Privacy and Cookie

Information regarding the collection of personal data pursuant to art. 13 of Legislative Decree no. 196 of 30 June 2003, the Italian Data Protection Act, and to art. 13 of the EU General Data Protection Regulation (GDPR) no. 2016/679

Sergio Pesca s.r.l., headquartered in Via Degli Orti, 93 / I Portici - 07041 Alghero (Sassari), VAT no. 02694900909, tel.: (+39) 079 951 374, e-mail: info@sergiopesca.com(hereinafter the “Controller”), in its capacity as data controller, wishes to inform you, pursuant to art. 13 of Legislative Decree no. 196 of 30.6.2003 (hereinafter the “Italian Data Protection Act”) and to art. 13 of EU Regulation no. 2016/679 (hereinafter the “GDPR”), that your data will be processed by the following means and for the following purposes:

1. Object of Processing

The Controller shall process the personal, identifying data (for example, name surname, company name, address, telephone number, e-mail address, bank and payment details) – hereinafter “personal data” or also “data”) – you provide upon conclusion of contracts for the services provided by the Controller.

2. Purposes of Processing

Your personal data shall be processed:

A) without your explicit consent (art. 24, letters a), b) and c) of the Italian Data Protection Act and art. 6, letters b) and e) of the GDPR), for the following Service Purposes:

•          to conclude contracts for the services provided by the Controller;
•          to comply with the pre-contractual, contractual and fiscal obligations deriving from the relationship under way with you;
•          to comply with the obligations provided for by law, by regulations, by EU norms or orders issued by an Authority (for example to combat money laundering);
•          to exercise the rights of the Controller, for example the right to defence before the courts;

B) only with your specific, separate consent (arts. 23 and 130 of the Italian Data Protection Act and art. 7 of the GDPR), for the following Marketing Purposes:

•          to send you - via e-mails, post and/or text messages and/or telephone contacts – commercial communications and/or advertising material regarding products or services offered by the Controller and to record your level of satisfaction with the quality of the services provided;
•          to send you - via e-mails, post and/or text messages and/or telephone contacts – commercial and/or promotional communications of third parties.

Please note that if you are already among our customers, we may send you commercial communications regarding services and products of the Controller similar to those you have already purchased/used, provided you do not refuse consent (art. 130, para. 4 of the Italian Data Protection Act).

3. Means of Processing

1 Your personal data shall be processed using the operations indicated in art. 4 of the Italian Data Protection Act and art. 4, point 2) of the GDPR, i.e.: collection, recording, organisation, storage, consultation, adaptation or alteration, selection, retrieval, alignment, use, combination, blocking, disclosure, erasure and destruction of data. Your personal data may be processed on paper and using electronic and/or automated means.

The Controller shall process personal data for the period of time necessary to achieve the purposes above, and in any case, for no longer than 10 years from the end of the relationship for Service Purposes, and for no longer than two years from collection for Marketing Purposes.

4. Access to Data

Your data may be made accessible for the purposes set forth in art. 2.A) and 2.B):

•          to employees and contract staff of the Controller or the companies of Card Protection Plan Group in Italy and abroad, in their capacity as internal data processors and/or supervisors and/or system administrators;
•          to third-party companies or other subjects (indicatively, banks, professional firms, consultants, insurance companies for the provision of insurance services, etc.) that perform outsourcing services on behalf of the Controller, in their capacity as external data processors.

5. Disclosure of Data

Without the need for explicit consent (pursuant to art. 24 letters a), b) and d) of the Italian Data Protection Act and art. 6 letter b) and c) of the GDPR), the Controller may disclose your data for the purposes set forth in art. 2.A) to supervisory bodies (such as IVASS), legal authorities, insurance companies for the provision of insurance services, and to those subjects to which disclosure is mandatory by law for the aforesaid purposes. Said subjects shall process the data in their capacity as independent data controllers.

Your data will not be made public.

6. Transfer of Data

Personal data are held on servers located at OVH within the European Union, it being understood that, if necessary, the Controller shall be entitled to move the servers to non-EU countries. In such cases, the Controller herewith guarantees that the transfer of the aforementioned data outside of the EU shall take place in compliance with the applicable legal measures, upon application of the standard contract clauses provided for by the European Commission.

7. E-mail advertising if you subscribe to the newsletter

If you subscribe to our newsletter, we will regularly send you our e-mail newsletter based on your consent according to Art. 6 (1) 1 lit. a) GDPR, using the data required or disclosed by you separately for this purpose. You may unsubscribe from the newsletter service at any time. For this purpose you can either send a message to the contact option specified below or use the opt-out link in the newsletter. Upon unsubscription, we will delete your email address unless you have expressly consented to the further use of your data or we reserve the right to further use your personal data in the scope and manner permitted by the law, of which we inform you in this notice.

8. Provision of personal data and consequences of refusal to provide them

The provision of data for the purposes set forth in art. 2.A) is mandatory, and without them, we will be unable to guarantee you the Services indicated in art. 2.A).

The provision of data for the purposes set forth in art. 2.B) is not mandatory. You may therefore choose not to provide any data, or to subsequently refuse your consent for the processing of data already provided; in this case, you will not be able to receive newsletters, commercial communications and advertising material pertinent to the Services offered by the Controller. You will, however, continue to be entitled to the Services indicated in art. 2.A).

9. Rights of the Data Subject

As the Data Subject, you have the rights set out in article 7 of the Data Protection Act and article 15 of the GDPR, and specifically the right to:

1.   obtain confirmation of the existence of your personal data, even if they have not yet been recorded, and the notification thereof in an intelligible form;

2. obtain indications on: a) the origin of said data; b) the purposes for which and the means by which they are processed and; c) the logic applied in the event of processing with electronic equipment; d) the contact details of the Data Controller, Data Supervisor and designated representative pursuant to Article 5, paragraph 2 of the Data Protection Act and Article 3, Paragraph 1, of the GDPR; e) the subjects or categories of subjects to whom/which your data may be transmitted or which/who may be informed of your data in their role as the designated representative in the state territory, Data Supervisors or Data Processors;

3. request: a) the updating, rectification or where in your interests, supplementing of the data; b) the deletion, anonymization or blocking of any data processed in breach of the law, including those data that do not require to be stored for the purposes for which they were collected and subsequently processed; c) certification that any subjects to which your data were transmitted have been notified of the operations set out at letters a) and b), also in relation to their content, except in cases in which doing so would require the deployment of resources that are clearly disproportionate to the right being protected;

4.   oppose, wholly or partially: a) for legitimate reasons, the processing of your personal data, even if still relevant to the purposes for which they were collected; b) the processing of your personal data for the sending of advertising or direct sales material or for conducting market research or for commercial communications, through the use of automated calling systems without the intervention of an operator, by e-mail and/or by traditional marketing methods such as telephone and/or post. Please note that your right to oppose the processing operations set out above at point b) for purposes of direct marketing through automated methods also extends to traditional methods and, as such, may be exercised without prejudice to your three options, which are: to receive only communications by traditional methods or only automated communications, or neither of the two types of communications.

Where applicable, you are also entitled to exercise the rights provided for in arts. 16-21 of the GDPR (right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), and to file a complaint with the Data Protection Authority.

9. How to exercise your rights

You may exercise your rights at any time, by sending:

•          a registered letter with return receipt to: Sergio Pesca s.r.l. Via Degli Orti, 93 / I Portici - 07041 Alghero (Sassari)
•          an e-mail to: info@sergiopesca.com

10. Data Controller, Data Supervisor and Data Processors

The Data Controller is Sergio Pesca s.r.l., Via Degli Orti, 93 / I Portici - 07041 Alghero (Sassari).

Cookies

In order to make our website more intuitive and easier to use, we use cookies. Cookies are small amounts of data that allow Us to compare new visitors with previous visitors and to understand how users browse our website. We use the data collected via these cookies to make your browsing experience more pleasant and more efficient on subsequent visits. Cookies do not record any personal information on individual users, and any identifiable data will not be stored. If you wish to disable the use of cookies, you must change the settings of your computer to delete all cookies, or to activate an alert when cookies are stored. To continue without making any changes to the application of cookies, it is sufficient to continue browsing the website. The types of cookies we use are indicated below.

Technical cookies

Technical cookies are used for user log in and for the online shopping cart.

Third-party cookies

When you visit a website, you may receive cookies both from the website visited (“proprietary cookies”) and from websites managed by other organisations (“third-party” cookies). A good example are social media plug-ins for Facebook, Twitter, Google+ and LinkedIn. These are parts of the page visited that are generated directly by the aforementioned websites and integrated into the page of the host website. The most common use of social media plug-ins is to allow for the sharing of content on social networks. 
                The presence of these plug-ins involves the transmission of cookies to and from all the websites managed by third parties. The management of the information collected by third parties is governed by the pertinent disclosures, to which you should refer. For the sake of greater transparency and for your convenience, please find below the pertinent web addresses of the disclosures to see how cookies are managed.

Facebook: https://www.facebook.com/help/cookies/

Facebook (configuration): log in to your account, privacy section.

Twitter: https://support.twitter.com/articles/20170514

Twitter (configuration): https://twitter.com/settings/security

LinkedIn: https://www.linkedin.com/legal/cookie-policy

LinkedIn (configuration): https://www.linkedin.com/settings/

Google+: http://www.google.it/intl/it/policies/technologies/cookies/

Google+ (configuration): http://www.google.it/intl/it/policies/technologies/managing/