Privacy Policy

REASONS FOR THE INFORMATION

This privacy policy (the " Privacy Policy ") contains important information on the personal data that is collected by visiting this website as a registered or unregistered user, and describes how to use them data. Where applicable, it also explains the methods of treatment from the data provided by the user or collected during visits to the Shop managed by the Company (the " Shop "). This information is supplementary to any other information that may be received in these other circumstances.

This document contains important information on the following:

1. PERSONAL DATA PROCESSING
2. PERSONAL DATA COLLECTED
3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
4. COMMUNICATION OF PERSONAL DATA
5. PROTECTION OF THE PRIVACY OF MINORS
6. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
7. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA 8
8. RIGHTS OF ACCESS TO PERSONAL DATA - MANAGEMENT OF CHOICES
9. PRIVACY RIGHTS PROVIDED FOR CALIFORNIA CITIZENS
10. DATA RETENTION
11. COOKIE POLICY AND SIMILAR PROCESSES
12. CONNECTIONS, ADVERTISERS, SPONSORS AND ADVERTISING
13. DATA CONTROLLER - COMPANY CONTACTS
14. UPDATES TO THIS DISCLOSURE - COMMUNICATIONS
ACCEPTANCE
By visiting the Website, using its services or interacting with the Company, its Company Store, the user confirms that he has read and understood this Privacy Policy and that he accepts that the Company collects, uses, archives, transmits and discloses the personal data collected through the Websites, the Company Store in accordance with this Privacy Policy. Except in the event that it is already registered, the Company may request the user to provide its consent (for example, by ticking a box), where it deems it appropriate to safeguard its rights or where required by current regulations. If you do not accept the conditions of this Privacy Policy, the user is asked not to visit this Website, not to create an account and not otherwise use this Website or send personal data to him, or not to give his consent when this option is offered to him in accordance with current regulations.
1. PERSONAL DATA PROCESSING
In this Privacy Policy, the term "Personal Data" is used with reference to any information that allows the Company to identify the user (or a third party whose user provides the data), directly or indirectly, including any information connected to the purchase of goods or services, or that the user chooses to communicate to the Company or to share with it, or with third parties, while using the Websites or at the Stores. The processing of personal data will take place in accordance with the General Regulation on the protection of personal data (EU) 2016/679 "Reg. (EU) 2016/679 "and, where applicable, the legislation of the country where the data should be collected. The Company reserves the right to perform further data processing, where required by law or in the context of criminal or other investigations or proceedings.

2. PERSONAL DATA COLLECTED
In this Privacy Policy, the term "Personal Data" is used with reference to any information that allows the Company to identify the user (or a third party whose user provides the data), directly or indirectly, including any information connected to the purchase of goods or services, or that the user chooses to communicate to the Company or to share with it, or with third parties, while using the Websites or at the Stores. The processing of personal data will take place in accordance with the General Regulation on the protection of personal data (EU) 2016/679 " Reg. (EU) 2016/679 "and, where applicable, the legislation of the country where the data should be collected. The Company reserves the right to perform further data processing, where required by law or in the context of criminal or other investigations or proceedings.
2.1 Data source
The Company collects personal data from the user only where the user voluntarily provides information, for example:
- placing an order through the Website;
- opening an account or modifying it; creating a wish list;
- doing research on the Website;
- by contacting the Company by sending a comment or question;
- by subscribing to email newsletters and updates regarding the latest products and services, events or promotions; or by requesting confirmation of an order, shipment or other notices;
- conversing informally during visits to the Company's Shop, interacting with it or purchasing products;
In the case of the Company's customer service : asking for assistance, special services or after-sales assistance;
In the case of e-mails, SMS and other electronic messages: by exchanging communications between the Company and the user.

If the user provides the Company with personal data of third parties (for example, family members, other customers or potential customers), the same should ensure that these third parties are informed and have authorized the use of their data as described in this Privacy Policy .
2.2 Types of data
The Company may collect and use different types of personal data according to the specific purposes pursued and described below:
to. personal information, such as name, surname, gender, age / date of birth, country of origin and other personal data that the current regulations allow to collect;
b. contact information, such as address, email address, telephone number, mobile number, fax number, if any, and other contact information that the current regulations allow us to collect;
c. payment information, such as a payment instrument (credit or debit card), if applicable, and passport number, when requested for tax reasons or in relation to anti-money laundering legislation;
d. information relating to the sale, such as data, products or services provided, place of purchase, product codes, amount, total sale, VAT number, complaints, returns, refunds or other information relating to the sale that the current regulations allow to collect; < br> is. habits and profiles, such as data regarding purchases (purchase history, the store where the purchase was made, type, quantity and price of the products purchased), information on activities and initiatives relating to the management of customer relations (date and categories of such actions carried out or to be carried out and their results), purchasing habits and preferences (wish list, preferred categories of products, notes on purchasing habits or special user needs, other information that the current regulations allow to collect;
3. PURPOSE OF THE PROCESSING OF PERSONAL DATA
Depending on the specific circumstances in which the interaction between the user and the Company took place, personal data may be used for the following purposes.

3. 1 For online and in-store sales
The personal data provided by the user or collected at the time of purchase, whether or not made as a registered user, i.e. basic personal data, contact information, purchase data, tax data, payment details, sales information and any other data strictly necessary for the delivery of the products, will be used for:
to. manage, administer and process product purchases, sales and after-sales services, such as administrative activities, accounting, returns, guarantees, tax-free refunds, where applicable, fraud prevention and communications with the user, including via email, for any problem relating to the management of the order or subsequent requests relating to the order;
b. comply with obligations imposed by EU laws, regulations or legislation (including anti-money laundering legislation) and make a legal claim or defend against it.
It is necessary to provide personal data for the aforementioned purposes and the refusal would make it impossible to complete the purchase.
Except where otherwise required to comply with local regulations in force, the processing of data for these purposes, as necessary to fulfill contractual and legal obligations, could be carried out without requiring the user's consent.

3.2 For the specific purposes for which the data were voluntarily provided
Personal data provided by the user or collected when the user requests a specific service (for example, by registering his account on the Websites, managing complaints or requesting information), i.e. personal, contact information and data strictly necessary to follow up upon request, they will be used for:
to. provide the requested services (for example, perform account registration processes, manage authentication on the Website and user accounts, assist it and manage any complaints and wish lists and respond to a question or contact request if necessary forwarded by the user, including through customer service);
b. manage newsletter subscription where the user is not registered.
Personal data must be provided for the aforementioned purposes and refusal would make it impossible to complete the request.
Except where otherwise requested to comply with local regulations in force, the processing of data for these purposes could be carried out without requesting the user's consent, as necessary to process the request.

3.3 For the purposes of managing customer relationships (CRM) if the user registers
The personal data provided by the user by filling in the Company's forms or collected during visits to the Stores or Web Sites or the interaction with the Company, i.e. personal and contact information and data regarding the user's habits and profile and details about his family, will be entered in the centralized CRM system for:
to. offer promotions, discounts and other personalized services and send newsletters, other marketing and commercial communications on products and services.
The Company could use traditional (ordinary mail and telephone) and / or digital and automated means of contact (e-mail, SMS, MMS, telephone and other digital channels, for example social media).
The Company may also use personal data to create groups and carry out statistical and market analyzes aimed at identifying products and / or services of interest to the customers of its brands and improving its services (including the Websites). The data collected on the Websites will be combined with any information obtained by the Company through interactions with the sales staff of the Shop. The processing of personal data for profiling is carried out in compliance with the guarantees and parameters established by current law.
The insertion of data in the CRM system is optional and free (being based on the consent that the user can choose to provide) and can only take place where personal data are provided for both the marketing and profiling purposes referred to in points 3.3a) and b) or only for one of the two. The user can unsubscribe or withdraw his consent at any time (see point 8 below). In any case, the refusal to provide personal data for one or both of these purposes CRM does not prevent the user from using the Company's services or making purchases, but the Company cannot inform him of marketing initiatives and events described above and will not be able to understand his interests and offer him a more personalized shopping experience.

4. COMMUNICATION OF PERSONAL DATA
The Company shares the user's personal data with its associated companies and with other companies that provide services on its behalf (as detailed below), under its direction or that of third parties. These companies and organizations will only receive the personal data necessary to perform the services and will not be authorized to use them for any other purpose.

4.1 Communication of personal data to data processors
When the user purchases the products or uses the Company's online sales services, his personal data may be shared by the e-commerce provider of this Website with selected third parties who provide services to the supplier, including those who fulfill the place orders, ship products, process credit or debit card payments and perform anti-fraud checks.

The user's personal data could be shared with third parties to monitor and analyze the activity of the Website, host website content, provide technical and organizational services functional to the aforementioned purposes, maintain the customer database, provide marketing assistance and manage emails, market analysis, surveys, competitions, prize-giving initiatives or promotions. These third parties may have access to the user's personal data or store or perform their processing in order to provide these services on behalf of the Company in Italy, in the country where the user is located. The Company's service providers are not authorized to use personal data for purposes other than the provision of contracted services.

The processing of the user's personal data for CRM purposes may be carried out, according to the instructions provided by the Company, by the associated companies that manage the services on behalf of the Company in Italy, as they are responsible for the processing.

4.2 Disclosure of personal data
Your personal data may need to be shared with companies that manage payments and anti-fraud controls, which operate independently as data controllers, in order to provide you with online sales services. < br> In the case of patrimonial or corporate operations (for example, mergers or acquisitions, corporate restructuring or liquidation), customer data will probably be one of the assets transferred and may be shared with legal successors, to the extent permitted by law on the basis of legitimate interest of society. Personal data will remain subject to the pre-existing privacy policy, unless the user decides otherwise.

The Company may also disclose your personal data to third parties (i) where required by EU or Member State legislation; (ii) in case of legal proceedings; (iii) in response to a request from law enforcement that is based on legitimate grounds; or (iv) to protect the rights, privacy, security or property of the Company or the public.

Furthermore, to the extent permitted by law, the Company may communicate personal data to third parties in the event of complaints relating to the use of the Website, where deemed necessary to investigate, prevent or adopt measures regarding illegal activities, suspected fraud or in the event that the Company, in its sole discretion, believes that the use of the Website by the user is incompatible with the conditions of the Website itself.

The complete list of the designated data processors and third parties to whom the data are communicated can be obtained using our contacts indicated below (point 13).

5. PROTECTION OF THE PRIVACY OF MINORS
This website is aimed at a general public, however its services are intended for people aged 18 or over. The Company does not deliberately request, collect, use and disclose personal data provided by persons under the age of 18 online or at its Company Store. If the Company learns that it has personally collected data from a minor, it will delete it.
In the event that the user is not of the required age, please do not register or proceed with the online purchase and ask an adult (i.e. their parents or guardian) to carry out the necessary procedures. >
6. ARCHIVING, ACCESSIBILITY AND TRANSFER OF PERSONAL DATA
The processing of personal data collected through the Websites takes place mainly using electronic or web-based means, including web analysis services hosted by servers of selected Company suppliers operating both within the European Union (for example, in Germany and Ireland, for online sales transactions on the Websites managed directly by the Company) and outside of it (for example, in the United States, for the Company's newsletter subscription services). In the company shop, the processing of personal data can also be carried out on paper. In both cases, personal data, for CRM purposes, are entered in the centralized and secure database of the Company located in Italy and managed by the CRM Managers.
Access to personal data will be allowed only to authorized personnel of the company or e-commerce service provider (for example, personnel involved in digital marketing and IT, retail sales, administration and security), depending on the actual need to know this information and using access control tools on multiple levels. This staff has undertaken to comply with the confidentiality obligations and has been expressly designated as data processor, as required by current law. In particular, where the user has given his consent to the processing of his personal data for CRM purposes, the related data may be read, modified and updated by the Company's staff and / or local e-commerce suppliers (especially by the sales and marketing staff). The staff has received special training and is required to respect confidentiality obligations. The Company may use it to collect, use and disclose data according to its instructions.

7. SECURITY AND CONFIDENTIALITY OF PERSONAL DATA
The Company has implemented appropriate measures to protect the user's personal data from accidental loss and from unauthorized access, use, modification and disclosure.
When the user completes the order, for payment by credit card it is transferred to the Gestpay - Banca Sella Group gateway, which uses SSL (Secure Socket Layer) technology, a coding tool that guarantees security during the transmission of information on the Internet.
In the management of this website, no credit card data is stored, password checks, firewall technology and other technological and procedure-based security measures are also used. Although the Company has implemented the aforementioned security measures for the Website, the user must know that 100% security cannot be guaranteed. Therefore, the user provides his personal data at his own risk and, to the maximum extent permitted by applicable law, the Company will in no way be responsible for their disclosure due to errors, omissions or unauthorized actions of third parties during or after their transmission to the same. The Company recommends the user to (i) periodically update the software to protect the transmission of data on networks (for example, antivirus software), the browser he uses for browsing, and to check that the provider of electronic communication services has adopted suitable means for the security of data transmission on networks (for example, firewalls and anti-spam filters); (ii) keep your username and password confidential and do not communicate to anyone to access the account; and (iii) periodically change your password.

In the unlikely event that the Company believes that the security of the user's personal data in his possession or under his control has been or may have been compromised, the same will inform the user of the incident in the manner prescribed by current law , using the methods it prescribes (by providing the Company with its email address, the user consents to receive such communications in electronic format through this email address).

8. RIGHTS OF ACCESS TO PERSONAL DATA - MANAGEMENT OF CHOICES

8.1 User rights
At any time and free of charge, the user can access their data, receive their personal electronic data in a structured and commonly used format that is readable mechanically and transmit them to another data controller (data portability), as well as have them corrected, updated, modify or eliminate (subject to any applicable exceptions). The user can update the data provided to the Company by contacting the same at the address provided below. Requests for deletion of data are subject to current legal obligations and document retention imposed on the Company.
If you believe there is a problem with the way you manage your personal data, you will have the right to file a complaint with the national personal data protection authority or any other country in the EU or the European Economic Area.
To exercise these rights, the user can send a request by contacting the Company, by sending an email to ordini@latteriaduemadonne.com or a letter to regular mail to the address below (point 13). When contacting the Company, the user must make sure to include his name, email address, postal address and / or telephone number (s) to be sure that the same can correctly handle his request.

8.2 Accuracy - Updating of personal data
To allow the Company to better serve the user, the user is invited to regularly check and update their personal data. If registered, the user can access their personal data and modify them using the user account settings on the Website; otherwise, you can contact the Company (see point 13) for assistance in updating your personal data.

8.3 Management of choices related to direct marketing and profiling
If the user wishes not to give his consent to the use of the data for CRM, marketing and / or profiling purposes, or to manage his advertising preferences, he can send a simple request to the Company (see point 13) to indicated below or manage your account choices accordingly. The same procedure applies where the user wishes to withdraw their consent to profiling.

9. CALIFORNIA PRIVACY RIGHTS PROVIDED
Pursuant to Section 1798.83 of the California Civil Code, people residing in California have the right to request from the companies with which they have established a commercial relationship some information regarding the types of personal data that it shares with third parties who conduct direct marketing activities, as well as to know the identity of third parties with whom the Company shared this information during the immediately preceding calendar year. If the user is a California resident and wishes to receive a copy of the information provided pursuant to this law, he can send a written request to the Company. The answer will be provided within 30 days of the request.

10. STORAGE OF DATA
Personal data will be kept for the duration of the commercial relationship and for all the time necessary to pursue the purposes described in this Privacy Policy (for example, where the user signs up for a newsletter, for the duration of this subscription, or where has a user account, until the closure of the same). After this period, the user's personal data will be kept only to comply with legal and regulatory obligations (for example, for 10 years, in the case of accounting purposes; for the duration of the mandatory retention obligation, in the case of tax purposes ; etc.) or to allow the Company to maintain evidence of their respective rights and obligations.

The user's personal data that are processed for CRM purposes (point 3.3) will be kept until the account is closed or until consent for their treatment for these purposes has been withdrawn. The personal data relating to the information on purchases that are processed for profiling and marketing purposes will be kept for a limited period, in line with the term allowed by current law, and, upon expiry of this term, will be deleted or anonymized in permanently.

11. COOKIE POLICY AND SIMILAR PROCESSES
For more general information on cookies and their enabling and disabling, see the Cookies and Advertising management section on the Website http: // www.latteriaduemadonne.com/it/cookie.html
12. CONNECTIONS, ADVERTISERS, SPONSORS AND ADVERTISING
This Website may contain links to various websites owned by the Company or controlled by it, as well as websites of third parties. Where the user chooses to provide their personal data on this or these linked websites, this information will be subject to the privacy policy and security policies of these linked websites - including the websites administered and managed by the approved distributors of the Company, with the exception of the data collected there by the Company's distributors for CRM purposes if the Company's privacy policy is published - and not in this Privacy Policy. Since the Company is not responsible for the information sent or collected, used, disclosed or otherwise subjected to processing by third party websites, the user should be aware of these other privacy notices.

13. DATA CONTROLLER - DATA PROTECTION OFFICER - COMPANY CONTACTS
For the purposes of this Privacy Policy and the processing of data described here, it is specified that the term "Company" refers to "Latteria Due Madonne" brand of the Agricultural Company Maramotti Lombardini Srl, with registered office in Via Miselli, 83 - 42124 Reggio Emilia, Italy. The Company is the data controller (as defined in Reg. (EU) 2016/679) of the data collected from its company store and / or websites in Italy and abroad for the CRM purposes referred to in points 3.2 and 3.3. The owner of the processing of data collected at the Company Store and / or the Website for purposes related to the sales referred to in point 3.1, is the Company Store or the online store of Latteria Due Madonne where the purchase is made and / or who collected the data. For any comments or questions on this Privacy Policy and to speak with the reference person in charge of handling requests relating to data processing, it is also possible to contact the Company's customer service at the number: ordini@latteriaduemadonne.com tel. 0522 359704.

14. UPDATES TO THIS NOTICE - COMMUNICATIONS
The Company, at its discretion, reserves the right to change, modify, add or delete parts of this Privacy Policy at any time, by publishing the revised version on this page of the Website and updating the date of the last modification below. indicated. It is the user's responsibility to review the Privacy Policy from time to time to take note of any changes made. In some cases, the Company may provide further communications relating to significant changes to this Privacy Policy by publishing a notice on the home page of this Website or, in the case of registered users, by sending an email notification or by inserting a notice on the page of their account. By accepting this revised Privacy Policy by clicking on the "accept" button in this notification email or in the communication published on the account page (where required to comply with current regulations), completing a purchase on the Website or in any shop after the revision of the Privacy Policy, or, otherwise, by using or sending information to the Website after the publication of the revised Privacy Policy, the user accepts this revised Privacy Policy. Following the changes, where required by current legislation, the user data will not be processed without the explicit consent of the user.

LAST CHANGE
This information comes into force on 18/5/2018.