Privacy Policy

  HomeRepresenting Agency Italian Food  /  Privacy Policy

Privacy Policy

PRIVACY POLICY

This privacy policy is provided in accordance with Articles 13 and 14 of REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 (https://eur-lex.europa.eu/eli/reg/2016/679/oj) regarding the protection of individuals concerning the processing of personal data and the free movement of such data (hereinafter: “Regulation”).

This policy is directed to:

  • Customers of GB s.r.l.s. who have entered into a contract and/or potential customers of GB s.r.l.s. requesting a feasibility study, a quote, or other information.
  • Users who interact with the websites of GB s.r.l.s., accessible online at the following addresses: company@agencygb.com.
  • Users who use smartphone applications branded by GB s.r.l.s.

For brevity, hereinafter:

“Sites”: GB s.r.l.s. websites and GB s.r.l.s. apps. “Data Subjects”: Users of the Sites and customers or potential customers of GB s.r.l.s. “Services”: Hosting services, software development, support, and features offered by the Sites, such as newsletter subscriptions or contact forms. “Systems”: The IT infrastructure (servers, virtual servers, cloud, etc.) hosting the Sites and services provided by GB s.r.l.s.

TABLE OF CONTENTS

Data Controller Personal Data Processed Purposes of Processing Legal Basis and Mandatory or Optional Nature of Processing Recipients of Personal Data Transfer of Personal Data Data Retention Data Subject Rights

DATA CONTROLLER The data controller is GB srls – Via Pilozzo 17 – 00078 Monte Porzio Catone (Rm), Tel: 06 – 9421899, Email: company@agencygb.com.

Data Subjects may contact the data controller at any time to exercise their rights (see Section 8. Data Subject Rights).

PERSONAL DATA PROCESSED A – BROWSING DATA

In the course of their normal operation, GB s.r.l.s. systems acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols.

These are pieces of information that are not collected to be associated with identified data subjects but, by their very nature, could, through processing and association with data held by third parties, allow for the identification of users.

This category of data includes IP addresses or domain names of the computers used by users who connect to GB s.r.l.s. systems, URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.), and other parameters related to the user’s operating system and computer environment.

These data are used solely for the purpose of obtaining anonymous statistical information about the use of the Systems, monitoring their correct operation, and identifying anomalies and/or abuses. The data may be used to ascertain responsibility in case of hypothetical computer crimes against the Systems. For this reason, such data are retained for the time strictly necessary and in compliance with current regulatory provisions.

B – DATA VOLUNTARILY PROVIDED BY THE DATA SUBJECT VIA REGULAR MAIL AND/OR EMAIL

The optional, explicit, and voluntary sending of regular mail and/or email to GB s.r.l.s. addresses results in the subsequent acquisition of the sender’s address, which is necessary to respond to requests, as well as any other personal data included in the communication.

The data subject assumes responsibility for the personal data of third parties sent to GB s.r.l.s. and guarantees the right to communicate them, releasing GB s.r.l.s. from any liability toward third parties.

C – DATA VOLUNTARILY PROVIDED BY THE DATA SUBJECT THROUGH WEBSITE FORMS

Various forms or information request forms are active on the website, such as the newsletter subscription form, the comments submission form, the quote request form, the contact form, and more.

Filling out each of these forms allows the user to receive the service indicated by the form. For example, filling out the newsletter subscription form allows the user to receive the newsletter service, which entails receiving the latest news from the website via email. Filling out the contact or information request form allows the user to ask a general question and receive a response. Filling out the comments form allows the user to submit a comment on an article on the website, and so on.

Providing the data requested by these forms is optional. Refusing to provide the data will result in the impossibility of obtaining the requested service.

Personal data provided by users who choose to fill out the forms on the website will only be used to respond to the requests received, perform the requested tasks, provide the requested service, and for administrative and accounting purposes.

Users who choose to fill out the forms on the website authorize the processing of their personal data as indicated.

The data subject assumes responsibility for the personal data of third parties published or shared by sending comments on the website’s articles and guarantees the right to communicate or disseminate them, releasing GB s.r.l.s. from any liability toward third parties.

D – DATA ENTERED BY CUSTOMERS

Customers independently enter or update data remotely via the internet through a dedicated login and password in the web space and web applications available to them. GB s.r.l.s. does not and cannot control this information. Therefore, customers are responsible for protecting the data entered and must independently and directly comply with all legal provisions regarding the protection of personal data, including obtaining consent from third parties when necessary.

Customers assume responsibility for the personal data of third parties published or shared through GB s.r.l.s. systems and guarantee the right to communicate or disseminate them, releasing GB s.r.l.s. from any liability toward third parties.

The data entered by customers will be deleted from GB s.r.l.s. systems at the end of the provision of the requested services.

Data entered on the website https://www.agencygb.com is transferred in an encrypted manner and stored in an environment protected by antivirus and firewalls.

E – COOKIES

Cookies are small text files that websites visited by users send to their terminal (usually a browser), where they are stored and then sent back to the same websites on the user’s next visit.

Today, on the web, local storage techniques alternative to cookies, but more modern, are used, such as HTML5’s localStorage and sessionStorage. Their use on the website is regulated in the same way as cookies. Where this policy mentions cookies, users should understand a “technique for storing small amounts of data locally in their browser,” potentially including HTML5’s localStorage and sessionStorage.

TECHNICAL COOKIES PURPOSES AND PROCESSING

The cookies used on the website have the purpose of performing computer authentication or monitoring and storing sessions related to users accessing the site’s servers. Therefore, since they enable essential functions such as authentication, validation, session management, and fraud prevention, some operations may not be performed without using cookies. In such cases, cookies are technically necessary and do not require the consent of the data subject.

THIRD-PARTY COOKIES

On the website in question, in addition to technical cookies, the user may also receive cookies from different sites or web servers (so-called “third-party cookies”) on their terminal. This occurs because elements such as images, maps, sounds, specific links to web pages on other domains residing on servers different from the one where the requested page is located may be present on the visited website. These cookies, which are set by a website different from the one subject to this policy, come from third-party companies.

In such cases, the website is not involved in the operation of these cookies, whose transmission falls under the responsibility of these third-party companies.

For third-party cookies installed through the site, the information and consent obligations fall on the third parties. However, the site owner, as a technical intermediary between these third parties and users, is required to include links to updated information and consent forms of these third parties in the “extended” information.

Below is a list of third-party companies that may install cookies, including for profiling purposes, and for each, the links to their consent forms and privacy policies.

Third-party analytical cookies Google Analytics (aggregate and anonymized statistical information useful for assessing website usage and visitor activities. Tools that reduce the identifying power of cookies and anonymize data are used): Data Protection (https://www.google.com/analytics/learn/privacy.html), Browser add-on for disabling Google Analytics (https://tools.google.com/dlpage/gaoptout);

Third-party cookies Google (social functions, social sharing, Google+ button, Google login, Google widget, Google+ functions, YouTube Video, YouTube functions, Google Maps services, Google Fonts service, Google services in general): Privacy Policy (https://policies.google.com/technologies/types?hl=en), Types of cookies used by Google (https://policies.google.com/privacy?hl=en&gl=en)

Third-party cookies Linkedin (social functions, social sharing, LinkedIn button, LinkedIn login, LinkedIn advertising, LinkedIn widget, etc.): Cookies on the LinkedIn website (https://com/legal/cookie_policy);

Third-party cookies PayPal (Pay with PayPal function): Privacy Policy currently in force for PayPal Services (https://com/it/webapps/mpp/ua/privacy-full);

In addition to the links provided, it is possible to deactivate the customization of advertising messages carried out by third parties participating in the YourOnlineChoices.org initiative of the EDAA within the Your Online Choices website (http://www.youronlinechoices.eu).

Users can also change their browser settings to block cookies or receive a notification each time a website is about to save a cookie on their PC. Please refer to the user guide for your browser for detailed configuration procedures.

PURPOSES OF PROCESSING The processing that GB s.r.l.s. intends to carry out, subject to specific consent where necessary, has the following purposes:

a) To conclude, manage, and execute contracts for the provision of requested services. b) To enable browsing and consultation of GB S.r.l.s. websites. c) To respond to requests for assistance or information received via email, phone, or through contact forms on the website. d) To comply with legal, accounting, and tax obligations or other requirements imposed by competent authorities. e) To publish comments sent by data subjects on the website’s articles. f) To register data subjects who request it for the website’s newsletter.

LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF PROCESSING The legal basis for processing personal data for the purposes described in Section 3 (a-b-c) is Article 6(1)(b) of the Regulation: “processing is necessary for the performance of a contract to which the data subject is party or for the performance of pre-contractual measures taken at the data subject’s request.” The provision of personal data for these purposes is optional, but the failure to provide data would make it impossible to activate the requested services.

The purpose described in Section 3(d) constitutes a lawful processing of personal data under Article 6(1)(c) of the Regulation: “processing is necessary for compliance with a legal obligation to which the data controller is subject.”

The purposes described in Section 3(e-f) are based on the data subject’s consent as per Article 6(1)(a) of the Regulation. The provision of personal data for these purposes is entirely optional and does not affect existing contracts or the provision of other requested services.

RECIPIENTS OF PERSONAL DATA To fulfill the processing purposes described, GB s.r.l.s. may share data subjects’ data with:

  • Individuals, companies, or professional firms that provide assistance and consulting to GB s.r.l.s. in accounting, administrative, legal, tax, financial, and debt recovery matters.
  • Entities with which interaction is necessary to provide services (e.g., national and foreign domain registration authorities, entities providing credit card payment services).
  • Entities delegated to perform technical maintenance of GB s.r.l.s. systems (including maintenance of network equipment and electronic communication networks).
  • Entities delegated to provide the cloud infrastructure on which GB s.r.l.s. Systems are hosted.
  • Entities, organizations, or authorities to which the personal data must be communicated under legal provisions or orders from authorities.

TRANSFER OF PERSONAL DATA Some personal data of data subjects may be shared with recipients located outside the European Economic Area (EEA). This will only occur when the transfer is necessary to provide the service requested by the data subject. In such cases, the transfer is justified under Article 49(1)(b) of the Regulation. Data subjects can contact GB s.r.l.s. to obtain a copy of this data or information on where it is made available.

DATA RETENTION Personal data processed for the purposes described in Section 3 (a-b-c) will be retained for the time necessary to achieve those purposes. In any case, since these treatments are carried out to provide services, GB s.r.l.s. will process personal data for the time permitted by Italian law to protect its interests (Art. 2946 of the Civil Code and subsequent articles).

Personal data processed for the purposes described in Section 3(d) will be retained for the time established by the specific obligation or applicable law.

For the purposes described in Section 3 (e)(f), personal data will be processed until the data subject revokes their consent. In any case, GB s.r.l.s. reserves the right to retain the personal data of the data subject for the time permitted by Italian law to protect its interests (Art. 2947(1)(3) of the Civil Code).

DATA SUBJECT RIGHTS Data subjects have the right to request the data controller’s access to personal data, as well as their correction, deletion, or the limitation of processing. They also have the right to object to the processing and the right to data portability.

For the purposes described in Section 3 (e)(f), data subjects have the right to withdraw their consent at any time without affecting the lawfulness of processing based on consent before withdrawal.

Data subjects also have the right to file a complaint with a supervisory authority.

More specifically, data subject rights under the Regulation include:

  • Right of access by the data subject (Article 15)
  • Right to rectification (Article 16)
  • Right to erasure (Article 17)
  • Right to restriction of processing (Article 18)
  • Right to data portability (Article 20)
  • Right to object (Article 21)
  • Right to lodge a complaint with a supervisory authority (Article 77)

For the exercise of these rights, a dedicated mailbox has been established to which requests can be sent. The email address is: company@agencygb.com.

Back to top