Privacy Policy

This website collects certain Personal Data from its Users.

Data Controller

Ristorante Novecento

Data Controller's email address:
novecento.ravizza@gmail.com

Types of Data Collected

Among the Personal Data collected by this website, either independently or through third parties, are:

  • Cookies
  • Usage Data
  • Email address

Complete details on each type of Personal Data collected are provided in the dedicated sections of this privacy policy or through specific notices displayed before the data is collected.

Personal Data may be freely provided by the User or, in the case of Usage Data, collected automatically when using this website.

Unless otherwise specified, all Data requested by this website is mandatory. If the User refuses to provide it, this website may be unable to provide the Service. Where this website specifically states that certain Data is optional, Users are free not to provide such Data without affecting the availability or operation of the Service.

Users who are uncertain about which Personal Data is mandatory are encouraged to contact the Data Controller.

Any use of Cookies or other tracking tools by this website or by the owners of third-party services used by this website, unless otherwise specified, is intended to provide the Service requested by the User, in addition to the other purposes described in this document and in the Cookie Policy, where available.

The User assumes responsibility for any third-party Personal Data obtained, published, or shared through this website and confirms that they have the right to communicate or distribute such Data, releasing the Data Controller from any liability toward third parties.


Methods and Place of Processing the Collected Data

Methods of Processing

The Data Controller adopts appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of Personal Data.

Data processing is carried out using IT and/or telematic tools, following organizational procedures and methods strictly related to the stated purposes.

In addition to the Data Controller, in some cases, the Data may be accessible to certain persons involved in the operation of this website (administration, sales, marketing, legal staff, system administrators) or external parties (such as third-party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) appointed, if necessary, as Data Processors by the Data Controller.

The updated list of Data Processors may be requested at any time from the Data Controller.

Legal Basis for Processing

The Data Controller processes Personal Data relating to the User if one of the following conditions applies:

  • The User has given consent for one or more specific purposes.
  • Processing is necessary for the performance of a contract with the User and/or for pre-contractual measures.
  • Processing is necessary for compliance with a legal obligation to which the Data Controller is subject.
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Data Controller.
  • Processing is necessary for the purposes of the legitimate interests pursued by the Data Controller or by a third party.

In any case, the User may request clarification from the Data Controller regarding the specific legal basis applicable to each processing activity.

Place

The Data is processed at the Data Controller's operating offices and in any other locations where the parties involved in the processing are located.

Depending on the User's location, data transfers may involve transferring Personal Data to a country other than the User's own. Users may contact the Data Controller for further information regarding the place of processing.

Users are also entitled to obtain information regarding:

  • The legal basis for transfers of Data outside the European Union;
  • Transfers to international organizations governed by public international law;
  • Security measures adopted by the Data Controller to safeguard the Data.

Retention Period

Personal Data is processed and stored for as long as required by the purposes for which it was collected.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User shall be retained until such contract has been fully performed.
  • Personal Data collected for the legitimate interests of the Data Controller shall be retained as long as necessary to fulfill those interests.
  • Where processing is based on the User's consent, Personal Data may be retained until such consent is withdrawn.
  • The Data Controller may also be required to retain Personal Data for a longer period where required by law or by order of an authority.

Once the retention period expires, Personal Data will be deleted. Consequently, the rights of access, deletion, rectification, and data portability cannot be exercised after that time.


Purposes of Processing the Collected Data

User Data is collected to enable the Data Controller to:

  • Provide the Service;
  • Comply with legal obligations;
  • Respond to requests or enforcement actions;
  • Protect its own rights and interests (or those of Users or third parties);
  • Detect malicious or fraudulent activity;

as well as for the following purposes:

  • Analytics
  • Tag Management
  • Platform and Hosting Services
  • Contacting the User

For detailed information regarding the purposes of processing and the Personal Data used for each purpose, Users may refer to the section “Detailed Information on the Processing of Personal Data”.


Detailed Information on the Processing of Personal Data

Contacting the User

Contact Management and Message Sending

These services allow the management of a database of email contacts, telephone contacts, or any other type of contact used to communicate with the User.

These services may also collect data concerning the date and time messages are viewed by the User, as well as information regarding interactions with such messages, such as clicks on links included within them.

Platform and Hosting Services

These services are intended to host and run key components of this website, enabling it to be provided from a single platform.

Such platforms provide the Data Controller with a wide range of tools, including analytics, user registration management, database management, e-commerce functions, payment processing, and more.

The use of these tools involves the collection and processing of Personal Data.

WordPress.com (Automattic Inc.)

WordPress.com is a platform provided by Automattic Inc. that allows the Data Controller to develop, operate, and host this website.

Personal Data processed: various types of Data as specified in the service's privacy policy.

Place of processing: United States.

Analytics

Analytics services enable the Data Controller to monitor and analyze traffic data and track User behavior.

Google Analytics (Google Ireland Limited)

Google Analytics is a web analytics service provided by Google Ireland Limited ("Google").

Google uses the collected Personal Data to track and examine the use of this website, compile reports, and share them with other Google services.

Google may use Personal Data to contextualize and personalize advertisements within its advertising network.

Personal Data processed:

  • Cookies
  • Usage Data

Place of processing: Ireland.


User Rights

Users may exercise certain rights regarding their Data processed by the Data Controller.

In particular, Users have the right to:

  • Withdraw consent at any time.
  • Object to the processing of their Data.
  • Access their Data.
  • Verify and request rectification of their Data.
  • Restrict processing.
  • Request erasure of Personal Data.
  • Receive their Data and have it transferred to another controller.
  • Lodge a complaint with a supervisory authority.

Details About the Right to Object

Where Personal Data is processed for a public interest, the exercise of official authority, or legitimate interests pursued by the Data Controller, Users may object to such processing by providing grounds relating to their particular situation.

Where Personal Data is processed for direct marketing purposes, Users may object at any time without providing any justification.

How to Exercise Rights

Requests to exercise User rights may be directed to the Data Controller using the contact details provided in this document.

Requests are free of charge and will be handled by the Data Controller as quickly as possible and, in any event, within one month.


Additional Information About Data Processing

Legal Defense

The User's Personal Data may be used by the Data Controller in legal proceedings or in the stages leading to possible legal action arising from improper use of this website or related Services.

The User acknowledges that the Data Controller may be required to disclose Personal Data upon request of public authorities.

Additional Information

Upon request, this website may provide Users with additional and contextual information concerning particular Services or the collection and processing of Personal Data.

System Logs and Maintenance

For operation and maintenance purposes, this website and any third-party services may collect system logs that record interactions and may contain Personal Data such as the User's IP address.

Information Not Contained in This Policy

Further information regarding the processing of Personal Data may be requested at any time from the Data Controller.

Do Not Track Requests

This website does not support "Do Not Track" requests.

Users are advised to consult the privacy policies of any third-party services used to determine whether they honor such requests.

Changes to This Privacy Policy

The Data Controller reserves the right to modify this Privacy Policy at any time by notifying Users on this page and, where technically and legally feasible, by sending a notice through any contact information available.

Users are strongly advised to check this page regularly.

Where changes affect processing activities based on User consent, the Data Controller will collect new consent where required.


Legal References

This Privacy Policy has been prepared in accordance with various legislative provisions, including Articles 13 and 14 of Regulation (EU) 2016/679 (General Data Protection Regulation - GDPR).

Unless otherwise specified, this Privacy Policy applies exclusively to this website.

Ristorante Novecento - PATOSH SRL | 09384000155 | Via Carlo Ravizza, 13 Milano
Phone: 0248007166 - 0248007030 | Email: novecento.ravizza@gmail.com |  Privacy Policy | Cookie Policy | Credits by Futuraweb srl