Pieve di Campoli, Wine, Red wine, Chianti, Chianti Classico

Privacy Policy

Privacy Policy

Definitions

1. DATA CONTROLLER

The Data Controller for the processing of personal data is The Diocesan Institute for the Support of the Clergy
of Florence - Az. Agraria Pieve di Campoli (p.iva. 03746940489, c.f. 94015260485), with registered office
in Piazza San Giovanni n. 3 in Florence,

2. DATA PROTECTION OFFICER
The contact details of the Data Protection Officer (DPO) are: Attorney Costanza Brandimarte - pec: costanza.brandimarte@pec.it
3. PURPOSE AND LEGAL BASIS FOR PROCESSING
Personal data collected through the website and e-shop are processed for the following purposes:

A) Contractual purposes (art. 6, par. 1, lett. b GDPR): Management of orders and online sales Order fulfillment and shipment of products Payment management and invoicing Customer service and complaint handling Fulfillment of contractual obligations.
B) Legal purposes (art. 6, par. 1, lett. c GDPR): Fulfillment of tax and accounting obligations Storage of invoices and accounting documents Fulfillment of legal obligations regarding food safety and traceability.
C) Direct marketing purposes (art. 6, par. 1, lett. a GDPR - consent): Sending promotional communications about our products Informative newsletters about company activities Sending personalized commercial offers.
D) Purposes of legitimate interest (Art. 6, par. 1, lett. f GDPR): Cybersecurity and fraud prevention.

Protection of the Holder's rights in judicial proceedings.
4. CATEGORIES OF DATA PROCESSED
Personal data collected through the website and e-shop are processed for the following purposes:

We process the following categories of personal data:
Identification data: first name, last name, tax code Contact data: email address, phone number, postal address
Billing data: company name, VAT number, billing address
Browsing data: IP address, browser type, pages visited, session duration
Payment data: chosen payment method (credit card data are processed directly by the payment provider) We do not process special categories of personal data referred to in Art. 9 GDPR.

Protection of the Holder's rights in judicial proceedings
5. METHODS OF TREATMENT
Personal data are processed by computer and telematic tools, with organizational methods and logic strictly related to the indicated purposes. Technical and appropriate organizational measures to ensure a level of security appropriate to the risk, in accordance with Art. 25 of the GDPR on the principles of privacy by design and by default.
6. COMMUNICATION AND DISSEMINATION

Personal data may be disclosed to:
Service providers: couriers for shipments, payment processors, IT service providers
Consultants: accountants, legal advisors, as part of the professional relationship
Competentauthorities: when required by law or judicial authorities
Data will not be disseminated.

7. TRANSFERS TO THIRD COUNTRIES
Some service providers may transfer data to third countries. In this case, the transfer takes place in compliance with the safeguards provided for in Chapter V of the GDPR.
8. RETENTION PERIOD

Personal data are retained for as long as is strictly necessary to achieve the
purposes for which they are collected, namely:
Contractual data: for the duration of the contractual relationship and thereafter for 10 years for
tax compliance
Marketing data: until consent is revoked
Browsing data: for up to 24 months

9. RIGHTS OF THE DATA SUBJECT

In accordance with Articles 15-22 of the GDPR, data subjects have the right to:
Access: obtain confirmation of the existence of processing and access to their data.
Rectification: obtain the correction of inaccurate data.
Deletion: obtain the deletion of data in the cases provided for by law.
Restriction: obtain the limitation of processing.
Portability: receive data in a structured format and transmit it to another data controller.
Opposition: object to processing, particularly for direct marketing purposes

10. WAYS OF EXERCISING RIGHTS
Rights can be exercised by sending request to:
Email: info@pievedicampoli.it
PEC: firenze@pec-idsc.it
Ordinary mail: I.D.S.C. Headquarters: via G. Dolfi, 5/7 - 50129 Florence The Owner will provide feedback within 30 days of receipt of the request, as established by Art. 13 of the GDPR.
11. COMPLAINT TO THE SUPERVISORY AUTHORITY
The data subject has the right to lodge a complaint with the Garante per la protezione dei dati personali (www.gpdp.it) if he/she believes that the processing violates current legislation.
12. UPDATES

This policy may be updated. The updated version will be posted on this
site indicating the date of last update.
Last updated: 01.10.2025