://www.youronlinechoices.com/it/  the user can have more information about third-party cookies and about the concept of behavioural advertising as well as on the promotional and targeting cookies that may be stored on your terminal. The user can disable all or part of these cookies by clicking the following link: http://www.youronlinechoices.com/it/le-tue-scelte

  or

2) The third-party cookies or systems with similar features used in this website will be listed below. To manage and disable these cookies and systems it is required to access the policies and consent forms of such third parties by clicking on the following links.

Google analytical cookies – “Google Analytics”

This website uses “Google Analytics” to install analytical technical cookies that allow the website Data Controller to obtain statistical data regarding the navigation and therefore allow to improve the services offered to the user. The website Data Controller has adopted special tools to reduce the identification power of the analaytical cookies used by masking substantial portions of the IP address. The data generated by “Google Analytics” are stored under the terms specified on the policy that you can find at the following address:

https://support.google.com/analytics/answer/2838718

The privacy policy of Google Inc. is available at the following address:

http://www.google.it/intl/it/policies/privacy/

User can disable Google Analytics by installing on his/her browser the additional opt-out component availabe at the following address:

https://tools.google.com/dlpage/gaoptout

The analytical technical cookies used in this website are listed here below:

cookie name:_ga

domain: www.briandales.com

duration: two years

———————————————-

cookie name: _gat

domain: www.briandales.com

duration: 1 minute

——————————————

cookie name: _gid

domain: www.briandales.com

duration: 1 day

——————————————

By blocking these cookies, the browsing experience is not compromised. However, it should be specified that the statistical data collected anonymously through these technical cookies are used by the Data Controller to improve his/her services to the users.

Facebook Pixel

Facebook Pixel is a tool to collect statistical data which is mainly useful to monitor the modes of interaction of the user with the website (how many times a certain page is visited, the number of accesses). It’s a tool which allows the Data Controller to measure the effectiveness of his/her advetising since Pixel allows to understand the actions of users on the website. For example, when the user visit this website and takes an action, the Pixel logs such behaviour and the Data Controller will be able to “reach” the user by using the advertisements on Facebook.

The user’s data that are logged by Pixel and then sent to Facebook are the reference URL, the browser information and the Facebook user ID. Customized data may also be transmitted, but no confidential information regarding the data subject can be sent.

As a matter of fact, by means of Pixel the Data Controller ensure to show his/her advertisements to the right people, can create public groups to target his/her advertisements and exploit Facebook advertising tools.

Should the user wish to prevent the storage of his/her data, before visiting this website, he/she can access his/her Facebook Account and disconnect from it. If the user has accessed this website without the above said disconnection, please find here below the links to the Privacy Policies of the third party for the management of personal data:

https://www.facebook.com/about/basics/it 

and

https://www.facebook.com/help/cookies/ 

I Facebook Pixels are included in the categories of the profiling systems as they allow the storage of preferences and interests of the user, who will receive targeted advertisements.

“Facebook” profiling cookies used in this website are listed here below:

cookie name: fr

domain: www.facebook.com

duration: 3 months

———————————————

cookie name: (cookie image)

domain: www.facebook.com

duration: session.

———————————————

Disabling of these systems will not compromise the users’ browsing experience even though they will not receive advertisments in line with their preferences and interests anymore.

Social Network Icons

On the website pages you will find some Social Network buttons (Facebook, Linkedin, Twitter). These are c.d. social network icons that are used to indicate the presence of our company on a certain platform. Such buttons do not place any profiling cookies. However, if you are interested in finding how these Social Networks manage your data, please refer to the following section.

Google Inc. Interactive Map

On the website you can find some links to Google Inc. maps. Since these are simple ‘re-directing’ links, they cannot install cookies on the user’s browser. However, for the purpose of providing complete information, please find here below the privacy policy of Google Inc.:

http://www.google.it/intl/it/policies/privacy/

Final information

For any further information and for disabling third-party cookies sent to the user’s browser during navigation on this website please refer to: http://www.youronlinechoices.com/it/

Over time, third parties may change the re-directing addresses of their policies: if the above cited links do not re-direct you to said third-party policies, please contact the Data Controller at the above-mentioned addresses.