Privacy policy

Information pursuant to Article 13 of EU Regulation 2016/679

Pellini Caffè S.p.a. with the acronym P.C. Erboris S.p.A. – P.C. EDA S.p.A. and P.C Guarany S.p.A., with registered office in Bussolengo (VR) at Via I Maggio 8, tax code 00668920325 and VAT number 00990940967, certified email address amministrazione@pec.pellinicaffe.it, e-mail gdpr@pellinicaffe.it, in its capacity as Data Controller (hereinafter the “Company” or the “Controller”), pursuant to and for the purposes of EU Regulation 2016/679 (hereinafter the “Regulation” or “GDPR”) and Italian Legislative Decree no. 196 of June 30, 2003, as amended (hereinafter referred to as the “Decree”), hereby provides you, pursuant to Article 13 of the GDPR, with the necessary information regarding the processing of your personal data.

In this policy, you may also be referred to as the Data Subject, pursuant to the GDPR.

1. Purpose of processing

Your personal data, not “special” as defined by Article 9 of the GDPR, provided through the website www.pellinicaffe.com (“Website”), for example by filling out the form in the contact section, sent by email or otherwise communicated while browsing the Website or after browsing it, or otherwise acquired even in your presence, will be processed by the Data Controller solely for the following purposes:

a) to provide the requested information, provide customer care services, evaluate your job application, and to comply with administrative, tax, and legal obligations;

b) with your specific and express consent, to send you informational, promotional, advertising, and marketing material about the Data Controller’s products or services via email, text message, or WhatsApp.

The personal data collected will not be subject to any automated decision-making process, including profiling.

You are expressly prohibited from communicating so-called “special” data (e.g., health status, sexual orientation, religious or political beliefs, etc.) to the Data Controller. If you transmit such data, the Data Controller will delete it immediately.

2. Legal basis for data processing and nature of data provision

The legal basis for the processing is the execution of pre-contractual measures (Art. 1 point a)), which, pursuant to the GDPR, does not require your consent.

For the processing of personal data for the purposes referred to in Art. 2 point b), the legal basis is your express consent.

The provision of data for the purposes referred to in Art. 1 point a) is mandatory and failure to provide such data will make it impossible to process your request. The provision of data for the purposes referred to in Art. 1 point b) is optional.

3. Methods of processing and data retention period

The processing will be carried out with the aid of computer systems by persons specifically appointed for this purpose, in compliance with the security measures prescribed by the Regulation. In certain cases, the processing may also be carried out in paper form, again by persons appointed for this purpose and in compliance with current privacy legislation. Personal data processed for the purposes referred to in Article 1(a) will be retained by the Data Controller for two years from your first contact with the Company. Personal data processed for the purposes referred to in Article 1(b) will be retained for a maximum of two years.

4. Scope of communication and dissemination

Your personal data may be communicated to third parties such as sales agents, customer service providers, in order to satisfy your requests, or to IT service providers who may have access to the Pellini Caffè website for the purposes of maintenance or updating of the website itself, or to communication agencies. Finally, they may be communicated to any other entity, natural or legal person, to whom the obligation to communicate the data is imposed by law or by the competent authorities.

 

5. Transfer of Data to international organizations and/or countries outside the European Economic Area (“EEA”)

Please note that personal data may be transferred to cloud service providers based in the US (e.g., Microsoft, provider of the Microsoft 365 service). The transfer is based on an adequate guarantee provided by the EU Commission’s Adequacy Decision of July 7, 2023, regarding US legislation on the protection of personal data, as amended by the EU-US bilateral agreement known as the Trans-Atlantic Data Protection Framework.

 

6. Cookie Policy

The Cookie Policy can be consulted at the following link https://www.pellinicaffe.com/en/cookies-policy/

7. Rights of the data subject

In accordance with the provisions of Article 13, paragraph 2 of the Regulation, the Data Controller informs you that you have the right to:

a) ask the Data Controller for access to your personal data and to correct or delete it, or to limit the processing of data concerning you, or to object to its processing; you also have the right to data portability;

b) lodge a complaint with a supervisory authority.

You may exercise the above rights, those referred to in Articles 15 et seq. of the Regulation, as well as those provided for by the Legislation, by contacting the Data Controller at the above address.