INFORMATION ACCORDING TO ARTICLES 13-14 REG. EU N. 2016/679 FOR THE PROCESSING OF PERSONAL DATA
Dear Visitor,
Acqua e Pietra S.R.L.S. hereby informs you that, under and in accordance with Articles 13 and 14 of the European Regulation No. 2016/679 GDPR, the data you provide and/or acquire will be processed in compliance with the regulations mentioned below.
Roles
The Data Controller is: Acqua e Pietra S.R.L.S. Address: ROMA (RM) VIA DELLA CORDONATA 4 CAP 00187 Email: info@romafoodstudio.com Phone: +39 375 624 6444
Treatment Methods
The processing includes, for example, collection, recording, organization, storage, extraction, consultation, use, communication, and deletion of personal data. It is carried out, for the aforementioned purposes, according to the principles (ex art. 5 of GDPR n. 2016/679) of lawfulness, fairness, transparency, data minimization, and accuracy. The data is processed via telephone, paper, computer, and telematic methods. Adequate technical and organizational measures are in place to ensure security, integrity, and confidentiality, preventing the risk of loss, unauthorized access, unlawful use, and dissemination, in compliance with Article 32 of GDPR n. 2016/679.
Nature of Data Provision and Consequences of Refusal
The provision of data for mandatory purposes does not require explicit consent. Without this data, we will not be able to provide our services. The provision of data for other purposes is optional and requires explicit consent. Without it, you may not receive newsletters, promotional materials, or commercial communications, but you will still have access to our services.
We process your personal information only when there is a legal basis, including:
Your consent to the processing
Legal obligations we must fulfill
Execution of contractual agreements
Research studies conducted by institutions (preferably anonymized data)
Execution of pre-contractual obligations
Legal defense in administrative, judicial, or arbitration proceedings
Protection of health and safety
Credit protection and legitimate business interests, provided they do not override your fundamental rights
Access to Data
Your data may be made accessible for the following purposes:
To employees and collaborators of the Data Controller, acting as data processors and system administrators
To third-party companies or service providers (e.g., consultants, software providers, banks, insurance companies) performing outsourced activities on behalf of the Data Controller
Types of Data Collected
Personal data collected by this website, either independently or via third parties, includes:
Tracking tools
Usage data
First name
Email
Website interactions
Unique device identifiers for advertising
User session statistics
Browser and device information
Click, touch, and scrolling events
Data Communication
The Data Controller may share your data with public administrations, supervisory authorities, and judicial bodies as required by law. Your information will not be disclosed beyond these necessary communications.
Data Retention
All personal data will be processed lawfully and proportionately, using digital and telematic methods, to fulfill the described purposes. Personal data will be retained for six years after the last interaction or until the data subject requests deletion. In certain cases, data may be retained longer for legal compliance or legitimate business interests.
Rights of the Data Subject
As a data subject, you have rights under Articles 15 and following of the GDPR, including:
Confirmation of whether personal data is being processed
Access to personal data and processing details
Rectification of inaccurate data
Erasure of personal data under specific conditions
Restriction of processing in certain cases
Data portability rights
Right to object to data processing based on legitimate interests
Right not to be subject to automated decision-making, including profiling
Right to file a complaint with a supervisory authority
The updated list of external managers and data processors is available at the registered office of the Data Controller.
Changes to This Policy
This policy was last updated on March 2, 2025 and may be subject to future changes due to regulatory updates. Please check this page regularly for updates.
