Information provided in accordance with EU Regulation 2016/679 (hereinafter GDPR)
General Information

The data subjects are informed of the following general profiles, valid for all processing activities:

• All data is processed lawfully, fairly, and transparently towards the data subject, in compliance with the general principles set forth in Article 5 of the GDPR.
• Specific security measures are observed to prevent data loss, unlawful or incorrect use, and unauthorized access

References and rights of the data subjects
The Data Controller is the undersigned Company, represented by the pro-tempore legal representative, who can be contacted to exercise all the rights provided for in Articles 15-21 of the GDPR (right of access, rectification, erasure, restriction, portability, objection), as well as to revoke previously given consent. In case of failure to respond to their requests, data subjects have the right to lodge a complaint with the supervisory authority for the protection of personal data (GDPR – Article 13, paragraph 2, letter d).

Contact details of the Data Controller:
Origo S.r.l.
Via Cornini Malpeli, 52, 43036, Fidenza (PR), Italy
VAT number: 02909510345
Tel. +39 0524 204386
Email: info@pasticceriaorigo.it

PROCESSING OF DATA RELATED TO THE FUNCTIONING OF THIS WEBSITE
The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data, the transmission of which is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by their very nature, through processing and association with data held by third parties, could allow the identification of users. This category of data includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the user’s operating system and computer environment.

Purpose and legal basis of the processing (GDPR – Article 13, paragraph 1, letter c)
These data may be used to obtain anonymous statistical information about the use of the website and to monitor its proper functioning. The data may also be used to ascertain responsibility in case of hypothetical computer crimes against the website (legitimate interests of the data controller).

Scope of communication (GDPR – Article 13, paragraph 1, letters e, f)
The data may be processed exclusively by internal personnel, duly authorized and instructed on data processing (GDPR – Article 29), or by any external subjects responsible for the maintenance of the web platform (appointed as external processors) and will not be communicated to other parties, disseminated, or transferred to non-EU countries. Only in the event of an investigation, they may be made available to the competent authorities.

Data retention period (GDPR – Article 13, paragraph 2, letter a)
The data is normally kept for short periods of time, except for any extensions related to investigative activities.

Provision (GDPR – Article 13, paragraph 2, letter f)
The data is not provided by the data subject but is automatically acquired by the technological systems of the website.

Cookies
For specific information, please refer to the cookie policy on our website.

Specific functions of the website
Some pages of the website may require the user to provide information regarding specific services (e.g., request information, user registration, work with us, etc.).

Purpose and legal basis of the processing (GDPR – Article 13, paragraph 1, letter c)
Only the data necessary for the proper provision of the service and to provide a correct and comprehensive response to the data subjects will be requested. The processing is subject to the acceptance of specific, free, and informed consent (GDPR – Article 6, paragraph 1, letter a).

Scope of communication (GDPR – Article 13, paragraph 1, letters e, f)
The data is processed exclusively by personnel duly authorized and instructed on data processing (GDPR – Article 29), or by any external subjects responsible for the maintenance of the web platform (appointed as external processors).

Data retention period (GDPR – Article 13, paragraph 2, letter a)
The data is kept for a period compatible with the purpose of the collection.

Provision (GDPR – Article 13, paragraph 2, letter f)
The provision of data relating to mandatory fields is necessary to obtain a response, while optional fields are intended to provide additional useful information to facilitate contact.

Data voluntarily provided by the user
The optional, explicit, and voluntary sending of emails and/or regular mail to the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to the requests, as well as any other personal data included in the message. If the sender sends their curriculum vitae to submit their professional application, they remain solely responsible for the relevance and accuracy of the data sent. Please note that any curriculum vitae without authorization for the processing of data will be immediately deleted.