WEBSITE PRIVACY POLICY
PRIVACY NOTICE PURSUANT TO ARTICLE 13, GDPR
The Privacy Notice pursuant to article 13 of the GDPR to those who browse the website indicated below:
(the “Website”)
The Privacy Notice describes the methods used to manage the Website with reference to the processing of personal data relating to visitors who browse it. It should also be noted that this Policy concerns only the Website, with the exclusion of any website to which the visitor may be redirected through links that may be available within the Website. For these reasons, in order to know the details relating to the processing of personal data in the context of these external websites, we invite you to read the relevant privacy policies.
1. DATA CONTROLLER?
The Data Controller is Angelini Wines & Estates Società Agricola a r.l., with its registered office in Via Roma n. 117, 60031, Castelpiano (AN) (“Angelini Wines” or “Data Controller”).
The Data Controller can be contacted by email at: angeliniwinesandestatessocagrarl@legalmail.it or in writing at Via Roma n. 117, 60031, Castelpiano (AN).
2. DATA PROTECTION OFFICER
The Controller has appointed a Data Protection Officer, who can be contacted directly at the following address:
Data Protection Officer
c/o Angelini Wines & Estates Società Agricola a r.l.
Via Roma n. 11, 60031
Castelpiano (AN), Italy
email: dpo@angeliniwinestates.com (the “Data Protection Officer” or “DPO”).
3. CATEGORIES OF PERSONAL DATA PROCESSED
According to GDPR, “personal data” means: “any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” (“Data”).
The Data Controller collect and process the following Data to achieve the purposes outlined in paragraph 4.
Regarding website management and defense of rights in court:
i. IP address, domain name and URL of the device being used;
ii. geolocation data, browser type, and operating system type; browsing data (e.g., number of visits to the Website and time spent on the Website);
iii. browsing history;
In the event that a request is made to the Data Controller through the link in the “Contacts” section or through the link in the “Hospitality” section or about Registration in the “Subscribe to the Newsletter” area of the Website, the Data Controller also collects and processes the following:
iv. identification data (name, surname);
v. e-mail address;
vi. telephone number;
vii. and any additional information provided as part of the formulation of your request.
When you visit the Website, the Owner may collect your Data both indirectly (e.g., by tracking the IP address and URL of your device in order to monitor the use of the Website), and directly (e.g., if you submit a request to the Owner).
4. PURPOSES AND LEGAL BASIS OF PROCESSING
4.1 Website management
Purpose: The Data Controller collects and processes your Data to carry out activities concerning the management and administration of the Website. In addition, the Data Controller may process your Data in order to improve visitors’ navigation.stration of the Website. In addition, the Data Controller may process your Data in order to improve visitors’ navigation.
Legal ground: legitimate interest of the Data Controller (Article 6 (1) (f) GDPR).
4.2 Defending rights in court
Purpose: The Data Controller may process your Data to assert and defend its rights. If necessary.
Legal ground: legitimate interest of the Data Controller (Article 6 (1) (f) GDPR).
For this purpose, the provision of Data is optional. However, if you do not provide such data, the Data Controller will not be able to guarantee that you will browse the Website.
4.3 Submit form in the “Contact” section or “Hospitality”
Purpose: The Data Controller collects and processes your Data to follow up on any requests you may voluntarily make through the appropriate “Contacts” and/or “Hospitality” link on the Website.
Legal ground: execution of a contract to which the data subject is party or of pre-contractual measures taken at the data subject’s request (Article 6 (2) (b) GDPR).
For this purpose, the provision of Data is optional. However, if you do not provide such data, the Data Controller will not be able to guarantee that you will browse the Website.
4.4 Registration in the “Subscribe to the Newsletter” area of the Website
Purpose: The Data Controller collects and processes your Data in order to allow you to subscribe to the Newsletter.The communications sent will be of an informative and institutional nature, for example to welcome you to the Val Di Suga world or to update you on the brand’s initiatives and events.
Legal ground:
The processing of personal data is based on your consent (Art. 6, (1) (f) GDPR).
You can withdraw your consent at any time by writing to dpo@angeliniwinestates.com.
Purpose: Direct Marketing: The Data Controller may send you communications containing commercial proposals on its products and services similar to those you have already requested.
Legal ground:
legitimate interest of the Data Controller (Article 6 (1) (f) GDPR).
You can object to the processing by writing to dpo@angeliniwinestates.com.
Purpose:Indirect Marketing, the Data Controller may send you communications of a commercial nature on products, promotions and events.
Legal ground:
The processing of personal data is based on your consent (Art. 6, (1) (f) GDPR).
You can withdraw your consent at any time by writing to dpo@angeliniwinestates.com.
5. COOKIES
Cookies are packets of information sent by a web server (e.g., the site) to the user’s Internet browser, automatically stored by the latter on the computer and automatically sent back to the server at each subsequent access to the site. The Data Controller uses cookies in order to provide contextual information to visitors to the Website and to obtain statistics on access and/or use of the portal. By default, almost all web browsers are set to automatically accept cookies. Visitors can set their device’s browser to accept/reject all cookies or display a warning each time a cookie is offered, in order to be able to assess whether or not to accept them. The user can, however, change the default configuration and disable cookies (i.e. block them permanently), setting the highest level of protection. For any other information on the characteristics, types, use and methods for removing, deleting or disabling the cookies on the Website, please refer to the specific “Cookie Policy”.
6. RECIPIENS OF PERSONAL DATA
Your Data will be shared with internal and external subjects to the Data Controller’s organizations only when necessary to achieve the purposes described above.
Your Data may be communicated to other companies of the Angelini Group, as well as to third-party companies located within the European Economic Area that offer the Data Controller maintenance and development services of the Website and, in general, IT services, specifically appointed as data processors pursuant to art. 28, GDPR. Where required by law, your Data may also be communicated to other companies, competent authorities or public bodies located within the European Economic Area, which will process them for their own purposes as independent data controllers.
The server on which the Website is located is located within the European Economic Area (EEA).
7. DATA RETENTION PERIOD
The Data Controller will process your Data for the time strictly necessary to achieve the purposes indicated and described in the previous paragraph 4 as outlined below:
• Website management: your Data will be kept for the time strictly necessary to manage and optimize activities of the Website;
• Defense of Angelini Wines rights in legal proceedings: your Data will be kept for the time strictly necessary to comply with any legal or regulatory obligations of the Data Controller and/or necessary for the defense of rights in legal proceedings.
• Submit form in the “Contact” section or “Hospitality”: your Data will be kept for the time strictly necessary to manage your request After 2 months from the request for information, the data will be deleted and will not be subject to further storage.
• Registration in the “Subscribe to the Newsletter” area of the Website and direct marketing: your Data will be kept until you withdraw your consent.
• Indirect Marketing: The data will be processed until you exercise your right to object (opt-out).
At the end of the period described above, your personal data will be definitively deleted or irreversibly anonymized.
We reserve the right to retain so-called log data for longer periods in order to be able to handle any crimes committed against the Website (e.g., hacking).
The data retention period of your Data collected indirectly by the Data Controller through cookies are listed in the appropriate Cookie Policy.
8. RIGHTS OF THE DATA SUBJECT
Under the Regulation, you have the right to:
a) obtain confirmation as to whether or not personal data concerning you is being processed, access your Data and obtain a copy of it;
b) request the rectification or updating of your Data if inaccurate or incomplete; request the erasure of your Data when, in particular, (i) the Data is no longer necessary for the purposes described above or (ii) you have revoked the consent on which the processing of your Data is based and there is no other legal basis for their processing or (iii) the Data Subject objects to their processing and there is no overriding legitimate grounds for the processing or (iv) the Data has been unlawfully processed or (v) the Data must be erased to comply with a legal obligation;
c) request that the processing of your Data be restricted, meaning that the Controller retains such Data but cannot use it. This right can only be exercised in the cases provided for by law and, in particular, when (i) the accuracy of the personal data is contested, for the period necessary for the Controller to verify the accuracy of such Data, or (ii) the processing of the Data is unlawful and you request the restriction of their use, rather than their erasure, or (iii) although the Controller no longer needs them for the purposes of processing, the Data is required by the Data Subject for the establishment, exercise or defense of a legal claim or (iv) you have objected to their processing, pending verification as to whether the legitimate grounds of the Controller override those of the Data Subject;
d) request the Data or transfer it to a third party (“right to data portability”): for data processed by automated means and based on consent or contract (art. 6, para. 1, letter a) or b) GDPR), the Data Subject may request to receive the Data concerning him or her in a structured, commonly used and machine-readable format, in order to transfer it to another controller. Upon request, where technically feasible, the Controller will transfer the Data directly to the third party indicated by the Data Subject;
e) object to processing at any time (where applicable): the Data Subject has the right to object at any time, on grounds relating to his or her particular situation, to the processing of his or her personal data, including profiling, based on the legitimate interests of the Controller or a third party. After evaluating the objection request and subject to the presence of legal obstacles to its acceptance, as provided for by law, the processing to which the Data Subject has objected will be definitively interrupted;
f) file a complaint with the Garante for the protection of personal data.
To exercise your rights and/or obtain more information about them, you can contact the Controller or its DPO at any time using the contact details indicated in paragraph 1 of this notice. Before proceeding with a request from the Data Subject, we will identify the person making the request. If the Data Controller has reasonable doubts about the identity of this person, they may request further information necessary to confirm their identity.
9. HOW TO FILE A COMPLAINT
If you wish to file a complaint about the methods by which your Data is processed, or regarding the handling of a complaint you have made, you may file a request directly with the supervisory authority (Garante for the protection of personal data, Piazza Venezia 11, 00187 – Rome, Italy, telephone +39 06696771, E-mail: protocollo@gpdp.it, www.garanteprivacy.it).
10. UPDATES
In case of any significant updates to this information, made if there is a need to modify some of the characteristics of the processing described above, the Data Controller will provide the Data Subject with the new information before the implementation of such updates and, where necessary, will obtain their consent, in compliance with the applicable legislation.
[last update june 2025]