‘D.C.M. S.r.l.’, ‘we’ and ‘our’ refer to D.C.M. S.r.l., a limited liability company subject to the laws of the Italian State and with registered office at Via Santa Croce 31 – Castellabate(SA), Italy, VAT no. 05165860650.
‘User’, ‘You’, ‘Your’ and similar terms, whether used in the singular or plural, refer to you as the user of our website.
‘Website’, ‘Site’, ‘Platform’ or similar terms refer to the following web address: https://vinebrio.com.
Section 1. – Introduction
First of all, your privacy is important to us. We know everyone says this, but it really does matter to us. You place your trust in us by using our website and we really appreciate that. This means that we are committed to protecting and safeguarding any personal data you provide us with. We act in the best interests of our customers and with transparency regarding the processing of your personal data.
In this document we describe, in a clear, simple and user-friendly manner, how we use and process the personal data of the users of our website. We also talk about which rights you can exercise and how you can contact us.
This information is provided pursuant to Article 13 EU Regulation 2016/679 – General Data Protection Regulation (hereinafter referred to as ‘Regulation’) – to those persons who interact and access our web services by electronic means. We hereby inform you that the personal data provided to D.C.M. S.r.l. may be processed in compliance with the aforementioned regulations and confidentiality obligations.
In processing your personal data, we undertake to comply with the general principles of lawfulness, fairness, transparency, purpose limitation and storage, data minimization, accuracy, completion and confidentiality.
Section 2. – Personal data controller
The data controller of the personal data we process is D.C.M. S.r.l.
You can contact our data protection officer by sending an e-mail to email@example.com and stating ‘personal data processing’ in the subject line.
Section 3. – Your rights
As a data subject, you have the rights set out in Article 15 GDPR, namely:
obtain confirmation as to whether or not personal data concerning you exists, even if it has not yet been recorded, and its communication in intelligible form;
obtain the indication of:
the origin of personal data;
the purposes and methods of processing;
the logic applied in the event of processing carried out with the aid of electronic means;
the details identifying the data controller, the data processors and the designated representative pursuant to Article 3(1) GDPR;
the recipients or categories of recipients to whom the personal data may be disclosed or who or which may become aware of it in their capacity as designated representative(s) in the territory of the State, data processor(s) or person(s) in charge of processing;
the updating, rectification or, when relevant, the completion of the data;
the erasure, transformation into anonymous form or blocking of data processed in breach of the law, including data whose storage is not necessary in relation to the purposes for which the data was collected or subsequently processed;
certification to the effect that the operations referred to in Section 3.1(a) and (b) have been communicated, also as regards their contents, to the persons to whom the data was disclosed or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort with respect to the right that is to be protected;
Objecting in whole or in part:
on legitimate grounds to the processing of your personal data, even if relevant to the purpose of collection;
to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for the performance of market research or marketing communications, through the use of automated calling systems without the intervention of an operator by e-mail and/or through traditional marketing methods by telephone and/or printed mail. It should be noted that the data subject’s right to object, as set out in Section 3.1(c) above, for direct marketing purposes by automated means extends to traditional marketing methods and that, in any event, the data subject’s right to object may also be exercised in part. Therefore, the data subject may decide to receive only communications by traditional means, or only automated communications, or neither communication type.
Where applicable, the data subject also has the rights set out in Articles 16-21 GDPR (right to rectification, right to be forgotten, right to restriction of processing, right to data portability, right to object), as well as the right to lodge a complaint with the Data Protection Authority.
Section 4. – Processing of your personal data when using our services
We process your personal data on the legal basis of legitimate interests, except in specific circumstances in which you provide your consent.
We adopt appropriate safeguards to protect your privacy and process your personal data for the following purposes:
providing, securing, maintaining and improving our Services and our website;
developing new products and functionalities related to the search for services and products best suited to you;
understanding how users use our website, to improve performance and the site itself;
offering direct marketing services to our users in connection with our Services, i.e. our website;
promoting advertising conducted by us and third parties on our website and on third-party websites;
complying with legal obligations, avoiding fraud and settling disputes;
assisting legal authorities in the investigation and in tackling criminal offences.
By using our services, you consent to the processing of the following personal data:
identifiable personal information, such as names, addresses, telephone numbers or e-mail addresses;
personal details, such as age, gender or date of birth;
identifiable electronic data, such as IP addresses, cookies, connection times, device IDs, advertising identifiers for mobile devices, date and time of the request for information, time and content of the request (actual page), access status code/HTTP status, amount of data transferred, website receiving the request, browser used and its version, operating system, interface and language;
data that your browser or device makes available;
electronic location data, such as GPS and other location data;
identifiable financial data, such as credit or debit card numbers;
data relating to your interaction with our website;
security details, such as passwords, where required, relating to our website.
When you use our website, we may share your personal data with the following categories of recipients:
third party service providers which process data on our behalf, including:
hosting and storage service providers, customer support services, communication services, security and fraud prevention services, payment and credit card services, analytics, advertising and marketing services. These providers have a contractual obligation not to share your personal data with third parties or use your data for any other purpose;
third-party service providers who are autonomous data controllers, including security and fraud prevention service providers and advertising and marketing providers;
business partners or affiliated companies with which we jointly offer products or services;
professionals and consultants outside our company;
employees and collaborators;
law enforcement authorities, with the aim of preventing, detecting and prosecuting unlawful activities, threats to public or state security and preventing threats to people’s lives;
as part of a corporate transaction, such as a merger, divestiture, consolidation or sale of assets.
carriers and/or couriers in order to ensure the correct shipment of orders placed
Section 5. – Storage period of your personal data
The data collected shall be kept for no longer than is necessary for the purposes for which the personal data is processed (‘principle of storage limitation’, Article 5, GDPR) or in accordance with the terms of expiry set forth by the law.
The Data Controller shall therefore process your personal data for the time necessary to fulfil the purposes set out above, without prejudice to the five or ten year storage periods for civil, accounting and tax documents and related data as provided for by the applicable laws for the purposes set out in point 3 a) and for no longer than 5 years from the end of the relationship for the provision/supply of the service/product, pursuant to Article 24 of Italian Law 167/2017 [the so-called Legge Europea](Data Retention) unless you request erasure.
Periodic review on the obsolescence of stored data in relation to the purposes for which it was collected are carried out.
Section 6. – Transfer of Data Abroad
The personal data collected is stored on servers located within the European Union.
Your collected data shall not be transferred to non-EU countries.
Section 7. – Processing and security arrangements
We have adopted extensive technical and operational security precautions to protect your data from being manipulated, lost, destroyed or accessed by unauthorized persons, either accidentally or intentionally. Our security measures are periodically reviewed and updated to keep them up-to-date with technological advances.
The personal data provided by you shall be processed in accordance with the aforementioned regulations and the confidentiality obligations that govern the Data Controller’s activities. The data will be processed both by electronic and paper-based tools.
In this respect we inform you that the Data Controller adopts all reasonable measures to protect your Personal Data against any loss, misuse or unauthorized access, disclosure, alteration or destruction. Please note that no transmission via the Internet is ever completely secure or error-free.
Section 8. – Contact by e-mail, contact form
When you contact us by e-mail or via a contact form, we will store the data you provide (your e-mail address, possibly your name and telephone number) in order to be able to answer your questions. Insofar as we use the contact form to request unnecessary information, we always mark this data as optional. This information serves to provide us with a context and improve the handling of your request. Your message may be linked to different types of use of our website. This information is provided on an explicitly voluntary basis and with your consent, pursuant to Article 6(1)(a) of the GDPR. Where such information relates to communication channels (e.g. your e-mail address or telephone number), you also agree that, where appropriate, we may contact you via these channels in order to provide a response to your enquiry. Of course, you may subsequently revoke this consent at any time.
We periodically delete data collected in this context when its storage is no longer necessary or restrict its processing where there are legal regulations governing its storage.
Section 9. – Newsletter
With your consent, as provided for in Article 6(1)(a) of the GDPR, you may register for our newsletter, thanks to which you will always be kept up-to-date about our offers.
The only information required to send the newsletter is your e-mail address. Additional data can be provided on a voluntary basis and will be used to contact you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter. The legal basis for the above is Article 6(1)(a) of the GDPR.
You may revoke your consent to receive the newsletter at any time by clicking on the link provided in each newsletter or by contacting our data protection officer.
Section 10. – External Links
Section 11. – Third-party social plugins and widgets (if you use them)
Our website may contain plug-ins for the most popular social networks (Facebook, Twitter, LinkedIn) operated by the third parties concerned. Such plug-ins could for example correspond to the ‘Like’, ‘Share’ buttons of Facebook or ‘Retweet’ buttons of Twitter. If you access one of the pages of our website, which is equipped with such a plug-in, your browser connects directly to the servers of the third party and the plug-in is displayed on your screen through your browser connection. The plug-in may tell the third party’s servers which pages the user has visited. If a social network user visits our web pages while logged into his/her account, this information may be associated with his/her account. Even if you use the plug-in functions (e.g. clicking the ‘Like’ button), the information will be associated with your account.