Privacy policy
The website www.cinquedivino.it collects certain Personal Data from its Users.
This privacy policy is drafted in accordance with applicable data protection regulations, including Articles 13 and 14 of Regulation (EU) 2016/679 (hereinafter referred to as GDPR) and Legislative Decree no. 196/2003 (Privacy Code), as amended by Legislative Decree no. 101/2018.
Data Controller
RISTORANTE – OSTERIA “Cinque di Vino” S (hereinafter referred to as the Controller), with registered office at Viale San Francesco, 32 – VAT No. 05042040484 – Tel: +39 055 8228116 – Email: info@cinquedivino.it.
Types of Data Collected and Purpose of Processing
a) Contacts. Users can contact the Controller to request information or for any inquiries regarding the products and services offered. The data collected includes those provided in the body of the message sent to the Controller’s email address; cookies, usage data, and IP addresses (the latter are used solely to obtain anonymous statistical information on website usage and to ensure its proper functioning. Please refer to the Cookie Policy available on the website).
The purpose of processing your data is to respond to your requests, and the legal basis for processing is the execution of pre-contractual and contractual measures (Art. 6, letter b, GDPR).
b) Content on External Platforms. These services allow for the display of content hosted on external platforms directly from the pages of this Website and for interaction with such content. If a service of this type is installed, it may collect traffic data related to the pages where it is installed, even if Users do not use the service.
The widgets installed on this site include:
- Email: A service that allows the User to send an email message directly to the Controller through the platform linked to the Controller’s email address. Refer to the privacy policy of the email providers used by the User.
- Google Maps: A map visualization service provided by Google Inc., which allows this Website to integrate such content into its pages. Personal data collected by the Controller through the platform includes cookies and usage data. Refer to Google’s privacy policy (https://policies.google.com/privacy?hl=en). Note that your data may be processed by Google, even in non-EU countries. However, Google offers a range of mechanisms for international data transfer and is certified under EU-U.S. frameworks, which provide a legal basis for transferring personal data from the EEA to the United States, ensuring compliance with European data protection laws.
- TripAdvisor (TripAdvisor LLC): The TripAdvisor widget is a content visualization service provided by TripAdvisor LLC, allowing this Website to integrate content from this external platform into its pages. Personal data collected: cookies and usage data. Location of processing: United States – Privacy Policy: https://www.tripadvisor.com/pages/privacy.html.
Methods and Location of Data Processing
Data is processed using IT and/or telecommunication tools, with organizational methods and logics strictly related to the purposes indicated and, in particular, by adopting adequate security measures as required by Regulation (EU) 679/2016. In addition to the Controller, other individuals involved in the operation of this application (staff authorized by the Controller) or external parties (such as third-party technical service providers, hosting providers, and website administrators) may have access to the data. These parties may also be appointed, if necessary, as Data Processors by the Controller.
Legal Basis for Processing
The processing of your data is necessary to fulfill your requests (particularly for the execution of pre-contractual measures such as information requests about the Controller’s services and contractual obligations).
Data Storage Location and Communication
Data is processed and stored at the Controller’s registered office by staff authorized by the Controller or by individuals occasionally engaged in maintenance operations.
Personal data is stored on servers located within the Controller’s premises and within the European Union, except as stated in section 1, letter b) above.
Your data may be disclosed to third parties belonging to the following categories:
- Service providers for the management of the website used by the Controller and communication networks (including email);
- Competent authorities for legal compliance and/or public authority requests.
Your data will not be disseminated.
Individuals belonging to the above categories either act as Data Processors or operate independently from the Controller.
Users may request information about the up-to-date list of data processors from the Controller using the contact details provided at the beginning of this document.
Nature of Data Provision and Consequences of Refusal
Providing data is necessary to use the requested services. Refusal to provide data may result in the inability of the Controller to provide these services.
Data Retention Period
Data is processed and stored for the time required to fulfill the purposes for which it was collected.
- Personal data collected for purposes related to the execution of a contract between the Controller and the User will be retained until the contract is fully executed and, in any case, in compliance with applicable regulations.
- Personal data collected for pre-contractual purposes will be deleted if the contract is not concluded.
The Controller may be required to retain personal data for a longer period in compliance with legal obligations or orders from authorities.
After the retention period, personal data will be deleted. Consequently, the right of access, deletion, rectification, and data portability can no longer be exercised.
User Rights
Users have the right to exercise certain rights regarding their data processed by the Controller, including the right to:
- Withdraw consent at any time;
- Object to data processing;
- Access their data;
- Verify and request rectification;
- Obtain restriction of processing;
- Request deletion or removal of their personal data;
- Receive their data or transfer it to another controller;
- File a complaint with the supervisory authority (Privacy Authority).
How to Exercise Rights
To exercise these rights, Users may submit a request using the Controller’s contact details provided in this document.
System Logs and Maintenance
For operational and maintenance purposes, this application may collect system logs, which are files that record interactions and may also include personal data such as the User’s IP address.
Additional Information
Further information regarding the processing of Personal Data can be requested at any time from the Data Controller using the contact details provided.