Privacy Policy

PRIVACY POLICY SUMMARY

CONTACT INFORMATION

Data Controller:

ComCart S.r.l., an Italian company with registered office in Gatteo a Mare (FC), via Matteotti 43, Tax Code and VAT number 04412340400

Email address: info@comcart.it

PERSONAL DATA COLLECTED BY THE WEBSITE FOR THE FOLLOWING PURPOSES (USING THE INDICATED SERVICES)

Purpose:

  • Contacting the User

Tools:

Contact form

Personal Data: first and last name, email address, Cookies, Usage Data, other types of Data.

– Mailing list or newsletter sending (if the User has subscribed to the related service).

Personal Data: first name; last name; email address; Cookies, Usage Data, other types of Data.

  • Statistics

Tools:

-Google Analytics with anonymized IP

Personal Data: Cookies and Usage Data

-Google Tag Manager

Personal Data: Cookies, Usage Data, other types of Data.

  • Displaying content from external/third-party platforms

Tools:

-Instagram, Facebook, Stripe

Personal Data: Cookies; Usage Data; other types of Data.

  • Managing contacts and sending messages and/or newsletters

Tools:

  • Interaction with external data collection platforms and other third parties

Tools:

-Google invisible reCAPTCHA

Personal Data: Cookie; Usage Data; other types of Data.

-Google Tag Manager

Personal Data: Usage Data; other types of Data.

  • Behavioral targeting and remarketing

Tools:

-Facebook and Instagram Remarketing

Personal Data: Usage Data; email, Cookies, other types of Data.

Personal Data: first name; last name; email address, phone number, gender, date of birth, Skin Data, Data on purchased/interested products, Cookies, Usage Data, other types of Data.

 

  • Registration and authentication

Tools:

-WordPress.com

Personal Data: various types of Data.

  • Platform services

Tools:

-WordPress.com

Personal Data: various types of Data.

***

FULL PRIVACY POLICY

The Data Controller, as better defined below, considers the privacy of its Users to be of fundamental importance and ensures that the processing of Personal Data is carried out in compliance with the current privacy regulations, and in particular with the European Regulation no. 2016/679 and the national legislation on personal data protection, D. Lgs. 196/2003 as still in force and the related national adaptation legislation D. Lgs. 101/2018 on personal data protection. To this end, the  Data Controller has adopted the following Privacy Policy to regulate and inform the Users of the Site www.fruttetoitalia.com about the methods and purposes of processing the Personal Data of the Users themselves.

The User is kindly requested to review this document each time they connect to the Site, as it may be subject to revisions, additions, and/or changes, occasioned by regulatory requirements and/or changes and/or additions to the functionalities of the Site itself.

Data Controller:

ComCart S.r.l., an Italian company with registered office in Gatteo a Mare (FC), via Matteotti 43, Tax Code and VAT number 04412340400

Email address: info@comcart.it

TYPES OF DATA COLLECTED

Among the Personal Data collected by www.fruttetoitalia.com as well as by all landing pages connected and/or related to it (hereinafter for brevity the “Site“), independently or through third parties, to whose privacy policy reference is made, there are: email, personal data of various nature as better specified below, cookies, and usage data.

Complete details on each type of data collected are provided in the dedicated sections of this privacy policy, or through specific information texts displayed before the data collection itself.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically during the use of the Site.

Unless otherwise specified, all Data requested by the Site is mandatory. If the User refuses to provide them, it may be impossible to provide the Service.

In cases where some Data is indicated as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.

Users who have doubts about which Data is mandatory are invited to contact the Controller.
The possible use of Cookies by the Site or by the third-party service owners used by the Site, unless otherwise specified, is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, if available.

The User assumes responsibility for the Personal Data of third parties obtained, published, or shared through the Site and guarantees to have the right to communicate or disseminate them, releasing the Controller from any responsibility towards themselves and third parties.

METHODS AND PLACE OF PROCESSING OF THE COLLECTED DATA

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The Processing is carried out using IT and/or telematic tools, with organizational methods and with logics strictly related to the purposes indicated. In addition to the Controller, in some cases, other subjects involved in the organization of the Controller and/or in the management of the Site (by way of example and not limited to: administrative, commercial, marketing, legal, system administrators, etc.) or external subjects (by way of example and not limited to: accountants, external legal advisors, third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies and/or, address management and email message sending service providers, etc.) may have access to the Data, also appointed, if necessary, as Data Processors by the Controller. The updated list of Data Processors may be requested at any time from the Data Controller.

LEGAL BASIS OF PROCESSING

The Controller lawfully processes Personal Data relating to the User if one of the following conditions exists:

  • the Data Subject has given consent to the processing of their Personal Data for one or more specific purposes, pursuant to GDPR, art. 6, paragraph 1, letter a). Note: in some jurisdictions, the Data Controller may be authorized to process Personal Data without the User’s consent or without another of the legal bases specified below, until the User objects (“opt-out”) to such Processing. However, this does not apply if the Processing of Personal Data is regulated by European legislation on personal data protection;
  • the Processing is necessary for the performance of a contract with the User and/or for the implementation of pre-contractual measures, pursuant to art. 6, paragraph 1, letter b) of the so-called GDPR 2016/679;
  • the Processing of Personal Data is necessary to fulfill a legal obligation to which the Controller is subject, pursuant to GDPR, art. 6, paragraph 1, letter c);
  • the Processing is necessary for the protection of the vital interests of the data subject or another natural person, pursuant to GDPR, art. 6, paragraph 1, letter d);
  • the Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller, pursuant to art. 6, paragraph 1, letter e) of the GDPR;
  • the Processing of Personal Data is necessary for the pursuit of the legitimate interest of the Data Controller or third parties, unless such interests are overridden by the interests or fundamental rights and freedoms of the Data Subject that require the protection of personal data, in particular where the Data Subject is a minor, all pursuant to GDPR, art. 6, paragraph 1, letter f).

Pursuant to art. 6 of the GDPR, Personal Data acquired through the Site without the Data Subject’s consent will be processed by the Data Controller for the management and maintenance of the Site, to allow the use of the Services, to satisfy User requests, to enable effective communication with customers, to fulfill obligations provided by law, regulations, community legislation or orders of the Authorities or in any case for purposes related to the activities and functions of the Controller or finally to prevent or detect fraudulent activities or abuses against the Controller through the Site.

It is always possible to request the Controller to clarify the concrete legal basis of each Processing and, in particular, to specify whether the Processing is based on the law, provided for by a contract, or necessary to conclude a contract.

PLACE OF PROCESSING OF PERSONAL DATA

The Data is processed at the registered and/or operational headquarters of the Controller and/or in any other place where the parties involved in the Processing are located and/or at the Controller’s offices and/or at other subjects or IT systems/servers of other subjects specifically designated as (external) Data Processors.

For further information, the User is invited to contact the Controller.

The User’s Personal Data may be transferred to a country different from the one in which the User is located. To obtain further information on the place of Processing, the User can consult the relevant section of this notice.

The User has the right to obtain information regarding the legal basis of the transfer of Data outside the European Union or to an international organization of public international law or constituted by two or more countries (such as the UN), as well as regarding the security measures adopted by the Controller to protect the Data. If one of the transfers just described takes place, the User can refer to the respective sections of this document or request information from the Controller (as specified in the “CONTACT INFORMATION” section).

RETENTION PERIOD

The Data are processed and stored for the time required by the purposes for which they were collected.

The User can obtain further information regarding the retention period of individual Personal Data processed by contacting the Controller (as specified in the “CONTACT INFORMATION” section).

At the end of the retention period, the Personal Data will be deleted. Therefore, upon the expiration of this period, the right of access, deletion, rectification, and the right to data portability, opposition, limitation to the processing of the same, can no longer be exercised.

PURPOSES OF PROCESSING OF COLLECTED DATA

The User’s Data is collected to allow the Controller to provide its Services, as well as for the following purposes:

  • Contacting the User
  • Statistics
  • Displaying content from external/third-party platforms
  • Managing contacts and sending messages and/or newsletters
  • Interaction with external data collection platforms and other third parties
  • Behavioral targeting and remarketing
  • Registration and authentication
  • Platform services

For further detailed information on the purposes of Processing and on the Personal Data concretely relevant for each purpose, the User can refer to the following section of this document.

DETAILS ON THE PROCESSING OF PERSONAL DATA

To verify the methods of Processing Personal Data according to the pursued purposes, the User can consult the appropriate section below.

  1. Contacting the User:

In order to contact the User, the Data Controller may use the Personal Data collected through the following tools:

Contact form; Mailing list or newsletter sending (if the User has subscribed to the related service).

Personal Data: first name; last name; email address, phone number, gender, date of birth, Skin Data, Data on purchased/interested products, Cookies, Usage Data, other types of Data.

For the contact form, the Google invisible reCaptcha service is active (see the specific section below).

For more information, the User is invited to consult the “Hubspot” section.

  1. Statistics

The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.

These purposes are pursued through the following tools:

-Google Analytics with anonymized IP;

Google Analytics is a web analysis service provided by Google for statistical purposes to understand how visitors interact with the Site, compile reports, and share them with other services developed by Google. Google Analytics may use a set of cookies to collect information and generate statistics on the use of the Site, without providing personal information about individual visitors to Google. The User’s IP address is anonymized. Anonymization works by shortening the IP address of Users within the borders of the member states of the European Union or in other countries adhering to the European Economic Area agreement. Only in exceptional cases will the IP address be sent to Google’s servers and shortened within the United States.

However, it should be noted that the data may also be processed outside the EEA.

It is also advised to the User that from July 16, 2020, Google no longer bases the Processing of Users’ Personal Data on the EU-U.S. Privacy Shield for transferring data from the European Economic Area and the United Kingdom to the United States; from September 30, 2020, more precisely, Google has updated its Personal Data Processing policy and uses the standard contractual clauses approved by the European Commission and based on the adequacy decisions of the European Commission itself regarding certain countries, depending on the cases, for data transfers from the EEA to the United States and other countries.

Regarding the use of cookies by Google Analytics, the User is invited, in any case, to carefully consult the related privacy policy and cookie policy, as well as the paragraph of this Cookie Policy “How can I give or revoke consent to the installation of Cookies?” through the browser settings and the section of this Policy relating to the Privacy Shield.

  • Google Tag Manager

This Site uses Google Tag Manager. Google Tag Manager is a solution managed by Google LLC that allows managing website tags using a dedicated interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for tracking and analysis on websites. Tags are small pieces of code that, among other things, are used to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting towards target groups, and to test and optimize websites.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record Personal Data. This tool allows the activation of other tags that may, in turn, record Data under certain circumstances.

For more information on the Google Tag Manager privacy policy, please consult the following link https://policies.google.com/privacy?hl=en, for the terms of use https://www.google.com/analytics/tag-manager/use-policy/, and for privacy responses of Google Tag Manager https://support.google.com/tagmanager/answer/7207086.

Personal Data: Usage Data; other types of Data.

  1. Displaying content from external/third-party platforms

This type of service allows you to view content hosted on external platforms directly from the pages of the Site and interact with them.

If such a service is installed, it is possible that, even if not actively used, it collects traffic data related to the pages where it is installed.

These purposes are pursued through:

  • Facebook, Facebook Widget;

The Site features redirect or share buttons to the social platform Facebook and to individual social network pages linked to the Data Controller.

Facebook shares information globally, both internally with Facebook companies and externally with its partners and the people the User connects with and shares content with worldwide. Information controlled by Facebook may be transferred, transmitted, stored, and processed in the United States or other countries outside the EEA.

According to the related policy, Facebook may use cookies to show ads and present suggestions for businesses and other organizations to people who might be interested in their products, services, or promoted causes, to measure the performance of advertising campaigns of businesses using Facebook products, to show and measure ads across different browsers and devices used by the same person, to provide statistical data on people using Facebook products, on people interacting with ads, websites, and apps of advertisers, and on businesses using Facebook products, and to enable functionality that allows Facebook to provide its products.

Additionally, when visiting the Site, the Facebook Pixel cookie may be installed, allowing the Data Controller to monitor conversions occurring on the Site as a result of ads being run on Facebook.

Information collected through cookies may be shared with organizations outside of Facebook, such as advertisers and/or advertising networks for ad delivery and to measure the effectiveness of advertising campaigns.

Furthermore, the User is informed that as of July 16, 2020, Facebook no longer bases the Processing of Users’ Personal Data on the EU-U.S. Privacy Shield for transferring data from the European Economic Area and the United Kingdom to the United States; instead, it uses standard contractual clauses approved by the European Commission and based on the European Commission’s adequacy decisions regarding certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Regarding the Privacy Shield, the User is referred to the relevant paragraph in the cookie policy.

In this case, the following Personal Data are processed: Cookies; Usage Data; other types of Data.

For more information on the installation and use of cookies by Facebook, the User is requested to carefully review the related cookie policy. Finally, please read the privacy policy of the service carefully for detailed information on the collection and transfer of Personal Data, User rights, and how to configure privacy settings satisfactorily.

For behavioral targeting and remarketing, this Site uses Facebook remarketing services managed through Hubspot. For more information on Hubspot, the User is invited to consult the appropriate section.

  • Instagram, Instagram Widget

The Site features redirect or share buttons to the social platform Instagram, owned by Facebook, and to individual social network pages linked to the Data Controller.

Facebook/Instagram shares information globally, both internally with Facebook/Instagram companies and externally with partners and the people the User connects with.

Based on the related policies, Instagram uses cookies, pixels, local storage technologies, and other similar technologies to show the User relevant content to provide the service and for reasons related to its own use, as well as to collect information about the User’s use of Instagram. Instagram may also use these technologies to remember the User’s choices (e.g., username, language, or geographic area where the User is located) and personalize the Service to offer better features and content. Instagram and its advertising partners may use these technologies to show the User ads relevant to their interests. These technologies store the User’s device visits and may also be able to track the device’s browsing activities on sites and services other than Instagram. This information may be shared with organizations outside of Instagram, such as advertisers and/or advertising networks for ad delivery and to measure the effectiveness of advertising campaigns.

Information controlled by Facebook/Instagram may be transferred, transmitted, stored, and processed in the United States or other countries outside the User’s country of residence or outside the EEA for the purposes described in the regulations at the following links: Facebook Terms; Instagram Terms.

Furthermore, the User is informed that as of July 16, 2020, Facebook/Instagram no longer bases the Processing of Users’ Personal Data on the EU-U.S. Privacy Shield for transferring data from the European Economic Area and the United Kingdom to the United States; instead, it uses standard contractual clauses approved by the European Commission and based on the European Commission’s adequacy decisions regarding certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Regarding the Privacy Shield, the User is referred to the relevant paragraph in the Cookie Policy.

In this case, the following Personal Data are processed: Cookies; Usage Data; other types of Data.

Regarding the management of cookies installed by Instagram and the related deactivation methods, the User is invited to carefully review, in addition to the related privacy policy of the service, also thecookie policy, for detailed information on the collection and transfer of Personal Data, User rights, and how to configure privacy settings satisfactorily.

Regarding the terms of use of the Instagram service, the User is finally invited to consult the said terms.

For behavioral targeting and remarketing, this Site uses Instagram remarketing services managed through Hubspot. For more information on Hubspot, the User is invited to consult the appropriate section.

 

  • Stripe

Credit/debit card payment for Products sold by the Site is made through the Stripe gateway. This is a third party that may install cookies: therefore, the User is invited to read the related  privacy policy.

  1. Contact management and sending messages and/or newsletters

This type of service allows managing a database of email contacts, phone contacts, or contacts of any other type, used to communicate with the User.

These services may also allow collecting data related to the date and time messages are viewed by the User, as well as the User’s interaction with them (e.g., detecting the use of links included in messages).

 

  • Google invisible reCaptcha

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is mainly used when filling out contact forms to ensure that specific actions on the internet are performed by humans and not bots. Classic captchas work with small tasks that are easy for humans to solve but provide significant difficulties for machines. With reCAPTCHA, the User no longer has to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing the User needs to do is check the “I’m not a robot” text box. However, with Invisible reCAPTCHA, even this is no longer necessary. reCAPTCHA integrates a JavaScript element into the source text, after which the tool runs in the background and analyzes the User’s behavior. The software calculates a so-called captcha score from the User’s actions. Google uses this score to calculate the probability that the User is a human before entering the captcha. reCAPTCHA and Captcha, in general, are used whenever bots could manipulate or misuse certain actions (such as registrations, surveys, etc.).

By using reCAPTCHA, data is transmitted to Google to determine if the User is truly human. reCAPTCHA thus ensures the security of our website and, consequently, also of the User.

IP addresses and other data necessary for Google’s reCAPTCHA service may be sent to Google, whose servers may be located in the USA.

First, the reCAPTCHA algorithm checks if Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in the User’s browser. Then reCAPTCHA sets an additional cookie in the User’s browser and takes a snapshot of the browser window itself.

The IP address that the User’s browser transmits to Google is generally not combined with other Google data from other company services.

However, the data will be combined if the User is logged into their Google account while using the reCAPTCHA plug-in.

If you want to prevent your data and behavior from being transmitted to Google, you must completely log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software. Generally, data is automatically sent to Google as soon as you visit our website. To delete this data, you must contact Google Support at  https://support.google.com/?hl=en-GB&tid=111401120.

If you use our website, you agree that Google LLC and its representatives automatically collect, modify, and use the data.

You can find more information about reCAPTCHA on the Google developers page at https://developers.google.com/recaptcha/.

For more information, please read the Privacy Policy and Terms of Service of Google carefully.

Personal Data: Cookies; Usage Data; other types of Data.

 

  • Google Tag Manager

This Site uses Google Tag Manager. Google Tag Manager is a solution managed by Google LLC that allows managing website tags using a dedicated interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for tracking and analysis on websites. Tags are small code elements that, among other things, are used to measure traffic and visitor behavior, understand the effect of online advertising and social channels, set up remarketing and targeting towards target groups, and test and optimize websites.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record Personal Data. This tool allows the activation of other tags that may, in turn, record Data under certain circumstances.

For more information on the Google Tag Manager privacy policy, please consult the following link https://policies.google.com/privacy?hl=en, for the terms of use https://www.google.com/analytics/tag-manager/use-policy/, and for privacy responses of Google Tag Manager https://support.google.com/tagmanager/answer/7207086.

Personal Data: Usage Data; other types of Data.

  1. Behavioral targeting and remarketing

This type of service allows this Site and its partners to inform, optimize, and serve ads based on the User’s past use of this Site.

This activity is facilitated by tracking Usage Data and using trackers to collect information that is then transferred to partners managing remarketing and behavioral targeting activities.

Some services offer a remarketing option based on email address lists.

  • Facebook and Instagram Remarketing

Facebook (and Instagram) remarketing is a remarketing and behavioral targeting service provided by Facebook Inc.

With the help of the Facebook pixel (or equivalent functions for transferring event data or contact information via interfaces or other software in apps), Facebook (/Instagram) can target visitors of this Site’s online services for ad presentation.

Therefore, this Site uses the “Custom Audiences” remarketing function of Facebook Inc.: this allows Site Users to view interest-based ads (“Facebook Ads” or “Instagram Ads”) when browsing the social networks Facebook or Instagram or other websites using this process. Thus, ads that interest the User are shown to make online offers more interesting for him/her.

The use of Custom Audience causes the User’s browser to automatically establish a direct connection to the Facebook/Instagram server.

The Data collected is processed by Facebook Inc. in the United States.

This Site has no control over the scope of Data collected and the further use of the aforementioned Data by Facebook Inc.: therefore, please read the related Privacy Policy of Facebook and the Privacy Policy of Instagram carefully.

The User can obtain more information about Facebook’s behavioral advertising by visiting this page: https://www.facebook.com/help/164968693837950

To disable interest-based Facebook ads, please follow these instructions: https://www.facebook.com/help/568137493302217

Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. To opt-out of Facebook and other participating companies through the Digital Advertising Alliance in the United States  http://www.aboutads.info/choices/, the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or disable it using your mobile device settings.

Opting out of the “Facebook Custom Audiences” feature is available for users who have logged in at https://www.facebook.com/settings/?tab=ads#.

Personal Data: Usage data; email, Cookies, other types of Data.

 

  1. Registration and authentication

Tools:

-WordPress.com

To register for the restricted area and authenticate during login, this Site uses the WordPress platform. For more information on data processing by WordPress, users are invited to review the related  privacy policy.

Personal data: various types of Data.

  1. Platform services

The Site was created using the WordPress.com platform.

Users are invited to review the related privacy policy.

Personal Data: various types of Data.

PRIVACY SHIELD

The Privacy Shield, or the “privacy shield” between EU and USA, is a self-certification mechanism for companies established in the USA that intend to receive Personal Data from the European Union. It was also deemed adequate by the European Commission in 2016.

In particular, companies commit to respecting the principles contained therein and to providing data subjects (i.e., all individuals whose Personal Data has been transferred from the European Union) with adequate protection tools, under penalty of removal from the list of certified companies (“Privacy Shield List”) by the US Department of Commerce and possible sanctions by the Federal Trade Commission.

However, with Decision 2016/1250 of July 16, 2020 on the adequacy of protection offered by the EU-US privacy shield regime – known as “Schrems II Judgment“, the Court of Justice of the European Union (CJEU) ruled that the Privacy Shield does not offer an adequate level of protection for Personal Data transferred from the EU to a company established in the United States.

With the same judgment, the European Court of Justice confirmed decision 2010/87, validating the standard contractual clauses for the transfer of personal data from the EU to a non-EU state.

Users are invited to consult the FAQ regarding the Schrems II judgment and its effects prepared by the European Data Protection Board (EDPB), the website www.privacyshield.gov and the Italian Privacy Authority website to better understand the issue.

COMMUNICATION AND DATA TRANSFER

The Controller specifies that maximum care and confidentiality in Data Processing is one of its fundamental values.

User Data may be communicated to third parties.

The Controller may use Data Processors and service providers for Data Processing, to the extent necessary to provide services, such as authentication services, hosting and maintenance, data analysis services, email messaging services, delivery services, payment transaction management, solvency, address and email verification.

Some of the Data Processors/service providers mentioned in the previous sections are located outside the European Union (EU)/European Economic Area (EEA). In any case, User Personal Data will be shared with countries outside the EU/EEA, provided that:

  • the country in question is considered a safe third country;
  • the Data Processor/service provider in question has adhered to the European Commission’s standard contracts for the transfer of Personal Data to third countries;
  • the Data Processor/service provider in question is certified according to art. 40 of the GDPR or
  • the Data Processor/service provider in question has approved binding corporate rules.

User Personal Data may be communicated or shared to comply with a legal obligation or the instructions of a Court/Judicial Authority or any other competent entity or to enforce or apply the Site’s Privacy Policy and/or other agreements or to protect the rights or security of the Controller, Data Processors, service providers and/or other third parties or for fraud protection or credit risk reduction.

User Personal Data, and in particular email addresses, may also be communicated or shared with companies and/or third parties with whom the Controller collaborates and/or has entered into agreements when Users have subscribed to the newsletter, expressly consenting through the “point and click” method to the transfer of said Data to companies and/or third parties for the purposes indicated in the related consent (for example Hubspot – for more information please consult the related section), including marketing purposes through Profiling.

USER RIGHTS

Users can exercise the following rights regarding Data processed by the Controller:

• right to withdraw consent at any time. Users can withdraw consent previously given for the processing of their Personal Data (see GDPR, art. 7);

• right of access. Users have the right to obtain confirmation from the Data Controller whether Personal Data concerning them is being processed and, if so, to access their Personal Data and receive all information about it (including processing purposes), as well as a copy of said Data (see GDPR, art. 15);

• right to rectification of Personal Data. Users have the right to obtain rectification of inaccurate Personal Data concerning them from the Data Controller without undue delay. Taking into account the purposes of processing, data subjects have the right to obtain completion of incomplete personal data, including by providing a supplementary statement (see GDPR, art. 16);

right to erasure (“right to be forgotten”). Users have the right to obtain erasure of Personal Data concerning them from the Controller without undue delay in such cases: if Personal Data is no longer necessary or the User withdraws consent on which processing is based and there is no other legal basis for processing or if the User objects to processing or Personal Data has been unlawfully processed or if it must be erased to comply with a legal obligation under Union or Member State law to which the Data Controller is subject or if Personal Data was collected in relation to the offer of information society services (see GDPR, art. 17);

right to restriction of processing. Users have the right to obtain restriction of processing from the Data Controller in the following cases: if the accuracy of Personal Data is contested by the User or if processing is unlawful and the data subject opposes erasure of Personal Data and requests restriction of their use or if the User who has objected to processing is awaiting verification regarding the possible prevalence of the Controller’s legitimate grounds over those of the User (see GDPR, art. 18);

right to data portability. Users have the right to receive Personal Data concerning them, which they have provided to the Controller, in a structured, commonly used and machine-readable format and have the right to transmit such data to another controller without hindrance from the Controller to whom the personal data was provided (see GDPR, art. 20);

• right to object to Personal Data processing. Users can object at any time to the processing of personal data concerning them (when carried out on a legal basis other than consent). In particular, where Personal Data is processed for direct marketing purposes, Users have the right to object at any time to the processing of personal data concerning them carried out for such purposes, including profiling insofar as it is related to such direct marketing (see GDPR, art. 21);

• right to lodge a complaint with the competent supervisory authority. Users can lodge a complaint with the competent personal data protection supervisory authority (in Italy:  www.garanteprivacy.it) and before the competent courts of Member States (see GDPR, art. 77 and following).

How to exercise your rights

To exercise their rights as indicated above, Users, without payment of any fee or charge (except as provided in art. 12 paragraph 5 of the GDPR), can address a request to the Controller’s contact details, specifically to:

Frutteto Italia SRL, Italian company with registered office via Padania 9 – 26030 Volongo (CR) – Italy Share capital paid up €142,857.00
Cremona company register office – REA: 200021 – VAT: 01770310199

Controller’s email address: info@fruttetoitalia.it

Controller’s certified email address: fruttetoitalia@legalmail.it

Phone contact: +39 0372 845 745

 

Cookie Policy

The Site uses Cookies. To find out more and to view the detailed information, the User can consult the Cookie Policy.

Additional information on Processing

Defence in court

User Personal Data may be used by the Controller in court or in the preparatory phases of its possible establishment for defense against abuse in the use of the Site or related Services by the User.

Users declare to be aware that the Controller may be obliged to disclose/communicate Data by order of public Authorities.

Specific disclosures

Upon User request, in addition to the information contained in this Privacy Policy, the Site may provide additional and contextual information regarding specific Services or the collection and processing of Personal Data.

System Logs and Maintenance

For operational and maintenance needs, the Site and any third-party services it uses may collect system logs, i.e., files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this Privacy Policy

Additional information regarding Personal Data Processing may be requested at any time from the Data Controller as specified in the “CONTACT INFORMATION” section.

Changes to this Privacy Policy

The Data Controller reserves the right to modify or update this Privacy Policy at any time.

Users are invited to regularly consult this page to ensure they always know the latest version of this Privacy Policy (see “Last update date” at the end of this page). If changes concern the processing of Personal Data whose legal basis is consent, the Data Controller will collect User consent again, if necessary.

DEFINITIONS AND LEGAL REFERENCES

Cookie” or “Cookies”

Small portion(s) of data stored within the User’s device.

Personal Data” or “Data” or “Personal Datum” or “Datum”

Any information relating to a Data Subject.

Sensitive and/or special data”

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as processing genetic data, biometric data intended to uniquely identify a natural person, data concerning health or sex life or sexual orientation of the person.

Usage Data”

Information collected automatically through the Site and/or from third-party applications integrated into the Site, including: IP addresses or domain names of computers used by Users connecting to the Site, addresses in URI (Uniform Resource Identifier) notation, request time, method used to forward the request to the server, size of the file obtained in response, numerical code indicating the server response status (success, error, etc.), country of origin, browser and operating system characteristics used by the visitor, various temporal aspects of the visit (e.g., time spent on each page) and details regarding the path followed within the Application, with particular reference to the sequence of pages consulted, parameters relating to the operating system and User’s computing environment.

Data Subject” or “Data Subjects”

The identified or identifiable natural person to whom Personal Data refers. A natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as name, identification number, location data, online identifier or one or more elements characteristic of their physical, physiological, genetic, mental, economic, cultural or social identity.

Profiling”

Any form of automated processing of Personal Data consisting of using such Personal Data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning professional performance, economic situation, health, personal preferences, interests, reliability, behavior, location or movements of said natural person.

Service”

The service(s) provided by the Site as defined in the related terms (if present) on this site/application.

Site”

The hardware or software tool through which Users’ Personal Data is collected and processed, specifically www.fruttetoitalia.com as well as all landing pages connected and/or related to it.

Data Controller” or “Controller”

The natural or legal person, public authority, service or other body which, alone or jointly with others, determines the purposes and means of processing Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the Data Controller or the specific criteria applicable to its designation may be provided for by Union or Member State law. The Data Controller, as better identified above, unless otherwise specified, is the owner of the Site.

Processing” or “Data Processing”

Any operation or set of operations, performed with or without the aid of automated processes and applied to Personal Data or sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or any other form of making available, alignment or combination, restriction, erasure or destruction.

European Union” or “EU”

Unless otherwise specified, any reference to the European Union contained in this document is intended to extend to all current member states of the European Union and the European Economic Area (EEA).

User” or “Users”

The individual or individuals who use(s) the Site and who, unless otherwise specified, coincide(s) with the Data Subject.

Legal references

This privacy notice is drafted based on current regulations on the matter, and in particular on the provisions of articles 13 and 14 of Regulation (EU) 2016/679 (GDPR), the related implementing legislation D. Lgs. 101/2018, and within the limits of what is still applicable from D. Lgs. 196/2003.

Last updated: December 4, 2024.

Cookie Policy

This cookie policy applies to the website www.mamaunameravigliadisugo.it as well as all landing pages connected and/or related to it (hereinafter referred to as “the Website”) and to all related pages and internal sections of the domain, as well as to third-party platforms (for example, Facebook, Instagram, LinkedIn, YouTube, Google, etc.) and applications that are accessed or used through this Website.

By using the Website, you consent to the use of Cookies in accordance with this “Cookie Policy”.

If you do not consent to the use of Cookies, you need to set your browser appropriately, disabling the use of the chosen types of Cookies, as better indicated in the section below “How can I give or revoke consent to the installation of Cookies?”. However, please note that the decision to disable technical Cookies necessary for the Website’s operation may affect the User’s browsing experience.

Below we list the different types of Cookies that the Website uses, along with their respective functions, so that the User can knowingly express their consent to the use of these Cookies.

What are Cookies?

Cookies are small text files, made up of letters and numbers, that websites visited by the User send to their device (usually to the browser) and that can be saved and stored for a certain period of time on the computer (or on other enabled devices, for example, smartphones, or tablets, etc.), to then be retransmitted to the same website, so that the latter’s server can consult them on the same User’s subsequent visit. During navigation on a website, the User may also receive Cookies on their device that are sent by different websites or web servers (so-called “third parties”), from which some elements derive (such as, for example, images, maps, sounds, specific links to pages of other domains) that are displayed.

Cookies have the function of streamlining web traffic analysis or signaling when a specific website or part of it is visited, or to distinguish visitors from each other in order to provide them with personalized content; furthermore, Cookies help administrators improve the website and the browsing experience on it.

For example, some Cookies are used for computer authentication, session monitoring, storing information about specific configurations regarding users who access the server, etc.; other Cookies can be used to monitor and profile users during navigation, study their movements and web browsing or consumption habits (what they buy, what they read, etc.), also for the purpose of sending targeted and personalized advertising for services.

COOKIES can be FIRST PARTY or OWN, when they are installed directly by the manager/administrator of the website you are visiting.

THIRD PARTY COOKIES are defined as those installed on the device by a subject different from the manager of the website that the User is visiting.

What do we use Cookies for?

  1. TECHNICAL COOKIES

The Website uses Cookies for technical needs of the same, essential for its correct functioning and that allow the User to navigate and view content and use its functionality.

Generally, Cookies of this type are necessary, for example, to keep a browsing session open or to temporarily store texts entered during form completion, when returning to a previous page during the same session.

Therefore, their possible deactivation could cause the Website to malfunction.

Please note that User consent is not required for the creation of this type of cookie.

Within technical Cookies it is also possible to further distinguish between:

  1. TECHNICAL COOKIES: SESSION COOKIES

Among technical Cookies, “session Cookies” are distinguished first.

A “session Cookie” is active only for the reference browsing session and is deleted when the User closes the browser window and allows the Website to temporarily store information necessary for navigation from one page to another, avoiding having to enter it again.

They therefore allow, for example, to identify the user’s status and verify and detect how much the same is logged in (i.e., has accessed a reserved section of the Website through login/entering their credentials).

The use of these Cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the Website. This Website uses session Cookies to avoid resorting to other computer techniques potentially harmful to the privacy of Users’ navigation, as such Cookies do not allow the acquisition of Personal Data identifying the User.

User consent is not required for the use of this type of Cookies.

Please note that in any case it is possible to proceed with the deactivation of session Cookies, by consulting the appropriate section of this Cookie Policy called “How can I give or revoke consent to the installation of Cookies”.

By disabling these technical Cookies, the Website may not function correctly.

  1. TECHNICAL COOKIES: PERSISTENT COOKIES

Among technical Cookies, “Persistent Cookies” are then distinguished.

A “Persistent Cookie” is used to maintain information between one access and another to the Website, or for technical purposes and to improve navigation on the Website, allowing to recognize a User or visitor already known. It remains on the device used by the User beyond the closure of the single session, and more precisely:

  • for the “lifetime” of the single Cookie, which is set by the website and can vary from a few minutes to several years (it should be noted that each type of these Cookies has its own specific duration);

  • until they are manually deleted, through browser settings, which can be modified by following the instructions found in the appropriate section of this cookie policy called “How can I give or revoke consent to the installation of Cookies”.

User consent is not required for the use of this type of Cookies.

By disabling these technical Cookies, the website may not function correctly.

  1. TECHNICAL COOKIES: ANALYTICS COOKIES

Among technical Cookies, Analytics Cookies are finally distinguished, which serve to statistically analyze accesses/visits to the Website for exclusively statistical purposes (and not also for profiling and/or marketing) and that collect information in aggregate form without the possibility of tracing back to the identification of the individual User.

Current regulations require that for such Cookies, clear and adequate indication of simple methods to oppose (opt-out) their installation (including any anonymization mechanisms of the Cookies themselves) be provided to the Data Subject.

It is therefore always possible to proceed with the deactivation of Analytics Cookies without affecting the functionality of the Website, by consulting the appropriate section of this cookie policy called “How can I give or revoke consent to the installation of Cookies”.

B) PROFILING COOKIES

This type of Cookie, which can be both own (i.e., sent by the Website) and third-party (e.g., social networks), is used to create personalized profiles relating to the User for advertising and marketing purposes, for example retargeting or advertising on social networks.

This type of Cookie, therefore, is generally not necessary to ensure navigation on the Website, or its perfect functionality and therefore the User must give their consent to its use.

Consent can be denied, according to the methods indicated in the related section of this cookie policy called “How can I give or revoke consent to the installation of Cookies”, which the User is invited to read carefully.

  1. THIRD PARTY COOKIES

As already specified, it should be emphasized that both technical Cookies (particularly analytics) and profiling Cookies can be third-party.

In particular, Google, Google Maps and other Google services, as well as YouTube, regarding the use of videos and other services, as well as social networks (by way of example only: Facebook, Instagram, LinkedIn, etc.) could install such Cookies.

However, since this list of Cookies depends on the choices of such third parties, the User is invited to consult, through the appropriate link inserted in the Privacy Policy of this Website, the respective cookie policies of the third parties in question, also in order to be able to disable, through the opt-out mechanism, the related installed Cookies.

COOKIE LIST

Specifically, the following Cookies are present on this Website:

NAME

TYPE AND FUNCTION

DURATION

cookielawinfo-checkbox-necessary

Persistent technical cookie used to determine the visibility of the cookie popup banner.

1 hour

cookielawinfo-checkbox-non-necessary

Persistent technical cookie used to determine the visibility of the cookie popup banner.

1 hour

_gid

Third-party Analytics persistent technical cookie (Google Analytics) that is used to store information about how the visitor interacts with the Website. It helps create Analytics reports. The stored data (visits, origin, etc.) are collected anonymously.

1 day

_ga

Third-party Analytics persistent technical cookie (Google Analytics) that is used to calculate and track visits, sessions and data related to Google Analytics campaigns to improve Website navigation. It stores information anonymously by assigning randomly generated numbers to individual Users for identification purposes.

2 years

_gat_gtag_UA_

Third-party Analytics persistent technical cookie (Google Analytics) that allows monitoring and analyzing traffic data and serves to track User behavior, in order to improve their experience.

1 minute

PHPSESSID

Own technical session cookie used to store the user’s session. This cookie, in order to store said session, generates a random string and is used to temporarily store technical session variables (for example if a user is logged in or which language they are viewing).

Session

_GRECAPTCHA

Third-party persistent cookie set by Google. In addition to certain standard Google cookies, reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis and protecting the website from spam requests in contact forms.

5 months 27 days

fr

Third-party persistent cookie set by Facebook to show relevant ads to users and measure and improve ads. The cookie also tracks User behavior on the web on sites that have Facebook pixels or Facebook social plugins.

3 months

_fbp

Third-party persistent cookie set by Facebook to provide advertising when on Facebook or on a digital platform powered by Facebook advertising after visiting this website.

3 months

With reference to third-party Cookies, the following is specified:

The installation of Cookies and other possible tracking systems that could be operated by third parties through services used within the Website cannot be technically controlled by the Data Controller. Therefore, any specific reference to Cookies and tracking systems installed by third parties should be considered indicative.

To obtain complete information, the User is invited to carefully consult the privacy policy of any third-party services listed in this document before proceeding with navigation on the Website.

Given the objective complexity of identifying Cookie-based technologies, should you wish to receive any further information regarding the use of Cookies, the User is invited to contact the Data Controller (as specified in the “CONTACT INFORMATION” section).

– Google Analytics with anonymized IP;

Google Analytics is a web analysis service provided by Google for statistical purposes to understand how visitors interact with the Website, compile reports and share them with other services developed by Google. Google Analytics may use a set of cookies to collect information and generate statistics on Website usage, without providing personal information about individual visitors to Google. The User’s IP address is anonymized. Anonymization works by shortening within the borders of European Union member states or in other countries adhering to the European Economic Area agreement the IP address of Users. Only in exceptional cases, the IP address will be sent to Google servers and shortened within the United States.

Please note that data may also be processed outside the EEA.

The User is also advised that since July 16, 2020, Google no longer bases the Processing of Users’ Personal Data on the EU-U.S. Privacy Shield to transfer data from the European Economic Area and the United Kingdom to the United States; since September 30, 2020, more precisely, Google has updated its Personal Data Processing regulations and uses standard contractual clauses approved by the European Commission and based on the European Commission’s adequacy decisions regarding certain countries, as appropriate, for data transfers from the EEA to the United States and other countries.

Regarding the use of cookies by Google Analytics, the User is invited, in any case, to carefully consult the related privacy policy and cookie policy, as well as the paragraph of this Cookie Policy “How can I give or revoke consent to the installation of Cookies?” through browser settings and the section of this Policy related to the Privacy Shield.

  • Google Tag Manager

This Website uses Google Tag Manager. Google Tag Manager is a solution managed by Google LLC that allows managing website tags using a dedicated interface.

Google Tag Manager is a tag management system for managing JavaScript and HTML tags used for monitoring and analysis on websites. Tags are small code elements that, among other things, are used to measure traffic and visitor behavior, to understand the effect of online advertising and social channels, to set up remarketing and targeting towards target groups and to test and optimize websites.

The Tag Manager tool itself (which implements the tags) is a cookie-free domain and does not record Personal Data. This tool allows the activation of other tags that may, in turn, record Data under certain circumstances.

For more information on Google Tag Manager’s privacy policy, please refer to the following link https://policies.google.com/privacy?hl=en, while for the terms of use https://www.google.com/analytics/tag-manager/use-policy/ and for Google Tag Manager’s privacy answers https://support.google.com/tagmanager/answer/7207086.

Personal Data: Usage Data; other types of Data.

  • Facebook, Facebook Widget;

The Site contains redirection or sharing buttons to the Facebook social platform, and to individual social network pages attributable to the Data Controller.

Facebook shares information globally, both internally with Facebook companies and externally with its partners and with people the User connects and shares content with worldwide. Information controlled by Facebook may be transferred, transmitted, stored, and processed in the United States or other countries outside the EEA.

According to its policy, Facebook may use cookies to show ads and present suggestions for businesses and other organizations to people who might be interested in their products, services, or causes, to measure the performance of advertising campaigns for companies using Facebook products, to show and measure ads across different browsers and devices used by the same person, to provide statistical data on people using Facebook products, on people interacting with advertisers’ ads, websites, and apps, and on companies using Facebook products, and to enable the functionality that allows Facebook to provide its products.

Additionally, when visiting the Site, the Facebook Pixel cookie may be installed, allowing the Data Controller to monitor conversions that occur on the Site as a result of the ads being run on Facebook.

Information collected through cookies may be shared with organizations outside of Facebook, such as advertisers and/or advertising networks for ad publishing and measuring the effectiveness of advertising campaigns.

Users are also advised that as of July 16, 2020, Facebook no longer bases its Personal Data Processing of Users on the EU-U.S. Privacy Shield to transfer data from the European Economic Area and the UK to the United States; instead, it uses standard contractual clauses approved by the European Commission and based on the European Commission’s adequacy decisions regarding certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Regarding the Privacy Shield, Users are referred to the relevant paragraph in the cookie policy.

In this case, the following Personal Data are processed: Cookies; Usage data; other types of Data.

For more information on the installation and use of cookies by Facebook, please carefully review the relevant cookie policy. Finally, please carefully read the privacy policy of the service for detailed information on the collection and transfer of Personal Data, User rights, and how to configure privacy settings satisfactorily.

For behavioral targeting and remarketing, this Site uses Facebook’s remarketing services managed through Hubspot. For more information on Hubspot, Users are invited to consult the appropriate section.

  • Instagram, Instagram Widget

The Site contains redirection or sharing buttons to the Instagram social platform, owned by Facebook, and to individual social network pages attributable to the Data Controller.

Facebook/Instagram shares information globally, both internally with Facebook/Instagram companies and externally with partners and people the User connects with.

Based on what is stated in their policies, Instagram uses cookies, pixels, local storage technologies, and other similar technologies to show Users relevant content to provide the service and for reasons related to its use, as well as to collect information about the User’s use of Instagram. Instagram may also use these technologies to remember User choices (e.g., username, language, or geographic area where the User is located) and customize the Service to offer better features and content. Instagram and its advertising partners may use these technologies to show Users relevant ads based on their interests. These technologies store visits from the User’s device and may also be able to monitor browsing activities of the device on sites and services other than Instagram. This information may be shared with organizations outside of Instagram, such as advertisers and/or advertising networks for ad publishing and measuring the effectiveness of advertising campaigns.

Information controlled by Facebook/Instagram may be transferred, transmitted, stored, and/or processed in the United States or other countries outside the User’s country of residence or outside the EEA for the purposes described in the regulations at the following links: Facebook Terms; Instagram Terms.

Users are also advised that as of July 16, 2020, Facebook/Instagram no longer bases its Personal Data Processing of Users on the EU-U.S. Privacy Shield to transfer data from the European Economic Area and the UK to the United States; instead, it uses standard contractual clauses approved by the European Commission and based on the European Commission’s adequacy decisions regarding certain countries, as applicable, for data transfers from the EEA to the United States and other countries.

Regarding the Privacy Shield, Users are referred to the relevant paragraph in the Cookie Policy.

In this case, the following Personal Data are processed: Cookies; Usage data; other types of Data.

Regarding the management of cookies installed by Instagram and related deactivation methods, Users are invited to carefully consult, in addition to the service’s privacy policy, also the cookie policy, for detailed information on the collection and transfer of Personal Data, User rights, and how to configure privacy settings satisfactorily.

Regarding the terms of use of the Instagram service, Users are finally invited to consult these terms.

For behavioral targeting and remarketing, this Site uses Instagram’s remarketing services managed through Hubspot. For more information on Hubspot, Users are invited to consult the appropriate section.

  • Stripe

Payment by credit/debit card for Products sold on the Site is made through the Stripe gateway. This is a third party that may install cookies: Users are therefore invited to carefully read the relevant  privacy policy.

  • Google invisible reCaptcha

reCAPTCHA is a free captcha service from Google that protects websites from spam software and misuse by non-human visitors. This service is mostly used when filling out contact forms to ensure that specific actions on the internet are performed by humans and not by bots. Classic captchas work with small tasks that are easy for humans to solve but provide considerable difficulties for machines. With reCAPTCHA, Users no longer have to actively solve puzzles. The tool uses modern risk techniques to distinguish people from bots. The only thing Users have to do is check the “I’m not a robot” text field. However, with Invisible reCAPTCHA, even this is no longer necessary. reCAPTCHA integrates a JavaScript element into the source text, after which the tool runs in the background and analyzes the user’s behavior. The software calculates a so-called captcha score from the User’s actions. Google uses this score to calculate the probability that they are human before entering the captcha. reCAPTCHA and Captcha in general are used whenever bots could manipulate or abuse certain actions (such as registrations, surveys, etc.).

By using reCAPTCHA, data is transmitted to Google to determine if the User is truly human. reCAPTCHA thus ensures the security of our website and, consequently, that of the User.

IP addresses and other data necessary for Google’s reCAPTCHA service may be sent to Google, whose servers may be located in the USA.

First, the reCAPTCHA algorithm checks if Google cookies from other Google services (YouTube, Gmail, etc.) have already been placed in the User’s browser. Then reCAPTCHA sets an additional cookie in the User’s browser and takes a snapshot of the browser window.

The IP address that the User’s browser transmits to Google is generally not merged with other Google data from other company services.

However, the data will be merged if the User is logged into their Google account while using the reCAPTCHA plug-in.

If you want to prevent your data and behavior from being transmitted to Google, you must completely log out of Google and delete all Google cookies before visiting our website or using the reCAPTCHA software. Generally, data is sent automatically to Google as soon as you visit our website. To delete this data, you must contact Google Support at  https://support.google.com/?hl=en-GB&tid=111401120.

If you use our website, you agree that Google LLC and its representatives automatically collect, modify, and use data.

You can find more information about reCAPTCHA on Google’s developer page at https://developers.google.com/recaptcha/.

For more information, please carefully read Google’s Privacy Policy and Terms of Service.

Personal Data: Cookies; Usage data; other types of Data.,

  • Facebook and Instagram Remarketing

Facebook (and Instagram) remarketing is a remarketing and behavioral targeting service provided by Facebook Inc.

With the help of the Facebook pixel (or equivalent functions to transfer event data or contact information through interfaces or other software in apps), Facebook (/Instagram) is able to target visitors of this Site’s online services for the presentation of advertisements.

Therefore, this Site uses Facebook Inc.’s “Custom Audiences” remarketing feature: this allows Users of the Site to view interest-based advertisements (“Facebook Ads” or “Instagram Ads”) when browsing the Facebook or Instagram social networks or other websites that use this process. Thus, ads that interest the User are shown in order to make online offers more interesting for them.

The use of Custom Audience means that the User’s browser automatically establishes a direct connection to the Facebook/Instagram server.

The collected Data is processed by Facebook Inc. in the United States.

This Site has no control over the scope of Data collected and the further use of said Data by Facebook Inc.: please therefore carefully read Facebook’s Privacy Policy and Instagram’s Privacy Policy .

Users can obtain more information about Facebook’s behavioral advertising by visiting this page: https://www.facebook.com/help/164968693837950

To disable Facebook’s interest-based ads, please follow these instructions: https://www.facebook.com/help/568137493302217

Facebook adheres to the Self-Regulatory Principles for Online Behavioral Advertising established by the Digital Advertising Alliance. To opt-out from Facebook and other participating companies through the Digital Advertising Alliance in the United States  http://www.aboutads.info/choices/ , the Digital Advertising Alliance of Canada in Canada http://youradchoices.ca/ or the European Interactive Digital Advertising Alliance in Europe http://www.youronlinechoices.eu/, or disable it using your mobile device settings.

Disabling the “Facebook Custom Audiences” feature is available for users who are logged in at https://www.facebook.com/settings/?tab=ads#.

Personal Data: Usage data; email, Cookies, other types of Data.

  • WordPress.com

To register for the reserved area and authenticate when logging in, this Site uses the WordPress platform. For more information on Data processing by WordPress, Users are invited to review the relevant  privacy policy.

Personal data: various types of Data.

PRIVACY SHIELD

The Privacy Shield, or the “privacy shield” between the EU and the USA, is a self-certification mechanism for companies established in the USA that intend to receive Personal Data from the European Union. It was also deemed adequate by the European Commission in 2016.

In particular, companies commit to respecting the principles contained therein and to provide data subjects (i.e., all subjects whose Personal Data have been transferred from the European Union) with adequate protection tools, under penalty of removal from the list of certified companies (“Privacy Shield List”) by the US Department of Commerce and possible sanctions by the Federal Trade Commission.

However, with Decision 2016/1250 of July 16, 2020, on the adequacy of the protection provided by the EU-US Privacy Shield regime – known as the “Schrems II Judgment“, the Court of Justice of the European Union (CJEU) ruled that the Privacy Shield does not offer an adequate level of protection for Personal Data transferred from the EU to a company established in the United States.

With the same judgment, the European Court of Justice instead confirmed Decision 2010/87, judging valid the standard contractual clauses for the transfer of personal data from the EU to a non-EU State.

Users are invited to consult the FAQ regarding the Schrems II judgment and its effects prepared by the European Data Protection Board (EDPB), the website www.privacyshield.gov and the Italian Privacy Authority website to better understand the matter.

How can I give or withdraw consent for Cookie installation?

Users can manage Cookie preferences and prevent – for example – third parties from installing them in the following way:

  1. through the appropriate browser settings –

  1. In most modern browsers, you can choose the option Do Not Track, which automatically stops the collection of some browsing data. However, not all websites are set up to allow this option (discretionary).

  2. Some browsers allow users to browse in privatebrowsing” mode, limiting the amount of data stored on their computer and automatically deleting persistent cookies from their device when they finish browsing. In this case, websites won’t identify the user, viewed pages and related cookies won’t be stored. However, private browsing doesn’t guarantee anonymity on the Internet, as it only deletes cookies from your browser but not those processed by website managers and connectivity providers.

  3. In all browsers, cookies can be manually deleted. However, users should note that new cookies are downloaded with each Internet connection, so users need to delete cookies periodically. Some browsers offer automated systems for periodic cookie deletion.

  1. through explicit denial of consent – generally required only for profiling cookies – in cases where the Site uses a latest-generation banner.

Users can find information on how to manage cookies with some of the most common browsers at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari, Microsoft Internet Explorer and Microsoft Edge.

Regarding any identifiers used by third parties, users can manage their settings and withdraw their consent by visiting the relevant opt-out link (if available), using the tools described in the third party’s privacy policy, or by contacting them directly.

Specifically regarding Google Analytics, users of websites that use the supported version of Google Analytics JavaScript code (analytics.js, gtag.js) can opt-out/disable Google Analytics by clicking here.

Without prejudice to the above, users are informed of the possibility to use the information provided by YourOnlineChoices (EU), Network Advertising Initiative (USA), Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or similar services. The Data Controller therefore recommends users to consult these sites as well.

****

CONTACT INFORMATION

Personal Data Controller:

ComCart S.r.l., Italian company with registered office in Gatteo a Mare (FC), via Matteotti 43, Tax Code and VAT Number 04412340400

Email address: info@comcart.it

DEFINITIONS AND LEGAL REFERENCES

Cookie” or “Cookies”

Small piece(s) of data stored on the User’s device.

Sensitive and/or special categories of data”

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Usage Data”

Information collected automatically through the Site and/or third-party applications integrated into the Site, including: IP addresses or domain names of computers used by Users connecting to the Site, URI (Uniform Resource Identifier) addresses, request time, method used to submit the request to the server, size of the file received in response, numerical code indicating the server’s response status (successful, error, etc.), country of origin, browser and operating system characteristics used by the visitor, various temporal aspects of the visit (such as time spent on each page) and details about the path followed within the Application, particularly regarding the sequence of pages consulted, parameters relating to the operating system and the User’s IT environment.

Personal Data” or “Data” or “Personal Data” or “Data”

Personal data means any information that, directly or indirectly, including in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

Data Subject” or “Data Subjects”

The natural person to whom the Personal Data refers.

Profiling”

Any form of automated processing of Personal Data consisting of using such Personal Data to evaluate certain personal aspects relating to a natural person, particularly to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements.

Service”

The Service provided by the Site as defined in the related terms (if present) on this site/application.

Site”

The hardware or software tool through which Users’ Personal Data is collected and processed, specifically https://mamaunameravigliadisugo.it/ and all related landing pages.

Data Controller” or “Controller”

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data and the tools adopted, including security measures relating to the operation and use of the Site.

The Data Controller, as better identified and specified above, unless otherwise specified, is the owner of the Site.

Processing” or “Data Processing”

Any operation or set of operations performed with or without automated processes and applied to Personal Data or sets of Personal Data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction.

European Union” or “EU”

Unless otherwise specified, any reference to the European Union contained in this document extends to all current member states of the European Union and the European Economic Area (EEA).

User” or “Users”

The individual or individuals who use(s) the Site and who, unless otherwise specified, coincide(s) with the Data Subject.

Legal references

This privacy policy is drafted based on current legislation, particularly as provided by Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR), and within the limits of what is still applicable by Legislative Decree. 196/2003.

Last updated: December 4, 2024