Privacy Policy

Data controller

Personal data are processed with automated tools for the time necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access. The data controller for Giò e Giuà is: Salumificio Gerini S.p.A., VAT number 01230300483, Viale Hanoi, 50 - 50065 Pontassieve (FI), telephone +39 055 8368559 / +39 055 8315207, fax + 39 055 8368397, email

How we protect your data

Giò e Giuà adopts security measures appropriate to the type and sensitivity of the data being stored (from encryption to integrated security programs). As with any Internet-enabled system, there is always the risk of unauthorized access: it is therefore very important to protect your passwords. Giò e Giuà takes appropriate security measures to ensure protection against unauthorized access, modification, disclosure or destruction of the personal data it collects and stores.

Legal basis of the processing

Giò e Giuà processes the User's personal data in in the case of:

However, the user always has the right to question the owner of the site on the concrete legal basis of each treatment and in particular to specify whether the treatment is based on the law, provided for by a contract or necessary to conclude a contract.

Retention period

The data collected by Giò and Giuà are processed and stored for the time required by the purposes for which they were collected, such as the execution of a contract between the owner of the site and the user which will be kept until the completion of the contract. , for purposes related to legitimate interest will be kept until the interest is satisfied. For processing based on the User's consent, the data can be kept longer, until the consent is revoked. The site owner may be obliged to keep Personal Data for a longer period in compliance with a legal obligation or by order of an authority. The User can always request further information on the legitimate interest pursued by the owner of the site directly from the owner himself.
At the end of the retention period, the Personal Data will be deleted.

User rights

The User has the right to:

To exercise their rights, Users can address a request directly to the owner of the site indicated in this document. Requests are processed by the site owner as soon as possible, in any case within one month.

Data provided by the user: navigation data

It is possible to access this site without the user being asked for any personal data. The computer systems detect some data during the course of their normal operation, data that are used during the use of Internet communication protocols and that are not associated with directly identifiable users. The collected data includes, for example, the IP addresses of the users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request and the numerical code indicating the status of the response given by the server ( successful, error, etc.) together with other parameters relating to the operating system and the user's IT environment.
This information does not provide the user's personal data and is not collected to be associated with identified data subjects: it is technical / IT information collected and used in an aggregate and anonymous manner for the purpose of verifying correct functioning and monitoring and security. of the site or improve the quality of the service and provide statistics concerning the use of the site or proceed to ascertain responsibility in the event of hypothetical computer crimes against the site.

Data provided voluntarily by the user

The optional, explicit and voluntary sending of messages to contact addresses or the compilation and sending of messages from the contact forms on the site involves the acquisition of contact data and related personal data included in the communications. These data are necessary to respond to requests sent and / or provide the requested service. Failure to provide consent or its revocation does not entail any consequences, except for the impossibility of using the site and / or the provision of the requested service or obtaining more detailed information on the Company's activities.
In any case, the processing of personal data may be carried out, if necessary, for the pursuit of a legitimate interest of the owner or on the basis of a legal obligation. In particular, obtaining consent to the processing referred to in the previous point relating to navigation and log data is not necessary as the data is treated as responding to a legitimate interest.

Communication and / or dissemination of data

User data will not be disclosed, but may be disclosed to companies contractually linked to the company, in accordance with and within the limits of the GDPR. Personal data are stored on servers located within the European Union and in any case it is understood that the owner, if necessary, will have the right to move the servers even outside the EU GDPR. In this case, the owner ensures from now on that the transfer of data outside the EU will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission and the user will be informed.
The data may be disclosed to third parties belonging to the following categories:

The subjects belonging to the aforementioned categories perform the function of data processing manager, or operate in total autonomy as separate data controllers. The list of managers is constantly updated and available at the company headquarters. Any further communication or dissemination will take place only with your explicit consent.