Apri
Chiudi
Chiudi

By clicking the link, you will be redirected to the Fine+Rare Online Shop.

ONLINE SHOP

Privacy policy

 

This Privacy Policy has been drafted, pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter, the "Regulation" or "GDPR"), in order to inform the users who interact with the website of Castello di Solomeo Società Agricola Semplice (www.castellodisolomeo.com hereinafter the “Site”), either by simply consulting it or by using specific services available on the Site itself, about the procedures adopted for the processing of personal data during the use of the Site. This Privacy Policy will also provide you with the necessary information to enable you to give your explicit and informed consent to the processing of your personal data, where appropriate.
The Policy is provided by Castello di Solomeo Società Agricola Semplice (or “Castello di Solomeo”) for the aforementioned website address and not for any other websites that may be consulted by you through links available on the Site (for which please refer to their respective privacy policies).

The processing of your personal data shall be based on the principles of propriety, lawfulness, transparency, limitation of purpose and storage, minimisation and accuracy, integrity and confidentiality, as well as on the principle of accountability pursuant to article 5 of the Regulation. Your personal data shall therefore be processed in accordance with the legal provisions of the Regulation and the confidentiality obligations set out therein.

1. DATA CONTROLLER

The Data Controller is Castello di Solomeo Società Agricola Semplice (hereinafter referred to as the "Data Controller"), with registered office in Loc. Ponteforcione snc, Solomeo (PG), postcode 06073, reachable at the email address welcome@castellodisolomeo.com.

2. PERSONAL DATA SUBJECT TO PROCESSING

We inform you that, by using the Site, the Data Controller may collect and process information and personal data relating to you, which may consist of an identifier such as your name, an identification number, location data, an online identifier or one or more details of your physical, physiological, psychological, economic, cultural or social identity that can identify you or make you identifiable, depending on the type of services you have requested (hereinafter only "Personal Data").

In particular, the Personal Data processed through the Site are as follows:

a. Browsing data
The running of the Site involves the use of information systems and software procedures that collect information on the users of the Site as part of their normal operations. Although the Data Controller does not collect this information in order to link it to specific users, it is still possible to identify such users either directly through this information or by using other types of information collected - as such, this information is also considered to be Personal Data.
This information includes several parameters related to your operating system and IT environment, including the IP address, the location (country), the computer domain names, the URI (Uniform Resource Identifier) addresses of the resources requested on the Site, the time of requests, the method used to send requests to the server, the size of the file obtained in response to a request, the numerical code indicating the status of the response given by the server (successful, system error, etc.), and so on.
This data is used for the sole purpose of obtaining anonymous statistical information on the use of the Site, as well as to monitor its correct performance and to identify any malfunctions and/or abuses of the Site - the data is deleted as a rule immediately after processing, unless it is necessary to identify those responsible in the case of alleged computer crimes to the detriment of the Site or third parties.

c. Data voluntarily provided by you
Without prejudice to the reference to specific information that may be available in the various sections of the Site, this Privacy Policy shall also apply to the processing of your Personal Data (such as, by mere way of example, your e-mail address, personal data, identification data) that you voluntarily provided:

  • the submission of specific requests for information to the e-mail addresses of the Data Controller available within the Site;
  • filling in the information request form (e.g. for the submission of information to purchase Castello di Solomeo

wines and products) asking you to enter your name, surname and e-mail address as well as to write your specific request, which may contain other Personal Data.

When sending requests for information to the Data Controller's e-mail addresses or through the information request form available in the Site, please provide only the Personal Data strictly necessary for the processing of your request, to the exclusion of additional information concerning you. In particular, please do not include any information that may fall under the definition of special categories of personal data (hereinafter "special data") under Article 9 of the Regulations (...personal data disclosing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data unequivocally identifying a natural person, data concerning health or sex life or sexual orientation): in the event that you do provide special data, the Data Controller will refrain from processing them and will delete them.

d. Cookie
For further information on the types of cookies used, please consult the  Cookie Policy.

3. PURPOSE OF THE PROCESSING, LEGAL BASIS AND MANDATORY OR OPTIONAL NATURE OF THE PROCESSING

Your Personal Data shall be processed for the following purposes, where applicable:

a) enable browsing of the Site, interaction with the content therein including the management of the Site's security;

b) manage and acknowledge specific requests addressed to the Data Controller, such as for example requests for information on the purchase of Castello di Solomeo wines and products sent to the Data Controller's e-mail addresses published on the Site as well as through the relevant information form on the Site. Specifically, if you request information on the purchase of Castello di Solomeo wines and products using the aforementioned channels, your personal and contact details will be sent to the partner Fine & Rare Wines Ltd, the company that manages the sale and purchase of Castello di Solomeo products through its marketplaces, in order to be contacted thereby for information on how to purchase the aforementioned products.  

The legal basis for the processing of Personal Data for the purposes under sections (a) and (b) is provided in Article 6, para. 1, letter b) of the Regulations (...the processing is necessary for the performance of a contract of which the data subject is a party or for the implementation of pre-contractual measures adopted at the data subject's request), as the processing is necessary for the use of the Site, for the provision of services requested by the data subject and for the management of and response to specific requests submitted to the Data Controller. The provision of Personal Data for these purposes is optional, but failure to provide it would make it impossible to access the services you have requested and/or to respond to any other request you may have submitted;

c) where you have provided your free and specific consent, in order to allow the Data Controller to send you commercial and marketing communications and proposals of its products and services, including the sending of newsletters, market research, invitations to events and initiatives organised and/or promoted by the Data Controller, by automated means (text message, multimedia message, e-mail, instant messaging, chat and social channels) and otherwise (post, telephone). Note that the Data Controller collects a single consent for the marketing purposes described herein pursuant to the General Provision of the Personal Data Protection Authority "Guidelines on promotional activities and the fight against spam" of 4 July 2013. If in any event you wish to object to the processing of your data for marketing purposes in the manner indicated above, you may do so at any time by contacting the Data Controller at the contact specified in section 8 of this Privacy Policy, without prejudice to the lawfulness of the processing carried out prior to your objection.

Processing for the marketing purposes referred to in (c) above is based on the granting of your consent pursuant to Art. 6, para. 1, lett. a) (...the data subject has given consent to the processing of his or her personal data for one or more specific purposes) of the Regulation. This consent may be withdrawn at any time without prejudice to the lawfulness of the processing carried out prior to the withdrawal in accordance with Article 7 of the Regulation. The provision of your Personal Data for the aforementioned marketing purposes is therefore entirely optional, and in the event of refusal the use of the Site and the services available therein will not be affected in any way. Should you wish to object to the processing of your data for marketing purposes, you may do so at any time by contacting the Data Controller at the contact details provided in section 8 of this Privacy Policy. 

d) where you have given your free and specific consent, to disclose the Personal Data you provided when filling in the information request form on the Site to the company Brunello Cucinelli S.p.A, with registered office at Viale Parco dell'Industria 5, Solomeo, Corciano (PG), so that it can send you promotional and/or direct marketing communications relating to its products and services, including newsletters and market research, invitations to events and initiatives promoted and/or organised thereby, through the use of automated tools (text message, multimedia message, e-mail, instant messaging, chat and social channels) and otherwise (post, telephone). 

The legal basis for the processing of Personal Data for the purpose of disclosure referred to under d) is based on the granting of your express, free and unambiguous consent pursuant to Art. 6, para. 1, lett. a) of the Regulation. This consent may be withdrawn at any time, and such withdrawal shall not affect the lawfulness of the processing carried out prior to the withdrawal.  The processing of Personal Data for the purpose referred to in point d) is optional, and in the event of refusal Brunello Cucinelli S.p.A. will not receive your Personal Data in order to send you promotional communications and business proposals. However, the use of the Site and its services will not be affected in any way. Note that with regard to the aforementioned purpose of disclosure for promotional and marketing purposes referred to in point d), the Data Controller has collected a single consent in accordance with the General Provision of the Personal Data Protection Authority "Guidelines on promotional activities and the fight against spam" of 4 July 2013. 

Once provided, Personal Data may also be processed for the following purposes: 

e) to fulfil any obligations under applicable laws, regulations or EU legislation, or to comply with any requests from competent authorities;

f) to meet any defence requirements, possibly related to the detection, prevention, mitigation and investigation of fraudulent or unlawful activities in connection with the services provided on the Site.

The purpose referred to in section e) constitutes lawful processing of personal data pursuant to Article 6, para. 1, letter c) of the Regulations (...the processing is necessary for compliance with a legal obligation to which the Data Controller is subject) as, once provided, the processing of said Personal Data may be necessary to comply with legal obligations and/or orders issued by the authorities to which the Data Controller is subject.

The processing operations carried out for the purposes under section f) are based on the legitimate interest of the Data Controller pursuant to Article 6, para. 1, letters f) and Article 9, para. 2, lett. a) of the Regulation.

4. RECIPIENTS OF PERSONAL DATA

Personal Data may be shared, for the purposes set forth in section 3 of this Privacy Policy, with:

  • parties specifically authorised by the Data Controller, pursuant to Articles 29, 32, para. 4 of the Regulation and 2-quaterdecies of Italian Legislative Decree no. 196/2003 (so-called “Privacy Code”), to process the personal data necessary to carry out activities strictly related to the provision of services, who have committed to confidentiality or are under an appropriate legal obligation of confidentiality;
  • parties that typically act as Data Processors pursuant to Article 28 of the Regulations on behalf of the Data Controller, in particular parties in charge of providing the Services (e.g. hosting providers or email platform providers, technical maintenance service providers, etc.); the full list of Data Processors is available upon sending a written request to the Data Controller using the contact information available in section 8 of this Privacy Policy.
  • the company Brunello Cucinelli S.p.A., with registered office at Viale Parco dell'Industria 5, Solomeo, Corciano (PG), as autonomous data controller, to which, subject to your free and specific consent, your personal and contact data may be disclosed for marketing purposes pursuant to the provisions of section 3, letter d) of this Privacy Policy;
  • third and external parties who act as autonomous and separate data controllers pursuant to art. 4, no. 7) of the Regulation. Specifically, if you request information on how to purchase Castello di Solomeo wines and products using the channels made available on the Site (such as the e-mail address and/or contact form), your personal and contact details will be sent to the partner Fine & Rare Wines Ltd, the company that manages the sale and purchase of Castello di Solomeo products through its marketplaces, in order to be contacted and obtain information on how to purchase the aforementioned products. Note that your Personal Data may also be disclosed to entities such as bodies, organisations, authorities that disclosure is due to by virtue of regulatory obligations and/or orders of the authority incumbent on the Data Controller.

These subjects are hereinafter collectively referred to as “Recipients”.

5. TRANSFER OF PERSONAL DATA

Some of your Personal Data may be transferred to recipients located outside the European Economic Area. The Data Controller guarantees that your Personal Data will be processed in compliance with the law and in accordance with one of the methods authorised by the law pursuant to Articles 44-49 of the GDPR, such as, for example, provisions regarding the data subject’s consent to the processing, the adoption of Standard Clauses approved by the European Commission, the selection of subjects who have joined international programmes for the free circulation of data, in compliance with the Recommendations 01/2020 adopted on 10 November 2020 by the European Data Protection Board. Further information on data transfers and the security measures adopted to that purpose can be obtained, upon request, from the Data Controller and/or the DPO using the contact information available in section 8 of this Privacy Policy;

6. STORAGE OF PERSONAL DATA

Personal Data processed for the purposes referred to in points (a) and (b) of section 3 of this Privacy Policy shall be retained for the time strictly necessary to achieve said purposes, in compliance with the principles of minimisation and restriction applied to data retention as referred to in Article 5, para. 1, letter c) and e) of the GDPR. On the other hand, Personal Data, and specifically your contact data collected for marketing and/or disclosure purposes as referred to in section 3, letters c) and d) of this Privacy Policy, will be processed until you withdraw your consent and/or object to the processing.
 The Data Controller also reserves the right to retain your data for as long as is necessary to fulfil any further legal obligations to which the Data Controller is subject, or to verify and exercise a right and meet any defence requirements in and out of court as well as in the phases preceding litigation.
Further information on the data retention period and the criteria adopted to determine said period may be requested in writing to the Data Controller at the contact details provided in section 8 of this Privacy Policy. 

7. RIGHTS OF THE DATA SUBJECT

In your capacity as a data subject, you may at any time exercise the following rights:

  • Right to revoke any consent given (Article 7 of the GDPR) – i.e. the right to revoke any consent given at any time, without prejudice to the lawfulness of the processing carried out prior to revocation;
  • Right of access (Article 15 of the GDPR) – i.e. the right to obtain confirmation as to whether or not personal data concerning you are being processed, as well as the right to receive information related to such processing;
  • Right of rectification (Article of the 16 GDPR) – i.e. the right to have your personal data rectified if they are incomplete or inaccurate; it should be noted that, as regards personal data collected through audio and video recording systems, the right of rectification cannot be exercised in light of the intrinsic nature of the data collected, which relate to an objective and definite fact;
  • Right to erasure (Article 17 of the GDPR) – in certain circumstances, you have the right to obtain the deletion of your personal data stored in our archives;
  • Right to restriction of processing (Article 18 of the GDPR) – at the occurrence of certain conditions, you have the right to restrict the processing of your personal data;
  • Right to portability (Article 20 of the GDPR) – You have the right to obtain the transfer of your personal data to a different Data Controller as well as the right to obtain data concerning you in a structured, commonly used and machine-readable format;
  • Right to object (Article 21 of the GDPR) – You have the right to make a request for objection to the processing of your personal data in which you give evidence of the reasons justifying your objection; the Data Controller reserves the right to assess this request, which may not be accepted if there are compelling legitimate grounds for processing your data which override your interests, rights and freedom. You also have the right to object at any time and without justification to the sending of direct marketing by automated means (text message, multimedia message, e-mail, instant messaging systems, chat and social channels) and otherwise (post, telephone). Moreover, with regard to direct marketing, you retain the right to exercise this right only in part, for instance objecting only to the sending of promotional communications by automated means. 
  • Right to lodge a complaint with the Supervisory Authority (Article 77 of the GDPR) – If you believe that the processing operations concerning you are in breach of data protection legislation, you may lodge a complaint with the Supervisory Authority of the Member State where you habitually reside, work or where the alleged breach has occurred; 
  • Right to an effective judicial remedy against a controller or processor (Article 79 of the GDPR).

8. CONTACTS

To exercise the above rights or for any questions, you may write to the Data Controller at the email address welcome@castellodisolomeo.com.

Solomeo Wine and Olive Oil, a tribute to Mother Earth