Das italienische Weindepot
 
 0 Warenkorb
DATA PRIVACY

The operator of this website - hereinafter referred to as the operator - attaches the utmost importance to protecting the privacy of its website visitors - hereinafter referred to as users. The processing of all data made available to the operator is carried out exclusively in strict compliance with the General Data Protection Regulation (EU DSGVO) and all other data protection laws or provisions of a data protection nature applicable in the member states of the EU. This applies in particular to the processing of personal data.

Person responsible for data processing

Responsible for the processing in the sense of the data protection regulations is:

The Italian Wine Depot
Tobias Strunz
Weidenstr. 2a
82386 Huglfing in the Pfaffenwinkel
Telephone: +49 (0)8802 - 906005
Fax: +49 (0)8802 - 90208
E-Mail: kontakt@gerardo.de

Definitions

This data protection declaration uses legal terms that are defined in Art. 4 DSGVO. Accordingly, personal data is any information relating to at least one identifiable natural person (Art. 4 No. 1 DSGVO). The term processing includes every practically conceivable type of use in connection with personal data (Art. 4 No. 2 DSGVO), i.e. from collection to destruction.

Data processing during website access

This website is hosted by a German web hoster, 1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur. The web hoster must also comply with the EU Data Protection Regulation (DSGVO) and all other data protection laws or regulations of a data protection nature applicable in the member states of the EU. The operator of this website has also concluded a contract with the web host for data processing on behalf (cf. Art. 28 DSGVO). This is a contract in which the web host undertakes to protect the transmitted data, to process it in accordance with the data protection provisions on behalf of the operator and, in particular, not to pass it on to third parties. Users can obtain further information on data processing by the web hoster at https://www.ionos.de/terms-gtc/terms-privacy.

Every time a web page is accessed, data is collected and stored in the log files of the server and the web application. The following usage data is collected: Internet protocol address (IP address) of the user, date and time of the call, the call (request), the response status (HTTP status code), URL of the website through which the call came to the current website or file (referer), browser type and version, and the operating system of the user.

The log files are stored to ensure the functionality of the website and the web application. In addition, the data is used for statistical evaluations to optimize the website in the interest of the user and to ensure the security and stability of the information technology systems. The data processing is based on legitimate interests within the meaning of Art. 6 para. 1 p. 1 f.) DSGVO. The operator guarantees that the data will not be merged with other data sources. The log files are stored separately from the user's personal data collected via form entries. The deletion of log files is carried out in accordance with general principles (see 'General information on the deletion of data').

Data processing through cookies and other technologies

This website uses so-called 'cookies'. Cookies are small text files that are stored on the web server of the operator or the user's platform (PC, tablet, smartphone, etc.) and contain data that allows the website to recognize and identify the user's Internet browser.

This website only uses cookies that are necessary for the operation of the website. These cookies are stored on the user's platform for the duration of the visit to the website and are regularly deleted automatically as soon as the user closes the browser (so-called session cookies). In such a cookie, the only information stored is a characteristic string of characters that allows the browser to be uniquely identified when the website is called up again (so-called session ID).

The use of cookies enables or facilitates the use of this website for the user. Data processing is carried out on the basis of legitimate interests within the meaning of Art. 6 para. 1 p. 1 f.), otherwise - in the case of prior consent - additionally from Art. 6 para. 1 p. 1 a.), 7 DSGVO. The user can prevent or restrict the storage of cookies at any time via the corresponding settings of his internet browser. Cookies that have already been stored can be deleted at any time via the Internet browser. The operator points out that this option may limit a usability of the website. The deletion of data is carried out according to general principles (see 'General information on the deletion of data').

Data processing in connection with the creation of customer accounts

During the form query in connection with the creation of customer accounts, the following data is compulsorily requested: name, address, e-mail address, date of birth. In addition, the date and time of the order as well as the general data registered through website access (see 'Data processing during website access') are collected. The data is stored exclusively for the purpose of processing the registration and fulfilling the (pre-)contractual obligations.

The data processing of the mandatory requested data is based on Art. 6 para. 1 p. 1 b.) and Art. 6 para. 1 p. 1 f.) DSGVO, otherwise additionally on Art. 6 para. 1 p. 1 a.), 7 DSGVO. The transfer of data to third parties is based on Art. 6 para. 1 p. 1 b.) and Art. 6 para. 1 p. 1 f.) DSGVO. The deletion of data is carried out according to general principles (see 'General information on the deletion of data').

Data processing in connection with orders

If the user is not already registered and logged in, the following data will be requested in addition to the order data when filling out the form in connection with an order: name, address, e-mail address, date of birth. In addition, the date and time of the order and the general data registered by website access (see 'Data processing for website access') will be collected. The data is stored exclusively for the purpose of processing the order and fulfilling the (pre-)contractual obligations.

Data will only be passed on to third parties if and insofar as this is necessary for the fulfillment of the operator's (pre-)contractual obligations or on the basis of the operator's legitimate interests in the economic and effective processing of the order and payment process.

If the user selects a payment via a payment service of the operator Paypal, the order data will be forwarded to the payment service provider PayPal (Europe) S.à r.l. et Cie, S.C.A., 22-24 Boulevard Royal, L-2449 (Luxembourg). Additional reference is made to the privacy policy of Paypal: https://www.paypal.com/de/webapps/mpp/ua/privacy-full. If the user chooses the payment option purchase on account, a credit check or age verification is carried out by the service provider ETI Experts GmbH, Amsterdamer Straße 133b, 50735 Cologne. Additional reference is made to the privacy policy of the service provider: https://www.eti-experts.de/datenschutzerklaerung.

The delivery of the goods takes place via the shipping service provider DHL. Reference is made to the data protection declaration of the service provider: https://www.dpdhl.com/de/datenschutz.html. The user's e-mail address will only be passed on to the parcel service provider in connection with tracking and tracing and with the user's express consent or for the purpose of authentication or age verification of the customer.

The data processing of the mandatory requested data is based on Art. 6 para. 1 p. 1 b.) and Art. 6 para. 1 p. 1 f.) DSGVO, otherwise additionally from Art. 6 para. 1 p. 1 a.), 7 DSGVO. The transfer of data to third parties is based on Art. 6 para. 1 p. 1 b.) and Art. 6 para. 1 p. 1 f.) DSGVO. The deletion of data is carried out according to general principles (see 'General information on the deletion of data').

Data processing Newsletter registration

The operator of this website sends newsletters only with the consent of the recipient or based on a legal permission. If the newsletter content is specifically described in the newsletter registration, it is covered by the user's consent. Otherwise, the newsletters contain promotional information about products, offers or services of the operator of this website. The user can revoke his consent to receive the newsletter at any time and free of charge. Each newsletter contains a clearly perceptible link to revoke the newsletter.

The data processing of the mandatory requested e-mail address is based on Art. 6 para. 1 p. 1 a.), 7 DSGVO in conjunction with § 7 para. 2 No. 3 UWG or on the basis of the legal permission pursuant to § 7 para. 3 UWG. The deletion of data is carried out in accordance with general principles (see 'General information on the deletion of data').

Data processing after contacting us by e-mail, fax or telephone

When the user contacts us by e-mail, fax or telephone, the e-mail address, fax number or telephone number is compulsorily collected. In addition to other voluntary information, the data is stored exclusively for the purpose of processing the contact and for the fulfillment of (pre-)contractual obligations.

The data processing of the mandatory requested data is based on Art. 6 para. 1 p. 1 b.) and Art. 6 para. 1 p. 1 f.) DSGVO, otherwise additionally on Art. 6 para. 1 p. 1 a.), 7 DSGVO. The deletion of data is carried out according to general principles (see 'General information on the deletion of data').

General principles for the deletion of data

Personal data will generally be deleted immediately after the purpose for which it was stored has been fulfilled, insofar as the statutory retention periods do not stipulate extended retention (cf. §§ 257 Para. 1 HGB: 6 years, 147 Para. 1 AO: 10 years) or retention is required for evidentiary purposes. Proper deletion is checked on an annual basis. If the data is not deleted because it is required for other and legally permissible purposes, its processing is restricted.

Security measures of the operator

In accordance with Art. 32 DSGVO, the operator shall, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the data processing, as well as the varying likelihood and severity of the risk to the rights and freedoms of the data subjects, continuously implement appropriate organizational, contractual and technical measures to ensure compliance with the provisions of data protection law and to protect the data that is the subject of data processing against accidental or intentional manipulation, loss, destruction or against access by unauthorized persons. The operator has already taken the protection of personal data into account in the technical development and design of the website (Art. 25 DSGVO). The security measures include, in particular, the encrypted transmission of data between the user's browser and the operator's server.

Rights of the user

The user has the right to request information at any time as to whether and which of the user's personal data is being processed (Art. 15 DSGVO). Upon request, the user's personal data must be surrendered in a structured, common and machine-readable format (Art. 20 DSGVO).

Furthermore, the user has the right to have incorrect or incomplete personal data corrected (Art. 16 DSGVO) and - under the conditions of Art. 18 DSGVO - the right to restrict processing.

Unless processing is necessary for the exercise of the right to freedom of expression and information, for compliance with a legal obligation, for reasons of public interest or for the assertion, exercise or defense of legal claims, the user may also request the erasure of his personal data (Art. 17 DSGVO).

Consents to data processing within the meaning of Art. 6 para. 1 p. 1 a.), 7 DSGVO can be revoked by the user at any time with effect for the future. If the data processing is based on Art. 6 para. 1 p. 1 f.) DSGVO, the User may object to the data processing with effect for the future, unless the Operator can demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the User, or the processing serves to assert, exercise or defend legal claims of the Website Operator (Art. 21 DSGVO).

If the user is of the opinion that the processing of his personal data violates data protection regulations, he may lodge a complaint with the competent supervisory authority (Art. 77 DSGVO). The supervisory authority responsible for the operator of this website is the Bavarian State Commissioner for Data Protection, Wagmüllerstr. 18, 80538 Munich.



Last updated: 05.07.2022