PURSUANT TO AND FOR THE PURPOSES OF ARTICLE 13 AND ARTICLE 14 OF REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL OF 27 APRIL 2016 ON THE PROTECTION OF NATURAL PERSONS WITH REGARD TO THE PROCESSING OF PERSONAL DATA AND ON THE FREE MOVEMENT OF SUCH DATA (GENERAL DATA PROTECTION REGULATION, HEREINAFTER ALSO GDPR).

In compliance with the provisions of Reg. EU 2016/679 (European Regulation for the protection of personal data) we provide the necessary information regarding the processing of the personal data provided. This policy is not to be considered valid for other websites that may be consulted through links on the websites of the owner's domain, which is not to be considered in any way responsible for the websites of third parties.

This policy is provided pursuant to Art. 13 of Reg. 2016/679 EU (European Regulation for the protection of personal data) and is also based on the provisions of Directive 2002/58/EC, as updated by Directive 2009/136/EC, regarding Cookies, as well as the provisions of the Measure of the Italian Data Protection Authority of 08/05/2014 on cookies.

Processable personal data: A 'personal data' is any information concerning an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more elements characteristic of their physical, physiological, genetic, mental, economic, cultural or social identity; (C26, C27, C30).

Browsing data: During the normal operation of a website, the computer systems and software procedures acquire some personal data, which are implicitly transmitted through the use of Internet communication protocols. This category of data includes the IP addresses or domain names of the computers and terminals used by users, the URI/URL (Uniform Resource Identifier/Locator) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user's operating system and computer environment (for more information see the cookies policy of this site). Data communicated by the data subject: The optional, explicit and voluntary sending of messages to the contact addresses, as well as the completion and submitting of the forms on the Data Controller's website, entails the acquisition of the sender's contact data, necessary to respond, as well as all personal data included in the communications.

Specific information: The Site will provide specific information regarding particular services or processing of the Data provided.

Cookies: For more information on the cookies used by this website, see the cookie policy at the following link  https://www.molinocasillo.it/en/cookies-policy

Casillo S.p.A. – Benefit Corporation gives great importance to the right to privacy and the protection of your personal data. In this document (hereinafter Policy), drawn up in application of the legislation referred to in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation, so-called GDPR) harmonised with the "Code regarding the protection of personal data" referred to in Legislative Decree no. 196 of June 30, 2003, as amended by Legislative Decree 101/2018 (corrective of 196/2003), you will find all the information to know how ... processes your personal data.

Data Controller

• The data controller of your Personal Data is Casillo S.p.A. – Benefit Corporation, in the person of its pro tempore Legal Representative, with registered office in Corato at Via Sant'Elia Z.I. - CAP 70033 (BA). For specific information regarding privacy management and to exercise any rights relating to the processing of Personal Data summarised in this Policy, you can contact the Data Controller at the following email address: [email protected]

Categories of data subjects and personal data collected

We collect Personal Data from our users, potential users, users of our websites, employees and potential employees, employees and collaborators of other organizations that collaborate with us in various ways.

Specifically, the Personal Data collected belongs to the category of Common Data such as email, IP address, etc.

Data of particular relevance may also be collected, aimed at better management of available and requested activities. In this case, the data subject has the possibility to optionally provide such data, which are collected and processed by the Data Controller according to the purposes indicated in this policy. Except for certain information required by law, your decision to provide us with Personal Data is voluntary; however, it is sometimes necessary and indispensable for the execution of contracts, the implementation of your requests and the provision of agreed services.

We do not collect judicial data; in the limited cases where this is necessary, we do so in accordance with the requirements of privacy law and with your consent.

The above Personal Data is provided directly by you (for example, to receive product information or enter into a contract) or indirectly by third parties such as Public Authorities, public websites and social media, suppliers and sellers to whom you have given your direct consent to the transfer.

Legal basis

The processing is based on the provisions of GDPR 2016/679/EU, art. 6, paragraph 1, letter a) (explicit consent to one or more purposes).

Purposes of processing

1. We process the Personal Data provided, by the Data Subject with their explicit consent to manage the linked site and, in general, ensure the correct navigation, send information, meet requests for any newsletters or other content, improve site interaction, and meet the legal obligations or requirements from the competent Authorities.
2. The data collected may also be processed for promotional, commercial and marketing activities directly by the Data Controller or by third parties as external data processors or independent Data Controllers. A separate consent is explicitly provided for this activity.

● Do we combine and analyse Personal Data?

We may combine data from publicly available sources with data obtained from our various email, website, app and personal interactions with Data Subjects. We combine this data to improve site interaction and carry out the other activities described in this Policy.

Transfer to third parties and abroad

We do not currently transfer any personal data provided through the form to non-EU countries. Should it become necessary to transfer your data to non-EU countries, this will be done in compliance with the limits and conditions set out in Articles 44 et seq. of Reg. EU 2016/679. 

• To obtain information about the guarantees for data transfer, please email [email protected] or visit the registered office of the Data Controller.

Data retention

We will only retain your Personal Data for as long as necessary. We maintain specific database management and retention policies and procedures, so that personal data is deleted after a reasonable time based on legal and contractual obligations. In this specific case, your collected data, in accordance with the purposes set out in points a) and b), will be kept for a period not exceeding 5 years, unless consent is re-acquired. Please note that, if you do not consent to the purposes referred to in point a), it will not be possible to activate the service for the requested use.

Rights of the data subject

The Data Subject has the right (in the circumstances and under the conditions, and subject to the exceptions, indicated below, established by the applicable law, in particular G.D.P.R. 20106/679/EU and Legislative Decree 196/2003, as amended by Legislative Decree 101/2018) to:

● obtain confirmation of the existence or not of their Personal Data;

● request a correction of their Personal Data if inaccurate or incomplete;

● request the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those whose retention is not necessary for the purposes for which the data was collected or subsequently processed. In this case, it will no longer be possible to continue using the app;

● request certification that the operations referred to in the two previous points have been brought to the attention, also with regard to their content, of those to whom the data have been communicated and disseminated, except in the case where such fulfilment proves impossible or involves the use of means manifestly disproportionate to the protected right;

● object to the processing of their Personal Data;

● request the deletion of their Personal Data even if they are no longer suitable for processing, without prejudice to the validity of the processing carried out; in this case, it will no longer be possible to continue using the app;

● request the restriction of the processing of their Personal Data so that it is processed only in limited circumstances, including with their consent.

● request the portability of the Personal Data or the right to receive a copy in intelligible form or request to transmit such Personal Data to another Data Controller.

• To the extent that the processing of the Personal Data is based on your consent, you have the right to withdraw that consent at any time by contacting us by email a [email protected] . This shall not affect the right to process the Personal Data obtained prior to the withdrawal of consent, or to continue parts of the processing based on legal obligations, nor shall the revocation be retroactive to the processing already carried out.

If you believe that your data privacy rights have been violated despite our efforts to protect your Personal Data, we encourage you to contact us to resolve any issues.

Finally, if you have any complaint arising from the processing of your Personal Data, you can contact theItalian Data Protection Authority or other competent authorities.

Data Protection Officer and contact details

Casillo S.p.A. – Benefit Corporation communicates that the contact details of its DPO are as follows: [email protected]