PURPOSE OF THE INFORMATION
In compliance with UE Regulation 2016/679 (hereinafter “GDPR”), this page describes the methods of processing the personal data of users who consult the HANA GROUP SAS website accessible electronically at the address www.sushigourmet.eu.
This page does not fulfill the obligations set out in art. 13 of the GDPR for the data collection forms on the site; each page that allows the user to voluntarily send their personal data provides a specific dedicated information.
This information does not concern other sites, pages or online services that can be reached via hypertext links that may be published on this site but refer to resources outside the domain of HANA GROUP SAS.
Following the consultation of the website, data relating to identified or identifiable persons may be processed.
HOLDER OF THE TREATMENT
The data controller is HANA GROUP SAS, 101-109 rue Jean Jaurès, 92300 Levallois-Perret – France; tel.: + 33 1 84 76 02 80.
DATA PROTECTION OFFICER
The Hana Group DPO can be contacted at the following address: email@example.com.
PURPOSE OF THE TREATMENT
Personal data will be processed for the following purposes:
1. allow navigation and consultation within the site and compliance with legal obligations;
2. purposes related to the provision of the requested services (e.g. requests to be contacted again; possible subscription to the newsletter; spontaneous application);
3. defensive purposes in case of abuse in the use of the site or fraud attempts;
4. purposes of statistical and market research with data made anonymous.
LEGAL BASIS OF THE PROCESSING
The Data Controller processes your data: 1) to implement pre-contractual measures adopted at the request of the User / Data Subject; 2) based on the consent expressed by the interested party to the processing of their personal data for one or more specific purposes.
METHOD OF TREATMENT
Personal data are processed with automated tools and in paper form, for the time strictly necessary to achieve the purposes for which they were collected.
Specific security measures are observed to prevent the loss of personal data, illicit or incorrect use and unauthorized access. In particular, the secure https protocol for some reserved sections of the site and applications and the protections against unauthorized access to the servers and other computers in use.
POSSIBLE EXTRA EU TRANSFERS
The Data are processed at the Data Controller’s operational headquarters and in any other place where the parties involved in the processing are located. For more information, contact the owner.
The data may be hosted in a third country, pursuant to the following requirement in compliance with art. 46:
“Some processing by service providers on behalf of Hana Group SAS takes place outside the European Union, in countries that do not guarantee an adequate level of protection of personal data according to the standards established by the Regulation”.
Hana Group SAS takes the necessary precautions for a legitimate data transfer (for example, by applying the standard contractual clauses approved by the European Commission).
SUBJECTS AUTHORIZED FOR THE PROCESSING
TYPES OF DATA PROCESSED AND PURPOSE OF THE TREATMENT
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
This information are not collected to be associated with identified data subjects, but due to their nature they could, through processing and association with data held by third parties, allow users to be identified.
This category of data includes IP addresses or domain names of computers and terminals used by users, URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used while submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
These data, necessary for the use of web services, are also processed for the purpose of:
• obtain anonymous statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.);
• check the correct functioning of the services offered.
The navigation data are available just for seven days (with the exception of any need to ascertain crimes by the judicial authorities).
Data communicated by the user
The optional, explicit and voluntary sending through the forms present on various pages of the site involves the acquisition of personal data; the forms are accompanied by specific information.
Cookies and other tracking systems
Cookies are small text files containing information exchanged between a website and the user’s terminal (usually the browser). They are mainly used for the purpose of making websites work and making them operate more efficiently, as well as for the purpose of providing information to the owners of the site. Cookies can be both session and persistent. Session cookies remain stored in the terminal for a short period of time and are deleted as soon as the user closes the browser. Their use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. Persistent cookies, on the other hand, remain stored in the user’s terminal until a predetermined deadline. These, not being deleted directly when the browser is closed, allow to remember the choices made by the user on a site as well as to collect information about the pages of the site visited by the user, the frequency with which the site is visited and to identify the user navigation path, in order to improve the experience on this site. Lastly, session or persistent cookies can be first party or third party depending on whether the person who installs the cookies on the user’s terminal is the same operator of the site that the user is visiting (we will then speak of cookies First-party) or a different subject (we will then speak of Third-party cookies).
TYPES OF COOKIES
Depending on the purpose, cookies can be classified as:
• Technical cookies: cookies that allow to browse and / or provide a service requested by the user (for example, cookies that automatically recognize the language the user uses). These cookies are necessary for the functioning of the site and cannot be deactivated.
• Cookie Analytics: cookies used by website managers to collect aggregated information of statistical nature (for example number of website visitors). Analytical cookies can be first-party analytics, installed directly on the site you are visiting and third-party analytics, made available by third parties.
• Profiling cookies: cookies that control the user’s navigation, tracking the behavior of a user and the preferences expressed in order to send advertising messages in line with his profile. If you do not accept these cookies, no targeted advertising will be sent.
When not required:
According to the current legislation, for session and analysis cookies that do not perform profiling (as they are necessary to provide the requested services) the user’s consent is not required. These include:
• analytics cookies, if used directly by the site manager to collect information, in aggregate form;
• navigation or session cookies (to authenticate);
• functionality cookies that allow the user to browse according to a series of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided.
When it is required
For all other types of cookies, consent can be expressed through:
• the banner displayed at the first access to this site;
• by browser’s configuration;
• from the settings in the use of third-party services.
Failure to consent may prevent the user from using or fully viewing the site’s features.
The options made can be changed at any time, the consent can be revoked, without any charge and prejudice to the lawfulness of the processing carried out up to the revocation.
Cookies used by this site
This site makes use of both First Party and Third Party cookies as it uses the features of the Google Analytics services, offered by Google Inc.
Hana Group uses the anonymization function (anonymize ip), in compliance with the principle of minimizing personal data.
Browsers normally allow the control of most cookies through the browser settings. However, please note that the total or partial disabling of the c.d. technicians can compromise the use of the site’s features. In any case, if the user does not wish to receive any type of cookie on his computer, neither from this site nor from others, he can raise the level of privacy protection by changing the security settings of his browser through following links:
Mozilla Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies
Safari on iPhone, iPad, or iPod touch: https://support.apple.com/it-it/HT201265
OTHER TECHNOLOGIES (e.g., Plugins, Widgets, Local Storage, etc.)
Websites can also interact with social networks and external platforms using particular technologies, created specifically for these purposes.
Some of the most popular methods of interaction are based on the use of:
Plugin: a program that interacts with another program, to be able to expand or extend the original functionality of the first. The most used plugins are those of social networks, which allow – through a click – to follow a page or a social profile, or to emphasize the liking of a specific web content and / or to share it on your social profile;
Widget: a graphical interface of a program, used to make the interaction between the user and the program more immediate and easy. The most used widgets are those of social networks, which allow the user to quickly open the chosen social network in a separate browser window.
All these services allow you to interact with social networks, or in any case with external platforms, directly from the pages of a site. Any interaction and consequent information possibly acquired by the site are subject to the privacy settings of the third party who created these technologies.
With regard to the social platforms with which the site allows you to interact, below a list of the references of these managers and the link to the pages where information on the data processing are available and, where required by law, where you can give or deny your consent:
– Facebook widget – info: https://www.facebook.com/privacy/explanation
– Instagram widget – info: https://help.instagram.com/519522125107875/?maybe_redirect_pol=0
LINKS TO OTHER WEBSITES
This site may contain links or references for accessing other sites. We inform you that the Data Controller does not control the cookies or other monitoring technologies of these websites, to which this Policy does not apply.
RECIPIENTS OF THE DATA
The data are not disclosed to third parties but can also be processed through specialized companies, appointed as data processors pursuant to article 28 of the GDPR; the list is sent to the interested party upon request.
RIGHTS OF THE INTERESTED PARTIES
Pursuant to art. 15 and ss. of the GDPR, the interested parties have the right to obtain from the Data Controller, at any time: access to their personal data; the rectification or cancellation of the same or the limitation of the treatment that concerns them or to oppose the treatment; revocation of the consent without prejudice to the lawfulness of the processing based on the consent given before the revocation. The interested party is guaranteed the right to data portability.
The rights can be exercised by contacting the Data Controller directly at the addresses indicated above.
Interested parties also have the right to lodge a complaint with the Guarantor Authority for the protection of personal data, as required by art. 77 of the GDPR, or to take the appropriate judicial offices (Article 79 of the GDPR).
FURTHER INFORMATION ON THE TREATMENT
Information not contained in this policy: further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.
Changes to these privacy policies
The Data Controller periodically checks its privacy and security policy and, if necessary, reviews it in relation to regulatory, organizational, or technological changes. In the event of a change in the policies, the new version will be published on this page of the site.
If the changes concern treatments whose legal basis is consent, the Data Controller will collect the User’s consent again, if necessary.