The following information is provided pursuant to:

- art. 13 Code of privacy Legislative Decree 30.6.2003 n. 196

- art. 13 EU General Regulation n. 679/2016 on the processing of personal data (GDPR);

- of the Recommendation n. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by art. 29 of the directive n. 95/46 / EC, adopted on 17 May 2001 to identify certain minimum requirements for the collection of personal data online, and, in particular, the methods, timing and nature of the information that the data controllers must provide to the users when they connect to web pages, regardless of the purpose of the link;

and is valid for the site (from this moment "site") and not also for other websites that may be consulted by the user through links on the site.

This page describes how to manage the site in relation to the processing of personal data of users who consult it, browse it or use it according to the possibilities granted and the services offered by the site itself.
The treatment is always based on principles of lawfulness and fairness in compliance with all current regulations and appropriate security measures are adopted to protect data.


Following consultation, navigation or use of this site, data relating to identified or identifiable natural or legal persons may be processed.

The holder of their treatment is:
F.lli Valcalcer Srl Agricultural Company
S.P. 135 - Loc. Spineta, 94 - 84091 Battipaglia (Salerno)
VAT number 04673510659

Responsible for the processing of data, is Netsons, which takes care of the maintenance of the technological part of the site and that, for this purpose, could become aware of the data. As stipulated between the holder and the manager, the latter undertakes not to disclose in any way and for any reason the data processed by the owner's website.

Persons in charge of data processing are: other subjects or the categories of subjects who, within the scope of the purposes illustrated in this statement, may become aware of the data or to which they may be communicated, as they are involved in the organization of the site and in the management of the activity, appointed by the data controller or by the controller, external parties, also appointed, if necessary, Data Processors by the Data Controller.

The data may also be communicated to Public Authorities, Police Forces or other Public and Private Parties, but only if it is indispensable in order to comply with legal obligations, regulations or Community legislation.

Users are invited to avoid the inclusion of sensitive data (that is to say data suitable to reveal racial and ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties unions, associations or organizations of a religious, philosophical, political or trade union nature, as well as personal data capable of revealing sexual health and sex life) and superfluous judiciary because this could lead to the destruction of the message.


The processing connected to the web service of this site takes place at the aforementioned office and is handled by the Data Controller, by the Data Processors and by the data processors appointed by them, at their offices. Eventually, another place of treatment may be elected, also the hosting service provider, due to site maintenance needs.

The data will be treated confidentially, through automated tools, and will not be disclosed to unauthorized third parties, will not be disclosed, disseminated or transferred abroad, or to third countries (non-EU). / p>


The collection of personal data collected from the interested party takes place in an "explicit" manner, ie the interested party, after reading this information, will have to accept it by voluntarily ticking the check box relating to the wording confirming the reading and acceptance of the same, before giving personal data and allowing its treatment.

Failure to check the checkbox implies or may result in the inability to receive and process the data by the Owner, with the consequent possible inability to provide the services requested by the interested party during navigation, registration and any other action on the site may involve the need to process personal data, which remain user identification data necessary for the proper functioning of the site and to be able to use the services provided by the platform and as identified and listed below.

Personal data, unless explicitly specified, will be processed by the Data Controller, Data Processor and Trustees of the processing that are duly authorized unless otherwise specified.

Such data may be necessary for the data subject to take advantage of certain features and services made available by the site, for the following purposes:

- Registration to the site and addresses and / or company / company data

Purpose and legal basis of the processing: the identification data required to create an account is requested to take advantage of the possibility to purchase on the website, ie name, full address, e-mail address, date of birth, possibly company name and VAT number, if the customer is classified as a company.
The submission of the request is subject to the specific, free and informed consent (reference Art. 6 GDPR) documented through a special check-box to be checked (reference Art.7 GDPR).

After registration you can receive emails regarding information on the activity voluntarily concluded by the interested party (for example, after the purchase of a product, the status of an order can be notified as being processed, shipped, etc.).

Data retention period: The data are kept until the request for cancellation of the interested party, unless there are special legal and fiscal obligations. The password on the account has the same retention period, but is encrypted.

Scope of communication: The data are processed by the data controller, responsible and authorized for the treatment. The name, surname, addresses, e-mail address and telephone number could be assigned to mail services and / or couriers for the delivery of purchase orders of the interested party. These services could also send communications to interested parties regarding the status of delivery.

Conferment: the provision of data related to the mandatory fields is necessary to use the services offered by the site.

- Data provided voluntarily by the user

The optional, explicit and voluntary sending of e-mail and / or ordinary mail to the addresses indicated on this website entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.

If the sender sends his / her resume to submit his / her professional application, he / she remains solely responsible for the relevance and accuracy of the data sent. It should be noted that any curriculum without the authorization to process data will be immediately deleted.


Personal identification data will be handled exclusively by the Data Controller, Data Processor and Trustees of the processing that are duly authorized unless otherwise specified.

Such data may be necessary for the data subject to take advantage of certain features and services made available by the site, for the following purposes:

- Access log

Purpose and legal basis of processing: access logs are used to keep track of entries on the site, for control and security operations. The IP addresses and access times are saved. These data are not directly related to an identified or identifiable person, due to the widespread use of dynamic IP.

Data retention period: the logs are kept for 10 years or until canceled on any request or need, which may occur before the scheduled time frame.

Scope of communication: The data are processed by the data controller, responsible and authorized for the treatment. Only in the case of an investigation can they be made available to the competent authorities.

Conferment: The data are not conferred by the interested party but acquired automatically by the site's technological systems.

- Abandoned trolleys

Purpose and legal basis of processing: Abandoned carts are used to monitor the proper functioning of the site (to help understand why a user adds products to the cart but does not purchase).

Data retention period: data is retained until a request to cancel the data subject is made.

Conferment: The data are not conferred by the interested party but acquired automatically by the site's technological systems.

NOTE: In case of use of abandoned trolleys for remarketing operations, the interested party will be informed and will have to give consent to receive notifications about abandoned carts and can unsubscribe at any time through appropriate link or request cancellation from the reception service of this type of remarketing.

- Browsing data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified individuals, but which by their very nature could - through processing and association with data held by third parties - allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user's computer environment. p>

By visiting the site the following information is automatically collected:

1. User's hostname. The hostname or Internet Protocol address of the user requesting access to the site.

2. HTTP header, and the string "user agent" which includes: the type and version of the browser used and the operating system with which the browser works.

3. System date. The date and time of the user's visit.

4. Complete request. The exact request formulated by the user.

5. Content lenght. The consistency, in bytes, of every document sent to the user.

6. Method. The request mode used.

7. Universal Resource Identifier (URI). The location of resources on the server.

8. The request string of the URI, that is, everything that is after the question mark in the URI.

9. Type of device used for consulting the site.

10. Protocol. The transmission protocol and the version used.

Purpose and legal basis of processing: These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the site (legitimate interests of the owner).

Data retention period: data is typically stored for short periods of time, ie from a single session up to 2 years after the page, with the exception of any extensions related to investigation.

Scope of communication: The data are processed by the data controller, responsible and authorized for the treatment. Only in the case of an investigation can they be made available to the competent authorities.

Conferment: Data are not conferred by the interested party but acquired automatically by the site's technological systems.


Cookies are small text strings that the sites visited by the user send to his terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit of the same user. For more detailed information, please refer to the page of this website dedicated to the extended information on Cookies, also visible via the link at the bottom of all the pages of the Website.

This site does not use cookies of any kind if not the first part, or technical cookies for the proper functioning of the site and that do not identify the user, or trace his personal data or profile.


Specific security measures are observed to prevent data loss (through the use of backups), illicit or incorrect use and unauthorized access (through the use of passwords).

The physical server, on which the personal data resides, is located in Milan (Italy), protected by a double UPS system, a motor for uninterruptible power supply for prolonged blackouts, temperature and humidity monitoring, distributed extinguishing system, surveillance 24 hours a day and 365 days a year, registered and supervised accesses.

Where the data subject has been provided or the data subject has chosen a password to access certain parts of our website, the data subject is directly responsible for keeping this password confidential, forcing not to share it with anyone.


Pursuant to art. 33 GDPR The Data Controller or the Data Processor will notify the Supervisory Authority of any violation of personal data of which they become aware and if from such violation risks arise for the rights and freedoms of the data subjects, within 72 hours and in any case without unjustified late.

Pursuant to art. 34 GDPR if the breach of data security presents a high risk for the rights and freedoms of natural persons, the Data Controller shall inform the data subject of the violation, without justified delay, with the exception of the cases referred to in paragraph 3 of the art. 34 GDPR.


Right of withdrawal of consent (reference Art. 7 GDPR)

The interested party has the right to revoke the consent previously granted, considering that the withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation. In the event of a request for revocation, the data of the interested party will be deleted, except for the need to continue the processing (for a different legal basis or for example tax obligations).

Right to Access Data of the Data Subject (Reference Art. 15 GDPR)

The interested party can view his personal data independently from the panel dedicated to him, if registered.

Furthermore, the data subject has the right to obtain from the data controller confirmation whether or not personal data processing is being processed and, in this case, to obtain access to his / her data.

If personal data are transferred to a third country or to an international organization, the data subject has the right to be informed of the existence of adequate guarantees regarding the transfer.

Right of rectification (reference Art. 16 GDPR)

The interested party can modify his personal data independently from the panel dedicated to him, if registered.

Furthermore, the data subject has the right to obtain from the data controller the correction of their personal data that is not accurate without unjustified delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing an additional declaration.

Right of cancellation or right to be forgotten (Reference Art. 17 GDPR)

The data subject has the right to obtain from the data controller the deletion of their personal data without undue delay. The holder will delete such personal data, upon request, without undue delay.

If the data controller has made public personal data is obliged to delete them, taking into account the available technology and implementation costs, taking reasonable steps to inform the other data controllers who are processing the personal data of the data subject; of your request to delete any link, copy or reproduction of your personal data.

Please note that the right of cancellation may not apply if the treatment is necessary for:

- the exercise of the right to freedom of expression and information,

- for the fulfillment of a legal obligation,

- for reasons of public interest in the public health sector,

- for public archival purposes, scientific research, historical or statistical purposes,

- for the assessment, exercise or defense of a right in court.

Right to limit processing (reference to Art. 18 GDPR)

With the right to limit the processing, the interested party may request the limitation of use of their data, excluding the storage of the same. This limitation can be exercised not only in case of violation of the conditions of lawfulness of the processing, but also if the person concerned appeals to the right of rectification (pending the latter) or opposes the processing of his data (pending evaluation by the holder of such opposition).

Notification requirement (reference Art. 19 GDPR)

The data controller will communicate to each of the recipients to whom the personal data have been transmitted, any corrections, deletions or limitations of processing requested by the interested party, provided that this is not impossible or involves a disproportionate effort. p>

The data controller, if asked to do so, will inform the recipient of the recipients of his personal data to which he / she must transmit his / her wishes to exercise his / her right.

Right to data portability (reference Art. 20 GDPR)

The interested party has the right to receive, in a structured format, in common use and readable by automatic device, the data concerning him and provided by him to the data controller, without impediments, provided they do not affect the rights and freedoms others and if they are processed in an automated format (paper archives are excluded).

Portability does not delete data.

Opposition right (reference Art. 21 GDPR)

The interested party has the right to oppose at any time, for reasons connected with his particular situation, to the processing of personal data concerning him / her, including profiling. In this case the holder will refrain from further processing the personal data of the data subject who availed himself of the right of opposition, unless he demonstrates the existence of legitimate and mandatory reasons for proceeding with the processing that prevails over the interests, rights and freedom of the interested party or for the establishment, exercise or defense of a right in court.

Complaints and remedies before competent administrative and judicial authorities

The interested party, if he / she considers that the processing of data concerning him / her has not respected, for any reason, the provisions prescribed by Legislative Decree. n. 196/2003 and by the EU Reg. N. 679/2016, or believes that the rights enjoyed on the basis of the aforementioned provisions of the law have been violated, may promote Complaints before the Supervisory Authority and / or promote Appeals before the competent judicial bodies, pursuant to art. 77, 78 and 79 (GDPR), as well as the right to obtain compensation for any damage as per art. 82 (GDPR).


The interested party who wants to use the data access rights and the right of rectification can freely and at any time access his own user area to view and rectify the data he has released and which are treated by the site.

The interested party may also request the exercise of precedents and all other rights by communicating it to the Data Controller F.lli Valcalcer Srl Società Agricola at the e-mail address

The deadline for replying to the interested party is, for all rights (including the right of access), 1 month, which can be extended up to 3 months in cases of particular complexity (pursuant to Article 12 of the GDPR). The Data Controller or the Data Processor will in any case give feedback to the data subject within 1 month of the request, even in case of refusal.

The exercise of rights is, in principle, free to the data subject, but there may be exceptions. It is up to the owner to evaluate the complexity of the reply to the interested party and to establish the amount of the contribution to be requested from the interested party, but only if the requests are manifestly unfounded or excessive, in particular due to their repetitive nature; if more "copies" of personal data are requested in the case of the right of access, the holder could take into account the administrative costs incurred.

The owner has the right to request information necessary to identify the person concerned, and the latter has the duty to provide it, in an appropriate manner.

The reply to the interested party, unless otherwise indicated by the interested party, will normally be in writing, in an electronic format in common use. Feedback can be given orally if the interested party so requests.


The consent of minors is valid from 16 years; before this age, the consent of the parents or of those who take their place must be gathered.

Updating the Privacy Policy

Please note that this information may be subject to periodic review, also in relation to the relevant legislation and jurisprudence; therefore, you are invited to periodically consult this policy.

This page is visible, through the link at the bottom of all the pages of the Site pursuant to art. 122 second paragraph of Legislative Decree no. 196/2003 and following the simplified procedures for the information and the acquisition of consent for the use of cookies published in the Official Gazette no. 126 of 3 June 2014 and the related register of measures n.229 of 8 May 2014. < / p>

Last updated: May 2018