Cookie Policy

This Privacy Policy (hereinafter the “PP”) describes the methods used by Banca del Vino S.C. to manage personal data.

Based on a joint control agreement for the processing of personal data, the joint data controllers are::

• SLOW FOOD, which has its headquarters in ITALY, Piazza XX settembre 5, 12042 Bra (Cn); Tax Code 91019770048, VAT no. 02743970044
• FONDAZIONE PER LA BIODIVERSITA’ which has its headquarters in ITALY, Logge Uffizi Corti, Accademia dei Georgofili, 50122 Florence; Tax Code 94105130481
• FONDAZIONE TERRA MADRE which has its headquarters in ITALY, Piazza Palazzo di Città 1, 10122 Turin; Tax Code 97670460019
• SLOW FOOD PROMOZIONE SRL which has its headquarters in ITALY, Via Vittorio Emanuele II 248, 12042 Bra (Cn), Tax Code 0220020040
• SLOW FOOD EDITORE SRL which has its headquarters in ITALY, Via Audisio 5, 12042 Bra (Cn), Tax Code 02177750045
• SLOW FOOD ITALIA which has its headquarters in ITALY, Via Mendicità Istruita 14, 12042 Bra (Cn), Tax Code 91008360041, VAT no. 02106030048

2. Website users
3. Registered members (“become a member of the Wine Bank”)
4. Subscribers to newsletters and commercial and promotional communications to encourage sales
5. Those booked and registered to attend events and activities: workshops, guided tours, team building (etc.)
6. Travel agencies requiring information
7. Anyone, with regard to their photographs and videos
8. Employees and job candidates
9. Signatories of agreements, contracts, etc.
10. Professional contacts between partners, customers, suppliers, consultants, collaborators, public administration, etc.

When necessary, with the exception of cases in which legal or contractual obligations or the legitimate interest of both the Data Controllers (collectively or individually) and third parties apply, the data subject is required to read the privacy policy and consent to the processing and disclosure of their data for the purposes and within the limits described below. Otherwise it will be impossible for the Data Controllers to process the data in order to perform and implement the services requested by or offered to the data subject.

1. Processing method
The processing of personal data, understood as the collection, recording, organisation, storage, processing, amendment, deletion and destruction, or the combination of two or more of these operations, is carried out manually, electronically and remotely, also automatically, using logics strictly related to the purposes declared and in such a way as to guarantee security and confidentiality, for the time strictly necessary to achieve the purposes for which the data were collected.

The data are processed lawfully and correctly, collected and recorded for specific, explicit, legitimate and precise purposes. If necessary, they are updated, made pertinent, complete and not excessive for the purposes of the process, in compliance with minimum security standards and fundamental rights and freedoms, as well as the dignity of the data subject, with particular reference to confidentiality and personal identity.

Specific security measures are observed to prevent the loss of data, illicit or improper use and unauthorised access.

The data will be stored until the end of the legal term for the purposes of defence or enforcement of a right in court, after the purpose for which the data was collected has been accomplished.

Personal data will not usually be transferred to an addressee in a third country or to an international organisation outside the European Union (EU) or the European Economic Area (EEA), other than in special cases as described below.

1.1 Rights of the data subject
The data subject may exercise their rights (access, correction, deletion, limitation, portability, opposition, absence of automated decision-making processes) at any time, where envisaged in compliance with articles 15 to 22 of GDPR (https://eur-lex.europa.eu/legal-content/IT/TXT/HTML/?uri=CELEX:32016R0679&from=IT#d1e2168-1-1),lodge a complaint with the Guarantor (www.garanteprivacy.it), and, if the processing is based on consent, withdraw said consent, taking into account that withdrawal does not affect the legitimacy of the processing based on the consent given prior to withdrawal.

1.2 Applicable law
The processing of personal data relating to the website is subject to European legislation, Reg.(EU) 2016/679, and Italian Legislative Decree no. 196 of 30 June 2003 and subsequent amendments and additions, as well as the provisions of the Guarantor for the protection of personal data.

1.3 Contact details
Requests should be addressed to the Data Controller at the following addresses privacy@slowfood.com e privacy@slowfood.it

The Data Protection Officer is SPAZIOTTANTOTTO Srl, VAT no. 08283280017 with headquarters at Via Nino Bixio, 8, Turin, in the person of Massimiliano Bonsignori, dpo@spazio88.com, Ph. +39 0114337431.

2. Website users
For the following internet domains and corresponding subdomains, including websites, portals, landing-pages, forms, apps, etc.

bancadelvino.it/
slowfood.it/slowine/

We would like to inform those who use and consult them that, with reference to the processing of their personal data in their capacity as users, the processing operations connected to the web services of these sites are carried out on the premises of the suppliers of the web services for the creation and provision of the site and also at the premises of the Data Controllers. The data, processed by the staff appointed and the designated data managers, also within the scope of any processing system maintenance and administration operations, may concern:

2.1 Browsing and technically essential data
During their normal operation, the IT systems and software procedures used to operate this website acquire some personal data which is transmitted automatically when using Internet communication protocols. This information is not collected to be associated with identified data subjects, but could, by its very nature, allow the identification of users as a result of processing and association with data held by third parties. This category of data includes IP addresses or domain names of computers used by users connecting to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters relating to the operating system and IT environment of the user. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct operation, and is deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes that damage the website.

2.2 Data provided voluntarily by the user (on forms and by e-mail)
Data relating to persons identified or identifiable on the basis of further information communicated by the data subject by filling in data collection forms or via the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site, resulting in the subsequent acquisition of the sender’s address, required to answer requests, as well as any other personal data included in the communication, may also be processed.

2.3 Data for e-commerce and on-line payment
The data processed for the management of on-line orders (on sites with a shop) and for the management of on-line payments include personal data, addresses, purchase lists, indications and notes. Data relating to credit cards, which are managed directly by the payment system (e.g. Gestpay Banca Sella, Paypal, Satispay, etc.), are not directly acquired and processed.

Unless specific objection has been made, the purchaser is subscribed to the newsletter (see dedicated paragraphs), with the option to cancel the subscription at a later date.

2.4 Profiling data
No profiling data regarding the habits or consumption choices of the person concerned are directly acquired. However, it is possible that such information may be acquired by independent or separate parties through links or by incorporating third party elements. See the following section on Cookies.

2.5 Cookies
These websites, like others, store cookies on the browser of the user’s computer for the transmission of personal information and to enhance their user experience. Cookies are small strings of text that the websites visited by the user send to the user’s terminal (usually to the browser), where they are stored, sometimes for a long time, for retransmission to the same sites the next time the user visits it.

As explained below, it is possible to choose which, if any, cookies to accept, bearing in mind that refusing their use may affect the possibility to carry out certain transactions on the site. It may also influence the accuracy and suitability of some customisable content offered or the recognition of the user from one visit to the next. If no choice is made, the default settings will be applied and all the cookies will be activated: however, you can communicate or change your decisions at any time.

So-called session cookies, which are not permanently stored on the user’s computer and disappear when the browser is closed, are used. Their use is strictly limited to the transmission of the session identifiers (consisting of random numbers generated by the server) required to allow the safe and efficient exploration of the site. They avoid the need to use other computer techniques that could potentially compromise confidentiality when browsing the site and do not allow the acquisition of the user’s personal identification data.

Analytics cookies are used too. These cookies help understand how visitors interact with site content, collecting information (geographical and web origin, technology used, language, entry pages, pages visited, exit pages, time spent on the site, etc.) and generating statistics on website use without the personal identification of individual visitors. These are to be considered as technical cookies which do not require the user’s consent and are therefore covered by the opt-out mechanism. Technical cookies are not disclosed to third parties as they are necessary or useful for the operation of the website; consequently, they are processed only by persons qualified as data processors, data managers or system administrators.

Each website may specifically use different cookies: for details see the dedicated “Cookie-policy” page found on each site.

Some people prefer not to enable cookies, so all browsers offer the possibility to manage them with respect for user preferences. In some browsers it is possible to programme rules for managing cookies site by site, an option which offers more precise control over privacy. This means that cookies can be disabled for all sites apart from those that you trust.

Another feature available on some browsers is the incognito mode, and all cookies created in this mode are deleted after closing.

Please see the instructions contained in the links to learn more about cookie management in the relative browsers:

Chrome: https://support.google.com/chrome/answer/95647?hl=it

Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie

Internet Explorer 11: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookie

Internet Explorer 9: http://windows.microsoft.com/it-it/windows7/how-to-manage-cookie-in-internet-explorer-9

Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT

2.6 Purpose of the process, disclosure and dissemination of data
The personal data collected are used for the sole purpose of fulfilling or performing the services requested and are disclosed to third parties only if this is absolutely necessary. The services include consultation and use of the website and its contents, registration and access to the reserved area, donations and payments, subscription to and receipt of the newsletter, complaints, request for contact, etc.

In any case, no data originating from web services is disseminated or published without the prior consent of the data subject.

It should be noted that, in some cases (not falling within ordinary operations) the Public Authorities may request news and information, also of a personal nature, which the Data Controller is required to respond to.

2.7 Optional provision of data
Apart from that specified for browsing and technically indispensable data, the user is free to provide personal data for specific requests concerning products and/or services. Failure to provide certain data, considered indispensable, may make it impossible to obtain that requested.

2.8 Details for specific services
Some web services or forms that collect personal data, indicated below, may concern specific types of data subjects, for which specific information is provided in the following sections:

3. Registered members (become a member of the Wine Bank)
The data requested are supplied freely by the data subject: some of these (name, surname, date of birth, gender, address, telephone, e-mail, identity document, tax code) are indispensable; others are optional. Consent to processing is required for the purposes and activities proposed by the Wine Bank, which, with the first registration, also include receipt of the newsletter (see the specific paragraph) for promotional and commercial communications, which can be cancelled at a later date.

The payment system envisages the communication of certain data to the bank providing the service.

4. Subscribers to newsletters and commercial and promotional communications to encourage sales
The e-mail contacts used to send periodical newsletters containing commercial, promotional and sales-oriented communications, come from voluntary registration by the recipient, to whom a request for confirmation is always submitted, and from information acquired during the sale of the Data Controller’s products or services or similar, in relation to a legitimate interest. The newsletter includes the sending of information, commercial and promotional communications and advertising material. Please note that contacts are not acquired from public subscriber lists. If the communications are not of interest to the recipient, it is possible to avoid further mailings related to the specific channel by clicking on the unsubscribe link contained in each message sent by that channel, or by writing to the contact details, exercising your right to unsubscribe from the newsletter.

5. Those booked and registered to attend events and activities: workshops, guided tours, team building (etc.)
Personal data collected are used to formalise the booking and registration for the event and to guarantee the regular performance of the services offered and used, including, depending on the case, the sending of communications relating to the organisation of the event or follow-up.

With the exception of cases for which explicit consent is required, participation in workshops, guided tours and events organised by the Wine Bank envisages subscription to the newsletter on the basis of the legitimate interest of the data controller (see specific paragraph). It is always possible to unsubscribe from the newsletter by clicking on the appropriate link

6. Specialised agencies requiring information
The data collected are used to supply information regarding offers reserved for specialised agencies that request them, as well as details for organising and planning the activities that the agencies offer their clients. The treatment relating to section “11. Professional contacts between partners, customers, suppliers, consultants, collaborators, public administration, etc.” also applies.

7. Anyone, with regard to their photographs and videos
Photographs and videos of anyone can be collected within the scope of promotional and educational activities, including international or local events organised by Slow Food.

The general intention is to create a reportage that gives an account of the projects and activities carried out. The idea is to publicise the actual events as a whole rather than to portray individuals (except in specific cases, such as portraits of winemakers and other faces of the wine world). If audio/video recordings and photographs portray subjects in the foreground, their consent and release for use will be required.

By way of non-exclusive example, photographs and videos may be collected:

• at the premises of winemakers who are members of the Wine Bank or its projects (wineries, vineyards)
• at places where the activities of the Wine Bank’s projects take place
• through photographers appointed to take pictures at events
• through voluntary photographers or people from the Slow Food network, of which the Wine Bank is also a member (project representatives, Slow Food trustees, members of Slow Food communities, etc.).
• from the newspapers or websites of third parties participating in the event
• on “social media”, such as social networks, only in the spaces used by the events
• at exhibition stands, tasting rooms and workshops, educational spaces and conference rooms, within the events. To protect people, there are signs warning of the presence of official photographers and videomakers near the areas involved.

The pictures may be used for:

• the production of publications relating to Wine Bank projects or events;
• the documentation of the activities of the Wine Bank within projects with partners or financing bodies;
• the production of press releases;
• the production of promotional material;
• publishing on social media and the websites of the Wine Bank and Slow Food;
• photographic exhibitions;
• inclusion in in imagelibrary.slowfood.it/ (Slow Food online photographic archive);
• the communication of the activities carried out during the event, with the distribution or publication of the audio/video recordings and photographs in magazines, on websites, social media pages, etc., unless they feature subjects in the foreground or images which could be damaging to the dignity of the people shown, exercising particular caution with regard to more vulnerable subjects (e.g. minors);
• reasons relating to the safety of people and property (residual purpose);

Pictures and videos are processed within the scope of normal institutional activity and in accordance with legitimate interests. Those who do not wish to be filmed are invited to leave the areas where filming is taking place.

8. Member wineries
The Wine Bank adheres to and is an essential part of the Wine Project in collaboration with Slow Food. The aim of the project is to promote Italy’s wine heritage, and the Wine Bank fulfils the fundamental function of guaranteeing its oenological memory. With this in mind, descriptions of the wineries and their contact details (contacts, telephone, e-mail) are published on the website http://www.slowfood.it/slowine/cantine-slowine/ which is directly accessible from the Wine Bank’s website. The contact details published are supplied directly by the wineries involved or the data subjects themselves.

9. Employees and job candidates
Information on the processing of data is made available by the human resources department at the request of the data subjects, during interviews and at the time of entry into the employment relationship. For the purposes of confidentiality they are not disclosed in this Privacy Policy.

10. Signatories of agreements, contracts, etc.
Personal data are collected directly from the data subjects and freely provided by them, and from third parties (e.g. on the Internet, from public registers, etc.). This information concerns personal details, contact details, telephone numbers, postal and e-mail addresses, identity documents and other information on the possession of technical, professional, moral requirements, etc.. The data subjects act on their own behalf or that of other natural or legal persons involved with the undersigned or with a contractual or potential counterparty, such as partners, customers, suppliers, public administrations, associations, etc., with whom there is a contractual or working relationship of interest with the Data Controllers. Personal data are processed for the management of agreements, contracts and conventions for administrative-accounting purposes, including legal, contractual and pre-contractual obligations. In addition to this, where there is a legitimate interest, they are processed with regard to making contact and maintaining relations that go beyond contractual obligations, e.g. invitations to events and meetings.

11. Professional contacts between partners, customers, suppliers, consultants, collaborators, public administration, etc.
Personal data are collected directly from the data subjects and freely provided by them, and from third parties (e.g. on the Internet, from public registers, etc.). This information concerns personal details, contact details, telephone numbers, postal and email addresses, identity documents and other information on the possession of technical, professional and moral requirements, etc. The data subjects act on behalf of public administrations or contractual and potential counterparties (e.g. clients, suppliers, consultants, etc.) or partners, associations, newspapers, communication agencies, etc. with whom there are contractual or working relationships of interest with the Data Controllers.

Personal data are processed in communications between the undersigned organisation, including its staff, and the data subject, and to comply with legal, contractual and pre-contractual obligations between the parties within the scope of the normal activity carried out as part of the relationship established or being established, such as: managing existing and potential customers and suppliers, adding them to the company’s databases; internal organisation of work; processing statistics; compliance with civil, tax, accounting, salary, social security and insurance regulations; sending circulars and communications related to the activity of the contract for the provision of the services requested; the provision of instructions given by authorities empowered by law.

The personal data are also processed with regard to making contact and maintaining relations that go beyond contractual obligations, e.g. invitations to events and meetings.