Privacy policy | Vino & Mercati - Privacy guarantees for users

Privacy policy

Information pursuant to art. 13 pursuant to EU Regulation 2016/679 of the European Parliament and of the Council, of 27 April 2016, relating to the protection of individuals with regard to the processing of personal data (for brevity GDPR 2016/679).

1. Data controller and data processors - art. 13 co. 1 letter [a] [b] GDPR 2016/679

The address of our website is: The data controller collected and stored by it is Paolo Calvi, domiciled for this purpose in Mondovì (CN), Strada dei Manelli 32, to whom one can contact to exercise the rights recognized by the GDPR through the appropriate IT communication and interaction platform at this specifically dedicated here. The owner also informs that he is not subject to the obligation to appoint a DPO - Data Protection Officer.

2. Types of data processed, purpose and legal basis of the processing - art. 13 co. 1 letter [c] [d] GDPR 2016/679

Navigation data

The site collects some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified data subjects, but which - by their very nature - could, through processing and association with data held by third parties, allow the user to be identified. This category of data includes the IP addresses or domain names of the computers used by the user who connects to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user's computer environment. This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in the event of any computer crimes against the site.

3. Communication and dissemination of data - art. 13 co. 1 letter [e] [f] GDPR 2016/679

The owner can transfer the user's personal data to third parties qualified as data processors or data processing managers in relation to the performance of technical or commercial operations, necessary to perform the services connected to the best management of the site (for example couriers and operators postal services; advertising, commercial and social media agencies; IT service providers; payment service providers; customer service providers). In such cases, the communication of data is essential to satisfy contractual commitments and to improve the performance of the site. The owner undertakes through agreements for the processing of data so that the managers manage the data adequately and securely. The user can request the lists using the appropriate platform made available by the data controller. In addition, the owner may be required to share the user's personal data when required by law or by an order of the public authority or to protect their own right or a right of third parties. The owner does not transfer data outside the European Union.

Third party sites

This information does not apply to other sites or platforms to which the site may connect (eg banners, advertisements and other links to third-party sites or platforms) for which reference is made to the relative published privacy policies.


When visitors leave comments on the site, the data shown in the comments form is collected as well as the visitor's IP address and the browser user agent string to facilitate spam detection.
An anonymized string created from the sender's email address (otherwise called hash) can be provided to the Gravatar service to see if it is used. The Gravatar service privacy policy is available here: After approval of the comment, the profile picture is visible to the public in the context of the comment.

If images are uploaded to the website, care must be taken to avoid uploading images that include embedded location data (EXIF GPS). Visitors to the website can download and extract any location data from images on the website.

Permanence of data in cookies

By leaving a comment on this website, you can choose to save your name, email address and website in cookies. This option is made available for the convenience of the user so that you do not have to re-enter your data when another comment is left. These cookies will last for one year.
If you have an account and access this site, a temporary cookie will be set to determine if the browser used accepts cookies. This cookie contains no personal data and is deleted when the browser is closed.
When you log in, several cookies will be set to save your login information and screen display options. Login cookies last for two days and screen options cookies last for one year. If you select the "Remember me" option, access will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article (post), an additional cookie will be saved in your browser. This cookie does not include personal data, but simply indicates the ID of the article just modified. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). The content embedded from other websites behave in exactly the same way as if the visitor had visited the other website.
These websites may collect user data, use cookies, integrate further third-party tracking and monitor interaction with them, including tracking interaction with embedded content if you have an account and are logged in to those websites.

How long do we keep the data

If a comment is left, it and the related metadata are kept indefinitely. This way any subsequent comments can be automatically recognized and approved instead of keeping them in a moderation queue.
For users who register on this website (if any), the personal information that the users themselves provide in filling out their user profile are also stored. All users can see, edit or delete their personal information at any time (except their username which they cannot change). Website administrators can also see and edit this information.

What rights do you have over your data?

If you have an account on this website, or if you have left comments, you can request to receive a file exported from the site with the personal data that you have, including the data that has been provided provided. You can also request that all related personal data be deleted. This does not include for the duration from time to time established by current national laws the data which is required to be kept for administrative, legal or security purposes.

WooCommerce (payment platform)

This sample language includes the basics of collecting personal data, storing and sharing it, as well as who is authorized to access that data. Depending on the settings enabled and the additional plugins used, the specific information shared by this store may occasionally vary. During the checkout process in our shop we collect customer information; in particular, the following are tracked:

The products you viewed, using this information for, for example, to show recently viewed products.
Location, IO address and browser type, using this information to estimate taxes and shipping.
Shipping address, asking you to enter it to enter it to, for example, estimate the shipment before the order is placed and to send the purchased items.

Cookies are also used to keep track of the contents of the shopping cart while you are browsing the website. When making a purchase on the site, you are asked to provide information such as your name, billing address, shipping address, email address, telephone number, credit card number / payment details and optional account information, such as username and password. This information is used for purposes such as:

Send account and order information
Respond to customer inquiries, including complaints and refunds
Process payments and carry out fraud prevention activities
Configure the customer account for this shop
Comply with all legal obligations in charge, such as the calculation of taxes
Improve offers
Send marketing messages if you choose to receive them

By creating an account, your name, address, email and telephone number will then be stored: these data will then be used to populate the cashier in future orders.
In general, the information is kept as long as it is needed for the purposes for which the data is collected and used and as long as it is legally required to continue to keep it, in the manner and within the terms provided. For example, the tax documentation is archived for ten years, pursuant to art. 2220 of the Italian Civil Code. Comments and reviews are also archived if you choose to leave them.
Pro tempore team members have access to the information provided. For example, both administrators and shop managers can access:

order information such as, item purchased, date of purchase and shipping location
customer information such as name, email address and billing and shipping information.

Team members have access to this information to help fulfill orders, process refunds, and support the customer. Payments via PayPal are accepted through the Woocommerce platform. During the processing of payments, sensitive payment data is transferred to PayPal in the management of the company, or the information necessary to process or support the payment, such as total purchases and billing data. The payment procedure in the strict sense, that is everything that happens after pressing the "Buy" button, takes place through their gateway and all the data provided by the customer to perform the operation as the indication of the company issuing the credit card / debit, the number of the discard itself, the expiry date and the security codes will be processed, managed and filed exclusively by Paypal. For further details, consult the PayPal privacy policy.

4. Retention period - art. 13 co. 2 lett. [a] GDPR 2016/679

The owner stores personal data for the time necessary to provide the user with the requested services or to fulfill legal or tax obligations or for the minimum period required by law. In order to determine the appropriate retention period of personal data stored by the site with the user's consent, the owner also takes into consideration the following criteria: the specific purposes set out in the information for which the site stores personal information; the type of relationship in progress with the user (how often the user accesses their account; if the user makes requests via the contact form; if the user continues to receive newsletters or commercial communications; how regularly he browses the site etc.); any specific request by the user to delete their data or to withdraw consent; the legitimate commercial interest of the data controller. The site will promptly delete or anonymize personal data whose storage is no longer required by law.

5. Rights of the interested party - art. 13 co. 2 lett. [b] [c] [d] GDPR 2016/679

The user has the right to receive confirmation regarding the possible existence of his personal data processed by the data controller. In this case, pursuant to the Regulations, the user has the right to:

be informed about the collection and use of their personal information;
access your personal information at no cost;
obtain the rectification or completion of inaccurate or incomplete personal information;
obtain the cancellation of personal information;
under specific conditions, obtain the limitation or cancellation of their personal information;
obtain and reuse your personal information for your own purposes between different services when the processing is based on a contract or consent and is performed automatically ("the right to data portability");
under specific conditions, oppose the processing of their personal information;
the right to submit complaints relating to the collection and processing of personal information to the competent Guarantor authority;
the right to withdraw consent to the processing of personal data at any time without prejudice to the lawfulness of the processing carried out up to that moment on the basis of the consent revoked.

For any information, the user is invited to consult the website of the Authority for the protection of personal data - - ​​where he will find a section dedicated to these rights.

6. Nature of the provision of personal data and consequences of a refusal to respond - art. 13 co. 2 lett. [e] [f] GDPR 2016/679

Apart from what is specified for navigation data, the user can freely provide their data through the contact form or to receive promotional communications or to purchase goods or services and failure to provide them may make it impossible to obtain what required. Within the various forms it is always specified which data are mandatory in order to be able to respond to what the user requests.

7. Changes to this information

Any changes to this information will be published on the site. The user is invited to check for any updates or changes.

Contattaci su Whatsapp
Accetta la nostra privacy policy.