Privacy Notice updated to GDPR
(European Privacy Policy, 679/2016)

Pursuant to art. 13 of the Regulation (EU) n. 2016/679, also called General Data Protection Regulation (hereinafter the “GDPR”), Agriturismo Colle di Mezzo di Salavatore Cadau (hereinafter Agriturismo Colle di Mezzo) informs you that your personal data (hereinafter the “Data”), they will be treated in compliance with the provisions of the GDPR and any applicable legislation with reference to the processing of personal data in accordance with the following information.
This privacy policy applies only to the online activities of this site and is valid for visitors / users of the site. It does not apply to information collected through channels other than this website. The purpose of the privacy statement is to provide maximum transparency regarding the information that the site collects and how it is used.

1. Data controller. Data Protection Officer
Responsible: Cadau Salvatore
Address: Località “Le Casacce” – Ciliano- 53049 Torrita di Siena (SI)
Telephone: +39 0577 687085
Email: info@colledimezzo.com

2. Type of data processed
The visit and consultation of the site do not generally involve the collection and processing of personal data of the user except for navigation data and cookies as specified below. In addition to the so-called “navigation data” (see below), personal data voluntarily provided by the user may be processed when the latter interacts with the site’s features or requests to use the services offered on the site. In compliance with the Privacy Code, Agriturismo Colle di Mezzo may also collect your personal data from third parties in the performance of your business. The Data processed by the Data Controller include: (i) personal data (name, surname, age, sex), residential or home address and contact details (telephone, e-mail address).

3. Purpose and legal basis of the processing. Legitimate interest
The Data concerning the User is collected to allow the Owner to provide its Services, as well as for the following purposes: Statistics, Advertising, Contacting the User, Registration and authentication, Heat mapping and recording sessions, Interaction with social networks and external platforms , Interaction with live chat platforms and Managing contacts and sending messages.
To obtain further detailed information on the purposes of the processing and on the Personal Data concretely relevant to each purpose, the User can refer to the relevant sections of this document.

4. Method of treatment
Personal Data is collected for the following purposes and using the following services:
a) Contact the User: Contact form of colledimezzo.com
By filling out the contact form with their Data, the User consents to their use to respond to requests for information, quotes, or any other kind indicated by the form header.
Personal Data collected: city, fiscal code, last name, email address, country, name, telephone number, VAT number, province and company name. Mailing list or newsletter (colledimezzo.com)
By registering with the mailing list or the newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional information, relating to colledimezzo.com may be transmitted. The email address of the User could also be added to this list as a result of registration at colledimezzo.com or after making a purchase.
Personal Data collected: surname, email address and first name.
b) Manage contacts and send messages
This type of service allows you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. These services may also allow us to collect data relating to the date and time the messages are displayed by the User, as well as to the User’s interaction with them, such as information on clicks on the links inserted in the messages.
MailUp (mailup.com) and MailChimp (mailchimp.com)
MailUp is an email address management and sending service provided by MailUp S.p.A.
Personal Data collected: email.
Place of processing: Italy – Privacy Policy.
MailChimp is an email address management and sending service provided by MailChimp.
Personal Data collected: email.
Place of processing: USA – Privacy Policy.
c) Heat mapping and session recording
The heat mapping services are used to identify which areas of a page are subject to the passage of the cursor or click of the mouse in order to detect which of them attract the most interest. These services allow to monitor and analyze traffic data and are used to keep track of User behavior. Some of these services may record sessions and make them available for later viewing.
Hotjar Heat Maps & amp; Recordings (Hotjar Ltd.)
Hotjar is a heat mapping and session recording service provided by Hotjar Ltd. Hotjar respects the generic “Do Not Track” headers. This means that the browser can tell the script not to collect any User data. This is a setting that is available in all major browsers. Further information on the opt-out from Hotjar can be found here.
Personal Data collected: Cookies, Usage Data and various types of Data as specified in the privacy policy of the service.
Place of processing: Malta – Privacy Policy – Opt Out.
d) Interaction with live chat platforms
This type of service allows you to interact with live chat platforms, managed by third parties, directly from the colledimezzo.com pages. This allows the User to contact the support service of colledimezzo.com or colledimezzo.com to contact the User while he is browsing his pages. If an interaction service is installed with live chat platforms, it is possible that, even if users do not use the service, the same collect usage data related to the pages in which it is installed. In addition, live chat conversations may be recorded.
Zopim Widget (Zopim Technologies Pte Ltd)
Zopim Widget is an interaction service with the Zopim live chat platform, provided by Zopim Technologies Pte Ltd.
Personal Data collected: Cookies and Usage Data.
Place of processing: Singapore – Privacy Policy.
e) Interaction with social networks and external platforms
This type of service allows you to make interactions with social networks, or other external platforms, directly from the pages of colledimezzo.com. The interactions and information acquired by colledimezzo.com are in any case subject to the User’s privacy settings related to each social network. If an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, the same collect traffic data relating to the pages in which it is installed.
+1 button and Google + social widgets
(Google Inc.)
The +1 button and Google+ social widgets are services for interacting with the Google+ social network, provided by Google Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy.
Like button and Facebook social widgets
(Facebook, Inc.)
The “Like” button and Facebook social widgets are services of interaction with the social network Facebook, provided by Facebook, Inc.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy.
f) Advertising
This type of services allow you to use the User Data for commercial communication purposes in various forms of advertising, such as the banner, also in relation to the User’s interests. This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.
Some of the services listed below may use cookies to identify the user or use the behavioral retargeting technique, that is, display advertisements customized based on the interests and behavior of the user, also found outside of colledimezzo.com. For more information on this, we suggest you check the privacy policies of the respective services.
In addition to the options for the opt-out offered by the following services, the User can opt for the exclusion from the receipt of cookies related to a third party service, by visiting the opt-out page of the Network Advertising Initiative.
Google AdSense (Google Inc.)
Google AdSense is an advertising service provided by Google Inc. This service uses the “Doubleclick” cookie, which traces the use of colledimezzo.com and the behavior of the User in relation to advertisements, products and services offered.
The User can decide at any time not to use the Cookie Doubleclick providing for its deactivation: https://adssettings.google.com/authenticated
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Direct Email Marketing (DEM) colledimezzo.com
colledimezzo.com uses the User Data to send proposals of a commercial nature related to services and products provided by third parties or not related to the product or service provided by colledimezzo.com.
Personal Data collected: email.
g) Registration and authentication
By registering or authenticating the User allows the Application to identify it and give it access to dedicated services.
Depending on the following, the registration and authentication services may be provided with the help of third parties. If this happens, this application will be able to access some data stored by the third party service used for registration or identification.
Facebook Authentication (Facebook, Inc.)
Facebook Authentication is a registration and authentication service provided by Facebook, Inc. and connected to the Facebook social network.
Personal Data collected: various types of Data as specified in the privacy policy of the service.
Place of processing: United States – Privacy Policy.
h) Statistics
The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.
Google Analytics
(Google Inc.)
Google Analytics is a web analytics service provided by Google Inc. (“Google”). Google uses the Personal Data collected for the purpose of tracking and examining the use of colledimezzo.com, compiling reports and sharing them with other services developed by Google.
Google may use the Personal Data to contextualise and personalize the advertisements of its advertising network.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy – Opt Out.
Tracking Facebook Ads Conversions
(Facebook, Inc.)
Tracking conversions of Facebook Ads is a statistics service provided by Facebook, Inc. that connects data from the Facebook ad network with actions performed within colledimezzo.com.
Personal Data collected: Cookies and Usage Data.
Place of processing: United States – Privacy Policy.
Personal data are processed electronically and entered into the company information system in full compliance with EU Reg. 2016/679, including security and confidentiality profiles and based on principles of correctness and lawfulness of processing. In compliance with EU Reg. 2016/679, the data are kept and kept for the time required by the purposes for which they were collected.

5. Recipients or recipient categories
Your personal data may be disclosed:
to all the subjects to whom the right of access to such data is recognized by virtue of regulatory provisions;
to our collaborators, employees, as part of their duties;
to all those natural and / or legal persons, public and / or private when the communication is necessary or functional to the performance of our activity and in the manner and for the purposes described above;
In any case, the Data will not be disclosed.

6. Security and quality of personal data
Agriturismo Colle di Mezzo undertakes to protect the security of the user’s personal data and complies with the security provisions of the applicable legislation in order to avoid data loss, illegitimate or illegal use of data and unauthorized access to the same, with particular reference to the Technical Disciplinary regarding minimum security measures. Furthermore, the information systems and computer programs used by Agriturismo Colle di Mezzo are configured in such a way as to minimize the use of personal and identifying data; these data are processed only for the achievement of the specific purposes pursued from time to time. Agriturismo Colle di Mezzo uses multiple advanced security technologies and procedures to promote the protection of users’ personal data; for example, personal data is stored on secure servers located in places with secure and controlled access. The user can help Agriturismo Colle di Mezzo to update and maintain their personal data by communicating any changes to the contacts on the site.

7. Transfer of data abroad
In consideration of the existence of links made with telematic, informatic or correspondence means, the data can be made available abroad both within the territory of the countries belonging to the EU and in non-EU countries. In this case, the transfer will take place by adopting the contractual clauses prescribed by the decision of the European Commission of 5 February 2010, as well as in order to provide appropriate and appropriate guarantees pursuant to art. 46 or 47 or 49 of the GDPR.

8. Retention period
Personal data is stored and processed through IT systems owned by Agriturismo Colle di Mezzo and managed by Agriturismo Colle di Mezzo or by third party technical service providers; for more details please refer to the specific section. The data is processed exclusively by specifically authorized personnel, including personnel assigned to carry out extraordinary maintenance operations.
The Data will be kept for a period of time not exceeding 10 (ten) years for administrative purposes and, in any case, for the time strictly necessary for the pursuit of the legitimate interest of the Data Controller.

9. Access rights, deletion, limitation and portability.
The owner informs you that you are entitled to the rights set forth in articles from 15 to 20 of the GDPR. By way of example, by sending a specific request to the e-mail address info@colledimezzo.com, you can:
– obtain confirmation that personal data concerning you are being processed;
– if a processing is in progress, obtain access to the data and information related to the treatment, and request a copy of the data;
– obtain the correction of inaccurate data and the integration of incomplete personal data;
– obtain, if one of the conditions foreseen by the art. 17 of the GDPR, the cancellation of data concerning you;
– obtain, in the cases provided for by art. 18 of the GDPR, the limitation of the processing of data concerning you;
– receive the data that concerns you in a structured format, commonly used and readable by automatic device and request their transmission to another holder, if technically feasible.

10. User rights
10.1 Art. 15 (right of access), 16 (right of rectification) of EU Reg. 2016/679
The interested party has the right to obtain from the data controller confirmation that it is or is not undergoing the processing of personal data concerning him and in this case, to obtain access to personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data in question;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations;
d) the retention period of the personal data provided or, if not possible, the criteria used to determine this period;
e) the existence of the right of the interested party to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;
f) the right to lodge a complaint with a supervisory authority;
h) the existence of an automated decision-making process, including profiling and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the interested party.
10.2 Right pursuant to art. 17 of EU Reg. 2016/679 – right to cancellation (“right to be forgotten”)
The data subject has the right to obtain from the data controller the deletion of personal data concerning him without undue delay and the data controller is obliged to cancel the personal data without undue delay if one of the following reasons exists:
a) personal data are no longer necessary with respect to the purposes for which they were collected or otherwise processed;
(b) the data subject revokes the consent on which the processing is based in accordance with Article 6 (1) (a) or Article 9 (2) (a) and whether there is no other legal basis for the processing ;
(c) the data subject opposes the processing pursuant to Article 21 (1) and there is no legitimate overriding reason to proceed with the processing, or opposes the processing pursuant to Article 21 (2);
d) personal data have been processed unlawfully;
e) personal data must be deleted to fulfill a legal obligation under Union or Member State law to which the controller is subject;
f) personal data have been collected in relation to the information society service offer referred to in Article 8, paragraph 1 of EU Reg. 2016/679
10.3 Right referred to in art. 18 Right of limitation of treatment
The interested party has the right to obtain from the data controller the limitation of processing when one of the following hypotheses occurs:
a) the interested party disputes the accuracy of personal data for the period necessary for the data controller to verify the accuracy of such personal data;
b) the processing is illegal and the interested party opposes the cancellation of personal data and asks instead that its use is limited;
c) although the data controller no longer needs it for processing purposes, personal data are necessary for the data subject to verify, exercise or defend a right in court;
d) the interested party has opposed the treatment pursuant to article 21, paragraph 1, Reg EU 2016/679 pending verification of the possible prevalence of the legitimate reasons of the data controller with respect to those of the interested party.
10.4 Right referred to in Article 20 Right to data portability
The data subject has the right to receive, in a structured, commonly used and automatically readable form, the personal data concerning him / her provided to a data controller and has the right to transmit such data to another data controller without impediments from part of the data controller
All the above requests must be sent to the following email info@colledimezzo.com with the subject “Right User Website colledimezzo.com”. The requests are filed for free and processed by the Data Controller as soon as possible, in any case within a month.

INFORMATION ON COOKIES OF Agriturismo Colle di Mezzo

This website, owned by Agriturismo Colle di Mezzo, data controller pursuant to and for the purposes of Legislative Decree 30 June 2003, n. 196 (“Privacy Code”), uses cookies and similar technologies. This statement provides information on how cookies are used and how they can be controlled by the user.
Use of this website implies acceptance by the user of the use of cookies (and similar technologies) in accordance with this information.

What are Cookies
Cookies are information saved on the hard disk of the user’s terminal and that are sent from the user’s browser to a web server and refer to the use of the network. As a consequence, they allow to know the services, the sites frequented and the options that, while surfing the net, have been manifested. In other words, cookies are small files, containing letters and numbers, that are downloaded to your computer or mobile device when you visit a website. Cookies are then sent back to the original site at each subsequent visit, or to a other website that recognizes these cookies. Cookies are useful because they allow a website to recognize the user’s device. This information is not, therefore, provided spontaneously and directly, but leaves a trace of the user browsing the net.
Cookies perform different functions and allow you to browse the pages efficiently, remembering user preferences and, more generally, improving your experience. They can also help to ensure that the advertisements shown during browsing are of interest to them and that the marketing activities carried out comply with their preferences, avoiding promotional initiatives that are unwelcome or not in line with the user’s needs.
The site uses “cookies”. By using the site, you consent to the use of cookies in accordance with this Privacy Policy. There are two macro-categories of cookies: technical cookies and profiling cookies.
Technical cookies are necessary for the proper functioning of a website and to allow user navigation; without them the user may not be able to view the pages correctly or use some services.
Profiling cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the user during navigation.
Cookies can also be classified as:
– “session” cookies, which are deleted immediately when the browser is closed;
– “persistent” cookies, which remain in the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site facilitating authentication operations for the user;
– “own” cookies, generated and managed directly by the manager of the website on which the user is browsing;
– “third-party” cookies, generated and managed by parties other than the operator of the website on which the user is browsing.
What categories of cookies we use and how they can be managed by the user
Type of cookie – Purpose of the cookie – Origin and how to block it

Essential website cookies (session and navigation)
These cookies are essential for correct navigation and to use the functions of the site. These cookies do not collect personal information usable for marketing purposes, nor do they store visited sites. The use of these cookies (which are not stored permanently on the user’s device and are automatically deleted when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary for allow safe and efficient exploration of the site. This category of cookies can not be deactivated. (direct cookies)

Direct functionality cookies
These cookies allow us to remember the choices made (such as user name, language or geographical location) and provide improved and personalized features. The information collected by these cookies can be made anonymous and do not keep track of the browsing activity on other websites. This category of cookies can not be deactivated. (Direct cookies)

Analytics and third-party advertising cookies
These cookies, also cache cookies, are set by Google Analytics and are used to gather information on how visitors use the site, including the number of visitors, the sites of origin and the pages visited. on our website. We use this information to compile reports and to improve our website; this allows us, for example, to know any errors detected by users and to ensure them an immediate navigation, to easily find what they are looking for. In general, these cookies remain on the visitor’s computer until they are deleted.
In the same way, AddThis, Facebook, Twitter, Google+, Youtube can use cookies that are useful for sharing content on social networks or for processing access statistics. Agriturismo Colle di Mezzo does not use these cookies for profiling purposes.
Facebook Connect allows users already registered to Facebook to authenticate on the site without requesting login credentials entered during registration. Agriturismo Colle di Mezzo may adopt, in case the user voluntarily uses it, the system and cookies of Facebook Connect, to integrate the login of Agriturismo Colle di Mezzo with the Facebook account of user. In addition to simplifying the registration process, Facebook Connect allows the website to extend some features of the social network to the site itself, thus making it easier to share content through Facebook.
In addition, if the Facebook Pixel cookie is installed that allows Agriturismo Colle di Mezzo to monitor conversions that occur on your website as a result of the adverts that are running on Facebook. For example, in case you want to monitor the membership of a particular campaign advertised on Facebook, the cookie communicates to Facebook every time a user has joined a particular campaign on the site Agriturismo Colle di Mezzo. Facebook compares the conversion event with the group of people to whom the advert was shown or who clicked on it, in order to provide Agriturismo Colle di Mezzo with information that helps it to understand the return on investment for your advertising spend. Agriturismo Colle di Mezzo does not use this cookie for the purposes of profiling the data subject but only for statistical purposes.
Finally, the Google Adwords / Doubleclick conversion Pixel cookie is used by Agriturismo Colle di Mezzo to find out which keywords generate the most clicks on Google and conversions in services required by Agriturismo Colle di Mezzo (eg campaign sign-ups). This tool indicates what happened after users clicked on their ad on Google, for example if they joined a campaign. Thanks to this information, Agriturismo Colle di Mezzo identifies the most effective keywords for your business. Agriturismo Colle di Mezzo does not use this cookie for the purposes of profiling the data subject, but only in aggregate for statistical purposes.
Finally, third parties may use this information, also combining it with others already available for purposes other than purely technical (functionality or session), subject to user consent. To find out more, access the privacy policies of the individual third parties and manage your options by following the links presented in the column alongside and / or set your browser as described below.

Google Analytics privacy policy cookie
https://policies.google.com/privacy?hl=en
AddThis privacy policy cookie
http://www.addthis.com/privacy/privacy-policy
Facebook privacy policy cookie
https://www.facebook.com/policies/cookies/
Twitter privacy policy cookie
https://help.twitter.com/en/rules-and-policies/twitter-cookies
Google+ privacy policy cookie
https://policies.google.com/technologies/cookies?hl=en
Youtube privacy policy cookie
https://policies.google.com/privacy?hl=en
Facebook Connect privacy policy cookie
https://www.facebook.com/policies/cookies/
Facebook Pixel privacy policy cookie
https://www.facebook.com/policies/cookies/
Google Adwords privacy policy cookie
https://policies.google.com/privacy?hl=en

How to check or delete cookies
By choosing to refuse cookies, you may not be able to use all the features of the site.
You can block cookies by following the instructions provided by the browser (usually found in the “Help”, “Tools” or “Edit” menus). The deactivation of a cookie or a category of cookies does not remove them from the browser. Therefore, this operation must be done directly in the browser.
If you want to delete, disable or restore cookies on your computer, you can use the configuration pages cookies made available by any third-party content providers, or through the options of the user’s browser. Below is a list of instructions to manage cookies in relation to the most popular browsers:

– Chrome: https://support.google.com/chrome/answer/95647?hl=en
– Firefox: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
– Internet Explorer: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
– Safari: https://support.apple.com/kb/PH21411?locale=en_GB
– Opera: http://help.opera.com/Windows/10.00/en/cookies.html

If you use a mobile device, refer to its instruction manual to find out how to handle cookies.

Cookies set previously
If the user has disabled one or more cookies, we will still be able to use the information collected prior to such disabling by means of preferences. However, from that moment on, we will cease to use disabled cookies to collect further information.

Detail of our Cookie Policy