Privacy Policy

I – INFORMATION RELATING TO THE SITE'S PRIVACY POLICY

1. This section contains information on how www.vivi.it manages the processing of user data.
2. This information is also valid for the purposes of Article 13 of Legislative Decree no. 196/2003, the Personal Data Protection Code, and for the purposes of Article 13 of EU Regulation no. 2016/679, concerning the protection of natural persons with regard to the processing of personal data and the free movement of such data, for those who interact with www.vivi.it and can be reached at the address corresponding to the home page:
   www.vivi.it
3. This information applies only to www.vivi.it and not to other websites that may be accessed via links contained therein.
4. The purpose of this document is to provide information regarding the methods, timing, and nature of the information that data controllers must provide to users when they connect to the web pages of www.vivi.it, regardless of the purpose of the connection itself, in accordance with Italian and European legislation.
5. This information may be subject to change due to the introduction of new regulations in this regard, so users are invited to check this page periodically.
6. If the user is under 16 years of age, pursuant to art. 8, paragraph 1 of EU Regulation 2016/679, he or she must legitimize his or her consent through the authorization of his or her parents or legal guardians.

II – DATA PROCESSING

1 – Data Controller

1. The data controller is the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. It also deals with security aspects.
2. The data controller for this website is: Vivi SRL Società Benefit. For any questions or to exercise your rights, you can contact them at the following email address: viviworldsrlsb@legalmail.it.

2 – Data controller

1. The data processor is the natural or legal person, public authority, agency or other body which processes personal data on behalf of the data controller.
2. Pursuant to Article 28 of EU Regulation No. 2016/679, upon appointment by the data controller, the data controller for the website www.vivi.it is: Vivi SRL Società Benefit.

3 – Data processing location

1. The data processing generated by the use of www.vivi.it takes place at VIA ALFREDO CATALANI, 39.
2. If necessary, data related to the newsletter service may be processed by the data controller or persons appointed by the data controller for this purpose at the relevant office.

III – COOKIES

The website www.vivi.it uses the following cookies.

Users can refuse the use of marketing and third-party cookies by clicking the appropriate button during their first visit. They can later correct their preference by clearing their browser cache and revisiting any page on the website.

Under no circumstances does Vivibistot sell or transfer to third parties personal information retained in cookies for purposes other than those described and for services other than those described.

IV – DATA PROCESSED

1 – Data processing methods

1. Like all websites, this site uses log files to store information collected automatically during user visits. The information collected may include the following:

• internet protocol (IP) address;
• type of browser and parameters of the device used to connect to the site;
• name of the Internet service provider (ISP);
• date and time of visit;
• visitor's referral and exit web page;
• possibly the number of clicks.

1. The aforementioned information is processed automatically and collected exclusively in aggregate form to verify the correct functioning of the site and for security reasons. This information will be processed based on the legitimate interests of the data controller.
2. For security purposes (spam filters, firewalls, virus detection), automatically recorded data may also include personal data such as IP addresses, which may be used, in accordance with applicable laws, to block attempts to damage the site itself or other users, or otherwise engage in harmful or criminal activities. This data is never used to identify or profile users, but only to protect the site and its users. This information will be processed in accordance with the data controller's legitimate interests.
3. If the site allows comments, or if specific services are requested by the user, including the option to submit a CV for potential employment, the site automatically detects and records certain identifying information about the user, including their email address. This information is voluntarily provided by the user when requesting the service. By submitting a comment or other information, the user expressly accepts the privacy policy and, in particular, consents to the content being freely shared with third parties. The data received will be used exclusively to provide the requested service and only for the time necessary to provide the service.
4. Any information that users of the site choose to make public through the services and tools made available to them is provided by the user knowingly and voluntarily, exempting this site from any liability for any violations of law. It is the user's responsibility to ensure they have permission to enter third-party personal data or content protected by national and international laws.

2 – Purpose of data processing

1. The data collected by the site during its operation are used for the purposes indicated above and for the following purposes:
   Request for data for marketing and/or advertising purposes via newsletter
   Registration Information: When you create a vivibistrot account, register, or fill out forms for our services, we collect information about you, including your name, address, phone number, email address, and the password you create. The registration information you provide when creating a vivibistrot account allows us to grant you access to our services in accordance with our Terms and Conditions. We also use this information to authenticate your access to the services, to contact you and obtain your feedback, and to notify you of important changes or updates to our services.
   Transaction Information: We collect information related to your Orders, including payment information (e.g., your credit card number), using the secure services of our payment processors. Payment transactions are outsourced to our payment processors, and we do not store your credit card information on our systems. We also collect delivery details (e.g., your physical address) to fulfill each Order. Your transaction information (such as the grocery items you add to your shopping cart) allows us to process your Order and send you an accurate invoice.

Information about your marketing preferences: We collect information about your preferences for receiving marketing information whenever you subscribe or unsubscribe.

2. Data retention will be carried out for the period strictly necessary to achieve the above-mentioned purpose.
3. The data used for security purposes (blocking attempts to damage the site) are retained for the time strictly necessary to achieve the purpose indicated above.

3 – Data provided by the user

1. As indicated above, the optional, explicit, and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
2. Specific summary information will be progressively reported or displayed on the site pages set up for particular services on request.

4 – Support in configuring your browser

1. Users can also manage cookies through their browser settings. However, deleting cookies from their browser may remove any preferences they have set for the site.
2. For further information and support, you can also visit the specific help page for the web browser you are using:

• Internet Explorer: http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
• Firefox: https://support.mozilla.org/en-us/kb/enable-and-disable-cookies-website-preferences
• Safari: http://www.apple.com/legal/privacy/it/
• Chrome: https://support.google.com/accounts/answer/61416?hl=it
• Opera: http://www.opera.com/help/tutorials/security/cookies/

5 – Social Network Plugins

1. This site also incorporates social media plugins and/or buttons to allow easy sharing of content on your favorite social networks. These plugins are programmed to not set any cookies when accessing the page, to protect user privacy. Cookies are set, if required by the social networks, only when the user actively and voluntarily uses the plugin. Please note that if the user browses while logged in to the social network, they have already consented to the use of cookies delivered through this site when registering with the social network.
2. The collection and use of information obtained through the plugin are governed by the respective privacy policies of the social networks, to which please refer:
   Facebook: https://www.facebook.com/help/cookies
   Twitter: https://support.twitter.com/articles/20170519-uso-dei-cookies-e-di-altre-tecnologie-similar-da-parte-di-twitter
   Google+:http://www.google.com/policies/technologies/cookies
   Pinterest: https://about.pinterest.com/it/privacy-policy
   AddThis: http://www.addthis.com/privacy/privacy-policy
   Linkedin: https://www.linkedin.com/legal/cookie-policy

V. USER RIGHTS

1. Article 13, paragraph 2 of EU Regulation 2016/679 lists the user's rights.
2. The website www.vivi.it therefore intends to inform the user of the existence:
   – the right of the interested party to request from the data controller access to personal data (Article 15 of the EU Regulation), their updating (Article 7, paragraph 3, letter a) of Legislative Decree 196/2003), rectification (Article 16 of the EU Regulation), integration (Article 7, paragraph 3, letter a) of Legislative Decree 196/2003), or restriction of processing concerning them (Article 18 of the EU Regulation) or to object, for legitimate reasons, to their processing (Article 21 of the EU Regulation), in addition to the right to data portability (Article 20 of the EU Regulation);

• the right to request the erasure (Article 17 of the EU Regulation), the anonymization, or the blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which it was collected or subsequently processed (Article 7, paragraph 3, letter b), Legislative Decree 196/2003);
  – the right to obtain certification that the operations of updating, rectification, integration of data, deletion, blocking of data, transformation have been brought to the attention, including with regard to their content, of those to whom the data were communicated or disseminated, except in the case in which such fulfillment proves impossible or involves the use of means manifestly disproportionate to the protected right (art. 7, paragraph 3, letter c) of Legislative Decree 196/2003);

1. Requests can be addressed to the data controller without formalities or, alternatively, using the form provided by the Italian Data Protection Authority, or by sending an email to: vivisrlpec@legalmail.it
2. If the processing is based on Article 6, paragraph 1, letter a) – express consent to use – or Article 9, paragraph 2, letter a) – express consent to the use of genetic, biometric, health-related data, data revealing religious or philosophical beliefs or trade union membership, data revealing racial or ethnic origin, or political opinions – the user has the right to withdraw consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
3. Likewise, in the event of a violation of the law, the user has the right to lodge a complaint with the Italian Data Protection Authority, the authority responsible for monitoring data processing in Italy.
4. For a more in-depth examination of your rights, see Articles 15 et seq. of EU Regulation 2016/679 and Article 7 of Legislative Decree 196/2003.

VI – DATA TRANSFER TO NON-EU COUNTRIES

1. This site may share some of the data collected with services located outside the European Union, particularly with Google, Facebook, and Microsoft (LinkedIn) via social plugins and Google Analytics. This transfer is authorized and strictly regulated by Article 45, paragraph 1 of EU Regulation 2016/679, so no further consent is required.
2. If you agree to receive direct marketing emails, we rely on the services made available by Active Campaign LLC, with which we share your email address, first name, last name, and phone number. Only Vivi Bistrot staff has direct access to this data.
3. The companies mentioned above guarantee their adherence to the Privacy Shield.
4. Data will never be transferred to third countries that do not comply with the conditions set out in Article 45 et seq. of the EU Regulation.

VII. SECURITY OF DATA PROVIDED

1. This site processes user data lawfully and correctly, adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of data. Processing is carried out using computerized and/or electronic means, using organizational methods and logic strictly related to the indicated purposes.
2. In addition to the owner, in some cases, categories of persons involved in the organization of the site (administrative, commercial, marketing, legal, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communications agencies) may have access to the data.

VIII. CHANGES TO THIS DOCUMENT

1. This document, published at:
   vivi.it/privacy
   constitutes the privacy policy of this site.
2. It may be subject to changes or updates. Any significant changes or updates will be notified to users through appropriate notifications.
3. Previous versions of the document will still be available on this page.
4. This document was updated on 24/05/2018 to comply with the relevant regulatory provisions, and in particular with EU Regulation 2016/679.