1. Data controller and contact details
The data controller is
The Traveler Chef
Via Nicola Martelli 10
VAT number 12498321004
Email address: email@example.com
As data controller, it informs, pursuant to EU regulation 679/2016 (GDPR) and to the legislation, including national legislation, on the protection of personal data for the applicable time (privacy legislation) that your data will be processed with the methods and for the following purposes:
Principles applicable to processing
In accordance with the provisions of the GDPR, the data controller constantly strives to ensure that personal data are:
- processed lawfully, fairly and transparently;
- collected for specific, explicit and legitimate purposes, and subsequently processed in a way that is not incompatible with these purposes;
- adequate, relevant and limited to what is necessary with respect to the purposes for which they are processed;
- accurate and, if necessary, updated;
- kept for a period of time not exceeding the achievement of the purposes for which they are processed;
- processed, by means of adequate technical and organizational measures, in order to guarantee their security;
- processed, if by virtue of consent, by decision freely taken by the Customer / interested party, on the basis of the request presented in a clearly distinguishable way from the rest, in an understandable and easily accessible form, using simple and clear language.
The data controller adopts adequate technical and organizational measures in order to ensure the protection of personal data from the design stage and to ensure that, by default, only the data necessary for each specific processing purpose are processed. The data controller collects and takes the utmost account of the indications, observations and opinions of the Customer / interested party transmitted to the addresses indicated above, in order to implement a dynamic privacy management system that ensures effective protection of people, with regard to the processing of their data. This information may undergo changes, in line with the evolution of the reference legislation and the technical and organizational measures gradually adopted by the data controller; the Customer / interested party is, therefore,
2. Types of data collected
On the website www.thetravellerchef.com the following personal data are collected, independently or through third parties:
– name, surname, email, telephone, company.
The personal data, provided freely by the user or, in the case of usage data, collected automatically during the use of the site, unless otherwise specified, are all mandatory.
Usage data means that information that the computer systems and software procedures used to operate the website acquire during their normal operation and the transmission of which is implicit in the use of internet communication protocols (see further information section on treatment> Definitions and legal references).
In any case, in case of refusal by the user to provide the mandatory data requested, the provision of the service may not be possible. Instead, it will be the user’s discretion to provide or not the optional data without affecting the availability of the Service or its operation.
The User, assuming responsibility for the personal data of third parties obtained, published or shared through ww.thetravellerchef.com, guarantees that he has the right to communicate or disseminate them, freeing the Owner from any liability to third parties.
3. Method and place of processing of the collected data
The processing of personal data is carried out manually and with electronic tools, with logic strictly related to the purposes indicated below and, in any case, in order to guarantee the security and confidentiality of the data.
In some cases, in addition to the Data Controller, other subjects involved in the organization of www.thetravellerchef.com may have access to the data such as, by way of example: employees and / or collaborators of the Data Controller, in their capacity as persons in charge of processing and / or managers internal data processing and / or system administrators; third-party companies or other subjects (for example, third party technical service providers, Customer Care operators, IT service providers, credit institutions, professional firms, couriers, information companies, communication agencies, etc.) who carry out outsourced activities on behalf of of the Data Controller, in their capacity as external data processors (the updated list may be requested from the Data Controller at any time).
Legal basis of the processing
In some cases, specified below, the Data Controller may be authorized to process personal data without the express consent of the user or of other legal bases, up to possible opposition to this treatment by the User (OPT-OUT), where the treatment is necessary:
- for the execution of a contract with the User and / or the fulfillment of pre-contractual commitments;
- to prevent or discover fraudulent activities or abuses harmful to the Site;
- for the pursuit of the legitimate interest of the Data Controller or third parties;
- to fulfill a legal obligation to which the Data Controller is subject;
- for the performance of a task of public interest or for the exercise of public authority vested in the Data Controller;
- to perform aggregate statistical analysis on an anonymous basis, in particular of navigation data, in order to guarantee and improve the functioning of the site.
However, it is understood that it will be possible at any time to request clarifications from the Data Controller regarding the concrete legal basis of each treatment in addition to specifying whether it is based on the law, provided for by a contract or necessary for its conclusion.
The data is processed at the Data Controller’s operating offices and in any other place where the parties involved in the processing are located. More information in this regard can be obtained by contacting the owner.
It is specified that the User’s Personal Data may be transferred to a country other than that in which the User is located. To obtain further information on the place of processing, the User can refer to the section relating to the details on the processing of Personal Data.
The User has the right to obtain Information regarding the legal basis for the transfer of Data outside the European Union or to an international organization governed by public international law or consisting of two or more countries, such as the UN, as well as regarding the security measures adopted by the Data Controller to protect the Data.
If one of the transfers described above takes place, the User can refer to the respective sections of this document or request information from the Data Controller by contacting him at the details indicated at the beginning.
Personal data are processed and stored for the time required by the purposes for which they were collected:
- those collected for purposes related to the execution of a contract between the Owner and the User will be retained until the execution of this contract is completed;
- those collected for purposes attributable to the legitimate interest of the Data Controller will be retained until this interest is satisfied. The User can obtain further information on the matter in the relevant sections of this document or by contacting the Owner.
When the processing is based on the User’s consent, the Data Controller may keep the Personal Data longer until such consent is revoked. It is also understood that the Data Controller may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted and therefore the right of access, cancellation, rectification as well as the right to portability will be precluded.
4. Purpose of the processing of the collected data
User data is collected to allow the Owner to provide its services, as well as for the following purposes:
Contact form, Google Analytics (Google Inc.)
The user can still obtain detailed information on the purposes of the processing and on the Personal Data concretely relevant for each purpose to the relevant sections of this document or by contacting the Data Controller.
5. Details on the processing of personal data
Personal data is collected for the following purposes and using the following services:
Contact form, Google Analytics
6. User rights
The data controller recognizes – and facilitates the exercise, by the Customer / interested party, of – all the rights provided for by the GDPR, in particular the right to request access to their personal data and to extract a copy (Article 15 of the GDPR ), to the rectification (Article 16 of the GDPR) and to the cancellation of the same (Article 17 of the GDPR), to the limitation of the processing that concerns them (Article 18 of the GDPR), to the portability of data (Article 20 of the GDPR, where the conditions) and to oppose the treatment that concerns him (articles 21 and 22 GDPR, for the hypotheses mentioned therein and, in particular, to the treatment for marketing purposes or that results in an automated decision-making process, including profiling, which produces legal effects concerning him, where the conditions exist).
The data controller also recognizes the Customer / interested party, if the processing is based on consent, the right to withdraw said consent at any time, without prejudice to the lawfulness of the processing based on the consent given before the revocation. To do this, the Customer / interested party can unsubscribe at any time on the Site (or on other social or web applications of the data controller) or by using the appropriate link at the bottom of each commercial communication received, or by contacting the data controller at contact details above.
The data controller also informs the Customer / interested party of the right to lodge a complaint with the Guarantor Authority for the Protection of Personal Data, as a supervisory authority operating in Italy, and to propose a judicial appeal, so much against a decision of the Guarantor Authority. , as well as towards the data controller himself and / or a data processor.
- Automated decision-making processes, including profiling
The data controller may carry out automated processing, including profiling, in relation to the purposes referred to in point (4b) above, to optimize the navigability of the Site (or the usability of other social or web applications of the data controller) and to improve the shopping experience, except as specified above with regard to the rights of opposition and withdrawal of consent by the Customer / interested party.
Profiling means any form of automated processing of personal data aimed at evaluating certain aspects relating to a natural person, in particular to analyze or predict aspects concerning, for example, the personal preferences, interests or location of that person, also in order to create profiles, or homogeneous groups of subjects by characteristics, interests or behaviors.
The data controller does not carry out any automated processing that produces legal effects concerning the Customer / interested party or that significantly affect his person in a similar way, unless this is necessary for the conclusion or execution of the Contract, is authorized by law or is based on the explicit consent of the Customer / interested party, in any case always recognizing the latter the right to obtain human intervention, to express their opinion and to contest the decision.