This information describes (i) the management methods of the website www.shop.roscioli.com and the processing of the personal data of the users who consult it, as well as (ii) the processing of the personal data of those who, as customers or for any other reason provide Salumeria Roscioli Srl (“Roscioli”) their personal data, for the purposes and the additional terms and conditions of this information, or in relation to which Roscioli carries out personal data processing operations.
This information is provided to art. 13 of Regulation (EU) no. 2016/679, as well as art. 13 of Legislative Decree no. 196 of 30 June 2003a (Code regarding the protection of personal data).

1. Data Controller

The Data Controller is Salumeria Roscioli S.r.l. (the “Owner”), VAT number 09947871001, with registered office in Rome, Via dei Giubbonari, 21-22 (00186), tel. +39 066875287, e-mail: [email protected] e the data processor, appointed by the Data Controller, is Alessandro Roscioli.

2. Place and methods of data processing

The treatments connected to the web services of this site, as well as the treatments that are carried out by Roscioli to any other title pursuant to this information, takes place at the headquarters of the Owner and is treated by internal technical personnel, appropriately appointed in writing, in charge of processing, according to GDPR, and / or by personnel external to the organization of the Data Controller, subject to suitable appointment, always in writing as Data Processor, according to art. 28 of the GDPR. Data processing takes place exclusively electronically, using informatical tools and supports designed to ensure the security and confidentiality of data. The same will be kept in a form that allows the identification of the user only for the time strictly necessary to achieve the purposes for which the data were originally collected and, in any case, within the limits of the law. Specifications security measures are observed to prevent data loss, illicit or incorrect use and non-access authorized, in accordance to the GDPR. In order to ensure that personal data is always accurate, up-to-date, complete and relevant, we invite you to report any editing to this e-mail address: [email protected]

3. Purpose of the treatment

Personal data are processed by the Data Controller for the following purposes:
a) within the limits and only for the purpose of providing the services accessible through the Site, as well as to allow users to know and learn more about the services offered by the Data Controller;
b) manage and process, in relation to what is indicated in the previous point, the questions and requests for interactions with Roscioli and the subjects attributable to the owner’s organization;
c) manage the registration and authentication of those who are authorized to access in the restricted areas of the Site;
d) subject to the express consent of the interested part, for sending – also by e-mail via automated systems – of communications containing information relating to the Data Controller and the activities organized by the Data Controller; The performance of the activities in letters a), b) and c) listed above does not require the consent of the interested party, since these are services or performances performed, in most cases, in execution of advanced requests directly by the interested party pursuant to art. 6, c. 1 of the GDPR. The processing of personal data for the purpose under d) requires the consent of the interested party pursuant to art. 6, c. 1, lett. a) of the GDPR.

4. Provision of data and consequences in case of failure to provide it

The provision of personal data for the aforementioned purposes is optional and their failure to provide it will entail, as the only consequence, the impossibility for the Owner to manage and process requests of the interested party or to send the communications indicated above.

5. Types of data processed

i. Navigation data
The computer systems and software procedures used to operate this Site acquire, in during their normal operation, some personal data whose transmission is implicit in the use of the protocols ofInternet communication.
This is information that is not collected to be associated with identified interested parties but for them the same nature could, through processing and association with data held by third parties, allow identify users. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Site and for check their correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against of the Site.
This category also includes data processed through the use of cookies that are small files sent by your own internet server and recordable on the hard drive of the user’s computer. Cookies are used for the
purpose of preventing the Customer from receiving the same information repeatedly or in the wrong language and to adapt the content and presentation of the site to the Client’s browser type.
ii. Data provided voluntarily by the user or collected from third parties
The optional, explicit and voluntary sending of an e-mail address as well as the related message to the contact details indicated on the Site, as well as sending messages via the published collection forms, involves the subsequent acquisition of the sender’s address and any other personal data entered, necessary a respond to requests.
Specific summary information may be reported or displayed, from time to time and where strictly necessary, on the pages of the Site prepared for particular services on request.
In addition to the foregoing, any further personal data provided to the Data Controller or otherwise collected by the Owner with third parties, will be treated by the Owner in accordance with this information and within the limits established by GDPR.

6. Recipients and Categories of Recipients

No data will be disclosed or transferred to third parties unless with the consent of the interested party.
Where the communication to third party suppliers or partners of Roscioli should be necessary for organizational needs, administrative or support to the services provided, it will be the responsibility of
the Data Controller to appoint the latter as data controllers pursuant to the GDPR.
It is understood that the personal data of the interested parties may be freely communicated to third parties, such as forces police, whenever this is permitted by law or required by an order or provision of an authority qualified.

7. Retention period

Personal data will be kept for the time strictly necessary to achieve the purposes for which they are collected and processed. Once the purpose of the processing has been exhausted, or in case of exercise of the right to object to the processing or to revoke the consent given, the holder will, in any case, be entitled to further retain personal data in whole or in part, for the purposes permitted by the GDPR.

8. Links to other websites

The Owner does not control nor has the way to supervise neither the content nor the data processing policies personal data, websites and third-party services accessible through the links contained within the Site.
Roscioli, therefore, cannot in any case be held responsible for the treatments carried out through or in relation to such third party sites.
Users are therefore invited to pay the utmost attention in this regard, taking note of the conditions of use and privacy policies published on the portals visited.

9. Rights of interested parties

9.1 Rights of access, cancellation, limitation and portability
The interested parties are entitled to the rights referred to in Articles. from 15 to 20 of the GDPR. By way of example, each interested can:
a) obtain confirmation as to whether or not personal data concerning him is being processed;
b) if processing is in progress, obtain access to personal data and information relating to the processing as well as requesting a copy of personal data;
c) obtain the correction of inaccurate personal data and the integration of incomplete personal data;
d) obtain, if one of the conditions provided for by art. 17 of the GDPR, the deletion of data personal data concerning him;
e) obtain, in the cases provided by art. 18 of the GDPR, the limitation of processing;
f) receive personal data concerning him in a structured format, commonly used and readable by automatic device and request their transmission to another holder, if technically feasible.
9.2 Right to object
Each interested party has the right to object to the processing of his personal data at any time carried out for the pursuit of a legitimate interest of the Owners. In case of opposition, your personal data will
no longer be processed, provided that there are no legitimate reasons to proceed to the processing that prevail over the interests, rights and freedoms of the data subject or for the ascertainment, exercise or defense of a right in court.
9.3 Right to withdraw consent
In the event that consent is required for the processing of personal data, each interested party may, also, revoke the consent already given at any time, without prejudice to the lawfulness of the processing based on the consent given before the revocation. Consent can be revoked by writing an email at [email protected].
9.4 Right to lodge a complaint with the Guarantor
Furthermore, each interested party may lodge a complaint with the Guarantor for the Protection of Personal Data in the case in which it believes that the rights it holds under the GDPR have been violated, in the manner indicated on the Internet site of the Guarantor accessible at the address: www.garanteprivacy.it

10. Updates

This Privacy Policy will be subject to updates. The Data Controller, therefore, invites the interested parties that they intend to know the methods of processing their personal data to periodically visit this page.