Privacy Policy

SUMMARY OF PRIVACY POLICY

CONTACT INFORMATION

Personal Data Controller:

Frutteto ItaliaSRL, an Italian company with registered office via Padania 9 - 26030 Volongo (CR) - Italy Paid-up share capital € 142,857.00
Cremona Business Register Office - REA: 200021 - P.I. 01770310199

Registered office: via Camillo Golgi 10, 25064 Gussago (BS)

Holder's e-mail address: info@fruttetoitalia.it

Holder's p.e.c. address: fruttetoitalia@legalmail.it

Phone contact: +39 0372 845 745

PERSONAL DATA COLLECTED BY THE WEBSITE FOR THE FOLLOWING PURPOSES (WITH USE OF THE INDICATED SERVICES)

Purpose:

  • Contacting the User

Tools:

- Contact form

Personal Data: first and last name, e-mail address, Cookies, Usage Data, other types of Data.

- Mailing lists or sending newsletters (if the User has subscribed to the relevant service).

Personal Data: first name; last name; email address; Cookies, Usage Data, other types of Data.

  • Statistics

Tools:

-Google Analytics with anonymized IP

Personal Data: Cookies and Usage Data

-Google Tag Manager

Personal Data: Cookies, Usage Data, other types of Data.

  • Displaying content from external / third-party platforms

Tools:

-Instagram, Facebook, Stripe

Personal Data: Cookies; Usage Data; other types of Data.

  • Managing contacts and sending messages and/or newsletters

Tools:

  • Interaction with external data collection platforms and other third parties

Tools:

-Google invisible reCAPTCHA

Personal Data: Cookies; Usage Data; other types of Data.

-Google Tag Manager

Personal Data: Usage Data; other types of Data.

  • Behavioral targeting and remarketing

Tools:

-Facebook and Instagram Remarketing 

Personal Data: Usage Data; e-mail, Cookies, other types of Data.

Personal Data: first name; last name; e-mail address; telephone number; gender; date of birth; Data concerning skin; Data about products purchased/for which the User is interested; Cookies; Usage Data; other types of Data.

 

  • Registration and authentication

Tools:

-WordPress.com

Personal Data: various types of Data.

  • Platform services

Tools:

-WordPress.com

Personal Data: various types of Data.

***

FULL PRIVACY POLICY

The Data Controller, as better defined below, considers the privacy of its Users of fundamental importance and guarantees that the Processing of Personal Data is carried out in compliance with the privacy legislation in force, and in particular with the European Regulation nr. 2016/679 and the national legislation on the protection of personal data, D. Lgs. 196/2003 as far as it is still in force and the relevant national adaptation legislation D. Lgs. 101/2018 regarding the protection of personal data. To this end, the Data Controller has adopted the following Privacy Policy in order to regulate and make the Users of the Website www.fruttetoitalia.com aware of the methods and purposes of the Processing of Personal Data of such Users.

The User is kindly requested to review this document each time he/she connects to the Site, as it may be subject to revisions, additions and/or modifications, occasioned by regulatory requirements and/or changes and/or additions to the Site's functionality.

Personal Data Controller:

Frutteto ItaliaSRL, an Italian company with registered office via Padania 9 - 26030 Volongo (CR) - Italy Paid-up share capital € 142,857.00
Cremona Business Register Office - REA: 200021 - P.I. 01770310199

Registered office: via Camillo Golgi 10, 25064 Gussago (BS)

Holder's e-mail address: info@fruttetoitalia.it

Holder's p.e.c. address: fruttetoitalia@legalmail.it

Phone contact: +39 0372 845 745

TYPES OF DATA COLLECTED

Among the Personal Data collected by www.fruttetoitalia.com as well as by all the landing pages linked and/or related to it (hereinafter for brevity, the "Site"), independently or through third parties, to whose privacy policy we refer in any case, are: e-mail, personal data of different nature as better specified below, cookies and usage data.

Full details on each type of data collected are provided in the dedicated sections of this privacy policy, or through specific informational texts displayed before the data is collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, automatically collected during the use of the Site.

Unless otherwise specified, all Data requested by the Site are mandatory. If the User refuses to provide them, it may be impossible to provide the Service.

In cases where certain Data are indicated as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.

Users who may have doubts as to which Data is mandatory, are invited to contact the Data Controller.
The possible use of Cookies by the Site or the owners of third party services used by the Site, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through the Site and warrants that he or she has the right to communicate or disseminate it, releasing the Owner from any liability to himself or to third parties.

METHOD AND PLACE OF PROCESSING OF COLLECTED DATA

The Owner takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The Processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. In addition to the Data Controller, in some cases, other subjects involved in the organization of the Data Controller and/or in the management of the Site (by way of example and not limited to: administrative, sales, marketing, legal, system administrators, etc..) or external subjects (by way of example and not limited to: accountants, external lawyers, third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies and/or , providers of the address management and e-mailing service, etc.) also appointed, if necessary, Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller.

LEGAL BASIS FOR PROCESSING

The Owner lawfully processes Personal Data related to the User if one of the following conditions exists:

  • the Data Subject has given consent to the processing of his/her Personal Data for one or more specific purposes, pursuant to GDPR, Art. 6(1)(a). Note: In some jurisdictions, the Data Controller may be allowed to process Personal Data without the User's consent or without another of the legal bases specified below, until the User objects ("opts-out") to such Processing. However, this does not apply if the Processing of Personal Data is governed by European data protection legislation;
  • the Processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures, in accordance with Art. 6(1)(b) of the so-called. GDPR 2016/679;
  • Processing of Personal Data is necessary to fulfill a legal obligation to which the Data Controller is subject, pursuant to GDPR, Art. 6(1)(c);
  • Processing is necessary to safeguard the vital interests of the data subject or another natural person, according to GDPR, Art. 6(1)(d);
  • the Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, pursuant to Article 6(1)(e) of the GDPR;
  • the Processing of Personal Data is necessary for the pursuit of the legitimate interests of the Data Controller or third parties, except where such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject requiring the protection of personal data, particularly where the Data Subject is a child, all in accordance with GDPR, Art. 6(1)(f).

Pursuant to Article 6 of the GDPR, Personal Data acquired through the Site without the consent of the Data Subject will be processed by the Data Controller for the operation and maintenance of the Site, to enable the enjoyment of the Services, to fulfill Users' requests, to enable effective communication with customers, to fulfill obligations required by law, regulations, EU legislation or orders of the Authorities or otherwise for purposes related to the activities and functions of the Data Controller or finally to prevent or detect fraudulent activities or abuse to the detriment of the Data Controller through the Site.

However, it is always possible to ask the Data Controller to clarify the concrete legal basis of each Processing and, in particular, to specify whether the Processing is based on law, required by a contract, or necessary to conclude a contract.

PLACE OF PERSONAL DATA PROCESSING

The Data are processed at the registered and/or operational office of the Data Controller and/or at any other place where the parties involved in the Processing are located and/or at the Offices of the Data Controller and/or at other parties or computer systems/servers of other parties specifically designated as (external) Data Processors

For more information, the User is invited to contact the Owner.

The User's Personal Data may be transferred to a country other than the country in which the User is located. To obtain more information about the location of the Processing, the User may consult the relevant section of this Policy.

The User has the right to obtain information regarding the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or formed by two or more countries (such as the UN), as well as regarding the security measures taken by the Controller to protect the Data. Should any of the transfers just described take place, the User may refer to the respective sections of this document or request information from the Data Controller (as specified in the "CONTACT INFORMATION" section).

RETENTION PERIOD

Data are processed and kept for the time required by the purposes for which they were collected.

The User may obtain further information regarding the retention period of individual Personal Data processed by contacting the Data Controller (as specified in the "CONTACT INFORMATION" section).

At the end of the retention period, the Personal Data will be deleted. Therefore, at the expiration of this period, the right of access, cancellation, rectification and the right to data portability, opposition, restriction of data processing can no longer be exercised.

PURPOSE OF PROCESSING THE COLLECTED DATA

User Data is collected to enable the Owner to provide its Services, as well as for the following purposes:

  • Contacting the User
  • Statistics
  • Displaying content from external / third-party platforms
  • Managing contacts and sending messages and/or newsletters
  • Interaction with external data collection platforms and other third parties
  • Behavioral targeting and remarketing
  • Registration and authentication
  • Platform services

To obtain further detailed information on the purposes of the Processing and the Personal Data concretely relevant for each purpose, the User may refer to the following section of this document.

DETAILS ON THE PROCESSING OF PERSONAL DATA

To check how Personal Data is processed according to the purposes pursued, the User may consult the appropriate section below.

  1. Contacting the User:

In order to contact the User, the Data Controller may use Personal Data collected through the following tools:

- Contact form ; Mailing list or newsletter sending (if the User has subscribed to the relevant service).

Personal Data: first name; last name; e-mail address; telephone number; gender; date of birth; Data concerning skin; Data about products purchased/for which the User is interested; Cookies; Usage Data; other types of Data.

For the contact form, the Google invisible reCaptcha service is active (see the specific section below).

For more information, the User is invited to consult, the "Hubspot" section.

  1. Statistics

The services contained in this section allow the Data Controller to monitor and analyze traffic data and serve to track User behavior.

These purposes are pursued through the following means:

-Google Analytics with anonymized IP;

Google Analytics is a web analytics service provided by Google for statistical purposes to understand how visitors interact with the Site, compile reports, and share them with other services developed by Google. Google Analytics may use a set of cookies to collect information and generate statistics about the use of the Site, without providing personal information about individual visitors to Google. The User's IP address is anonymized. Anonymization works by shortening within the borders of member states of the European Union or other countries that are party to the Agreement on the European Economic Area the IP address of Users. Only in exceptional cases, the IP address will be sent to Google's servers and abbreviated within the United States.

However, it should be noted that data may also be processed outside the EEA.

Users are also advised that as of July 16, 2020, Google no longer bases its Processing of Users' Personal Data on the EU-U.S. Privacy Shield (EU-U.S. Privacy Shield) to transfer data from the European Economic Area and the United Kingdom to the U.S.; as of September 30, 2020, more precisely, Google has updated its regulations on the Processing of Personal Data and uses the standard contractual clauses approved by the European Commission and based on the European Commission's own adequacy decisions regarding certain countries, as applicable, for data transfers from the EEA to the U.S. and other countries.

As for the use of cookies by Google Analytics, we invite the User, in any case, to carefully consult the relevant privacy policy and cookie policy, as well as the paragraph of this Cookie Policy "How can I give or revoke consent to the installation of Cookies?" through the browser settings and the section of this Policy related to the Privacy Shield.

  • Google Tag Manager

This Site uses Google Tag Manager. Google Tag Manager is a solution operated by Google LLC that allows you to manage the tags of managed websites using a dedicated interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for monitoring and analytics on websites. Tags are small elements of code that, among other things, are used to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting to target groups, and to test and optimize websites.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record Personal Data. This tool allows the activation of other tags that may, on their part, record Data under certain circumstances.

For more information on the privacy policy of Google Tag Manager please refer to the following link https://policies.google.com/privacy?hl=en, while for the terms of use https://www.google.com/analytics/tag-manager/use -policy/ and for Google Tag Manager's privacy answers https://support.google.com/tagmanager/answer/7207086 .

Personal Data: Usage Data; other type of Data.

  1. Displaying content from external / third-party platforms

This type of service allows you to view content hosted on external platforms directly from the pages of the Site and interact with them.

In the event that such a service is installed, it is possible that, even if it is not actually used, it will collect traffic data related to the pages where it is installed.

These purposes are pursued by means of:

  • Facebook, Facebook Widget;

There are redirect or share buttons on the Site to the social platform Facebook, and to individual social network pages traceable to the Data Controller.

Facebook shares information globally, both internally with Facebook companies and externally with its partners and people with whom you connect and share content around the world. Information controlled by Facebook may be transferred or transmitted to or stored and processed in the United States or other countries outside the EEA.

According to what is stated in the relevant policy, Facebook may use cookies to show advertisements and present suggestions for businesses and other organizations to people who may be interested in their products, services, or promoted causes; to measure the performance of advertising campaigns of businesses using Facebook products; to show and measure advertisements in different browsers and devices used by the same person; to provide statistical data about people using Facebook products, people interacting with advertisements, advertisers' websites and apps, and businesses using Facebook products; and to enable functionality that allows Facebook to deliver its products.

In addition, visiting the Site may install the Facebook Pixel cookie that allows the Data Controller to track conversions that occur on the Site as a result of the ads it is running on Facebook.

Information collected via cookies may be shared with organizations outside of Facebook, such as advertisers and/or networks of advertisers for the purpose of running ads and measuring the effectiveness of ad campaigns.

Users are also advised that as of July 16, 2020, Facebook no longer bases its Processing of Users' Personal Data on the EU-U.S. Privacy Shield (EU-U.S. Privacy Shield) for transferring data from the European Economic Area and the United Kingdom to the United States; instead, it uses standard contractual clauses approved by the European Commission and based on the European Commission's adequacy decisions regarding certain countries, as appropriate, for data transfers from the EEA to the U.S. and other countries.

In relation to the Privacy Shield, the User is referred to read the relevant paragraph in the cookie policy.

In this case the following Personal Data are processed: Cookies; Usage Data; other types of Data.

For more information about Facebook's installation and use of cookies, please carefully review the relevant cookie policy. Finally, please carefully read the privacy policy of the service to obtain detailed information about the collection and transfer of Personal Data, the User's rights and how to configure the privacy settings satisfactorily.

For behavioral targeting and remarketing this Site uses Facebook remarketing services operated through Hubspot. For more information about Hubspot, the User is invited to consult the appropriate section.

  • Instagram, Instagram Widget

There are redirect or share buttons on the Site to the social platform Instagram, owned by Facebook, and to individual social network pages traceable to the Data Controller.

Facebook/Instagram shares information globally, both internally with Facebook/Instagram companies and externally with partners and people with whom the User connects.

Based on the relevant policies, Instagram uses cookies, pixels, local storage technologies, and other similar technologies to display relevant content to the User to offer the Service and for reasons related to the User's own enjoyment of the Service, as well as to collect information related to the User's use of Instagram. Instagram may also use said technologies to remember choices made by the User (e.g., User name, language, or geographic area where the User is located) and customize the Service to offer better features and content. Instagram and its advertising partners may use these technologies to show relevant ads to the User with respect to the User's interests. These technologies store the User's device visits and may also be able to track the User's device browsing activities on sites and services other than Instagram. This information may be shared with organizations outside of Instagram, such as advertisers and/or networks of advertisers for ad serving and for measuring the effectiveness of ad campaigns.

Information controlled by Facebook/Instagram may be transferred to and/or transmitted to and/or stored and/or processed in the United States or other countries outside the User's country of residence or otherwise outside the EEA for the purposes described by the legislation in the following links: Facebook Terms; Terms of Instagram .

Users are also advised that as of July 16, 2020, Facebook/Instagram no longer bases its Processing of Users' Personal Data on the EU-U.S. Privacy Shield (EU-U.S. Privacy Shield) to transfer data from the European Economic Area and the U.K. to the U.S.; instead, it uses standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission regarding certain countries, as appropriate, for data transfers from the EEA to the U.S. and other countries.

In relation to the Privacy Shield, the User is referred to read the relevant section found in the Cookie Policy.

In this case the following Personal Data are processed: Cookies; Usage Data; other types of Data.

Regarding the management of cookies installed by Instagram and how to disable them, the User is invited to carefully consult, in addition to the relevant privacy policy of the service, also the cookie policy, for detailed information on the collection and transfer of Personal Data, the User's rights and how to configure the privacy settings satisfactorily.

Regarding the conditions of use of the service of Instagram, the User is finally invited to consult the said conditions.

For behavioral targeting and remarketing this Site uses Instagram remarketing services operated through Hubspot. For more information about Hubspot, the User is invited to consult the appropriate section.

 

  • Stripe

Credit/debit card payments for Products sold from the Site are made through the Stripe gateway. This is a third party that may install cookies: the User is therefore invited to read carefully the relevant privacy policy.

  1. Managing contacts and sending messages and/or newsletters

This type of service enables the management of a database of e-mail contacts, telephone contacts, or contacts of any other type used to communicate with the User.

These services may also allow the collection of data related to the date and time of the User's viewing of messages, as well as the User's interaction with them (e.g., detection of the use of links embedded in messages).

 

  • Google invisible reCaptcha

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is used more when filling out contact forms to ensure that specific actions on the Internet are performed by humans and not bots. Classic captcha works with small tasks that are easy for humans to solve, but provide significant difficulties for machines. With reCAPTCHA, the User no longer has to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing the User has to do is to check the "I am not a bot" text field. However, with Invisible reCAPTCHA even this is no longer necessary. reCAPTCHA, integrates a JavaScript element into the source text, after which the tool runs in the background and analyzes the User's behavior. The software calculates a so-called captcha score from the User's actions. Google uses this score to calculate the probability that the User is a human, before entering the captcha. reCAPTCHA and Captcha in general are used whenever bots might manipulate or abuse certain actions (such as registrations, surveys, etc.).

By using reCAPTCHA, data is transmitted to Google to determine whether the User is truly human. reCAPTCHA thus ensures the security of our website and, as a result, of the User himself.

IP addresses and other data needed by Google for its reCAPTCHA service may be sent to Google, whose servers may be in the US.

First, the reCAPTCHA algorithm checks whether Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in the User's browser. Then reCAPTCHA sets an additional cookie in the User's browser and takes a snapshot of that browser window.

The IP address that the User's browser transmits to Google is generally not merged with other Google data from other company services.

However, the data will be merged if the User is logged into the Google account while using the reCAPTCHA plug-in.

If you wish to prevent your data and behavior from being transmitted to Google, you must completely log out of Google and delete all Google cookies before you visit our website or use the reCAPTCHA software. Generally, data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at. https://support.google.com/?hl=en-GB&tid=111401120 .

If you use our website, you agree that Google LLC and its representatives will automatically collect, modify, and use data.

You can find more information about reCAPTCHA on Google's developer page at. https://developers.google.com/recaptcha/.

For more information, please read the Privacy Policy and the Terms of Service of Google.

Personal Data: Cookies; Usage Data; other types of Data..,

 

  • Google Tag Manager

This Site uses Google Tag Manager. Google Tag Manager is a solution operated by Google LLC that allows you to manage the tags of managed websites using a dedicated interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for monitoring and analytics on websites. Tags are small elements of code that, among other things, are used to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting to target groups, and to test and optimize websites.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record Personal Data. This tool allows the activation of other tags that may, on their part, record Data under certain circumstances.

For more information on the privacy policy of Google Tag Manager please refer to the following link https://policies.google.com/privacy?hl=en, while for the terms of use https://www.google.com/analytics/tag-manager/use -policy/ and for Google Tag Manager's privacy answers https://support.google.com/tagmanager/answer/7207086 .

Personal Data: Usage Data; other type of Data.

  1. Behavioral targeting and remarketing

These types of services allow this Site and its partners to inform, optimize, and prepare advertisements based on your past use of this Site.

This activity is facilitated by tracking Usage Data and using trackers to collect information that is then transferred to partners that handle remarketing and behavioral targeting.

Some services offer a remarketing option based on lists of email addresses.

  • Facebook and Instagram Remarketing

Facebook (and Instagram) remarketing is a remarketing and behavioral targeting service provided by Facebook Inc.

With the help of the Facebook pixel (or equivalent functions for transferring event data or contact information via interfaces or other software in apps) Facebook (/Instagram) is able to frame visitors to this Site online services as a target for the presentation of advertisements.

Therefore, this Site uses Facebook Inc.'s "Custom Audiences" remarketing feature: this allows Users of the Site to display interest-based advertisements ("Facebook Ads" or "Instagram Ads") when they browse the social networks Facebook or Instagram or other websites that use this process. Thus ads that are of interest to the User are shown in order to make online offers more interesting to him/her.

Using Custom Audience causes the User's browser to automatically establish a direct connection to the Facebook/Instagram server.

The Data collected are processed by Facebook Inc. in the United States.

This Site has no authority over the scope of the Data collected and the further use of that Data by Facebook Inc. so please read the relevant Privacy Policy of Facebook and the Privacy Policy of Instagram.

The User can get more information about Facebook behavioral advertising by visiting this page: https://www.facebook.com/help/164968693837950

To turn off Facebook's interest-based ads, please follow these instructions: https://www.facebook.com/help/568137493302217

Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. To opt-out of Facebook and other participating companies through the Digital Advertising Alliance in the U.S. http://www.aboutads.info/choices/ , the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/ , or turn it off using the settings on your mobile device.

Disabling the "Facebook Custom Audiences" feature is available for users who are logged in at https://www.facebook.com/settings/?tab=ads#.

Personal Data: Usage Data; e-mail, Cookies, other types of Data.

 

  1. Registration and authentication

Tools:

-WordPress.com

To register to the restricted area and authenticate when logging in, this Site uses the WordPress platform. For more information on the processing of Data by WordPress, the User is invited to read the relevant privacy policy.

Personal Data: various types of Data.

  1. Platform services

The Site was created using the WordPress.com platform.

The User is invited to view the relevant privacy policy.

Personal Data: various types of Data.

PRIVACY SHIELD

The Privacy Shield, or the "privacy shield" between the EU and the U.S., is a self-certification mechanism for companies established in the U.S. that intend to receive Personal Data from the European Union. It was also deemed appropriate by the European Commission in 2016.

Specifically, companies agree to abide by the principles therein and to provide data subjects (i.e., all individuals whose Personal Data has been transferred from the European Union) with adequate safeguards, failing which they will be removed from the list of certified companies ("Privacy Shield List") by the U.S. Department of Commerce and possible sanctions by the Federal Trade Commission.

However, with Decision 2016/1250 of July 16, 2020 on the adequacy of the protection offered by the EU-U.S. Privacy Shield regime - the so-called "Schrems II Judgment", however, the Court of Justice of the European Union (CJEU) ruled that the Privacy Shield does not provide an adequate level of protection for Personal Data transferred from the EU to a company established in the United States.

In the same ruling, the European Court of Justice, on the other hand, upheld Decision 2010/87, ruling that standard contractual clauses for the transfer of personal data from the EU to a non-EU state are valid.

The User is invited to consult the FAQ concerning the Schrems II judgment and its effects prepared by the European Data Protection Board (EDPB), the website www.privacyshield.gov e the website of the Italian Data Protection Authority to better understand the issue.

COMMUNICATION AND DATA TRANSFER

The Holder makes it clear that utmost care and confidentiality in the Processing of Data is one of its core values.

User Data may be disclosed to third parties.

The Data Controller may use Data Processors and service providers such as, for example, authentication, hosting and maintenance services, data analysis services, e-mail messaging services, delivery services, payment transaction management, solvency, address and e-mail control, to the extent necessary to provide the services.

Some of the Data Processors/Service Providers referred to in the previous sections are located outside the European Union (EU)/European Economic Area (EEA). In any case, Your Personal Data will be shared with countries outside the EU/EEA, provided that:

  • the country in question is considered a safe third country;
  • the Data Processor/Service Provider in question has adhered to the European Commission's model contracts regarding the transfer of Personal Data to third countries;
  • the Data Processor/Service Provider in question is certified in accordance with Article 40 of the GDPR or
  • the Data Processor/Service Provider in question has an approved set of binding business rules.

It is possible that User's Personal Data may be disclosed or shared in order to comply with a legal obligation or the directions of a Court/Judicial Authority or any other competent body or in order to enforce or apply the Site's Privacy Policy and/or other agreements or to protect the rights or safety of the Data Controller, Data Processors, service providers and/or other third parties or for fraud protection or credit risk reduction.

It is also possible that the User's Personal Data, and in particular the email, may be communicated or shared with companies and/or third parties with which the Data Controller collaborates and/or has entered into agreements if the Users have subscribed to the newsletter, expressly consenting with the so-called "point and click" modality to the transfer of said Data to companies and/or third parties for the purposes indicated in the relevant consent (e.g. Hubspot - for more information please see the relevant section), including marketing purposes also through Profiling.

USER RIGHTS

The User may exercise, with reference to the Data processed by the Data Controller, the following rights:

- Right to revoke consent at any time. Users may revoke their previously given consent to the processing of their Personal Data (see GDPR, Art. 7);

- right of access. The User has the right to obtain confirmation from the Data Controller that Personal Data concerning him or her is or is not being processed and, if so, to access his or her Personal Data and receive all information about it (including the purposes of processing), as well as a copy of the said Data (see GDPR, Art. 15);

- Right to rectification of one's Personal Data. The User has the right to obtain from the Data Controller the rectification of inaccurate Personal Data concerning him/her without undue delay. Taking into account the purposes of the processing, the Data Subject has the right to obtain the integration of incomplete Personal Data, including by providing a supplementary declaration (see GDPR, Art. 16);

- Right to erasure ("right to be forgotten"). The User has the right to obtain from the Data Controller the erasure of Personal Data concerning him/her without undue delay in such cases: if the Personal Data is no longer necessary or the User revokes the consent on which the processing is based and there is no other legal basis for the processing or if the User objects to the processing or the Personal Data has been processed unlawfully or if it must be erased in order to comply with a legal obligation under the law of the Union or the Member State to which the Data Controller is subject or if the Personal Data was collected in connection with the provision of information society services (see GDPR, Art. 17);

- right to restriction of processing. The User has the right to obtain from the Data Controller the restriction of such processing in the following cases: if the accuracy of the Personal Data is disputed by the User or if the processing is unlawful and the Data Subject objects to the deletion of the Personal Data and requests the restriction of its use or if the User who objected to the processing is awaiting verification as to whether the Data Controller's legitimate reasons prevail over those of the User (see GDPR, Art. 18);

- right to data portability. The User has the right to receive the Personal Data concerning him or her, which he or she has provided to the Controller, in a structured, commonly used, machine-readable format and has the right to transmit such data to another data controller without hindrance from the Controller to whom the Personal Data was provided (see GDPR, Art. 20);

- Right to object to the processing of Personal Data. The User may object at any time to the processing of Personal Data concerning him/her (when carried out on a legal basis other than consent). In particular, where Personal Data are processed for direct marketing purposes, the User has the right to object at any time to the processing of Personal Data concerning him or her carried out for such purposes, including profiling insofar as it is related to such direct marketing (see GDPR, Art. 21);

- Right to propose a complaint to the competent supervisory authority. The User may lodge a complaint with the competent data protection supervisory authority (in Italy: www.garanteprivacy.it) and before the competent courts of the Member States (see GDPR, Art. 77 et seq.).

How to exercise rights

To exercise their rights as set forth above, Users, without payment of any charge or consideration (except as provided in Article 12 paragraph 5 of the GDPR), may address a request to the contact details of the Controller, namely:

Frutteto ItaliaSRL, an Italian company with registered office via Padania 9 - 26030 Volongo (CR) - Italy Paid-up share capital € 142,857.00
Cremona Business Register Office - REA: 200021 - P.I. 01770310199

Registered office: via Camillo Golgi 10, 25064 Gussago (BS)

Holder's e-mail address: info@fruttetoitalia.it

Holder's p.e.c. address: fruttetoitalia@legalmail.it

Phone contact: +39 0372 845 745

 

Cookie Policy

The Site makes use of Cookies. To learn more and to view the detailed information, the User may consult the Cookie Policy.

More information about the Treatment

Litigation defense

The User's Personal Data may be used by the Owner in legal proceedings or in the preparatory stages to its possible establishment in order to defend against abuses in the use of the Site or related Services by the User.

The User declares that he/she is aware that the Data Controller may be obliged to disclose / communicate the Data by order of Public Authorities.

Specific disclosures

Upon User's request, in addition to the information contained in this Privacy Policy, the Site may provide additional and contextual disclosures regarding specific Services or the collection and processing of Personal Data.

System logs and maintenance

For operation and maintenance purposes, the Site and any third-party services used by it may collect system logs, i.e., files that record interactions and may also contain Personal Data, such as the User's IP address.

Information not contained in this Privacy Policy

Further information in relation to the Processing of Personal Data may be requested at any time from the Data Controller as specified in the "CONTACT INFORMATION" section.

Changes to this Privacy Policy

The Data Controller reserves the right to modify or update this Privacy Policy at any time.

The User is encouraged to regularly consult this page to ensure that he/she is always aware of the latest version of this Privacy Policy (see "Date of last update" at the end of this page). If the changes affect the processing of Personal Data whose legal basis is consent, the Data Controller will re-collect the User's consent, if necessary.

DEFINITIONS AND LEGAL REFERENCES

"Cookies"or "Cookies"

Small portion(s) of data stored within the User's device.

"Personal Data" or "Data"or "Personal Data" or "Data"

Any information referable to a Data Subject.

"Sensitive and/or special data"

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as dealing with genetic data, biometric data intended to uniquely identify a natural person, data relating to a person's health or sex life or sexual orientation.

"Usage Data"

This is the information collected automatically through the Site and/or by third party applications integrated into the Site, including: the IP addresses or domain names of the computers used by the User who connects with the Site, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the length of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the User's operating system and computer environment.

"Interested" or "Interested in."

The identified or identifiable natural person to whom the Personal Data relates. An identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier, or one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural, or social identity.

"Profiling"

Any form of automated processing of Personal Data consisting of the use of such Personal Data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects of that natural person's job performance, economic situation, health, personal preferences, interests, reliability, behavior, location, or movements.

"Service"

The service(s) provided by the Site as defined in the relevant terms (if any) on this site/application.

"Site"

The hardware or software tool by means of which Users' Personal Data are collected and processed, namely www.fruttetoitalia.com as well as all landing pages linked and/or related to it.

"Data Controller" or "Controller"

The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the Data Controller or the specific criteria applicable to its designation may be established by Union or Member State law. The Data Controller, as better identified above, unless otherwise specified, is the owner of the Site.

"Processing" or "Data Processing"

Any operation or set of operations, performed with or without the aid of automated processes and applied to Personal Data or sets of Personal Data, such as collecting, recording, organizing, structuring, storing, adapting or modifying, extracting, consulting, using, communicating by transmission, dissemination or otherwise making available, comparing or interconnecting, limiting, erasing or destroying.

"European Union" or "EU"

Unless otherwise specified, any reference to the European Union in this document is understood to extend to all current member states of the European Union and the European Economic Area (so-called EEA).

"User" or "Users"

The individual(s) who use(s) the Site and who, except where otherwise specified, coincide(s) with the Data Subject.

Legal references

This privacy policy is drafted on the basis of the relevant legislation in force, and in particular by the provisions of Articles 13 and 14 of Regulation (EU) 2016/679 (so-called GDPR), the relevant adaptation legislation D. Legislative Decree 101/2018, and to the extent still applicable by Legislative Decree 196/2003.

Date of last update: October 14, 2023.

Follow us on social media
Facebook Instagram
YOUR PURCHASES
SIGN UP FOR THE NEWSLETTER

    * Read the information on the Privacy Policy of the site, I consent to the processing of data.

    Credit card transactions are secured through the highest Security Standards via verified banking circuit and encrypted SSL protocol.

    Continue shopping →
    Item added to cart.
    0 items - 0,00
    Payment