Privacy Policy

Policy on the processing of personal data

This policy is provided pursuant to Article 13 of Regulation (EU) 2016/679 (the “Regulation” or “GDPR”) to those who browse and shop on the following website:

 

library.bertani.net

(the “Website”)

 

This Policy describes how your personal data will be processed in the context of using the sales services which can be reached from the Website. This policy is provided only for the Website and, therefore, the Controller does not accept any liability for other websites that may be consulted through hyperlinks on the Website. For these reasons, in order to know the details regarding the processing of personal data in these external websites, please refer to the related privacy policies. You are also invited to read the Cookie policy, the privacy policy, as well as the Terms and Conditions of Sale present on the Website.

  1. WHO IS THE DATA CONTROLLER?

Angelini Wines & Estates Società Agricola a r.l., with registered office in Via Roma 117, 60031, Castelplanio (AN), in the person of its pro tempore legal representative, is the data controller of your personal data (“Angelini” or the “Controller”), which may be contacted at the following e-mail address: angeliniwinesandestatessocagrarl@legalmail.it.

  1. HAS THE CONTROLLER APPOINTED A DATA PROTECTION OFFICER?

The Controller has appointed a “Data Protection Officer” or “DPO”. The DPO may be contacted via e-mail at dpo@angeliniwinestates.com or by writing by normal post to the following address:

Data Protection Officer c/o Angelini Wines & Estates Società Agricola a r.l.,

Via Roma n. 117,

60031, Castelplanio (AN).

 
  1. WHAT IS PERSONAL DATA? WHICH DATA DO WE PROCESS AND WHY?

“Personal Data” means any information capable of directly or indirectly identifying a natural person, in this case, you browsing the Website (“Data”). Below we outline what personal data is processed by the Controller in relation to the different purposes.

 

ACCOUNT ACTIVATION AND MANAGEMENT

Should you wish to create a personal Bertani Wine Club account, in accordance with the provisions of the General Conditions of Use of the Website, the Controller will acquire your identification data (e.g. name, e-mail address). The information you provide is then used to activate and manage your account, to make it easier for you to use certain services, and to enable you to make your purchases. The legal basis for this is the performance of our contractual relationship with you (Article 6(1)(b) GDPR) and, where applicable, the pursuit of our legitimate interest (Article 6(1)(f) GDPR).

 

PURCHASE MANAGEMENT

For the management of online purchases, the Controller, as the operator of the Website where purchases are made and seller of the product, will process the following the identification data: name, surname, date of birth, tax code, e-mail address, shipping address, telephone number, information necessary for payment (name of the payment card holder, payment card number, expiry, CVV or Paypal account and invoicing address). The Controller will process the above data to enable you to use the services on the website. The legal basis for this is the performance of the contractual relationship between you and the Controller (Article 6(1)(b) GDPR). The Controller will also process the above data for the proper performance of the sales contract. The legal basis for this is the performance of the contractual relationship between you and the Controller (Article 6(1)(b) GDPR) as well as fulfillment of legal, tax and accounting obligations, to which the Controller is subjected (Article (6)(1)(c) GDPR).

 

SUPPORT SERVICE

In the case of requests for information, for possible support in the use of the website or related to purchases, carried out through the dedicated channels (e.g. Customer Service, e-mail message), the Controller will process the following identification data (name and surname, e-mail address, telephone number) and any other information it deems appropriate to be provided in order to follow up on your request. The legal basis is the performance of the contractual relationship between you and the Controller (Article 6(1)(b) GDPR).

 

SENDING DIRECT MARKETING COMMUNICATIONS

If you have provided your consent, the Controller may send you, by e-mail or text message, commercial communications to notify you of news about products, promotions, events and/or initiatives carried out by the Controller (Communications also called Newsletters). The legal basis is your consent (Article 6(1)(a) GDPR), which you can withdraw at any time by writing to the following e-mail addresses angeliniwinesandestatessocagrarl@legalmail.it or dpo@angeliniwinestates.com.

 

KNOW YOUR PREFERENCES AND CUSTOMISE PRODUCT OFFERINGS

Subject to your explicit consent, the Controller may process your personal data to know and analyse your preferences and consumption habits in order to personalise your experience and offer you products in line with your tastes. For this purpose, data related to purchases you make on the Website and any additional information you may provide in using the Website will be processed. Analysis of your data may also take place using automated techniques, and profiling activities may be carried out. The legal basis is your consent (Article 6(1)(a) GDPR), which you can withdraw at any time by writing to the following e-mail addresses angeliniwinesandestatessocagrarl@legalmail.it or dpo@angeliniwinestates.com.

 

DEFENDING RIGHTS IN COURT

The Controller may process your Data to assert and defend its rights. Where necessary, processing will be based on the condition of lawfulness pursuant Article 6(1)(f) GDPR (Legitimate interest of the Controller). For such purposes. provision of Data is optional. Nevertheless, in the event of failure to provide it, the Controller will not be able to guarantee you browsing on the Website.

In any case, the Controller undertakes to collect only information that is adequate, relevant and limited to that strictly necessary to achieve the purposes pursued by the latter case by case, and that this does not result in a limitation or other violation of your rights and freedoms as a data subject.
  1. WHERE DO WE TRANSFER YOUR DATA NA TO WHOM DO WE COMMUNICATE IT?

The server where the Website is located is within the European Economic Area (EEA). Your Data may be communicated to other companies of the Angelini Group, as well as to third party companies located within the European Economic Area that the Controller uses for the pursuit of the above purposes, specifically appointed as data processors pursuant to Article 28 GDPR. Where required by law, your Data may also be disclosed to other companies, Competent Authorities or Public Bodies located within the European Economic Area, which will process it for their own purposes as autonomous data controllers. To request a complete and up-to-date list of Data recipients (data processors and/or autonomous data controllers), you may contact the Controller or DPO at the contact details provided in paragraphs 1 and 2.

  1. FOR HOW LONG DO WE PROCESS AND RETAIN YOUR DATA?

The Controller will process and retain your personal data for a limited period of time, strictly necessary to achieve the above-mentioned purposes, which differs according to the type of purposes described above, as outlined below. Once this period has expired, your data will be permanently deleted or otherwise irreversibly anonymised, except where retention for a later period is required for any litigation, requests by the competent authorities or pursuant to applicable legislation. For each of the purposes mentioned in paragraph 3, your Data will be retained in accordance with the following:

 
  • Account activation and management: for this purpose, your data will be processed by the Controller for as long as the account itself is used; following deletion of the account, the data will not be subject to further retention.
  • Purchase management: for this purpose, your data will be processed by the Controller for the time necessary to process your order, via the website, and for the performance of the sales contract, and will be subject to further retention for a period of 4 years from the last registration of tax documents exclusively for the fulfillment of tax obligations. Your data will be subject to further retention for a period of 10 years after purchase exclusively for purposes of protecting the rights of the Controllers as well as for the fulfillment of other legal obligations.
  • Support service: for requests for information or support through the dedicated channels (e.g., Customer Service, e-mail message), your data will be processed by the Controller, until your request is fulfilled and, upon the conclusion of the same, will be deleted.
  • Sending direct marketing communications: your Data will be retained for 24 months after your confirmation to receive commercial communications, unless your consent, in cases where it is required, is withdrawn earlier. After the 24-month period has passed, the data will be deleted. Upon withdrawal of consent, in cases where it is required, even if this occurs before the 24-month period has elapsed, the Controller will cease all data processing based on such consent.
  • Know your preferences and customise product offerings: your Data will be retained for 12 months after your confirmation to receive customised commercial communications, unless your consent, in cases where it is required, is withdrawn earlier. After the 12-month period has passed, the data will be deleted. Upon withdrawal of consent, in cases where it is required, even if this occurs before the 12-month period has elapsed, the Controller will cease all data processing based on such consent.
  • Defending rights in court: your Data will be retained for the time strictly necessary for the defense of rights in court;
 

The retention periods of your Data indirectly collected by the Controller via cookies are listed in the appropriate Cookie Policy.

  1. WHAT ARE YOUR RIGHTS AS A DATA SUBJECT?

You, as a data subject, have the right to:

  • access and request copies of the Data;
  • request rectification or updating of Data where inaccurate or incomplete;
  • request, under certain circumstances, deletion of the Data or restriction of processing concerning the Data;
  • withdraw consent where the processing of Data was based on the aforementioned condition of lawfulness.
  • request Data portability (where applicable);
  • object to its processing (where applicable);
 

Finally, you may at any time lodge a complaint with the Data Protection Authority. In order to obtain further information regarding your rights, you may contact the Controller or the DPO at the contact details provided in paragraphs 1 and 2 of this policy.

You are free to exercise your rights in any way you choose and it is free of charge.  
  1. HOW TO LODGE A COMPLAINT

If you wish to lodge a complaint concerning the manner in which your Data is being processed, or concerning the handling of a complaint you have lodged, you may lodge a complaint directly with the Supervisory Authority (Garante per la protezione dei dati personali, Piazza Venezia 11, 00187 - Rome, Italy, Telephone +39 06696771, E-mail: protocollo@gpdp.it, www.garanteprivacy.it).

 
  1. FINAL PROVISIONS

The Controller reserves the right to modify and/or update this policy.

 

[version last updated April 2024]