Home » Informativa sulla privacy

Privacy Policy

TREATMENT OF YOUR PERSONAL DATA ON mokaflor-italian-coffee.com

Information on the processing of personal data (“Privacy Policy”) of www.mokaflor-italian-coffee.com made in accordance with art. 13 of the U.E. Regulations 2016/679 and of Legislative Decree n. 196/2003 and s.m.

Updated to 25 May 2018.

In compliance with the provisions of art. 13 of the U.E. Regulations 2016/679 and by the Legislative Decree n. 196/2003, Mokaflor which has its registered office in Florence Via delle Torri n.55 Postal Code 50142 Fiscal Code / VAT Number: 06534430480, in its capacity as Data Controller, invites the users (hereinafter referred to as “interested” only) , before starting to browse the site www.mokaflor-italian-coffee.com (hereinafter only “the website”) to read this information on the processing of personal data.

The information, made exclusively for this website, and not for other websites that may be consulted by the user through links or which are accessed through social media available on the website, has the purpose of illustrating to the users of the website the methods with which the personal data collected are processed.

The changes will apply from the date of publication on the website mentioned above. If the interested party does not intend to accept any changes, he/she may interrupt the use of the site.

Therefore, interested parties are invited to periodically consult the dedicated web page.


  1. Purposes of data processing
    The data collected from this website will be processed by the Data Controller, according to principles of necessity, lawfulness, correctness, proportionality and transparency, with the following purposes:

    – allow the use of the site;

    – comply with legal obligations.



  2. Methods of release of the information
    The Data Controller specifies that this information is freely and easily accessible through a request sent to the addresses indicated in the following article titled “Data Controller”.


  3. Treatment of “particular categories of personal data” and “data relating to criminal convictions”.
    Pursuant to art. 9 U.E. Regulation n. 2016/679, by way of example, for particular categories of personal data we mean: the data suitable to reveal the ethnic and racial origin, the data relating to the state of health, to the adhesion to a trade union and / or to a party or, in any case, suitable to reveal the political and religious convictions, or concerning the exercise of functions, activities or union positions, as well as biometric or sexual orientation data.

    Pursuant to art. 10 U.E. Regulation n. 2016/679, by way of example, means personal data relating to criminal convictions, those relating to criminal convictions, crimes and security measures.

    All data related to the categories referred to in Articles 9 and 10 of the Regulations, relating to the interested party are treated exclusively to fulfill the obligations already indicated in point 1), always subject to the possibility for the person concerned to exercise the rights set forth in articles. 15, 16, 17, 18, 20 and 21 of the U.E. Regulation n. 2016/679, indicated in point 11, in the manner specified in the following point 12.



  4. Method of treatment
    Data processing is carried out with the aid of electronic and / or paper instruments, according to a logic strictly related to the purposes indicated above and in any case adopting organizational and IT procedures and measures suitable to protect its security, confidentiality, relevance and non-excess .

    The processing of data will be carried out by personnel directly reporting to the Data Controller and / or by natural or legal persons specifically identified as responsible or in charge of processing, whose references are made available at the express request of the interested party at the addresses indicated at the following point 7.


  5. Legal basis
    The personal data processed by the Data Controller is provided voluntarily by users by browsing the site, or by sending e-mails, filling in the appropriate forms and ticking the required flags.


  6. Mandatory or optional nature of providing data
    We inform you that the issuing of the requested data is mandatory, as the eventual refusal to release this has the consequence of the impossibility to continue visiting the website.

    By browsing this website, the interested party voluntarily consents to the communication and processing of his/her personal and navigation data.

    The sending and transmission of communications, voluntary and optional, through the completion of the appropriate forms included on the website or by e-mail, involves the acquisition of personal data provided by the person concerned with the purpose of allowing communications and evading any requests.



  7. Data Controller
    The data controller is Mokaflor which has its registered office in Florence, Via delle Torri n.55 CAP50142 Fiscal Code / VAT number: 06534430480

    For any communication and / or information concerning the processing of personal data, the Data Controller makes the following email address available: info@mokaflor.it.

    At the registered office of the Data Controller there is an updated list of external managers in charge of the processing to be made available to the interested party upon request to the aforementioned addresses.



  8. Communication and dissemination of the collected data
    The data provided is in no case subject to disclosure or communication to third parties, unless specifically consented by the interested party and in any case only when necessary for the performance of the purposes better indicated in point 1.

    Communication to third parties, other than the Data Controller, by the managers, internal and external to the data research, and by persons in charge of processing, in addition to the subjects, also external and / or foreign, of which the Data Controller makes use of instrumental activities and / or accessories to the management of the research  activity, including the suppliers of software solutions, web applications and storage services also provided through Cloud Computing systems and used for this purpose, is only provided for the performance of the activities related to the pre-contractual relationship and / or established contract and without prejudice to the parties to whom the right to access the data is recognized by legal provisions or by the orders of the authorities and in any case always in compliance with the guarantees provided for by the EU Regulation n. 2016/679 and the guidelines of the Italian Guarantor Authority, as well as the Commission established in compliance with the aforementioned U.E. Regulation.



  9. Retention period
    The personal data of the interested parties are kept only for the time necessary to fulfill the purposes indicated above in point 1, for a minimum period of 12 months and for a maximum period of three years, made in any case except for the precautions provided for sensitive data in respect of which the Data Controller is concerned with periodically verifying their strict relevance, non-excess and indispensability with respect to the treatment still in place or even when terminated. The Data Controller may preserve the reserved data for the management of any dispute that may have arisen between the two parties. 



  10. Rights of the interested parties.
    The interested party can exercise his rights towards the Data Controller at any time, pursuant to articles 15, 16, 17, 18, 20 and 21 of the U.E. Regulation. n. 2016/679, which, to simplify, we will summarize. 

    Art. 15 – Right of access of the interested party: The interested party has the right to access his / her data and to the relative treatments. This right is substantiated by the possibility of obtaining confirmation of whether or not data is being processed, or the possibility of requesting and receiving a copy of the personal data being processed.

    Art. 16 – Right of rectification: The interested party has the right to obtain the correction of inaccurate personal data concerning him / her from the Data Controller without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.

    Art. 17 – Right of cancellation (“right to be forgotten”): The interested party has the right to request from the data controller that the personal data concerning him / her be deleted and no longer processed, and in some cases, to obtain the cancellation without unjustified delay when the purpose of the treatment is exhausted, the consent has been revoked, opposition to the treatment has been made or when the processing of his / her personal data is not otherwise compliant with the regulations. 

    Art. 18 – Right to the limitation of data processing: The subject person has the right to limit the processing of their data in case of inaccuracies, disputes or as an alternative measure to cancellation.

 

  1. How to exercise the rights
    If the interested party wishes to exercise one of the rights listed above he /she  must address their request directly to the Data Controller at the addresses indicated in point 7, except for the right to make a complaint to be sent to the competent Authority of the State or to appeal before Competent Judicial Authority.

    The interested party also has the right to withdraw their consent at any time by sending a specific request to the Data Controller at the addresses indicated in point 7. The withdrawal of consent, in any case, does not affect the lawfulness of the treatment based on consent lent before the revocation.

    The deadline for the reply to the interested party is, for all the rights (including the right of access), 1 month, extendable up to 3 months in cases of particular complexity; the holder must however give feedback to the interested party within 1 month of the request, even in the case of denial.

    It is up to the holder to evaluate the complexity of the reply to the interested party and to determine the amount of the contribution to be requested from the interested party, but only if the requests are manifestly unfounded or excessive.



  2. Minors
    The holder does not carry out any processing of personal data of minors without the consent of their parents.

  3. Processed data
    The Data Controller collects data freely provided by the User through the voluntary compilation of contact forms and / or by sending e-mails or other communication tools.

    By browsing this website some personal data are acquired relating to the use of internet communication protocols (“Navigation Data”).

    By way of example, the following data are included in the Navigation Data:

    –  IP addresses: from the English Internet Protocol address is a numerical label that uniquely identifies a device called a host connected to a computer network that uses the Internet Protocol as a network protocol;

    – domain names of the computers used by users who connect to the site;

    – addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources;

    – the time of the request, the method used in submitting the request to the server;

    – the size of the file obtained in response;

    – the numerical code indicating the status of the response given by the server (success, error, etc.);

    and other parameters related to the operating system and the user’s computer environment.

    These data are acquired with the exclusive purpose of allowing the usability of the website and are collected in aggregate form, but could, through processing and association with data held by third parties, allow users to be identified.

    The navigation data are used for statistical purposes on the use of the website and to check the correct functioning of the website.

    In particular, we specify that cookies are not used for the purpose of profiling, but only technical cookies, with the aim of improving the quality of user navigation within the site in question.

    The sending and transmission of communications, voluntary and optional, through the website or by e-mail, involves the acquisition of personal data provided by the interested party with the purpose of allowing communications and processing any requests and this in compliance with as specified in this information.