Privacy Policy

The purpose of this document is to inform natural persons to whom the Personal Data being processed refer (hereinafter the “Data Subjects”) about the Personal Data collected by the Data Controller, as identified below.

The Data Controller may modify or simply update, in whole or in part, this Information Notice by informing the Data Subjects accordingly.

Data Controller of Personal Data Processing

The Data Controller is Cantine Due Palme Soc. Coop. Agricola, with registered office in Via San Marco, 130, Cellino San Marco (BR), Tax Code/VAT number 01430150746, CAP 72020, email address This email address is being protected from spambots. You need JavaScript enabled to view it., phone +39 379 17 16 999.

It is also informed that your personal data will be known by the collaborators of Cantine Due Palme Soc. Coop. Agricola who, by virtue of specific appointment or authorization, will process your data for the purposes for which they were collected in compliance with the provisions of GDPR 2016/679.

To get an updated list of the Data Processors and Data Officers, you can send an email to This email address is being protected from spambots. You need JavaScript enabled to view it..

Personal Data collected

The Data Controller collects the following types of Personal Data:
User identification data requested at the time of site registration: such as name, surname, date of birth, city of origin, email, phone number, etc.

Browsing data: The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user's operating system and computer environment. These data are used only to obtain anonymous statistical information on site usage and to check its correct functioning. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site. For these data, and only for the purpose mentioned above, it is not necessary to request consent.

Data voluntarily provided by the user: The optional, explicit, and voluntary sending of emails to the addresses indicated on this site or the completion of forms in specific sections with mandatory and optional fields entails the subsequent acquisition of the information and the sender's address, necessary to respond to requests for services and/or information. For these data, and only for the purpose mentioned above, it is not necessary to request consent.

Data related to customer activities: such as purchase tracking, customer habit monitoring, etc.

Failure to provide Personal Data by the Data Subject, where there is a legal or contractual obligation or if it constitutes a necessary requirement for the use of the service or for the conclusion of the contract, will result in the impossibility for the Data Controller to provide in whole or in part its services. The Data Subject who communicates Personal Data of third parties to the Data Controller is directly and exclusively responsible for their origin, collection, processing, communication, or dissemination.

Purpose of Processing

The Personal Data collected may be used for the execution of contractual and pre-contractual obligations, legal obligations, and the following purposes:

  • responding to requests or reports from the data subject, offering commercial assistance and customer care;
  • carrying out administrative and accounting management by communicating the Data to the Tax Consultant;
  • complying with obligations incumbent on the Data Controller and provided for by the applicable legislation;
  • system, goods, and people security;
  • managing suppliers and partners (supplier administration, orders, payments, etc.);
  • managing user databases;
  • managing payments via credit card, bank transfer, or other instruments;
  • sending advertising or commercial communications by any suitable means;
  • commercial affiliation;
  • comments and feedback.

Legal basis for processing

The legal basis for processing for all the above purposes is the consent of the Data Subject.

Processing Methods
The Processing of Personal Data is carried out using paper, IT, and/or telematic tools, in compliance with the GDPR 2016/679, with organizational and logical methods strictly related to the indicated purposes.

In some cases, Personal Data may also be accessed by subjects involved in the organization of the Data Controller (such as personnel management staff, commercial area staff, system administrators, etc.) or external subjects (such as IT companies, service providers, postal couriers, hosting providers, etc.). These subjects may be appointed as Data Processors by the Data Controller, access the Personal Data of the Data Subjects whenever necessary, and are contractually obliged to keep Personal Data confidential.

The updated list of Data Processors can be requested by email to This email address is being protected from spambots. You need JavaScript enabled to view it..

Place of processing

Personal Data is processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located. For further information, the Data Subject can contact the Data Controller at the following email address This email address is being protected from spambots. You need JavaScript enabled to view it. and the postal address Via San Marco, 130, Cellino San Marco (BR).

Automated decision-making processes

All Data collected will not be subject to any automated decision-making process, including profiling, that may produce legal effects for the person or significantly affect them.

Transfer of personal data

Your data will not be transferred to countries outside the European Union.

Security measures

The Processing is carried out using appropriate methods and tools to ensure the security and confidentiality of Personal Data, as the Data Controller has adopted suitable technical and organizational measures that ensure, and allow to demonstrate, that the Processing is carried out in accordance with the applicable regulations.

Period of retention of Personal Data

The Data Controller will process Personal Data for the time necessary to fulfill the purposes related to the execution of the contract between the Data Controller and the Data Subject and in any case no later than 10 years after the termination of the relationship with the Data Subject and in any case until the expiration of the limitation period provided by the applicable regulations.

When the Processing of Personal Data is necessary for the pursuit of a legitimate interest of the Data Controller, Personal Data will be retained until the satisfaction of such interest. When the Processing of Personal Data is based on the consent of the Data Subject, the Data Controller can retain the Personal Data until the consent is revoked by the Data Subject.

Personal Data may be retained for a longer period if necessary to fulfill a legal obligation or an order from an authority.

All Personal Data will be deleted upon the expiration of the retention period.

At the end of this period, the rights of access, deletion, rectification, and the right to data portability can no longer be exercised.

Rights of the Data Subject

Data Subjects can exercise certain rights concerning their Personal Data processed by the Data Controller.

In particular, the Data Subject has the right to:

  • withdraw consent at any time;
  • object to the Processing of their Personal Data;
  • access their Personal Data;
  • verify and request rectification;
  • obtain the restriction of Processing;
  • obtain the deletion of their Personal Data;
  • receive their Personal Data or have them transferred to another controller;
  • lodge a complaint with the data protection supervisory authority and/or take legal action.

To exercise their rights, Data Subjects can address a request to the contact details of the Data Controller indicated in this document (email address This email address is being protected from spambots. You need JavaScript enabled to view it.).

Requests are made free of charge and processed by the Data Controller as quickly as possible, in any case within 30 days.

Last update: 01/01/2023

Villa Neviera
Made with love by Promowe