Privacy Policy

Regulation (EU) 2016/679 on the protection of individuals with regard to the processing of personal data (General Data Protection Regulation – GDPR) entered into force on 25 May 2018.

The GDPR declares that “the protection of individuals with regard to the processing of personal data is a fundamental right” and that it “protects the fundamental rights and freedoms of natural persons, in particular the right to the protection of personal data”.

The main novelty introduced by the GDPR is the principle of “accountability” (so-called accountability) which, with an approach based mainly on the assessment of risks on the rights and freedoms of the interested parties, gives the Data Controllers the task of ensuring and being able to demonstrate compliance with the principles applicable to the processing of personal data and to adopt the measures they deem most suitable and appropriate for this.

This has also forced this company to adopt a new approach in the processing of personal data, both for users who access company structures and for operators who work there.
In particular, new requirements and an intense activity of adaptation to community legislation are envisaged for the Company.

To supervise compliance with all regulations, is the Data Protection Officer (also called Data Protection Officer, DPO), a person who reports directly to the Data Controller, in a position of independence and autonomy, involved in all matters concerning protection of personal data, to guarantee the quality of the result of the adjustment process underway, a highly specialized figure and contact point for the Guarantor Authority.

In this section, the provisions and acts adopted on the matter will be published in order to implement the legal provisions in practice.

Organization chart

Policy sito internet

Personal data protection – EU Regulation 2016/679 (GDPR)

General Information on the Treatment of Personal Data

In accordance with art. 13 of the EU Regulation n. 2016/679 on the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data, we inform visitors of our website wwww.golealcantara.it that, personal data may be processed following your consultation or the use of services offered on-line or at the Company’s premises.

This information, of a general nature, must be understood as expressly supplemented by the information provided with reference to specific Services (for example, the newsletter) provided through the Portal.

Who processes my data?
The processing of data provided directly and voluntarily, through the website www.golealcantara.it in order to use the Services offered, is carried out by the member. Agricultural heirs of C. srl, as Owner, for the payment of the purchased tickets or in any case to recognize discounts to the customer, including the purpose of archiving, historical research and analysis for statistical purposes.
In addition, personal data will be processed whenever necessary in order to ascertain, exercise or defend a right of the Data Controller.
The processing of personal data will therefore be carried out with the use of automated procedures in the ways and to the extent necessary to pursue the aforementioned purposes ensuring the security and confidentiality of the data.
The processing will be carried out by the natural persons responsible for the relevant procedure and duly authorised. The latter will be given special instructions on the modalities and purpose of the processing.

What is personal data and what are my data processed?
“Personal data” means any information likely to identify, directly or indirectly, a natural person, in this case, the User using the Service.
The Data Controller manages numerous services, with various modalities and for each of them vary the type of data requested and the purposes of collection. The description of the categories of personal data processed will be contained in the informative pages related to
each Service offered.
In any case, through the website www.golealcantara.it, the Data Controller does not acquire and process data of a sensitive nature or belonging to the particular categories of art. 9 of the GDPR or data relating to criminal convictions or offences.

Do I have an obligation to provide the data?
The provision of data in the fields marked with an asterisk (*) or other distinctive element of the various services is mandatory and their failure to enter does not allow to proceed with the purchase of the service of interest. On the other hand, the release of data in the fields not marked with an asterisk, although it may be useful to facilitate the management of the procedure and the provision of the service, is optional and their failure to indicate does not affect the completion of the procedure.

How long is my data processed?
The data will be processed for as long as necessary for the payment of the purchase ticket and, after the conclusion of the service provided, the data will be kept in accordance with the rules on the retention of administrative documentation.

To whom are my data sent?
The communication of personal data to third parties for commercial or profiling purposes is not envisaged.

What are my rights?
According to art. 15 and following of the EU Regulation, data subjects (natural persons to whom the data relate) may exercise their rights at any time and in particular:

  • To request more information in relation to the contents of this policy;
  • Access to personal data;
  • To obtain rectification or cancellation or limitation of treatment concerning him (in the cases provided for in the legislation);
  • To object to processing (in the cases provided for by the legislation);
  • To obtain data portability (where required by law);
  • To revoke consent, where appropriate; withdrawal of consent shall not affect the
    lawfulness of processing based on consent granted before revocation;
  • To lodge a complaint with the supervisory authority (Guarantor of Privacy);
  • dTo give a mandate to a body, organisation or association without profit for the exercise of its rights;
  • To claim compensation for damages resulting from the breach of the rules.

Who can I turn to?
Data subjects who believe that the processing of personal data related to them, carried out through this site, is in violation of the provisions of the Regulation, have the right to complain to the Guarantor, as provided by art. Article 77 of the Regulation itself, or to bring an action before the appropriate courts (Art. 79 of the Regulation).

IThe Data Controller makes it known that he has appointed the Data Protection Officer (DPO or DPO) in accordance with art. 37, par. 1, lett. a) of the GDPR, identifying the Company’s Administrator and that the Company can be reached at the following addresses:
E-mail: prenotazioni@golealcantara.com

The Responsible Person shall be bound by the obligation of secrecy or confidentiality with regard to the performance of his or her duties, in accordance with Union or Member State law; the reports received by the Responsible Person shall therefore be considered confidential.

Policy Newsletter

Personal data protection – EU Regulation 2016/679 (GDPR)

General Information on the Treatment of Personal Data

In accordance with art. 13 of the EU Regulation n. 2016/679 on the protection of natural persons with regard to the processing of personal data, as well as the free circulation of such data, we inform visitors of our website wwww.golealcantara.it that, personal data may be processed following your consultation or the use of services offered on-line or at the Company’s premises. This information, of a general nature, must be understood as expressly supplemented by the information provided with reference to specific Services (for example, the newsletter) provided through the Portal.

Who processes my data?
The processing of data provided directly and voluntarily, through the website www.golealcantara.it in order to use the Services offered, is carried out by the member. Agricultural heirs of C. srl, as Owner, for the payment of the purchased tickets or in any case to recognize discounts to the customer, including the purpose of archiving, historical research and analysis for statistical purposes. In addition, personal data will be processed whenever necessary in order to ascertain, exercise or defend a right of the Data Controller. The processing of personal data will therefore be carried out with the use of automated procedures in the ways and to the extent necessary to pursue the aforementioned purposes ensuring the security and confidentiality of the data. The processing will be carried out by the natural persons responsible for the relevant procedure and duly authorised. The latter will be given special instructions on the modalities and purpose of the processing.

What is personal data and what are my data processed?
“Personal data” means any information likely to identify, directly or indirectly, a natural person, in this case, the User using the Service.

In particular, the collection and processing of personal data necessary for the provision of the requested Services are provided, such as (by way of example and not limited to):

  • personal and identification data (name and surname);
  • contact details, such as email address;

In any case, through the website www.golealcantara.it, the Data Controller does not acquire and process data of a sensitive nature or belonging to the particular categories of art. 9 of the GDPR or data relating to criminal convictions or offences.

Do I have an obligation to provide the data?
The provision of data in the fields marked with an asterisk (*) or other distinctive element of the various services is mandatory and their failure to enter does not allow to proceed with the purchase of the service of interest. On the other hand, the release of data in the fields not marked with an asterisk, although it may be useful to facilitate the management of the procedure and the provision of the service, is optional and their failure to indicate does not affect the completion of the procedure.

How long is my data processed?
The data will be processed for as long as necessary for the payment of the purchase ticket and, after the conclusion of the service provided, the data will be kept in accordance with the rules on the retention of administrative documentation.

To whom are my data sent?
The collected data are not subject to communication to third parties, except for the possibility that the data may be known by subjects involved in the management procedure of the activities promoted or organized by the Data Controller, suitably identified and possibly designated as Data Processors.
In any case, the possibility of communicating personal data, without prior consent, in favor of police forces, armed forces and other public administrations, for the fulfillment of obligations foreseen by law, by regulations or by community legislation is made.
The data relating to the Service are not intended for third parties and are not disclosed, unless otherwise provided by law or regulation.
The communication of personal data to third parties for commercial or profiling purposes is not envisaged.

What are my rights?
Based on art. 15 and following of the EU Regulation, the interested parties (natural persons to whom the data refer), can exercise their rights at any time and in particular the right to access their personal data, to obtain portability, to request their correction or limitation, updating if incomplete or incorrect and cancellation if collected in violation of the law, as well as to oppose their treatment without prejudice to the existence of legitimate reasons by the Owner.
For this purpose, it is possible to contact the Data Controller or the Data Protection Officer.

Who can I turn to?
Data subjects who believe that the processing of personal data related to them, carried out through this site, is in violation of the provisions of the Regulation, have the right to complain to the Guarantor, as provided by art. Article 77 of the Regulation itself, or to bring an action before the appropriate courts (Art. 79 of the Regulation).

The data controller is Soc. Agricola Eredi di Vaccaro C. srl, with registered office in via Regina Margherita 82 (Email: prenotazioni@golealcantara.com – PEC: saevsrl@pec.it – phone 0942 985010).
The Data Controller announces that he has appointed the Personal Data Protection Officer (DPO or DPO) in accordance with the provision contained in art. 37, par. 1, letter a) of the GDPR, identifying the Company Administrator as a suitable person and that the same can be reached at the following addresses:

E-mail: prenotazioni@golealcantara.com

The Responsible Person shall be bound by the obligation of secrecy or confidentiality with regard to the performance of his or her duties, in accordance with Union or Member State law; the reports received by the Responsible Person shall therefore be considered confidential.

Cancellation of the Service

It is always exercisable the right of opposition to the treatment (that is the right to obtain the cancellation of the registration, ex art. 21 of the Regulation);

To no longer receive the newsletter or communications from the partner. Agricola eredi di vaccaro C. srl, on the button at the bottom “If you no longer want to receive this newsletter” or reply to this email by specifying CANCELLATION REQUEST FROM THE MAILING LIST.

In case of technical problems, please send an e-mail to: prenotazioni@golealcantara.com.