Privacy - Data Protection and Processing (GDPR)

Privacy Notice for the user updated to 27/07/2024

Legislative Decree 30.06.2003 N.196, Art. 13 & GDPR of 25 May 2018

This extended information is provided pursuant to art. 10 of the law of December 31, 1996 n. 675 and adapted to the new regulations introduced with the GDPR (General Data Protection Regulation) entered into force on 25 May 2018.

It is aimed at all those who leave their data to a different extent and / or interacting with the web services of en.gruppocaro.com. Our intent with this page is to clearly inform you about how we handle, use and we protect your personal data, where they are located and who is responsible for them depending on the services you will use.

Collection of Data and Consent to their use

Interacting with the Gruppo Caro website you will leave data (also anonymous) that will be from us or from third party systems collected for different purposes and purposes, such as statistical analysis or promotional messages following a newsletter or retargeting on social networks and search engines.

Below we list you in a simple and clear way for each service and with which tools we collect your data, the purpose for which we do it, the duration of use, as well as the place and the person responsible for the storage of said data.

However, we inform you that AT ANY TIME YOU CAN EXERCISE YOUR RIGHTS ACCORDING TO THE APPLICABLE LEGISLATION below:

1. Right of access to data

   The interested party has the right to obtain confirmation of the existence or not of personal data concerning him, even if not yet registered, and their communication in intelligible form.

2. Right to obtain information and copy of your data

   The interested party has the right to obtain the information and / or copy of his / her own data by making a paper request or even by e-mail via our special contact page, these will be provided in a precise and timely manner.

3. Right to rectify and modify your data

   The interested party has the right to make explicit request to obtain on their data:

   • a) the update
   • b) the correction
   • c) integration
   • d) cancellation

4. Right to oppose the use of their data

   The interested party has the right to make explicit request to oppose the processing of their personal data for purposes related to the sending of advertising material (including by e-mail) or direct sales or for carrying out market research or commercial communications of various nature.

Data controller

Holder of the processing of personal data collected as a result of registration or interaction with the aforementioned site and any other data exchanged for the provision of our services, is the Caro s.r.l. of Gruppo Caro s.r.l., located in C.da Erbe Bianche - 91021 Campobello di Mazara (TP) - SICILY.

When do an Order how do we process your Data?

On en.gruppocaro.com you have the possibility to purchase products and to be able to send and communicate effectively with you it is necessary to acquire some personal data, this can happen in two ways but with a similar data treatment, let's see which:

1. 1. Order as a Guest

   It is possible to place an order without carrying out any registration process, and therefore without logging in, or accessing your data to our website.
   In the guest order process, the data required for sending the purchased products are requested, namely: name, surname, cod fis or piva, email (required to receive notifications on the order summary), shipping address and billing. These data (your e-mail) may at our discretion be used for advertising campaigns targeted to your interests on the social network Facebook or Google.

3. 2. Order as a Registered User

   It is possible to make an order by first registering and logging on the site, in this case in addition to the classic data as a guest will be saved an e-mail (univocal) that acts as 'user' and a password (appropriately encrypted and protected) that will serve to user login.
   By registering the user will be able to view, update and integrate their own data, as well as consult the purchase history or unsubscribe from services such as the Newsletter (for which he gave explicit consent).
   Unlike the Guest on a Registered user, further information regarding his purchase, shipping and payment method is kept.
   These data (your e-mail) may at our discretion be used for market analysis and / or advertising campaigns targeted to your interests on social networks such as Facebook or Google.

N.B. The data you leave during an order both as a guest and as a registered user are stored in our database, data storage service provided to us by Aruba S.p.A. adequately protected and with active a backup service for possible recovery; and will be retained until you explicitly request cancellation or termination of our online sales service.

When do you register what data you leave and how we treat them?

As explained above you can register on the site and make orders as a known and verified user, consult your order history and update your data or integrate them at any time. During the registration phase (with verification) enter personal and sensitive data such as: Name, Surname, Email, Access password (appropriately encrypted), address, physical or piva code, address, tel and fax, plus other preferences on the methods of shipping and payment used by us; finally express your wish or not to receive and then also subscribe to our newsletter and explicit consent to the processing of these data on our part.

The data you provide us, are stored on our database that is maintained by our Provider Aruba S.p.A., a third-party company specialized in providing web services and hosting, appropriately adapted to the GDPR regulations, for more information you can read here.

The subscription to the Newsletter also involves the inclusion of your name, surname and Email in our MailChimp autoresponder, well-known newsletter and email management service used all over the world, also appropriately adapted to the GDPR, to deepen the laws here.

N.B. The data you leave during the registration phase are stored in our database, data storage service provided to us by Aruba S.p.A. adequately protected and with active a backup service for possible recovery; and will be retained until you explicitly request cancellation or future termination of our online sales web service.

If I subscribe to the Newsletter only, what happens to my data?

Whether you subscribe directly to the newsletter or your consent during registration (see above), you will need to enter your name, surname and email in our database and also in our MailChimp autoresponder, a well-known newsletter and email management service used all the way, also appropriately adapted to the GDPR, to deepen laws here.

At any time you can disambiguti from our Newsletter, even simply by clicking on the appropriate link, which you find in the notification emails you receive when you are registered with this service.

N.B. The data you have left is making an exportable request at any time and with active backup service for possible recovery; and will be retained until you explicitly request cancellation or future termination of our online sales web service.

If I review a product or make a comment, what data is recorded?

On en.gruppocaro.com you can review the products or leave a comment on the blog articles (when implemented), in which case you must leave your name and e-mail, and the site is able to detect and store also your IP address.
This data, as previously, is stored on our database, service messoci available from the provider Aruba S.p.A..

This data and your e-mail will not be made public or given to third parties, and will remain in our archives until the site is active.
The need to also collect the IP address is dictated by the fact that Gruppo Caro could be called into question by the police post or bodies responsible for the control of "illicit" or "denigrating" activities on the web, or we in our turn can signal to the authorities responsible for any comments with serious insults, incitement to hatred, terrorism and the like.

N.B. The data you have left is making an exportable request at any time and with active backup service for possible recovery; and will be retained until you explicitly request cancellation or future termination of our online sales web service.

Contacts page: what do you do with my e-mail when I write to you?

If the navigator of his own volition writes a message via e-mail through the appropriate contact page, in order to correctly handle the request, he must leave the following data: Name, Email and Subject of the message.
This data is managed and stored by our mail server, service provided to us by Aruba S.p.A.

N.B. The duration with which we keep your emails (email messages) varies depending on the importance and type of the request, but on average they are kept for no more than two years, in any case these data are not made public nor turned to third.

When I simply browse the site that data is collected?

While browsing on en.gruppocaro.com are active third-party services that through appropriate code scripts installed on the site track and collect data on the pages visited and also on some actions performed, let's see them individually:

1. 1. Google Analytics (anonymous)

   This is the famous Google service for collecting information on visits to a website, thanks to it we have detailed reports on: search keywords, daily visitors, page views, pages of abandonment, demographic data (geographical origin of the visit ), type of browser and device used and similar information.

   These data are completely impersonal, we serve only for statistical purposes, analyzing them we try to understand the progress of our website and to improve some aspects, eg. through the most visited pages we understand what are the strengths of our website.

   The data collected is anonymous, as we have disabled the detection of the IP address of the browser (anonymous form) in Analytics and therefore the cookies released by our Analytics code are to be considered "Technical" and not "Profiling".

   These data are stored on Google's servers, and are managed and governed by Google's own policy regarding use and duration, for more information read our Cookye Policy referring to the paragraph of Google Analytics, to find out how Google deals with data that collect read here.

3. 2. Facebook Pixel

   The Facebook Pixel is installed on the website en.gruppocaro.com, a script able to track and give information on users' browsing habits, in particular on the pages viewed and on actions performed such as: adding to the cart, beginning of the checkout, completion of an order and total amount.

   This information exploiting the services provided by the Facebook platform are then used by us to create similar audiences and targeted promotional campaigns (known as retargeting) on ​​the famous social network.

   The data collected is stored and managed directly by Facebook, to learn more about how it processes the data and has adapted to the European legislation on GDPR read here.

N.B. The data collected during navigation on en.gruppocaro.com are kept by third-party companies to which Gruppo Caro it leans to exploit its services, and is therefore protected, managed and maintained by them.

Place and purpose of data processing

The treatments connected to the web services offered by this site are carried out at the headquarters of the data controller and are only handled by employees of the Caro s.r.l. Group, in charge of processing, or by persons in charge of occasional maintenance operations. No data deriving from the web services is communicated or disseminated. Personal data provided by users who submit service requests, are used only to perform the service or provision requested and are not disclosed to third parties, unless the communication is required by law or is strictly necessary for the fulfillment of requests.
Specific purposes, related to individual treatments, will be identified in detail in the offer of any new and different services provided by the site.

Type of data processed and Navigation Data

The computer systems and software procedures used to operate this website automatically acquire some data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their nature can make it possible to identify users in case of violations of law and to report them to the Judicial Authority, through processing and association with data held by third party (user service provider). The data in question - therefore - could be used to ascertain responsibility in case of any computer crimes against our site. These data are normally used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are not associated with specific or determined specific users. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's computer environment.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site, or the compilation of information forms involves - by its very nature - the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data entered voluntarily.

Cookie

No personal data of users is purposely acquired by the site. The en.gruppocaro.com website does not use web technologies for the sole purpose of collecting and / or transmitting personal user data. The en.gruppocaro.com website uses navigation tracking technologies exclusively for the purpose of obtaining statistical information on the use of the site itself (eg total number of visitors, number of visitors per single web page, name of the source domain of the visitor's internet services).
In particular, the use of session cookies (those that are removed from the user's computer when the browser is closed) is strictly limited to the transmission of information related to the user's session, of fundamental importance for safe and efficient navigation of the user. site. Furthermore, the use of such session cookies strictly excludes the use of other technologies that could compromise the privacy of user's browsing and does not allow the acquisition of personal identification data. the en.gruppocaro.com website does not use persistent cookies.

N.B. For more info on how this site treats cookies, please read our extended information: Cookie Policy

Method of treatment

Personal data are processed with automated tools, for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

Changes imposed by legislation

This information can be updated and / or modified also in order to incorporate and / or comply with national, EU, international regulations or to adapt to technological innovations. The updates and / or changes that will be made will be reported on this web page.