PRIVACY POLICY

Important: updated information note according to Regulation (EU) 2016/679

(known as “GDPR”)

DATA CONTROLLER

The Data Controller is Giordano Vini SpA (hereinafter called Giordano or Data Controller), with head office in Via Cane Guido 47 bis/50, 12055 Diano d’Alba (CN), Italy, VAT Registration No. and Tax Code 04642870960

SOURCE AND PURPOSES OF PROCESSING

The personal data in our files are collected from the person concerned and are processed in order to carry out contracts and orders in all their stages, from order acceptance to delivery of goods and for their payment process.
Giordano also processes these data for direct marketing activities relating to its products and services (promotional communications, direct sales offers, and surveys).
These same data are also processed to comply with administrative regulations and other regulations that are compulsory under prevailing national legislation or by virtue of European Union decisions, and stored for the time required by these regulations.

METHODS OF PROCESSING

Personal data are processed by the Data Controller using mainly electronic methods and are stored in its company management system. Suitable safety measures are adopted to avoid loss of the data, illicit or incorrect use, and unauthorized access.
In order to notify the client of the direct  marketing activities.Data Controller uses the contact details provided by the client him/herself, and the contact methods which the client mainly uses. In case the client have supplied voluntarily his phone number that phone number will not be used if  it is registered on the The Telephone Preference Service (TPS) and 
it will be use only following a subsequent explicit consent by client.

While carrying out analyzes and assessments necessary to better understand customers' purchasing preferences to the products and services offered by Giordano, no decision-making process is applied  based solely on an automated processing of that information.

LEGAL BASIS

The data are processed on the basis of carrying out a contract to which the data subject concerned is a party, or of given consent, or on other equivalent mechanisms permitted by law, such as, among others, “legitimate interest” (Article 6, Para. 1, Letter f, GDPR and Recital 47, GDPR).
In particular, Giordano’s legitimate interest consists in maintaining active the relationship established voluntarily by clients themselves and informing the clients themselves of its marketing and direct sales activities, in order to publicize new products and brands and present offers, discounts or promotions, allowing clients to become aware of these opportunities and to decide, if they wish, to place further orders.

DATA PROCESSING AUTHORIZED PERSONNEL

The persons authorized to the data processing are customer service and contact center, sales, marketing, administration, order fulfillment, information systems and data security personnel.
The data will also be processed by outside agents appointed for services connected to the above, as well as by third parties, as independent data controllers, for purposes instrumental to managing orders or related administrative activities and, for anything not shown here, obliged to give the information to be provided according to Article 13, GDPR.

AREA OF COMMUNICATION FOR DATA

Customers’ personal details and postal addresses may be communicated to third party companies operating in the direct marketing and remote sales sectors (list available by sending a request to the Data Controller), without prejudice to the right to oppose as stated here below (the Data Subject’s rights). Any transfer of data to third party countries (non-EU) to our data processors for processing that is instrumental for managing actual or potential customer files and commercial purposes will take place in observance of the contractual clauses set out in the European Commission’s decision dated 05/02/2010 and therefore also in observance of articles 45,46, 47, 49 of the GDPR.

DATA TRANSFER

The management and storage of personal data will take place on servers located within the European Union, owned by the Data Controller and/or by third party companies appointed and duly named as Data Processors. It is in any case understood that the Data Controller, where necessary, will have the right to move the management and/or storage of the personal data to non-EU countries. In this case, the Data Controller guarantees from now on that the transfer of data will take place in compliance with the applicable legal requirements, stipulating agreements that guarantee an appropriate level of protection and/or adopting the standard contract terms laid down by the European Commission

PERIOD OF DATA STORAGE

The data provided in order to process  the orders will be kept for the period necessary for the delivery  of tham and for the periods imposed by laws, regulations or Community legislation, especially in administrative and tax matters. Furthermore, for the marketing purposes of Giordano.

The data are stored in our files for the time needed to maintain the relationship established with the client and inform him/her about our activities, enabling Giordano to pursue, legitimately, its marketing and direct sales activity for as long as the client remains interested in our products and services. Obviously, this storage time will be ended when the client expresses the desire not to receive further information and offers from Giordano, notifying this with the methods described below. Giordano will take the appropriate technical and organizational measures in order to no longer contact the person. Subsequently, the data will be anonymized for statistical purposes and then destroyed, unless decided otherwise by supervisory authorities, police and judiciary.
They could, therefore, be kept for longer periods in cases of disputes, for the purpose of defending or asserting a right in court, either by the owner or by the interested party.

RIGHTS OF THE DATA SUBJECT

According to Articles 15-22 of GDPR 2016/679, by writing to the Data Controller of the processing at the postal address Giordano Vini SpA –Via G. Cane 47bis/50 – 12055 Diano d’Alba (CN), Italy or at the email addressprivacy@giordanowines.co.uk the data subject may, with regard to his/her own personal data, exercise rights of access, rectification, portability, withdrawal of consent, erasure and destruction, limitation on processing, opposition to the processing for legitimate reasons or for the sending of marketing and direct sales communications, also limited to one or more contact tools (e.g. by post and/or email and/or telephone).The data subject may, at any time, request a complete, updated list of the data processors and of the third parties to whom personal data may be communicated.   

Further information about our Data Processing and Data Security Agreement may be requested at the email address privacy@giordanowines.co.uk

WHAT ARE COOKIES  AND HOW DOES GIORDANO USE THEM

Cookies are information saved on the hard disc of your PC and are sent by your browser to a Web server; they refer to how you use the web. Consequently, they enable knowledge of services, websites visited and options chosen when surfing the web.
Therefore, this information is not supplied spontaneously and directly, but leaves tracks. Data collected through cookies will be used for technical needs, to guarantee the single user easier, immediate and fast access to the website and its services and easier navigation.
Profiling cookies can also be used, with prior user consent, to create user profiles based on website sections or actions carried out by the user itself on this website or when surfing the web.
The use of so-called session cookies (not memorised on the user's computer and eliminated automatically when the browser is closed) is strictly limited to transmitting session identifiers (casual numbers generated by the server) needed to enable the website to be explored securely and efficiently. The so-called session cookies used in this website avoid the need to use other computer techniques that are potentially more prejudicial for a user's navigation confidentiality, and do not enable acquisition of the user's personal identification data. However, the user can configure its browser so that it is warned when a cookie is received and decide whether to accept it or not.

NAVIGATION DATA

During normal operations, the information systems and software procedures operating this website acquire some personal data that is transmitted implicitly when using Internet communication protocols. This information is not collected to be associated with identified users; but due to its specific nature could, through processing and association with data held by third parties, enable identification of users themselves. This data category includes IP addresses or domain names of computers used by the user connecting to the website, URI addresses (Uniform Resource Identifier) of resources requested, time of the request, the method used to submit the request to the server, size of the file obtained in response, the numerical code indicating the server response status (successful, error or similar) and other parameters related to the user's operating system and computer environment. This data is only used to obtain anonymous statistics on use of the website and to check it operates correctly and is deleted straight after processing. The data could be used to ascertain responsibility in a case of hypothetical computer crimes against the website.

THE SECURITY OF YOUR PERSONAL DATA

Giordano adopts suitable, preventive security measures to protect the confidentiality, integrity, completeness, availability of your personal data. As set forth in laws regulating the security of personal data, technical, logistic and organisational measures have been taken to prevent damage, loss even accidental, alterations, improper and unauthorised use of data concerning you. Similar preventive security measures are taken by third parties (processors) that we have assigned your data processing operations to on our behalf.
On the other hand, Giordano does not hold itself responsible for untrue information sent directly (for example: correctness of e-mail or postal address or other personal data), and for information concerning it but provided by a third party, also fraudulently.

SECURE CREDIT CARD

On-line purchases foresee providing credit card and relative holder data. We hereby specify that Giordano will, in no way, have knowledge of that information as, when the transaction takes place, credit card data (number, expiry date, holder details) will be collected directly by the issuing institute and by banks involved in the process. Storage, processing and security measures are established by the institutes with which the card holder has its financial relations. Please note that Giordano takes no responsibility for unauthorised or fraudulent use of your credit card by third parties.