Privacy and cookie policy of https://www.terrachevive.com

Policy notice concerning the processing of personal data drafted and provided by Terrachevive by Marco Alessandro Punzi as Data Controller, in compliance with Articles 13 and 14 of the EU Regulation 2016/679 on the protection of personal data of natural persons (hereinafter also referred to as the “Regulation” or “GDPR”), to the Users consulting the website https://www.terrachevive.com (hereinafter also referred to as the ” Website”).

The following policy is valid for the website https://www.terrachevive.com and for those hosted on third-level domains *.terrachevive.com. It is not effective for other websites that may be consulted by the User via links. The Data Controller will collect and process the types of data listed below in compliance with the provisions of the Code and the Regulations.

I. Data controller and contact information.

Terrachevive by Marco Alessandro Punzi, with registered office in Taranto (TA) in via De Cesare 37, PEC: [email protected] and e-mail: [email protected], VAT no.: 03248470738.

II. Processing Methods

The Data Controller processes the personal data provided and/or collected by users by means of analogue, computerised and/or telematic tools, taking appropriate security measures to prevent unauthorised access to the systems and, therefore, their unauthorised disclosure, modification or destruction.
Personal data are also processed in aggregate form, with organisational methods and logics which are strictly necessary for the purposes indicated in this policy. On some occasions, the data may be viewed by categories of subjects authorised by the Data Controller, also called data processors, and involved in the organisation of the services connected to the website (such as, for example, administrative or sales staff, the marketing department, the legal department or system administrators) or even by external subjects (third party technical service providers, couriers, hosting providers) who will be appointed as Data Processors. The updated list of Data Processors and persons in charge can always be requested by the data subject and is available at the registered office of the Data Controller.

III. Types of Data Collected and Purposes

a) Personal and contact data

These data are requested to the User when filling in the registration or information request forms available on the Website and on the websites hosted by the sub-domains and include: name, surname, city of origin, e-mail address and telephone number.
This data will and may be processed by the Controller:
1. To fulfil the User’s specific requests (name, surname, fiscal code, city of origin, home address, e-mail address and mobile phone number) – Legal basis: GDPR; condition of lawfulness: contract or pre-contractual measures;
2. To process the experiences and the conclusion of the service contract with the User (name, surname, city of origin, e-mail address and telephone number); – Legal basis: GDPR; condition of lawfulness: contract or pre-contractual measures;
3. To issue invoices or accounting documents, as required by current legislation (name, surname, fiscal code, residential address, e-mail address) – Legal basis: Italian Tax Code (TUIR); lawfulness condition: legal obligation;
4. Subject to the user’s explicit consent, to send newsletters and commercial information by email (first name, last name, email address) – Legal basis: provision of the Italian Data Protection Authority of 4 July 2013 et seq.; Condition of lawfulness: consent.

b) Navigation Data

The computer systems and software procedures used to operate the Website acquire, in the course of their normal operation, certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified persons, but by its very nature could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes the IP addresses or domain names of the computers used by users connecting to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained as a response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the User’s operating system and computer environment.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to check its correct operation, and are deleted immediately after processing. Data may be used to determine liability in case of hypothetical computer-based violations damaging the website: except for this case, data are held only for the time periods defined in point IV of this policy.

c) Provision of data

The provision of personal contact data, as per section III a) for the purpose referred to in sub-section 1) of this policy, is compulsory and failure to provide such data, even partially, will make it impossible for the Data Controller to communicate the requested information to the user. In this case, processing is lawful since it is based on an explicit request by the user (pre-contractual measures or execution of contract);
The provision of personal contact data, as per section III a) for the purpose referred to in sub-section 2) of this policy, is compulsory and failure to provide them, even partially, will make it impossible for the Controller to process the experiences and conclude the service contract with the User. In this case, processing is lawful since it is necessary for the performance of the contract (pre-contractual measures or performance of the contract);
The provision of personal contact data, as per section III a) for the purpose referred to in sub-section 3) of this policy, is mandatory and failure to provide such data, even partially, will make it impossible for the Controller to issue the invoice or other accounting documents. In this case, processing is lawful for the fulfilment of a legal obligation;
The provision of personal contact data, as per section III a) for the purpose referred to in sub-section 4) of this policy, is optional and failure to provide such data, even partially, will make it impossible for the Data Controller to send the newsletter to the user and to contact him/her with the other tools listed therein in order to communicate commercial information. In this case, processing is lawful because it is based on the consent of the data subject.
The User takes responsibility for the Personal Data of third parties communicated or shared through the website https://www.terrachevive.com and guarantees that he/she has the right to communicate or share them, thus exempting the Data Controllers from any liability towards third parties.
Terrachevive by Marco Alessandro Punzi shall not transfer the collected data to third parties.

IV. Place and duration of data processing

a) Place

The Data are processed at the operational offices of the Data Controller and the Data Processors, as well as at any other place where the parties involved in the processing are located.
If personal data are transferred to a third country or an international organisation, the data subject will be informed of the existence of adequate safeguards within the meaning of Article 46 of the ‘Regulation’ relating to the transfer. Further information can be obtained by contacting the Controller.

b) Duration of processing and storage

The Data are processed for the following periods of time:
a) For the purpose referred to in article III, letter a) sub-section 1), for as long as it is necessary to fulfil the specific requests;
b) For the purpose referred to in article III, letter a) sub-section 2), for as long as it is necessary for the performance of the contract;
c) For the purpose referred to in article III, letter A) sub-section 3), for as long as it is necessary to fulfil legal accounting, tax and fiscal obligations;
d) For the purpose referred to in article III, letter A) sub-section 4), for the twenty-four months following the collection of the user’s explicit consent or since their last renewal.
The Data Controller will store the user’s personal data for 10 years after the conclusion of the processing in order to be able to exercise the right of defence.

V. Cookie Policy

a) Cookie Information

A cookie is a small, light text file that is generated by web services in order to store users’ preferences, activities and tastes. The cookie created by a service can be read and modified by it in order to better characterise its users and, above all, to recognise the user when they return to the site.
Thus, different information can be stored in the cookie for different purposes, but only if the user has enabled the installation of cookies from his browser preferences.
It is important to point out that cookies are not and cannot be dangerous in the usual sense of the term: in fact, they cannot transmit any virus or malware of any other kind. They can, however, be used to track user behaviour on websites using certain services.
In general, cookies can be deactivated completely from the settings of the browser at any time. For further information, we recommend reading the help and support pages relating to them provided by their developers.

b) Third-party services using cookies

Chaty
Chaty is a real-time chat service provided by Premio that allows the User to interact textually and in real time with the Website Owner via WhatsApp, which handles the conversation with the User.
Personal data collected: cookies
Place of processing: United States
Privacy policy: https://premio.io/privacy-policy-3/
Cookie persistence: 30 days

Google Analytics
Google Analytics is a third-party web analysis service provided by Google Inc. Google uses the personal data collected through its scripts in order to track and examine the navigation on this website and the services offered by it, fill in reports and share them with other third-party services developed by Google.
Google uses personal data to provide contextualisation and personalisation of ads in its advertising network consisting of Adsense and Adwords.
Personal data collected: Cookies and site navigation data.
Place of processing: United States.
Privacy Policy: http://www.google.com/intl/it/policies/privacy/
It is possible to exercise the right to opt out of Google Analytics from here:
http://tools.google.com/dlpage/gaoptout?hl=en
Cookie persistence: 365 days

Facebook Ads Pixel
Provided by Facebook, Inc.
The Facebook Ads pixel serves to monitor the conversions of advertisements published by the website owner on Facebook.
This service links data from Facebook’s ad network with actions performed within this website.
Personal data collected: Cookies and Usage Data.
Place of processing: United States
Privacy Policy: https://www.facebook.com/privacy/explanation
Cookie persistence: 365 days

VI. Rights of Data Subjects

Users, as data subjects, may exercise the rights granted to them by the GDPR, specifically:
1. the right of access;
2. the right to rectification of data
3. the right to erasure and to be forgotten;
4. the right to restriction of processing
5. the right to object to processing
6. the right to data portability.
Rights may be exercised by submitting an informal request to the Data Controller, who shall reply within thirty (30) days from its receipt. This period may be extended by a further sixty (60) days if the fulfilment of the request is particularly burdensome for the Controller.
The Data Controller shall inform users that, in the event that a response is not given within the time limits mentioned, or if the response does not satisfy the users, or if the users consider that their rights have been violated, they may complain to the Data Protection Authority in accordance with the procedures set out on the Authority’s website, which can be accessed at http://www.gpdp.it.
The exercise of rights is free of charge, unless the Data Controller has to bear excessive costs.

VII. Modifications to this privacy policy

The Data Controller reserves the right to amend this extended privacy policy in any way by giving notice on this page.
The date of last modification will be posted at the bottom of this notice in order to keep track of the changes. A copy of each version of this notice is available to the Data Subject at the registered office of the Data Controller.
In the event that the user does not accept the changes made, he/she may ask the Data Controller to remove his/her personal data. Unless otherwise specified, the previous privacy and cookie policy will continue to be applied to personal data collected up to that point.
Taranto (TA), 10.01.2022

CREATED