Privacy Policy – ENG

Notice pursuant to Article 13 of Regulation (EU) 2016/679

Dear User,
Apulia Plants s.r.l. agricola (“Apulia Plants”), as Data Controller, pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”) and Legislative Decree 196/2003, as amended by Legislative Decree 101/18, provides this notice to describe how personal data of users visiting the website accessible at the following URL:

www.apuliaplants.it

This notice does not apply to other websites, pages, or online services accessible via hyperlinks published on this site.

In this document, we aim to explain:

1. What is meant by ‘data processing’?

According to Article 4 of Regulation (EU) 2016/679, ‘processing of personal data’ refers to “any operation or set of operations which is performed on personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure, or destruction.”

2. Who is the Data Controller of your data?

The Data Controller is Apulia Plants s.r.l. agricola, VAT No. 07430350723, with registered office at Via Giordano Bruno n. 36, 70038 – Terlizzi (BA), represented by its pro tempore legal representative.
The Data Controller can be reached at the following email address: info@apuliaplants.it.

3. What data is processed?

Apulia Plants processes two types of personal data:

1. Browsing Data: Information collected automatically during navigation on the website.
2. Identifying Data: Information directly provided by the user.

1. Browsing Data

This category includes data implicitly transmitted while using Internet communication protocols, such as IP addresses, domain names of computers, URI/URL addresses of requested resources, request time, method used for the request, server response size, response status codes, and other parameters related to the user’s operating system and IT environment.
Such data may also be collected via cookies. Although not specifically aimed at identifying users, this information could potentially enable user identification when combined with other data held by third parties.
Details on cookies are provided in the dedicated “COOKIE POLICY” link available on the website.

2. Identifying Data

This includes information voluntarily provided by users, such as messages sent to the Data Controller’s contact details, private messages via social media profiles/pages, or data entered into contact forms. This may include name, surname, date and place of birth, residence, phone number, and email address.

4. Why do we process your data?

Purposes for processing browsing data:

1. Enabling website navigation.
2. Obtaining statistical data on website usage (e.g., most visited pages, visitor numbers by time or day, geographical origin).
3. Ensuring the proper functioning of the services provided.

Purposes for processing identifying data:

1. Providing services offered by Apulia Plants.
2. Responding to user inquiries.
3. Handling requests made through contact forms.
4. Sending advertising communications (direct marketing).
5. Managing registration and access to the reserved area.

In addition, personal data may be processed for:
6. Legal obligations: Compliance with national, European, or international laws.
7. Defense of rights: Exercising, establishing, or defending legal rights.

5. On what legal basis do we process your data?

Processing of personal data is based on Article 6 of the GDPR. Specifically:

• For browsing data: Legitimate interest (Art. 6(1)(f)).
• For identifying data: Consent (Art. 6(1)(a)) or pre-contractual/contractual necessity (Art. 6(1)(b)).
• For commercial purposes: Consent or legitimate interest (Art. 6(1)(f)).

6. How are your data processed, communicated, and disclosed?

Data will not be disclosed but may be communicated to authorized personnel (e.g., employees) or external data processors (e.g., hosting providers, web agencies). The Data Controller ensures the adoption of adequate security measures.

Data may also be shared with insurance companies, public authorities, or legal entities in compliance with legal or contractual obligations.

7. How long are your data retained?

• Browsing data: Not stored except as specified in the COOKIE POLICY.
• Identifying data: Retained only for the duration required to fulfill the purpose for which they were collected.
• Commercial data: Retained until consent is withdrawn or opposition is expressed.

8. Where are your data processed? Are they transferred outside the EU?

Data processing occurs at the Data Controller’s premises or other authorized locations. Data will not be transferred outside the EU. If required, such transfers will comply with GDPR Articles 44 and following.

9. What are your rights?

Users have rights under Articles 15-22 of the GDPR, including:

• Access, rectification, and erasure of data.
• Opposition to processing for legitimate reasons or marketing purposes.
• Data portability and consent withdrawal.

Requests must be addressed to the Data Controller, who will respond within 14 days.

If a data breach occurs, the Data Controller must notify the Privacy Authority within 72 hours and inform affected individuals.

Complaints can be filed with the Privacy Authority at www.garanteprivacy.it.

COOKIE POLICY

Information on cookies is available via the “COOKIE POLICY” link in the website footer.

For further information, please contact the Data Controller at the email provided above.