Privacy policy
This information is provided to customers, individuals and natural persons operating in the name and on behalf of legal entities, of I Caffi di Cane Bruna & C sas P.IVA / C.F. IT020543450064 pursuant to art. 13 d. lgs. June 30, 2003 No. 196 – “Code regarding the protection of personal data” and Article. 13 GDPR 679/2016 – “European regulation on the protection of personal data”.
Data Controller’s Identity
The Data Controller of clients, natural persons, or natural persons operating in the name and on behalf of legal entity clients, is the pro tempore legal representative of I Caffi di Cane Bruna & C sas P.IVA / C.F. IT020543450064 with headquarters in via Scatilazzi n. 15, 15011 Acqui Terme AL.
Data source
The personal data processed are those provided by the interested party during:
– visits or phone calls
– carry out of operations necessary to process order bookings and other requests
– accounting and tax obligations management
– administrative, accounting, civil, tax compliance managements
– prepare and present civil and fiscal declarations and documents, provided for by laws, regulations, norms and community and non-EU directives.
– filling in the form “contact request” – requests of information, also via email
– previous transactions.
Purposes of the processing
The personal data of the customers, natural persons, if provided, are processed by the Data Controller for:
– Fulfillment of tax and accounting obligations
– Accounting or treasury management – Dispute management
– Customer management
– Information to the customers of new services / products
– Sending of informative and / or advertising material also by telephone or internet- Marketing (analysis and market surveys)
– Advertising
– Financial services
– Electronic payment instruments
Data recipients
The personal data processed by the Data Controller will not be disclosed, or will not be disclosed to undetermined subjects, in any possible form, including the availability or simple consultation. Instead, they can be communicated to the workers who work under the Owner and to some external subjects who collaborate with them. They may also be communicated, within the strictly necessary limits, to subjects who, for the purpose of fulfilling orders or other requests or services relating to the transaction or the contractual relationship with the Data Controller, must provide goods and / or execute on behalf of the Owner services or services. Finally, they can be communicated to the subjects entitled to access it under the provisions of the law, regulations, community regulations. In particular, on the basis of the roles and work duties performed, some workers have been entitled to process personal data, within the limits of their competences and in accordance with the instructions given to them by the Owner.
Data transfer
The data controller does not transfer personal data to third countries or international organizations. However, it reserves the right to use cloud services; in which case, the service providers will be selected from those who provide adequate guarantees, as required by art. 46 GDPR 679 / 16.
Conservation of data
The data controller keeps and processes personal data for the time necessary to fulfill the indicated purposes. Subsequently, the personal data will be stored, and not further processed, for the time established by the current civil and fiscal regulations.
Rights of the interested party
With reference to art. 7 of Legislative Decree 196/2003 and Articles 15 – right of access, 16 – right of rectification, 17 – right to cancellation, 18 – right to limitation of treatment, 20 – right to portability, 21 – right of opposition, 22 right to object to the automated decision-making process of GDPR 679 / 16, the interested party exercises his rights by writing to the Data Controller at the address above, or by email, specifying the subject of his request, the right he intends to exercise and attaching a photocopy of an identity document certifying the legitimacy of the request.
Revocation of consent
With reference to art. 23 of Legislative Decree 196/2003 and art. 6 of GDPR 679/16, the interested party can revoke any consent given at any time. However, the processing subject of this information is lawful and allowed, even in the absence of consent, as it is necessary for the execution of a contract of which the interested party (the service supply relationship) or the fulfillment of his / her requests is a party.
Provision of complaint
The data subject has the right to lodge a complaint with the supervisory authority of the state of residence.
Rejection of the provision of data
Customers natural persons they cannot refuse to provide the Data Controller with the personal data necessary to comply with the laws governing commercial transactions and taxation. The provision of further personal data may be necessary to improve the quality and efficiency of the transaction. Therefore, the refusal to provide the data required by law will prevent order processing; while the conferment of further data may compromise, in whole or in part, the evasion of other requests and the quality and efficiency of the transaction itself. Persons who work in the name and on behalf of clients legal entities may refuse to confer on the Holder the their personal data. The provision of personal data is however necessary for the correct and efficient management of the contractual relationship. Therefore, any refusal to grant the data may compromise all or part of the contractual relationship itself.
Automated decision-making processes
The Data Controller does not carry out any processing consisting of automated decision-making on the data of customers, natural persons, or natural persons operating in the name and on behalf of customers legal persons.