Privacy policy

​​​​
  1. ​​ Premise
  2. Security policies of our website and user information
  3. Privacy Policies
  4. Information notices and consent
  5. Regulations 

1.Premise

The procedures for managing our site are described in the section Security Policies of Our Site,​ which represents the Information to be provided to Data Subjects pursuant to Article 13 of Regulation (EU) 679/2016 on the protection of personal data (hereinafter, also “the Regulation”) for persons who interact with the online services provided by the site but not other sites visited by the user through links.
In order to ensure maximum compliance with current privacy legislation, the Company has adopted a specific organisation, described in the section Privacy Policies.

[back​ to Summary]

2.​Security policies of our w​ebsite and user information

This page describes the procedures for managing our site with regard to processing of the personal data of users who visit the same.
Go to the section Privacy Policies for information on the Data Controller, the list of data processors and the rights of the Data Subjects (pursuant to Articles 15-22 of the Regulation).

Data provided voluntarily by users and user information

The optional, express and voluntary sending of emails to the addresses indicated on this site results in the subsequent acquisition of the sender’s address, necessary to respond to requests, along with any other personal data contained in the message. 

The processing of the aforementioned personal data has the sole purpose of allowing our Company, as Data Controller, to respond to questions, doubts, requests for clarification or to welcome suggestions from users. 

The data will not be disclosed and may be accessed by collaborators of our Company with specific authorisation to process the same as data processors or persons tasked with processing. 

Privacy legislation (Articles 15-22 of the Regulation) guarantees Data Subjects the right to access data that concerns them at any time, as well as to request the correction and/or integration, if inexact or incomplete, deletion or limited processing of their data, if the conditions are met, to oppose processing for reasons relating to the situation of the Data Subject, to request the portability of the data provided, if processing is carried out by automated means and on the basis of consent or for the execution of a contract, to the extent envisaged by the Regulation (Article 20).

The Data Controller is è Tenute del Cerro S.p.A. www.tenutedelcerro.it with registered office in Via Grazianella, 5 Fraz. Acquaviva - 53045 Montepulciano (SI).

The Data Protection Officer is at your disposal for any doubts or clarifications: for this purpose, you may contact the same at the registered office of Tenute del Cerro at the address privacy@tenutedelcerro.it to request an updated list of categories of data recipients or to exercise your rights. In any case, you are entitled lodge complaints with the Italian Data Protection Authority, if deemed necessary for the protection of your personal data and your rights in this regard. 

Specific summary information is shown or displayed on other pages of the site prepared for particular services on request. 

Users are free to provide personal data contained in the request forms or in any case indicated during contacts with the corporate office to request the sending of information material or other communications. Failure to provide the same may result in your request being denied.

Navigation data

The computer systems and software procedures used to operate this site acquire certain personal data during normal operations, which is automatically transmitted through the use of Internet communication protocols. This information is not collected for association with identified Data Subjects, but given its nature could allow the identification of users through processing and association with data held by third parties. This type of data includes the IP addresses or domain names of the computers of users who connect to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of request, the method used to submit requests to the server, the size of files obtained in response, the numerical code indicating the status of the server’s response (ok, error, etc.) and other parameters relating to the operating system and computer environment of users. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site, and to ensure its proper functioning, and is deleted on a regular basis. The data may be used to ascertain liability in case of computer crimes.

Cookies

To read more: click here

Processing methods
Your personal data is processed by electronic means for the time strictly necessary to achieve the purposes for which it was collected.

Specific security measures are observed in order to prevent loss of data, illegal or incorrect use and unauthorised access.

[back​ to Summary]

​3.Privacy Policy

​Our Company processes third-party personal data and has always adopted all necessary measures to ensure the confidentiality and security of the data processed.

Personal data is processed electronically for the time strictly necessary to fulfil the purposes for which it was collected, and possibly stored for the time established by specific legislation (e.g. 10 years from the date of last registration). 

Specific technical security measures are observed in order to prevent the loss, damage or disclosure of data, unlawful or improper use as well as unauthorised access.

In application of current regulations on the protection of personal data (Regulations), the following arrangement has been adopted:

  • The Data Controller is Tenute del Cerro S.p.A. with registered office in Via Grazianella, 5 Fraz. Acquaviva - 53045 Montepulciano (SI), which appointed General Manager, Antonio Donato, as Delegate for the application of privacy regulations at the company; 

  • In order to ensure compliance with the regulations and provisions on privacy, specific Process Owners have been identified for the various processing carried out within the internal organisational structure;

  • The Company also relies on external resources, to which a part of its production process is outsourced;

  • Persons tasked with processing personal data are provided specific instructions and receive regular training and updating;

  • The Company only acquires personal data strictly necessary for the completion of the services requested or for the purposes it was collected, providing specific disclosure;

  • In order to exercise the rights granted by Articles 15-22 of the Regulation (access to information and other rights) or receive any other information on the protection of personal data, all Data Subjects may contact the Data Protection Officer by writing to:

    Tenute del Cerro S.p.A.
    Via Grazianella, 5 Fraz. Acquaviva
    53045 Montepulciano (SI)
    e-mail: privacy@tenutedelcerro.it

    for confirmation of the existence of any personal data concerning them, even if not yet registered, and communication of the same in a readable format.

By contacting the Data Protection Officer, Data Subjects may also:

  • ​obtain indication of the origin, purposes and processing methods of their personal data;

  • obtain the deletion, transformation in anonymous form, limited processing, updating, correction and/or integration of their data;

  • obtain information on the persons or categories of persons their data is communicated to or who may gain knowledge of the same data processors or persons tasked with processing;

  • obtain information on the persons who may gain knowledge of their data as data processors or persons tasked with processing, also as a result of activities provided by other Group companies on the basis of service level agreements;

  • request the portability of the data provided, if processing is carried out by automated means and on the basis of consent or a contract the Data Subject is party to, to the extent envisaged by the Regulation (Article 20).

[back to Summary]

4.Information Notices and Consent 

Below is the list of information notices:
Contractual and Commercial Purposes: 

[back to Summary]

​5.Regulations

Site of the Italian Data Protection Authority​ 

[back to Summary]