Privacy Policy

HomePrivacy Policy

Data Controller

DI GIOIA SALVATORE P. IVA 03946340720
Registered Office: Via Vecchia Barletta, 121 CAP 76123, Andria (BT)
Website: agricoladigioia.it
Email: info@agricoladigioia.it

Privacy Notice for Customers

This notice describes the methods and purposes of processing personal data by DI GIOIA SALVATORE P. IVA 03946340720, as the Data Controller, in full compliance with Regulation (EU) 2016/679 (GDPR) and applicable national legislation.

Scope of Application

This policy applies to all services provided on https://agricoladigioia.it and related applications.

Sources of Personal Data

Voluntary completion of forms on the site by the data subject (contact form, newsletter subscription);
Direct communications sent by the data subject to the Controller’s contact details (e.g., email);
Technical data automatically collected during site navigation (e.g., IP address, technical and functional cookies), in compliance with current cookie legislation (Art. 122 Legislative Decree 196/2003).

Purposes and Legal Bases of Processing

Purpose	Data	Legal Basis
Managing contact requests	Name, email, message	Art. 6(1)(b) GDPR (pre-contractual measures)
Order fulfillment and invoicing	Identification data, contact data, contractual data, payment data	Art. 6(1)(b) GDPR (performance of a contract)
Compliance with legal and fiscal obligations	Contractual data, invoicing data	Art. 6(1)(c) GDPR (legal obligation)
Newsletter subscription	Email	Art. 6(1)(a) GDPR (explicit consent)
Direct marketing (promotions)	Email, preferences	Art. 6(1)(a) GDPR (consent)
Aggregated statistical analysis	Anonymous navigation data	Art. 6(1)(f) GDPR (legitimate interest)
Profile management and minimal profiling	Purchase history, preferences	Art. 6(1)(a) GDPR (consent)

Processing Methods and Security Measures

Processing is carried out using electronic and organizational tools, ensuring:

SSL/TLS encryption on all login and transaction pages.
Database protection via firewalls and access controls.
Regular backups and disaster recovery procedures.
Physical and logical access controls for authorized personnel.
Vulnerability testing and regular system updates.

Categories of Personal Data Processed

Identification data: first name, last name, date of birth.
Contact data: email address, phone number, shipping address.
Payment data: payment method information (partly managed by payment providers).
Navigation data: IP address (anonymized), browser type, operating system, cookies.
Contractual data: order information, purchase history.

No special categories of data under Art. 9 GDPR are processed.

Recipients and International Transfers

Data may be disclosed to:

Authorized internal staff.
External processors appointed, such as:
- Couriers for delivery (e.g., Courier X).
- Payment providers (e.g., Stripe, PayPal).
- Hosting and IT maintenance companies.
- Tax and legal consultants.
- Email marketing providers (e.g., Mailchimp) for newsletter delivery.

Transfers to third countries outside the EU occur only with appropriate safeguards (Standard Contractual Clauses or Binding Corporate Rules).

Retention Period

Form submissions: up to 12 months after last interaction;
Newsletter data: until consent is withdrawn;
Anonymous technical analytics data: according to the specific cookie terms;
Order and invoice data: stored for 10 years for fiscal obligations;

Profiling and Personalized Marketing

The site may use automated processes to suggest products based on purchase history. These activities are based on expressed consent. The data subject may object at any time via the unsubscribe link or by contacting info@agricoladigioia.it.

Cookies and Similar Technologies

For detailed information on technical, analytical, and profiling cookies used, their duration, and opt-out methods, see the Cookie Policy available on the site.

Data Subject Rights

Under the GDPR, the data subject has the right to:

Obtain confirmation of existence of personal data (Art. 15);
Request rectification or completion (Art. 16);
Request deletion (Art. 17);
Request restriction of processing (Art. 18);
Object to processing (Art. 21);
Receive data in portable format (Art. 20);
Withdraw consent at any time (Art. 7);
Lodge a complaint with a supervisory authority (Art. 77).

How to exercise: The data subject may exercise these rights by writing to info@agricoladigioia.it. The Controller will respond within 30 days.

Data Breach

In case of a personal data breach, the Controller will notify the Supervisory Authority within 72 hours and, if required, inform data subjects under Art. 34 GDPR.

Changes to This Notice

This policy may be updated. Please review it periodically. Any changes will be marked with the date of last revision.

Legal References

Below is a summary of the main legislative references, regulations, and guidelines applicable to this policy.

Regulation	Link
The ePrivacy Directive (Directive 2002/58/EC)	https://www.garanteprivacy.it/home/docweb/-/docweb-display/docweb/35284
Regulation (EU) 2016/679 (GDPR)	https://eur-lex.europa.eu/legal-content/IT/TXT/HTML/?uri=CELEX:32016R0679 https://gdpr-info.eu
Directive 2009/136/EC (Cookie Law) implemented in Italy by Art. 122 of Legislative Decree 196/2003	https://eur-lex.europa.eu/eli/dir/2009/136/oj https://www.normattiva.it/uri-res/N2Ls?urn:nir:stato:decreto.legislativo:2003-06-30;196!vig:20250721#ART122
Italian Data Protection Authority Guidelines (10 June 2021)	https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9677876

For More Information

Visit the COOKIE POLICY to understand how we manage cookies.

Feel free to contact us via the details at the bottom of the page or on the Contact page.

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	6 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	6 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	6 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".<
cookielawinfo-checkbox-others	6 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	6 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
pll_language	1 year	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.
viewed_cookie_policy	6 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_LNCD485EPD	2 years	This cookie is installed by Google Analytics.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
FR	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.