Privacy Notice

Privacy Notice

(pursuant to art. 13 Regulation (EU) 2016/679 – “GDPR” (General Data Protection Regulation))

Here below is a description of the method used to manage personal data concerning Users who interact with services accessible via telematics (hereinafter “Services”) starting from the http://ristorantealmercante.it/it/ address correspondent to the first page of Ristorante Al Mercante’s official website (hereinafter “Site”).

This information is given for the Site only and does not include any websites possibly visited by the User via link.

  1. Processing Controller

The processing controller is Ristorante Al Mercante and specifically its legal representative Simona Romanini, with registered premises in Milan, Via Cesare Cantù 7, email [email protected], tel. 02 8052198.

  1. Nature of processed data and processing purpose

Navigation data in relation to the IP address, to identification codes of devices used by the User to benefit by the Site, details of the browser and hours to visit it, processed for the scope of obtaining statistical information in an aggregated form on how to use the Site and to control correct functioning of services.

Data communicated by the User via optional, explicit and voluntary messages to the Controller contact addresses published in the Site pages, as well as filling in and sending forms published in the sites, entailing acquisition of the sender’s contact data, necessary to reply, as well as all the personal data included in the communications..

There are special categories of personal data which are not collected and processed, pursuant to art. 9, paragraph 1 GDPR.

Cookies and other tracking systems

To function to the best and guarantee its Services this Site uses cookies uploaded by Controller or third parties. See the specific privacy notice available here for more information.

Cookie Policy

This website uses cookies to guarantee correct functioning of pages and to improve usability. This document provides information on how to use and manage the cookies.

What are Cookies?

Cookies are small text strings sent by a server to a Web client (usually a browser) then retransmitted by the client to the server (without making any changes) each time the client visits the same portion of the same web dominion.

They are used to automatically authenticate and track sessions and storage of specific information about Users who visit the server, such as for example preferential websites or, in the case of shopping online, the contents of their “shopping trolley”.

Cookies normally contain the name of the server who generated them, the expiry date and an ID generated at random. The Cookies’ expiry date depends on their typology. Session cookies are stored until navigation is terminated by closing the browser; persistent cookies are kept until their expiry date or should they be cancelled by the User.

Cookies used by the Site

Users’ consent is not compulsory when using technical cookies, whilst it is for profiling cookies. In the event of “third party” cookies, together with the extended privacy notice there must also be the links to the privacy notices belonging to the latter third parties.

The Site only uses technical Cookies, see the table here below:

cookie name function validity origin
cluster-clusterBAK System load balancer between hosting clusters session OVH
clusterD System load balancer between hosting clusters session OVH
1P_JAR Stores user preferences and information each time they visit web pages containing geographical maps belonging to Google Maps 1 month Google

Go to the pages here below for more information:

https://www.ovh.it/supporto/documenti_legali/cookies_ovh.xml

https://policies.google.com/technologies/cookies

How to disconnect the Cookies

If not explicitly refused, cookies, needed for the Site to work well, are set.  In order to use this website with all the resources set to improve navigation, we recommend accepting all the cookies.

Most of the web browsers do however consent to accept or refuse cookies. Here below you will find links to instructions on how to change the cookie set ups in the more common browsers:

https://support.google.com/chrome/answer/95647?hl=itper Chrome

https://support.mozilla.org/it/kb/Gestione%20dei%20cookieper Mozilla

https://support.microsoft.com/it-it/hub/4338813/windows-help?os=windows-7per Explorer

https://support.apple.com/it-it/HT201265per Safari

For further information and more information about cookies:

www.allaboutcookies.org

  1. Legal system for processing and nature of data transmitted.

Data are processed pursuant to art. 6 c.1 b) in GDPR as their “processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

Any refusal to transmit said data will make it impossible for the Controller to reply to Users’ requests.

Data will be stored for the period strictly necessary to achieve the above mentioned purposes and anyhow not exceeding 1 month.

  1. Processing method, data communication and storage time

Processings connected with the Site web services take place in the registered premises in Milan, Via Cesare Cantù 7, and are handled by personal specifically assigned to said processing. Pursuant to the purposes, set down in point 2 a, personal data may also be communicated to external collaborators, self-employed professionals to whom the business confers assignments or contacts them for consultation and, in general, to all those parties to whom communication is necessary to correctly implement the aforementioned purposes.

Data will be processed with the following method:

– data collected in specific database;

– records and processing on hard copy and/or magnetic medium;

– archives organized in a prevalently automatic form, taking appropriate technical and organizational measures to ensure personal data security, as per GDPR art. 25 and anyhow not inferior to the Technical Regulations regarding minimum security measures, Annex B Privacy Code;

No personal data derived from the web service is diffused or transferred to countries not belonging to the E.U.

No processing through automated decision-making processes are foreseen (including profiling as per art. 22, paragraphs 1 and 4 in GDPR).

  1. Data subject rights

Users may exercise their rights as set out in arts. 15, 16, 17, 18, 19, 20, 21, 22 under Regulation E.U. 2016/679, contacting the Controller and sending an email to the [email protected]. address

In particular, Users have the right to obtain from the controller confirmation of access to their personal data at any time, to rectify, erase the latter and limit processing. They furthermore have the right to oppose, at any time, to the processing of their Data (comprising any automated processing, e.g. profiling), as well as the Data portability. Save for any other administrative and judicial recourse, should the Users consider that the processing of their Data violates provisions laid down by GDPR, pursuant to art. 15. letter f) of the aforesaid GDPR, they will have the right to lodge a complaint with the Controller to protect their personal data and, in reference to art. 6 paragraph 1, letter a) and art. 9, paragraph 2, letter a), the right to revoke at any time their consent, there where given. Should the portability of data be required, the processing Controller will provide Users, in a structured, commonly used and machine-readable format through an automated device, with the Data concerning the latter, save for paragraphs 3 and 4 under art. 20 GDPR.