PRIVACY DISCLAIMER

In compliance with the obligations deriving from the national legislation (Privacy Code) and the Community (European
General Regulation No. 679/2016) regarding the protection of personal data, Fattorie Santo Pietro respects and protects
theprivacy of visitors and users. This privacy statement applies to both the collection of information from the website
and from other channels.

1 – Legal basis of processing

With the use or consultation of this site visitors and users explicitly approve this privacy statement and consent to
the processing of their personal data in relation to the methods and purposes described below, including any disclosure
to third parties if necessary for the provision of a service. The provision of data and therefore the consent to the
collection and processing of data is optional, the User can deny consent, and may revoke at any time a consent already
provided. However, denying consent may make it impossible to provide certain services and the browsing experience on
the site would be compromised.

2 – Purpose of the processing

The processing of personal data means: registration, storage, organization, consultation, selection, extraction,
comparison, processing, use, modification, interconnection, blocking, communication, cancellation and destruction,
transfer or dissemination, or the combination of two or more such operations. The processing of data collected by the
site, in addition to the purposes related, instrumental and necessary for the provision of the service, is aimed at the
following purposes:

2.1 – Statistics

Collection of data and information in an exclusively aggregate and anonymous form in order to verify the correct
functioning of the site, to improve the online store and the platform. None of this information is related to the
physical person-user of the site, and they do not allow identification in any way.

2.2 – Security

Collection of data and information in order to protect the security of the site and users (spam filters, firewalls,
virus detection) and to prevent or unmask fraud or abuse to the detriment of the website. The data are recorded
automatically and may possibly also include personal data (IP address) that could be used, in accordance with
applicable laws, in order to block attempts to damage the site itself or to harm other users, or otherwise harmful
activities or constituting crime. These data are never used for the identification or profiling of the User and are
periodically deleted.

2.3 – Marketing / Advertising

Collection of data and information in general and particular on the User’s orientations and preferences; send
informative and advertising material, including third parties; send commercial communications, including interactive
ones; carry out direct sales or placement of products or services; transferring to third parties the data collected and
processed for commercial purposes, or for all those commercial and / or statistical purposes.

2.4 – Accessory activities

Communicate the data to third parties who perform functions necessary or instrumental to the operation of the service,
and to allow third parties to perform technical, logistical and other activities on our behalf. This site uses
suppliers to perform certain activities, send traditional mail, analyze data, provide marketing assistance and provide
services to customers. Providers only have access to the personal data that are necessary to perform their duties, and
undertake not to use the data for other purposes, and are required to process personal data in accordance with
applicable regulations. This category of data is retained only for the period of time necessary for the provision of
the service.

3 – Data collected

This site collects user data in two ways.

3.1 – Data collected in an automated manner

While browsing users, the following information can be collected that is stored in the site log files:
Internet protocol (IP) address;
Type of browser;
Parameters of the device used to connect to the site;
Name of the Internet service provider (ISP);
Date and time of visit;
Web site of origin of the visitor (referral) and of Exit;
Possibly the number of clicks.

These data are used to analyze user trends and collect data in aggregate form, to administer and guarantee the security
of the site, and are in no way attributable to the identity of the User.

3.2 – Data provided voluntarily

The site can collect other data in case of voluntary use of services by users, such as commenting, communication (chat,
contact forms and email), publication of reports and newsletter subscription:
name and surname;
email address.

These data are provided voluntarily by the User at the time of requesting the service, or adding the comment, and will
be used exclusively for the provision of the service requested and processed only for the time necessary to provide the
service. The email address, in case of registration to the newsletter, is also used in order to send promotional
material to already existing customers, therefore in the context of an existing business relationship. The customer can
always oppose the sending of such communications by clicking on the link Manage preferences newsletter present in the
footer of the website. For users who are not yet customers, the sending of promotional material is subject to the
collection of consent, revocable later. The fiscal data are necessary in order to take advantage of the services
provided for payment, and for billing purposes. The data collected by the site are not provided to third parties,
unless it is a legitimate request by the judicial authority and only in the cases provided by law. The data, however,
may be provided to third parties if this is necessary for the provision of a specific service requested by the User, or
for tax purposes or for the implementation of security checks or optimization of the site.

4 – Data retention period

The data collected are processed for the time necessary for the purposes for which they were collected, and in any case
not later than the time prescribed by law. The data necessary for tax purposes are kept until the assessments relating
to the corresponding tax period are established, ie for at least 10 years and more if the relative annuity is not yet
prescribed for tax purposes. At the expiry date the data will be deleted or anonymised, unless there are additional
purposes for the storage of the same (eg warranty delivery obligations, tax obligations).

5 – Security measures

The Data Controller treats the data of visitors / users in a lawful and correct manner, adopting the appropriate
security measures to prevent unauthorized access, disclosure, modification or unauthorized destruction of data, as well
as illicit use of data. The processing is carried out through IT and / or telematic tools, with organizational methods
and with logic strictly related to the purposes indicated, and the data are stored and stored in secure facilities with
access and personnel verification limits. Access to information is strictly limited to authorized personnel. The
website is constantly monitored to check for security breaches and to ensure that information is secure. In addition to
the Data Controller, in some cases, they may have access to the data categories of persons involved in the organization
of the site (administrative, commercial, marketing, legal, system administrators) or external subjects (as suppliers of
third party technical services, postal couriers, hosting providers, IT companies, communication agencies). It is
important that you take appropriate protection against unauthorized access to your password and your computer. Always
make sure you are disconnected when using a computer shared with other users.

6 – Rights of the User

Pursuant to art. 7 of Legislative Decree 30 June 2003, n. 196
http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/1311248 and of the General Regulations for
the protection of personal data, the User can, according to the procedures and within the limits provided from the
current legislation: oppose in whole or in part, for legitimate reasons, the processing of personal data concerning him
for the purpose of sending advertising or direct sales material or for carrying out market research or commercial
communication; Request confirmation of the existence of personal data concerning him; Know its origin; Receive
intelligible communication; Having information about the logic, methods and purposes of the processing; request the
updating, rectification, integration, cancellation, transformation into anonymous form, blocking of data processed in
violation of the law, including those no longer necessary for the pursuit of the purposes for which they were
collected; in cases of consent-based processing, receive only the cost of any support, its data provided to the holder,
in a structured and readable form by a data processor and in a format commonly used by an electronic device; As well
as, more generally, exercise all the rights that are recognized by the current provisions of the law. Requests should
be addressed to the Data Controller.

7 – Subjects of the treatment

The data controller in accordance with applicable laws is: Fattorie Santo Pietro, located in Loc. Pancole, 53037 San
Gimignano (Siena) Italy, contactable at info@santopietro.it, or at the specified address.

8 – Cookie

This website uses cookies. We use cookies to personalise content and ads, to provide social media features and to
analyse our traffic. We also share information about your use of our site with our social media, advertising and
analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected
from your use of their services. You consent to our cookies if you continue to use our website.

Cookies are small text files that can be used by websites to make a user’s experience more efficient.

The law states that we can store cookies on your device if they are strictly necessary for the operation of this
site. For all other types of cookies we need your permission.

This site uses different types of cookies. Some cookies are placed by third party services that appear on our
pages.

Your consent applies to the following domains: www.santopietro.it

8.1 – Necessary Cookies

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure
areas of the website. The website cannot function properly without these cookies.

Name Provider ExpireDescription PurposeDescription FirstURL
r/collect doubleclick.net Session This cookie is used to send data to Google Analytics on the device and visitor behavior. Track the
visitor on different devices and marketing channels.
https://www.santopietro.it/
_ga santopietro.it 2 years Register a unique ID used to generate statistical data on how the visitor uses the website. https://www.santopietro.it/
_gat santopietro.it 1 day Used by Google Analytics to limit the frequency of requests https://www.santopietro.it/
_gid santopietro.it 1 day Register a unique ID used to generate statistical data on how the visitor uses the website. https://www.santopietro.it/
PHPSESSID santopietro.it Session Preserve user status on the different pages of the site. https://www.santopietro.it/
ASP.NET_SessionId simplebooking.it Session Preserve user status on the different pages of the site. https://www.santopietro.it/