Personal data gathered for the following purposes and using the following services:
Statistics: Google Analytics
Personal Data: Cookies and Usage data
Contact users: Contact form (this Application)
Personal data gathered: surname, email address, name and telephone number.
Data subjects: website browsers
Last modification: 14 December 2018
VIA MANZONI 29/A
22071 CADORAGO (CO)
VAT Reg. No. 01543570137
CONTROLLER Mrs. Giovanna Verga
Ref. no. 20180058466
CENTRO SPERIMENTALE DEL LATTE SRL
STRADA PER MERLINO 3
26839 ZELO BUON PERSICO (LO)
VAT Reg. No. 00886520154
CONTROLLER Mrs. Giovanna Verga
Ref. no. 20180058472
CAGLIFICIO CLERICI SPA
VIA MANZONI 29
22071 CADORAGO (CO)
VAT Reg. No. 00193040136
CONTROLLER Mrs. Giovanna Verga
Ref. no. 20180058469
Types of data gathered
The Personal Data gathered by this Application, in an autonomous way or through third parties, include Cookies and Usage data.
Personal Data can be provided freely by the User or, in the case of Usage Data, gathered automatically while the Application is used.
Unless otherwise specified, all the data requested by this Application are obligatory. If the User refuses to communicate these data, it may be impossible for the Application to provide the service. In cases where this Application indicates that some data are optional, Users need not provide such data without this having any consequence on the availability of the Service or on its operating effectiveness.
Users who have doubts about which Data are obligatory are invited to contact the Controller.
The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Application and guarantees that he/she is authorized to communicate or disclose them, relieving the Controller from any and all liability vis-à-vis third parties.
Method and place of the Data Processing
The Controller adopts suitable security measures to prevent unauthorized access, disclosure, modification or destruction of the Personal Data.
Processing is performed using computer and/or electronic tools, adopting organizational methods and with logics strictly linked to the purposes indicated. Besides the Controller, in some cases other subjects in the organization of this Application (administrative, commercial, marketing, legal personnel and system administrators) or external subjects (such as third party suppliers of technical services, couriers, hosting providers, IT companies, communication agencies) appointed and, if necessary, Processors appointed by the Controller, may have access to the data. The updated list of Processors can be requested from the Controller at any time.
Legal basis of the processing
The Controller processes the User’s Personal Data if any of the following conditions exist:
– the User gives his/her consent for one or more specific purposes: N.B.: in some legal systems the Controller may be authorized to process Personal Data where the User’s consent or another of the legal bases specified below does not exist, until the User objects (opt-out) to the processing. However, this does not apply if the personal data processing is governed by European legislation concerning the protection of personal data:
– the processing is necessary for the performance of a contract with the User and/or the performance of pre-contract measures;
– the processing is necessary to fulfil an obligation of law to which the Controller is subject;
– the processing is necessary for the fulfilment of a public interest task or for the exercise of official authority vested in the Controller;
– the processing is necessary to pursue the legitimate interest of the Controller or third parties.
In any case, the Controller can be asked at any time to specify the actual legal basis for each processing and, specifically, to specify if the processing is based on law provisions, established by a contract or necessary to enter into a contract.
The Data are processed at the Controller’s operating bases and at any other place in which the parties involved in the processing are located. Contact the Controller for further information.
The User’s personal data may be transferred to a country other than the one in which the User is located. For further information about the place of the processing Users can consult the section that provides detailed information about the Personal Data processing.
Users are entitled to obtain information about the legal basis for the transfer of data outside the European Union or to an international organization subject to international public law or set up in two or more countries such as, for example, the UN, as well as about the security measures adopted by the Controller to protect the data.
The Data are processed and stored for the time necessary for the purposes for which they were gathered.
– Personal Data gathered for purposes linked to the performance of a contract between the Controller and User will be stored until the performance of such contract has been completed.
– the Personal Data gathered for purposes related the Controller’s legitimate interest will be stored until such interest is fulfilled. Users can obtain further information about the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When the processing is based on the User’s consent, the Controller can store the Personal Data for a longer period time, until such consent is withdrawn. Moreover, the Controller may be obliged to store the Personal Data for a longer period in compliance with an obligation of law or in observance of an order issued by an authority.
The Personal Data will be erased at the end of the storage period. Therefore, on expiry of this deadline, the right to access, erasure, rectification and portability of the data cannot be exercised.
Purpose of the data processing
Users’ data are gathered to allow the Controller to provide its Services and for the following purposes: Statistics
Users can refer to the relevant sections of this document for further detailed information about the purposes of the processing and about the Personal Data objectively relevant for each purpose.
Details about the data processing
Personal data are gathered for the following purposes and using the following services:
The services contained in this section allow the Controller to monitor and analyse the traffic data and are used to track the User’s movements.
Google Analytics (Google Inc.)
Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the Personal Data gathered in order to track and study the use of this Application, fill in reports and share them with the other services developed by Google.
Google could use the Personal Data to contextualize and personalize the adverts on its advertising network.
Personal data gathered: Cookies and Usage data.
Contact the user
Contact form (this Application)
Users, filling in the contact form with their data consent to the use of same to answer requests for information, for quotations or for any other requests indicated in the header of the form.
Personal data gathered: surname, email, name and telephone number.
Users can exercise certain rights over the data processed by the Controller.
Specifically, Users are entitled to:
– withdraw consent at any moment. Users can withdraw the consent previously given to the processing of their Personal Data.
– object to the processing of their data. Users can object to the processing of their data when such processing is carried out on a legal basis other than consent. Further details about the right to object are illustrated in the section below.
– access data. Users have the right to obtain information about the data processed by the Controller, about certain aspects of the processing and to receive a copy of the Data processed.
– check and request rectification. Users can verify the correctness of their data and request their update or correction.
– obtain restriction of the processing. Under certain conditions, User can request restriction of the processing of their data. In this case, the Controller will not process the data for any purpose other than their storage.
– obtain erasure or removal of their personal data. Under certain conditions, Users can request erasure of their data.
– receive the data or transmit same to another controller. Users have the right to receive their data in a structured, commonly used and machine-readable format and, where technically feasible, have the right to transmit those data to another controller. This portability is applicable when the processing is carried out using automated means and the processing is based on the User’s consent, on a contract to which the User is a party and on contractual measures related to it.
– lodge a complaint. Users can lodge a complaint with the competent supervisory authority or take legal action.
Information about the right to object
When the Personal Data are processed in the public interest, in the exercise of official authority vested in the controller or to pursue a legitimate interest of the Controller, Users have the right to object to the processing for reasons linked to their specific situation.
Users are informed that, if their data are processed for direct marketing purposes, they can object to the processing without providing any justification. Users should refer to the relevant sections of this document to find out if the Controller processes data for direct marketing purposes.
How to exercise the rights
To exercise their Rights, Users can send a request to the Controller’s contact addresses and numbers indicated in this document. These requests are made free of charge and are fulfilled by the Controller as soon as possible and, in any case, within one month.
Other information about the processing
Defence in legal proceedings
Users’ Personal Data can be used by the Controller in legal cases or in the stages prior to possible defence against misuse by Users of this Application or the related services.
Users declare to be aware of the fact that the Controller could be obliged to disclose Data if ordered to do so by the public authorities.
System logs and maintenance
For functioning and maintenance needs, this Application and any third party services used by it may gather system logs; that is, files that record interactions and that can also contain personal data such as Users’ IP addresses.
Information not contained in this policy
Other information regarding the processing of personal data can be requested from the Controller using the contact details.
Answer to “Do Not Track” requests
This Application does not support “Do Not Track” requests.
To discover if any third party services used support these requests, Users are invited to consult the relevant privacy policies.
If the modifications regard processing whose legal basis is consent, the Controller will organize a new gathering of Users’ consent, if necessary.
Definitions and legal references
Personal Data (or Data)
Personal data means any information that, directly or indirectly, also in relation to other information, hereby including a personal identification number, render an individual identified or identifiable.
This is information gathered automatically through this Application (also from third party Applications integrated in this Application), including: IP addresses or domain names of the computers used by Users who connect to this Application, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used to send the request to the server, the size of the reply file obtained, the numerical code indicating the reply status from the server (success, fail, etc.), the country of origin, the characteristics of the browser and of the operating system used by the visitor, the various time aspects of the visit (e.g. the time spent on each page) and the details of the path followed inside the Application, with special reference to the sequence of the pages consulted, the parameters of the operating systems and the Users’ IT environment.
The individual who uses this Application who, unless otherwise stated, coincides with the Data Subject.
The individual to whom the Personal Data refer.
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data hereby including the security measures regarding the functioning and use of this Application. Unless otherwise stated, the Controller is the owner of this Application.
The hardware or software using which Users’ personal data are gathered and processed.
The Service provided by this Application as defined in the relevant terms (if present) on this site/application.
European Union (or EU)
Unless otherwise stated, any reference to the European Union contained in this document is considered to cover the current member states of the European Union and European Economic Area.
Small portion of data stored inside the Users’ device.
Information under art. 13 of Legislative Decree no. 196 of 30 June 2003, Personal Data Protection Code and art. 14 of Regulation no. 679/2016 GDPR.
The personal data provided by the User will be included in a special computer database, so that it can be used to access the services requested. The data controller is Centro Sperimentale del Latte Srl with registered office in Zelo Buon Persico (LO), Strada per Merlino, 3.
Centro Sperimentale del latte Srl as controller of the data, informs you that the email address requested at the time of registration and other personal data provided will be processed with the consent of the data subject in order to provide the information requested by the User.
In accordance with art. 7 of Legislative Decree no. 196 of 30 June 2003 (Personal Data Protection Code) and art. 17 of Regulation no. 679/2016 GDPR, the User has the right to obtain confirmation of the existence or otherwise of personal data concerning him, even if not yet recorded, and its communication in intelligible form. In addition, the User has the right to be informed of:
• the origin of personal data;
• the purposes and methods of processing;
• the software used in the event of processing with the aid of electronic instruments;
• the identification details of the controller, officer and representative appointed under art. 5, paragraph 2 of Legislative Decree no. 196 of 30 June 2003;
• the persons or categories of persons to whom the personal data may be communicated or who may learn about them as appointed representatives in the territory of the State, officers or agents.
In addition, the User has the right to demand:
• the updating, rectification or, where there is an interest, supplementation of the data;
• the cancellation, anonymisation or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data was collected or subsequently processed. The request for cancellation of the data must be sent to firstname.lastname@example.org.
• certification to the effect that the operations described above have been notified, including with respect to their contents, to the entities to which the data has been communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
Finally, the User has the right to object, in whole or in part:
• for legitimate reasons to the processing of personal data concerning him, even if pertinent to the purpose of collection;