Company and website information
Introduction
This is the privacy policy for https://sicilianfoodshop.com
The data controller on this site is
Mariano Macaluso's Bloweb agency
Via Primo Carnera, 2 - Capaci
This email address is being protected from spambots. You need JavaScript enabled to view it.
3408247952
You can contact our data protection officer at: blowebagency @gmail.com
The protection of your personal data is of particular concern to us. We treat the personal data you provide when using our website and services confidentially and in accordance with applicable data protection laws and this Privacy Policy.
Below, we inform you in detail about what personal data we collect, for what purposes it is used, with whom we share the data and what privacy rights you may be entitled to.
Controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
Legal basis indicates a legal ground for processing data under applicable privacy laws.
Personal data means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person. The terms personal data and personal information have been used interchangeably in this Privacy Policy.
Privacy Policy refers to the current policy designed to inform you of how our website collects, stores, protects, processes, discloses, and retains your personal data.
Processing means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Processor natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
recipient means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, including controllers and processors.
Sensitive personal data means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health, or data concerning a natural person's sex life or sexual orientation.
Service providers These are entities to whom the data is disclosed and the data processing is carried out by the service provider on our behalf in accordance with the provisions of the data processing contract/agreement signed with them.
Under most privacy laws, a data controller is the entity that determines the purposes and means of processing personal data. A processor, on the other hand, processes personal data on behalf of the controller. This Privacy Policy applies when we are the controller of your personal data, meaning we determine the purposes and means of processing your personal data for our own purposes (unless a different privacy policy is displayed when we collect your personal data).
We act as a data controller for the personal information you provide when using our website. For example, when you visit our website, interact with our representative, register for a webinar, or sign up to receive marketing communications. We are the data controller for the activities described in the data processing activities described in this Privacy Policy. It is important to note that this Privacy Policy does not cover how we process personal information on behalf of our clients.
If you are a data subject who uses or has used our product or service in another domain controlled by another organization, or your personal data has been collected and processed by an organization that uses our services, and you have questions or concerns about the personal data held about you, please direct your request to the relevant organization. This is because we cannot respond directly to your request as your personal data is owned by the relevant organization, and in this case, we do not control the processing of your personal data. As data processors, we process this personal data pursuant to our contract with our client, and under applicable privacy laws, we are not free to independently take any action regarding the personal data we collect, process, or maintain on their behalf without their authorization and instructions. This Privacy Policy does not apply to third-party websites, services, or applications, even if accessible through our Services.
The following sections describe the various data processing activities we perform on our website. The information specifically addresses the purposes of the processing, the personal data we process for this purpose, and the legal basis for the processing.
a) If you visit our website for informational purposes only, meaning you browse our website without specifically providing personal data, we will process the following information about you. This information may include a limited amount of personal data:
This information is processed to enable you to use our website (for example, by adapting our website to the needs of your device or browser).
The legal basis for this data processing is performance of the contract pursuant to Art. 6 (1) (b) GDPR, as we require the information to effectively operate our website and provide you with the services offered on our website at your request. Without the processing of the personal data mentioned above, we will not be able to communicate online and provide you with the functionality of our website you request.
We retain this personal data for 2 years
a) You have the option to register for a user account on our website. During registration, we will process the following personal data about you:
b) The lawfulness of this data processing, "performance of a contract," derives from Art. 6 (1) (b) GDPR. Processing is necessary for the effective provision and administration of your user account. Without providing the required registration data, it is not possible to create a user account on our website.
We retain your personal data until you have a user account with us.
c) Users may contact you to request deletion.
You can contact us using the contact information provided on the website. If you contact us, we will process the content of your request, your name, email address, or phone number (if applicable), our responses, and any information you voluntarily provide to us in connection with the request in order to adequately handle your request.
You can also contact us via the contact form on our website. In this case, we collect the following personal data:
We will process this data, as well as the content of your request, our responses, and any information you voluntarily provide to us in connection with the request, in order to adequately handle your request.
The lawfulness of this data processing is based on "legitimate interests" (resulting from Art. 6 (1) (b) and (f) GDPR), as this data processing is necessary to ensure proper contact and customer service. Providing adequate customer service is our legitimate interest, which requires us to process your personal data.
We will retain your data for as long as necessary to adequately process your request. Afterwards, it will be deleted unless longer retention is required or justified by law.
The retention period for the personal data processed for the purpose of processing your request is:
2 years
Subsequently, it will be deleted, unless longer retention is required or justified by law.
You have the right to object to processing based on our legitimate interests. As a result of any valid objection, we will no longer process your data unless we have sufficiently compelling and legitimate grounds for the processing.
a) You can sign up for our newsletter on our website. During the registration process, we collect the following personal data:
We process this data to provide you with the newsletter. Data processing is based on your consent (Art. 6 (1) (a) GDPR). Consent is voluntary. You can withdraw your consent at any time without giving a reason, effective for the future. To do so, simply click on the "unsubscribe" link included in each newsletter or send us an email.
b) We will retain your data for as long as you remain subscribed to the newsletter. Afterwards, it will be deleted, unless longer retention is required or justified by law. Once you unsubscribe from the newsletter, we will retain the information strictly necessary to ensure we respect your newsletter subscription preferences in the future.
c) The period of retention of personal data is: for as long as necessary for the purpose
Subsequently, it will be deleted, unless longer retention is required or justified by law.
Our website includes a blog where we regularly publish posts. You can comment on our blog. If you do so, we will process the following personal data about you:
We process this data to allow you to participate in the blog. Therefore, processing is necessary to provide this service. The legal basis for this data processing is the performance of the contract (Article 6(1)(b) GDPR). Without processing your data, we cannot allow you to participate in the blog.
When you post a comment, the following information will be visible to other users of our website:
You must create a user account to post on our website.
You can post comments on the blog without a user account.
Please note that once you publish a post on your website, you cannot delete it.
The retention period for personal data is: 2 years.
Subsequently, it will be deleted, unless longer retention is required or justified by law.
a) If you apply for a job at our company, we will process your name, contact details, qualifications, and other data you provide with your application.
b) You can also use the application form provided on our website. In this case, we will process the following categories of data:
c) We process your data exclusively for the purpose of evaluating your application and conducting the application process. If you do not provide the required personal data, we unfortunately cannot consider your application. It is not necessary to enter data marked as voluntary for your application to be considered. Processing is justified under the legal basis "performance of a contract" (Art. 6 (1) (b) GDPR) as it is necessary to take steps at your request prior to entering into an employment contract.
d) If the application procedure ends without establishing an employment relationship, the retention period of your data is: for as long as necessary for the purpose
Afterwards, it will be deleted unless longer retention is required or justified by law. If you are also interested in other positions, we will retain your data with your consent until you request deletion. You can choose to receive future job notifications from us and opt out of receiving future job notifications from us at any time.
We do not knowingly collect or solicit personal data from anyone under the age of 16. The website is not directed to children under 16. If we learn that we have collected personal data from a child under 16 without parental consent, we will delete that information as quickly as possible. If you believe we might have personal data from or about a child under 16, please contact us using the contact information provided in this policy.
We do not knowingly collect or process sensitive personal data.
We do not knowingly collect or process personal data relating to criminal convictions and offences.
We do not knowingly collect or process personal data for automated individual decision-making, including profiling.
We do not interact with service providers for the processing of personal data in relation to the website and/or the website functions/services.
There are no data recipients located in countries outside the European Union and no access to personal data from a country outside the European Union is possible.
No data recipients (service providers or third-party recipients) are located in countries outside the European Union and/or data recipients access personal data from a country outside the European Union.
We do not transfer or provide access to your personal data to data recipients located in countries outside the Federated Republic of Brazil.
This DPF Statement supplements and should be read in conjunction with our general privacy notice, which outlines the categories of personal data we collect and process, the purposes for which we collect and process them, and the third parties with whom we share your personal data, along with the purposes for which we share them.
Our organization complies with the EU-US Data Privacy Framework (EU-US DPF), the UK extension to the EU-US DPF, and the Swiss-US Data Protection Framework (Swiss-US DPF) as set forth by the U.S. Department of Commerce. Our organization has certified to the U.S. Department of Commerce that it adheres to the EU-US Data Privacy Framework Principles (EU-US DPF Principles) regarding the processing of personal data received from the European Union in reliance on the EU-US DPF and from the United Kingdom (and Gibraltar) in reliance on the UK extension to the EU-US DPF. Our organization has certified to the U.S. Department of Commerce that it adheres to the Swiss-US Data Protection Framework Principles (Swiss-US DPF Principles) regarding the processing of personal data received from Switzerland in reliance on the Swiss-US DPF. In the event of any conflict between the terms of this privacy policy and those of the EU-US DPF Principles and/or Swiss-US DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program and to view our certification, visit https://www.dataprivacyframework.gov/.
Our organization lists the following U.S. entities or affiliates in its self-certification that also adhere to the DPF Principles:
In accordance with EU-US DPF, the UK's extension to the EU-US DPF and Swiss-US DPF, Our organization is committed to resolving complaints related to the DPF Principles regarding our collection and use of your personal information. Individuals from affected regions who have questions or complaints regarding our handling of personal data received in reliance on EU-US DPF, UK extension to EU-US DPF and Switzerland-US DPF You must first contact us at the following addresses:
Postal address: Via Primo Carnera, 2 / Capaci - Palermo
Contact number: +393408247952
Email address: This email address is being protected from spambots. You need JavaScript enabled to view it.
Link to the complaints portal: https://sicilianfoodshop.com
Such individuals may also contact us with their requests or complaints.
Furthermore, in accordance with the EU Data Protection Authorities (DPAs) and the UK Information Commissioner's Office (ICO), the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC), our organization is committed to cooperating with and complying with the advice of the European Data Protection Authorities. They will act as an independent redress mechanism relevant to human resources data, but not to non-human resources data covered by our organization's self-certification regarding unresolved complaints regarding our handling of human resources data received in reliance on the EU Data Protection Authorities (DPAs) and the UK Information Commissioner's Office (ICO), the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) in the context of the employment relationship.
If the complaint cannot be resolved through the channels specified above, under certain circumstances, the DPF provides the right to invoke binding arbitration to resolve complaints not resolved by other means. For more information, please visit this DPF website: https://www.dataprivacyframework.gov/s/article/G-Arbitration-Procedures-dpf?tabset-35584=2 .
Individuals whose personal data is covered by this DPF have the right to access their personal data processed by us and to further correct, amend, or delete such information where it is inaccurate or has been processed in violation of the Principles, except where the burden or expense of providing access would be disproportionate to the risks to the individual's privacy in the case in question, or where the rights of persons other than the individual would be violated.
Additionally, our organization offers individuals the following specified means to limit the use and disclosure of their personal data.
Accept or deny consent buttons.The Federal Trade Commission and the U.S. Department of Transportation each have jurisdiction over our organization's compliance with the EU-US DPF, the UK extension to the EU-US DPF, and the Swiss-US DPF.
Please also note that we may be required to disclose personal data in response to lawful requests by authorities, including to meet national public security or law enforcement requirements.
Additionally, to the extent specified in the DPF, our organization may be liable if a third party engaged by us to process personal data on our behalf carries out the processing in a manner inconsistent with our obligations under the DPF, unless our organization proves that it is not responsible for the matter giving rise to the damage.
As we operate globally, we may transfer personal data from the United Kingdom to the United States and other countries, including personal data we receive from individuals residing in the United Kingdom or protected by the UK Data Protection Act 2018 who visit our website and/or use our services or otherwise interact with us. When we make such personal data transfers, we rely on the following transfer mechanisms:
We also conduct transfer risk assessments to determine the level of protection afforded to data subjects protected by the UK Data Protection Act 2018 by the recipient entity and continuously monitor the circumstances surrounding such transfers to ensure that they maintain, in practice, a level of protection essentially equivalent to that afforded by the UK Data Protection Act 2018.
How long we retain your personal data
Unless otherwise specified in this privacy policy, we retain your personal data only for as long as necessary for the respective purpose. We will then delete your data unless we are legally permitted or required to retain it further.
We ensure that the period for which we retain your personal data is limited to a strict minimum, reasonably necessary, and proportionate to achieve the purposes for which it was collected. The following criteria help us determine data retention periods for the respective data processing purposes:
Please refer to the Data Processing Activities section for the exact retention periods for different categories of personal data and/or different processing purposes.
We have implemented appropriate technical and organizational measures to ensure a level of security appropriate to the risk, taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing, as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons.
Depending on the circumstances, you may have the right to exercise some or all of the following rights:
1. Obtain confirmation as to whether or not personal data concerning you is being processed and access to a copy of the personal data undergoing processing.
1. request (i) access to and/or a copy of your stored personal data, (ii) receive the personal data you have provided to us, in a structured, commonly used and machine-readable format, and (iii) have the right to transmit such personal data to another controller without hindrance from us; technically feasible, you will have the right to have the personal data transmitted directly from us to another controller;
2. request the rectification, removal or limitation of your personal data;
3. If the data processing is based on the user's consent, refuse to provide it and — without any impact on data processing activities that took place before such withdrawal — withdraw consent to the processing of personal data at any time;
4. take legal action in relation to any potential violation of your rights regarding the processing of your personal data, as well as lodge complaints with the competent data protection authorities;
5. not be subject to any automated decision-making process, including profiling (automatic decisions based on data processing by automated means, for the purpose of evaluating various personal aspects) which produces legal effects on you or similarly affects you.
Furthermore, you have the right to object, for reasons relating to your particular situation, at any time to the processing of personal data concerning you, including objection to direct marketing and automated individual decision-making, including profiling. In this case, please provide us with information about your particular situation. After assessing the facts presented by you, we will stop processing your personal data or present you with compelling legitimate grounds for continued processing.
To enable the efficient processing of requests relating to the above rights or any questions or complaints regarding our data processing, please use the Data Subject Rights Portal.
You also have the right to lodge a complaint with the supervisory authority in your country.
You may request this Privacy Policy from time to time. If we change our Privacy Policy, we will post the revised version here, with an updated revision date. You agree to periodically visit these pages to review and review any such revisions. If we make material changes to our Privacy Policy, we may also notify you by other means before the changes take effect, such as by posting a notice on our websites or sending you a notification. By continuing to use our website after such revisions take effect, you accept and agree to the revisions and abide by them.
This privacy policy was last updated on May 20, 2024.
To install this Web App in your iPhone/iPad press icon.
And then Add to Home Screen.