Following is a description of the website’s management formality in relation to the Processing of User’s Personal Data. This information is also useful for those who interact with the website, for the protection of Personal Data referred to them. This Privacy Statement is drawn up on the basis of multiple legislative systems and on the UE 2016/679 Regulation. The information provided is valid only for the https://www.wocsa.ca website and not for other websites that may have been consulted by the User through the link. Following the consultation of this website, Data relating to identified or identifiable persons may be processed.
Website Holder and Data Controller: Wine and Olive Oil Canadian Sommelier Alliance Inc.
Legal office: 489A Whitmore Ave. Apt#3M6E 2N9 Toronto (Ontario) – Canada.
The Data Controller may be contacted at the following address: email@example.com.
Type of Data that is processed:
The computer systems and software procedures used to operate this website acquire Personal Data during their normal operation, the transmission of which is implied in the use of Internet communication protocols. This information is not collected in order to identify interested parties; however, by its very nature, it could allow Users to be identified through processing and association with Data held by third parties. This Data category includes: IP addresses or domain names of computers belonging to Users who connect to the website, addresses in URI (Uniform Resource Identifier) notation of requested resources, the time of the request, the method used to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters related to the operating system and to the User’s computer environment. This Data is used for the sole purpose of obtaining anonymous statistical information on the use of the website and in order to check its correct operation. The Data could be used to ascertain responsibility in case of hypothetical criminal activity against the website. The User assumes full responsibility of Personal Data obtained, published or shared by third parties through this Application, and guarantees the right to communicate or disseminate the Data, freeing the website Data Controller from any liability toward third parties.
Data provided voluntarily by the User
The optional, explicit, and voluntary sending of e-mails to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary in order to respond to the sent request, in addition to any other Personal Data included in the message. Sensitive or judicial data supplied by the User is excluded from Processing and therefore will be deleted.
Location of Data Processing
The Processing operations connected to the web services of this website take place at the aforementioned office of the Website Holder (Data Controller) and Hoster (External Processing Manager), and are only handled by technical office staff in charge of Processing or by staff appointed by the Holder, the names of which may always be requested from the Data Controller. No Data deriving from the web service is shared or disclosed. The Personal Data provided by Users who forward requests for information or suggestions are only used to perform the requested service or provision and are eventually communicated to other administrations only if it is necessary in order to provide the requested information. The Data is processed exclusively at the Website Holder/Data Controller’s operational headquarters and in any place where the involved parties are located. For more information, contact the Website Holder. The User’s Personal Data may be transferred to a country other than the one in which he is located. For information on the location of his data processing, the User may refer to the section concerning the processing of Personal Data.
Data Retention Period
Data processing takes place for the time required by the purposes for which it was collected. Personal Data collected for purposes related to the performance of a contract between Website Holder and User will be retained until the contractual performance is completed. Personal Data collected for purposes related to the legitimate interest of the Data Controller will be retained until such interest is met. For further information on the legitimate interest of the Data Controller, the User may refer to the relative sections of this document or contact the Website Holder. When Data Processing is based on the User’s consent, the Data Controller may retain the Personal Data until the given consent is revoked. Furthermore, the Website Holder may be obliged to hold the Personal Data for a longer period, in compliance with legal obligations or authorities. Personal Data will be deleted at the end of the retention period. Therefore, at the end of this term, the right of access, cancellation, rectification, and Data portability can no longer be exercised.
In order to prevent illegal activities and damages to the server or website Users, the website processes the acquired Data (the IP, in particular) in order to prevent unauthorized access or activities that could damage the server or other Users. Data processing is carried out using IT tools for the purposes described above. For purposes authorized by law (e.g. assistance in system failure or breakdown, server maintenance, etc.), Data may also be accessed by technical and administrative staff belonging to the server management company, which provides the hosting service to this website.
Personal Data is processed with automated tools for a period of time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed in order to prevent Data loss, its illicit or incorrect use, and unauthorized access. Processing is carried out using IT tools with organizational methods that are strictly related to the indicated purposes. In some cases, in addition to the Website Holder, other parties involved in the organization of this Application (system administrators and administrative, commercial, marketing, and legal staff) or external subjects appointed by the Website Holder (such as suppliers of third party technical services, postal couriers, hosting providers, tech companies, communication companies) may also have access to Data. The updated list of all access holders may always be requested from the Data Controller.
Purpose of Data Processing
The Data concerning the User is collected in order to allow the Website Holder to provide his services, as well as for the following purposes (if applicable): Contacting the user, Registration and authentication, Marketing campaigns, Statistics, Interaction with support and feedback platforms, Managing support and contact requests, Visualizing content from external platforms, Managing contacts and sending messages, Hosting and backend infrastructure, Remarketing and behavioral targeting, Payment management, Interaction with social networks and external platforms, Interaction with live-chat platforms, Infrastructure monitoring, User database management, Franchising, Tag management. For further or more detailed information on Personal Data processing that is relevant for each purpose, the User may contact the Data Controller.
Legal Basis of Data Processing
The Data Controller processes Personal Data related to the User in the event of one of the following conditions: – the User has given consent for one or more specific purposes; – the Data Processing is necessary for the performance of a contract and/or for the performance of pre-contractual measures; – the Data Processing is necessary in order to fulfill a legal obligation to which the Data Controller is subject; – the Data Processing is necessary for the performance of a task of public interest or for the performance of public authority vested in the Website Holder; – the Data Processing is necessary for the pursuit of the Website Holder or third party’s legitimate interest. In any case, it is always possible to request the Website Holder to clarify the actual legal basis of each form of Data Processing, and in particular to specify whether the Processing is based on the law, provided for by contract or necessary in order to complete a contract.
Rights of Data Subjects
Pursuant to EU Reg. 2016/679, the subjects to whom the Personal Data refers to have the right to withdraw consent to the Processing of their Personal Data at any time. They also have the right to: oppose Data Processing, access their Data, verify their Data and/or request its rectification, request Processing limitation, request cancellation or removal, receive their Data or have it transferred to another website holder in structured format (commonly used and readable by automatic devices), and propose a complaint to competent authorities. If Data is processed for direct marketing purposes, Users may oppose Data Processing without providing any reason for their doing so. Users have the right to request and obtain information regarding the legal basis for the transfer of their Data outside of the European Union or to an international organization under public international law or consisting of two or more countries (such as ONU). Users are also entitled to request and obtain information on the security measures taken by the Data Controller to protect their Data. If one of the abovementioned Data transfers takes place, the User may refer to the relative sections of this document or contact the Website Holder.
Procedure for the Exercise of any Right
In order to exercise the rights referred to above, Users may direct a request to the Website Holder’s contact as listed above in this document. Requests are made free of charge and are processed by the Website Holder as quickly as possible, in a period of time that will not exceed one month.
Last update of this document: 25/05/2018.