This section contains information concerning the management procedures for the Cannabis Clinic & Restaurant as regards the processing of the Cannabis Clinic & Restaurant users’ personal data.
This notice is is also valid pursuant to Art. 13, Legislative Decree No. 196/2003, Code on the protection of personal data, and to Article 13 of EU Regulation No. 2016/679, regarding the protection during processing of natural persons’ personal data and the free circulation of such data, for data subjects, who deal with Cannabis Clinic & Restaurant. It can be found on the initial page at the address: www.cannabisclinic.it
The notice is provided only for Cannabis Clinic & Restaurant and not for any other websites the user may consult via the links it contains.
The purpose of this document is to provide information on the procedures, times and nature of the information the data controllers must provide the users, when they connect to the website pages of Cannabis Clinic & Restaurant, regardless of the purposes of the actual connection, according to Italian and European legislation.
The notice may be amended if new laws are introduced on the subject. We kindly ask the user, therefore, to regularly check this page.
If the user is under 16 years old, pursuant to Art. 8, para. 1, EU Regulation 2016/679, he/she mustobtain the permission of his/her parents or whoever stands in for them in order to give his/her consent.
II – PROCESSING OF PERSONAL DATA
The Data Controller is the natural or legal person, public authority, service or other organisation, which individually or together with others identifies the aims and means to process personal data. It also takes care of security measures.
As regards this website, the data controller for processing is the company “Società Agricola CC&R di Gaggiotti Alessio” in the person of its legal representative pro-tempore, who you may contact for any clarification or to exercise your user rights at the following e-mail address: email@example.com
Data Protection Officer
The Data Protection Officer is the natural or legal person, public authority, service or other organisation, which processes the personal data on behalf of the data controller.
Pursuant to Article 28, EU Regulation No. 2016/679, the data protection officer for the website www.cannabisclinic.it,appointed by the data controller is the company “Società Agricola CC&R di Gaggiotti Alessio” in the person of its legal representative pro-tempore.
Place of data processing
Data generated by using the Cannabis Clinic & Restaurant website is processed in Via San Bartolo snc – Padule, 06024 Gubbio.
If necessary, the data connected to the newsletter service can be processed by the data protection officer or by data processors appointed by him at the appropriate office.
III – COOKIES
Type of Cookies
A cookie consists of a tiny file of data transferred to the user’s browser by a server. It can only be read by the server, which made the transfer. It is not an executable code and does not transmit any virus.
Cookies do not record any personal information and any identifiable data is not stored. If you wish, you may block some or all of the cookies from being stored. However, in this case, the use of the website and services offered may be compromised. To proceed without changing the options for the cookies, simply continue to browse.
Below are the types of cookies used by the website:
Numerous technologies are used to store information on the user’s computer which is then collected by the websites. The most well-known and most used of these are HTML cookies. These serve to browse and facilitate user access and use of the website. They are required to transmit communications on an electronic communication network, i.e. to the supplier to provide the service requested by the customer.
The settings to manage or disable cookies can vary according to the Internet browser used. Users may, nevertheless, request cookies to be generally disabled or deleted by modifying the settings of their Internet browser. Disabling, however, may slow down or prevent access to some parts of the website.
As regards duration, cookies are divided into temporary session cookies, which are automatically erased at the end of the browser session and are used to identify the use and thus avoid a login for every page visited, and permanent cookies, which remain active in the PC until they are expire or are deleted by the user.
Session cookies may be installed to allow you to access and remain in the reserved area of the portal as an authenticated user.
They are not stored permanently. They remain throughout browsing and they disappear when the browser is closed. They are used strictly to transmit the session IDs consisting of casually generated numbers by the server, required to enable you to explore the website securely and efficiently.
Third party cookies
Cookies sent to the browser directly by the website you are visiting differ from those sent to your computer by third parties from websites other than the one you are visiting.
Permanent cookies are often third party cookies.
The majority of third party cookies consist of tracer cookies used to identify on-line behaviour, understand your interests and, therefore, to personalise the advertising offers for users.
Third party analytical cookies may be installed. These cookies are sent by domains of the aforementioned third parties outside our website.
Analytical third party cookies are used to detect information on users’ behaviour on www.cannabisclinic.it. Detection is anonymous to monitor performance and improve site usability. Third party profiling cookies are used to create user profiles to offer advertising messages, which match the choices made by the user.
IV – DATA PROCESSED
Data processing procedures
Like all websites, this website uses log files to store the information collected automatically during users’ visits. The data collected could consist of the following: Internet protocol address (IP); browser type and parameters of the device used to connect to the website; name of the Internet service provider (ISP); date and time of visit; web page the visitor is coming from (referral) and leaving; possibly the number of clicks.
The information above is processed automatically and collected exclusively in aggregate form to check the website is functioning correctly and for security reasons. This information will be processed according to the lawful interests of the data processor.
For security purposes (anti-spam filters, firewalls, virus detection), the data recorded automatically can also include personal data, such as your IP address, which could be used, in compliance with the laws in force on the subject, to stop attempts to damage our website or to cause damage to other users, or any unlawful damaging activities. This data is never used to identify or profile the user. It will only be used to protect the website and its users and the information will be processed according to the lawful interests of the data processor.
The information website users decide to make public via the services and instruments made available is provided by the user knowingly and voluntarily, exempting this website from any liability as regards any breach of the law. The user is responsible for checking it has permission to enter third party personal data or contents protected by national and international law.
Purposes of data processing
The data collected by the website during its operation is used for the purposes indicated above and for the following purposes: to manage our customer relationship; to carry out the economic business of the company; other purposes linked and connected to the corporate business (e.g. to improve the products and services offered, even though not strictly linked to the services requested by the data subject; market research on customer satisfaction, etc.).
Your data will be kept for the time strictly required to achieve the above purpose and, nevertheless, for no longer than 10 years.
The data used for security purposes (to block attempts to damage the website) is kept strictly to achieve the aforementioned purpose.
Data provided by the user
E-mails sent as an explicit, voluntary option to the addresses given on this website entail the subsequent acquisition not only of the sender’s address required to answer the requests, but also of any other personal data included in the message.
A summary of specific information will be provided gradually or displayed on the website pages set for special services on request.
Support to configure your browser
The user can also manage cookies via his/her browser settings. However, cancelling the cookies from the browser could remove the preferences set for the website.
For further information and support, you can also visit the specific help page for the web browser you are using:
- Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
- Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
- Safari: http://www.apple.com/legal/privacy/it/
- Chrome: https://support.google.com/accounts/answer/61416?hl=it
- Opera: http://www.opera.com/help/tutorials/security/cookies/
Social Network Plugins
- Facebook: https://www.facebook.com/help/cookies
- Twitter: https://support.twitter.com/articles/20170519-uso-dei-cookie-e-di-altre-tecnologie-simili-da-parte-di-twitter
- Google+: http://www.google.com/policies/technologies/cookies
- Pinterest: https://about.pinterest.com/it/privacy-policy
- AddThis: http://www.addthis.com/privacy/privacy-policy
- Linkedin: https://www.linkedin.com/legal/cookie-policy
V – THE USER’S RIGHTS
Art. 13, para. 2, EU Regulation 2016/679 lists the user’s rights. The website www.cannabisclinic.it intends, therefore, to inform the user of the existence of:
- the data subject’s right to ask the data controller to be able to access his/her personal data (Art. 15, EU Regulation), to update it (Art. 7, para. 3, letter a) Legislative Decree 196/2003), to correct (Art. 16, EU Regulation), supplement (Art. 7, para. 3, letter a) Legislative Decree 196/2003), or to restrict the processing (Art. 18, EU Regulation), or to oppose on lawful grounds its processing (Art. 21, EU Regulation), and includes the right to data portability (Art. 20, EU Regulation);
- the right to request it erases (Art. 17, EU Regulation), transforms into an anonymous form or blocks any data processed in breach of the law, including data which does not need to be stored for the purposes for which it was collected or subsequently processed Art. 7, para. 3, letter b), Legislative Decree 196/2003);
- the right to obtain proof that any operations to update, correct, supplement the data, erase, block or transform the data have been communicated together with the contents to those, to whom the data has been communicated or diffused, except in the event it is impossible to do so or involves a use of disproportionate means compared to the right protected (Art. 7, para. 3, letter C), Legislative Decree 196/2003);
Informal requests may be sent to the data controller or, alternatively, by using the form provided by the Personal Data Protection Authority, or by sending an e-mail to the address: firstname.lastname@example.org
If processing is based on Art. 6, paragraph 1, letter a) – consent given at the time of use – or on Art. 9, paragraph 2, letter a) – consent given expressly for the use of genetic, biometric data, data regarding health, data which reveals religious, philosophical beliefs or membership of a trade union, which reveals the race or ethnic origin, political opinions – the user has the right to revoke consent at any time, without prejudice to the lawfulness of the processing based on the consent given prior to the revocation.
Equally, in the event of a breach of legislation, the user has the right to file a claim with the Personal Data Protection Authority, as the authority in control of processing in Italy.
For a closer examination of the rights to which you are entitled, see Articles 15 et seq., EU Regulation 2016/679 and Art. 7, Legislative Decree 196/2003.
VI – TRANSFER OF DATA TO COUNTRIES OUTSIDE THE EU COMMUNITY
This website may share some of the data collected with services located outside the area of the European Union. More specifically, with Google, Facebook and Microsoft (LinkedIn) via social media plugins and the Google Analytics service. The transfer is authorised and closely regulated by Article 45, 6 paragraph 1, EU Regulation 2016/679,for which no further consent is required. The companies mentioned above guarantee they are members of the Privacy Shield.
Your data will never be transferred to third countries, which do not comply with the terms and conditions provided for by Article 45 et seq. EU Regulation.
VII – SECURITY OF THE DATA PROVIDED
It may be amended or updated. Users will be specifically notified of any major amendments and updates .
The document was updated on 25/05/2018 to comply with the legislative provisions on the subject and specifically to comply with EU Regulation 2016/679.