Privacy e cookie policy
Information on the processing of personal data
Art. 13 Regulation (EU) 2016/679 of the European Parliament and of the European Council
UBERTI SRL, P.IVA 01063740144, Via Enrico Fermi 13, 25020 Poncarale (BS) – Italy (hereinafter the “Company” or the “Data Controller”), owner of the processing of personal data, hereby provides the privacy policy pursuant to Art. 13 of Regulation (EU) 2016/679 (hereinafter the “GDPR”), to the data subjects (hereinafter the “Data Subjects”).
The Company, as data controller, undertakes to protect the confidentiality and rights of the Data Subject and, in accordance with the principles dictated by the aforementioned regulations, the processing of the data provided will be based on the principles of correctness, lawfulness and transparency.
1. PURPOSE OF PROCESSING
The information is provided only for the Company’s website and not for other websites that may be consulted by the interested party through links. The Interested Party may voluntarily provide his/her personal data, which will be processed and used by the Company for the purposes related to the requested service as indicated by specific notices reported or displayed on the pages of the site for particular services or requests.
The personal data of the Interested Parties will be processed by the Company for purposes related and/or connected to the provision of services by the Company in the context of navigation on the website, such as the provision of services requested by the Interested Party during navigation on the website including the collection, storage and processing of data for the purposes of the establishment and subsequent operational and technical management.
This data – the provision of which is necessary for the operational performance of the service – will also be processed by electronic means, recorded in special databases, and used strictly and exclusively in the context of website navigation. Since the communication of the Data Subject’s personal data for the aforesaid purposes is necessary in order to maintain and provide all the services related to website navigation, failure to do so will make it impossible to provide the specific services in question.
The Data Controller may also process, without the consent of the Data Subject, personal data in the following cases
a) analysis in an anonymous and aggregate form of the use of the services used, to identify the habits and propensities of the Data Subjects, to improve the services provided and to meet specific user requirements, or the preparation of initiatives connected with the improvement of the services provided
b) comply with the provisions of domestic and foreign laws and regulations, or execute an order of the judicial authority or other authorities to which the Controller is subject
c) exercise the Controller’s rights with particular reference to the right of defence in court.
The processing is lawful insofar as it is carried out to comply with the provisions of laws and regulations and to exercise the rights of the Data Controller. Since the communication of the Data Subject’s personal data for the aforesaid purposes is necessary in order to maintain and provide all the services connected to website navigation, failure to provide such data will make it impossible to provide the specific services in question.
The Data Controller may also process, without the consent of the Data Subject, personal data in the following cases
a) analysis in an anonymous and aggregate form of the use of the services used, to identify the habits and propensities of the Data Subjects, to improve the services provided and to meet specific user requirements, or the preparation of initiatives connected with the improvement of the services provided
b) comply with the provisions of domestic and foreign laws and regulations, or execute an order of the judicial authority or other authorities to which the Controller is subject
c) exercise the Controller’s rights with particular reference to the right of defence in court.
The processing is lawful insofar as it is carried out in order to comply with the provisions of laws and regulations and the exercise of the Controller’s rights.
2.PROCESSING METHODS
Data processing is carried out electronically and/or on paper, by means of recording, processing, storage and transmission of data, also with the aid of IT tools.
The instruments and supports used in the performance of the processing activities are suitable to guarantee the security and confidentiality of the data. In the performance of processing activities, the Company undertakes to ensure the accuracy and updating of the data processed, and promptly receive any corrections and/or additions requested by the data subject adopt appropriate security measures to ensure adequate data protection, in view of the potential impact of the processing on the fundamental rights and freedoms of the Data Subject notify the Data Subject, within the timeframe and in the cases provided for by mandatory legislation, of any personal data breaches; ensure that processing operations comply with the applicable legal provisions.
3.COMMUNICATION AND DISSEMINATION OF DATA
Without prejudice to communications carried out in fulfilment of legal obligations, the personal data of the Data Subject may be disclosed not only to the Data Controller but also to employees and collaborators of the Data Controller as persons authorised to process data; domestic and foreign companies belonging to the same group as the Data Controller; authorities in general, administrations, public bodies and organisations, both domestic and foreign; third-party service providers. exclusively for the purposes listed above in accordance with any consent given by the data subject. Personal data are not subject to dissemination.
4.TRANSFERS ABROAD
Personal data will be stored and processed within the European Union. In the event of any processing of personal data outside the European Union, this will only take place after appropriate safeguards have been put in place, as provided for by mandatory legislation.
5.DATA RETENTION POLICY
The Company stores personal data in its systems in a form that enables the identification of the data subjects according to the following criteria for a period of time not exceeding the achievement of the purposes for which they are processed, unless otherwise provided for by regulatory or contractual obligations;
to comply with specific legal or contractual obligations;
where applicable and legitimate, until such time as the data subject requests deletion.
6.RIGHTS OF THE INTERESTED PARTY
The Data Subject may assert his or her rights, recognised by binding legislation and in particular by Articles 15 to 22 of the GDPR, such as:
Right of access: the right to obtain from the Data Controller confirmation as to whether or not personal data are being processed and, if so, to obtain access to personal data and further information on the origin, purposes, categories of data processed, recipients of communication and/or transfer of data, etc.
Right to rectification: the right to obtain from the Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary declaration.
Right to erasure: the right to obtain from the Controller the erasure of personal data without undue delay in the event that the personal data are no longer necessary in relation to the purposes of the processing; the consent on which the processing is based has been revoked and there is no other legal basis for processing personal data have been unlawfully processed; personal data must be erased in order to comply with a legal obligation.
Right to object to processing: the right to object at any time to the processing of personal data that have as their legal basis a legitimate interest of the Controller.
Right to restriction of processing: Right to obtain from the Controller the restriction of processing, in cases where the accuracy of personal data is contested (for the period necessary for the Controller to verify the accuracy of such personal data), if the processing is unlawful and the Data Subject has objected to the processing, if the personal data are necessary to the Data Subject for the establishment, exercise or defence of legal claims, if following the objection to the processing the Data Subject is awaiting verification as to whether or not the legitimate interest of the Controller prevails.
Right to data portability: the right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another data controller, only in cases where the processing is based on consent or on a contract and only for data processed by electronic means.
Right not to be subject to automated decisions: the right to obtain from the Controller not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning the Data Subject or significantly affect him/her, unless such decisions are necessary for the conclusion or performance of a contract or are based on the consent given by the Data Subject.
Right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or judicial remedy, a Data Subject who considers that the processing concerning him or her violates the GDPR has the right to lodge a complaint with a supervisory authority.
In order to exercise his or her rights under the GDPR, the Data Subject may: forward his requests to the Controller, by connecting to the website www.sangueblu.shop;
or alternatively contact the Data Controller at the following address:
UBERTI SRL, P.IVA 01063740144, Via Enrico Fermi 13, 25020 Poncarale (BS)- Italy,
Pec: ubertiantony@legalmail.it indicating “Privacy” in the subject line.
This website uses cookies, including third party cookies, to send you advertising and services in line with your preferences. If you wish to learn more or to deny consent to all or some cookies, click on “show details”.
By closing this banner, or by scrolling down this page or clicking any of its elements you agree to the use of cookies. Cookies are small text files that sites visited by users send to their terminals, where they are stored in order to be retransmitted to the same sites on subsequent visits. Cookies are used for different purposes, have different characteristics, and can be used by the owner of the site you are visiting or by third parties.
The data controller for the cookies installed by it is UBERTI SRL, P.IVA 01063740144, Via Enrico Fermi 13, 25020 Poncarale (BS)- Italy.
For the identification of the data controllers regarding the cookies installed by third parties, please consult the links below the information notices on the third party sites or connect to the site: http://www.youronlinechoices.com.
The personal data that you provide by authorising the use of cookies may be processed with the support of computerised means for the purpose of carrying out the activities envisaged by this policy.
The authorisation to use cookies is optional. However, failure to provide it will make it impossible to carry out the activities indicated below. The data provided by authorising the use of cookies will not be disseminated or communicated to third parties by the data controller.
However, they may be disclosed to the data processors and persons in charge of the processing of personal data (employees and/or collaborators of the data controller) whose work the data controller uses for the provision of services, an updated list of which is available at the data controller’s head office. It is also possible to find further instructions at the web address of the browser used by the User.
Finally, we remind you that in relation to the aforementioned processing, you may exercise your rights under Articles 15 to 22 of the GDPR, such as: Right of access: the right to obtain from the Controller confirmation as to whether or not personal data are being processed and, if so, to obtain access to personal data and further information on the origin, purposes, categories of data processed, recipients of communication and/or transfer of data, etc.
Right to rectification: the right to obtain from the Controller the rectification of inaccurate personal data without undue delay, as well as the integration of incomplete personal data, also by providing a supplementary declaration.
Right to erasure: the right to obtain from the Controller the erasure of personal data without undue delay in the event that the personal data are no longer necessary in relation to the purposes of the processing;the consent on which the processing is based has been withdrawn and there is no other legal basis for processing personal data have been unlawfully processed;personal data must be erased in order to comply with a legal obligation.
Right to object to processing: the right to object at any time to the processing of personal data that has as its legal basis a legitimate interest of the Controller.
Right of restriction of processing: Right to obtain from the Controller the restriction of the processing, in cases where the accuracy of personal data is contested (for the period necessary for the Controller to verify the accuracy of such personal data), if the processing is unlawful and the Data Subject has objected to the processing, if the personal data are necessary to the Data Subject for the establishment, exercise or defence of legal claims, if following the objection to the processing the Data Subject is awaiting verification as to whether or not the legitimate interest of the Controller prevails.
Right to data portability: the right to receive personal data in a structured, commonly used and machine-readable format and to transmit such data to another data controller, only where the processing is based on consent or on a contract and only for data processed by electronic means.
Right not to be subject to automated decisions: the right to obtain from the Controller not to be subject to decisions based solely on automated processing, including profiling, which produce legal effects concerning the Data Subject or significantly affect him/her, unless such decisions are necessary for the conclusion or performance of a contract or are based on the consent given by the Data Subject.
Right to lodge a complaint with a supervisory authority: without prejudice to any other administrative or judicial remedy, a Data Subject who considers that processing concerning him or her violates the GDPR has the right to lodge a complaint with a supervisory authority.
You may exercise these rights by writing to UBERTI SRL, P.IVA 01063740144, Via Enrico Fermi 13, 25020 Poncarale (BS)- Italy, or by connecting to the website www.sangueblu.shop, in the “Contact” area.
Your consent applies to this website.