To offer you the best service possible, Schär uses Cookie policy. By using our services, you agree to the use of cookies.
Europe’s favourite in gluten-free - gluten-free products - Schär

Informative statement on the processing of your personal data

PRIVACY POLICY – DR SCHÄR SPA

Dear User,

DR. SCHÄR SPA, acting as Data Controller (hereinafter simply referred to as the "Data Controller"), pursuant to Leg. Decree no. 196/2003 as amended – Personal Data Protection Code (hereinafter simply referred to as the "Privacy Code") – considers the privacy and protection of personal data one of the main goals of its business. We therefore ask that before you provide any personal data to the Data Controller, you carefully read this Privacy Policy, because it contains important information about your privacy, the protection of your personal data and the security measures taken to ensure your confidentiality, in compliance with the applicable laws.

Furthermore, this Privacy Policy:

  • is understood as referring to this website and all other websites that sell Dr. Schär’s products and services (hereinafter simply referred to as the "Website") and are managed by the Data Controller;
  • forms an integral part of the Website and the services we offer;
  • also qualifies as the Privacy Policy information notice given, as required under art. 13 of the Privacy Code, to users who interact with this Website;
  • complies with Recommendation No. 2/2001 on certain minimum requirements for collecting personal data on-line in the European Union, adopted on May 17, 2001 by the Work Group "Article 29".


***
The Data Controller wishes to inform you that your personal data will be collected based on principles of fairness, lawfulness and transparency, and so as to ensure the protection of your privacy and your rights. Your personal data will be processed in accordance with the provisions of the Privacy Code and the confidentiality obligations established therein.


CONTENTS
The Table of Contents of this Privacy Policy below will help you find the information about your personal data processing that are of interest for you.

1. DATA CONTROLLER AND DATA PROCESSORS
2. PERSONAL DATA PROCESSED
2.1 Website browsing data
2.2 Data provided voluntarily by users
2.3 Cookies
3. PURPOSE OF DATA PROCESSING AND COMPULSORY OR OPTIONAL NATURE OF DATA PROVISION
4. METHOD OF PROCESSING, SECURITY AND PLACE OF DATA PROCESSING
5. COMMUNICATION AND DISSEMINATION
6. YOUR RIGHTS
7. AMENDMENTS
8. CONTACT INFO


1. DATA CONTROLLER AND DATA PROCESSORS

As a result of users browsing the Website and using its services, personal data may be processed that concern identified or identifiable individuals.
The Data Controller and Website administrator details are provided below:
DR. SCHÄR SPA, with registered office in Winkelau 9, Postal (BZ), Italy, VAT Reg. No. IT00605750215, e-mail: privacy@schaer.com. In compliance with art. 13.1(f) of the Privacy Code, the Data Controller specifies that one of the Data Processors for your personal data is Mr. Hanschristian Berger.
Your personal data may be disclosed to employees or external collaborators of the Data Controller who are administrative, sales, legal or accounting employees or IT administrators, depending on how your data is processed and who, working under the Data Controller’s direct authority, are designated as Data Processors or persons in charge of the processing, pursuant to arts. 29 and 30 of the Privacy Code and who are suitably instructed on how to perform the tasks involved.

2. PERSONAL DATA PROCESSED

2.1 Website browsing data

The computer systems and software procedures used to operate this Website will collect some personal data whose transmission is implicit when you use Internet communication protocols. This information is not collected to be associated with identified data subjects, but by their very nature they could allow us, through their processing and association with data held by third parties, to personally identify users. This category of data includes IP addresses or domain names of computers used by persons who log onto the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file received in reply, the number code indicating the status of the reply given by the server (successful, error, etc.) and other parameters that refer to the user's operating system and computer environment. This data is used for the purpose of obtaining anonymous statistical information on the Website usage and to make sure it is functioning, to allow – given the system architecture used – the proper provision of the services, for security reasons and to ascertain responsibility in case of hypothetical computer crimes against the Website or third parties. The data are usually deleted after seven days.

2.2 Data provided voluntarily by users

The Website grants users the opportunity to voluntarily provide personal data, for example by filling in a contact form, by requesting services or information, by freely choosing to explicitly and voluntary send e-mails to the addresses indicated on the Website, etc.

2.3 Cookies

- Definitions, characteristics and application of the legislation

Cookies are small text files that websites visited by the user will send and record on your computer or mobile device, to be then retransmitted to the same websites the next time you visit them. Thanks to cookies, websites recall the user’s actions and preferences (such as your login, your preferred language, the font size, other display settings, etc.) so that users do not have to specify them a second time when they visit the website again or browse through its pages. Cookies are used for computer authentication, session monitoring and to store information about users who log on to a website, and may also contain a unique identification code that enables them to track user navigation within the website for statistical purposes or advertising. When browsing a website, users may also receive cookies or servers of other websites on their computer or mobile device (so-called "third-party" cookies). Some operations cannot be accomplished without the use of cookies, that in some cases are technically required in order to ensure website operation.
There are several types of cookies, depending on their characteristics and functions, and these may remain on your computer or mobile device for different time periods: so-called session cookies, which are automatically deleted when you close your browser; so-called persistent cookies, which remain on the user's computer/device for a set time.
According to the laws in force in Italy, it is not always mandatory to obtain the user’s consent to use certain cookies. More specifically, such consent is not required for "technical cookies", i.e. those used for the sole purpose of sending a communication over an electronic communications network, or as strictly necessary in order to provide a service explicitly requested by the user. In other words, these cookies are indispensable to provide access to the website or are required to perform tasks requested by the user.
The Italian Authority for the protection of personal data has established (cf. General Provision "Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014") that technical cookies (i.e. those that do not require the user’s consent) include:

  • "cookie analytics", when used directly by the website operator to collect information in aggregate form on the number of users and on how they visit the website;
  • navigation or session cookies (for user authentication);
  • functionality cookies, which allow users to browse the website based on the selected criteria (e.g. language, products selected for purchase) in order to improve the service provided to them.

"Profiling cookies", vice versa, i.e. those used to create user profiles and to send advertising messages in line with the preferences expressed by users when browsing the web, require the user’s prior consent.

- Types of cookies used by the Website and option to (de-)select them

The Website uses the following cookies, offering users the option to (de-)select them, except for third-party cookies (for which the user must refer directly to the relevant selection and de-selection modalities of the respective cookies, see the links here below):

  • Technical navigation or session cookies, that are strictly necessary to provide access to the Website or to allow users to make use of the contents and services they request.
  • Technical cookie analytics, that help the Data Controller understand how users browse the website. These cookies are not used to collect information about the user's identity, nor any personal data. The information is processed in aggregate and anonymous form.
  • Technical functionality cookies, that are used to provide specific website features and a series of selected criteria (e.g. language, products selected for purchase) in order to improve the service provided by the website.
  • IMPORTANT: if you disable technical and/or functional cookies, the Website may be inaccessible or certain services or functions may be unavailable or not function properly and you may be forced to change or to manually enter some information or preferences each time you visit the Website.
  • Third-party cookies, i.e. cookies from websites or servers other than the Data Controller ones, used by such third parties for their own purposes, which also include profiling cookies. Please note that these third parties, listed below with the individual links to their privacy policies, are independent data controllers of the data collected through the cookies they use. Therefore, the user should refer to their policies for information about how they process personal data, their privacy policy information notices and consent forms (selection and de-selection of the respective cookies), the links of which are provided below (as specified in the General Provision "Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014"): 

http://www.google.com/intl/it/policies/privacy/  

More specifically, the cookies used by the Website are specified here.

- How to view and change cookie settings on your browser

Users can choose which cookies they want to enable through the specific procedure described below, as well as allow, block or delete (in whole or in part) the use of cookies through the specific functions of their browser. However, in the event that all or some of the cookies are disabled, the Website may be inaccessible or certain services or functions may be unavailable or may not work properly, and/or you may be required to modify or to manually enter some information or preferences each time you visit the Website.
For more information about how to set cookie preferences on your web browser, see the relevant instructions:

With specific reference to the “Google Analytics” cookie, you can install a specific add-on to disable them, downloading it at the following link: https://tools.google.com/dlpage/gaoptout.

2.4 Data concerning minors
If the Website should process personal data of minors, consent will be required from the person having parental authority (legal guardian).


3. PURPOSE OF DATA PROCESSING AND COMPULSORY OR OPTIONAL NATURE OF PROVISION OF DATA BY USERS

The personal data you provide through the Website will be processed by the Data Controller for the following purposes:

a) purposes related to the provision of services requested by users: registration to the Schär Club.

The provision of your personal data for the purpose listed under (a) above is optional, but failure to do so could make it impossible for us to provide the services requested.
In accordance with art. 24(1)(b) of the Privacy Code, we will not ask your consent to the processing of personal data for such purposes, as such data is necessary for us to fulfil our obligations under the agreement you signed with us and/or to comply with certain specific requests of the data subject prior to the agreement’s date of expiry.

b) research/statistical analysis on aggregate or anonymous data, therefore without the possibility of identifying the user, aimed at measuring the effectiveness of any web marketing campaigns we may have conducted, measure traffic and evaluate usability and interest.

The processing of aggregate and anonymous data does not require application of the Privacy Code.

c) purposes that relate to the fulfilment of obligations under the law, regulations or European legislation.

The provision of your personal data for the purpose listed under (c) above is compulsory and failure to do so would not allow the Data Controller to satisfy its obligations under the law, regulations or European legislation.
Please bear in mind that, in accordance with art. 24(1)(a) of the Privacy Code, we are not required to obtain your consent to the processing of your personal data for such purposes.

d) advertising messages.

In accordance with the decision of the Italian Authority for the protection of personal data "Guidelines regarding promotional activity and contrast to spam – July 4, 2013 [2542348]", if you decide to grant your consent to the reception of information about the Data Controller’s promotional activities, including market research, we inform you that we may conduct such activities, as required by current regulations, by letter, call center contacts (so-called "traditional methods"), e-mail, text messages, push notifications and through social networks (so-called "automatic methods"). We also inform you that you may at any time decide to withdraw your consent previously granted for traditional or automatic methods by notifying the Data Controller informally, i.e. by sending an e-mail to: privacy@schaer.com.
The provision of your personal data for the purpose listed under (d) above is optional and requires your previous consent. Lacking such consent, you will be able to use the service requested, but the Data Controller will not be able to send you advertising messages. Once you have granted consent, you can revoke it at any time for all these communication methods or only for one or some of them.

e) profiling purposes (e.g. creation, with the aid of electronic tools, of user profiles based on their preferences, habits and consumption choices).

Such profiling activities may be carried out by means of cookies or other online profiling technologies, e.g. trackers, (please see section 2.3), and/or by cross-linking personal data collected in connection with the provision of services and the relevant use of multiple features chosen from among those made available to the user, as provided by the Guidelines on the processing of personal data for online profiling - March 19, 2015.
The provision of your personal data for the purpose listed under (e) above is optional and requires your prior and specific consent, which you may grant also through the simplified procedures provided for in the aforementioned General Provision “Identification of simplified procedures for information to users and the acquisition of consent for the use of cookies – May 8, 2014” and the “Guidelines regarding the processing of personal data for online profiling” (bypassing the initial banner when logging on to the website). In the absence of such consent, you may benefit of the service requested, but the Data Controller will not be able to profile you and send you communications in line with your preferences.  We also inform you that you may at any time decide to withdraw the consent you previously granted for user profiling, carried out by the Data Controller by information cross-linking or other profiling technologies, by notifying the Data Controller informally by sending an e-mail to: privacy@schaer.com.

4. METHOD OF DATA PROCESSING, SECURITY AND PLACE OF DATA PROCESSING

Your personal data is processed by the Data Controller – or by third parties carefully selected for their reliability and competence, as well as regularly designated as Data Processors – only to the purpose of achieving the purposes specified above, mainly using automated tools, but also in paper format, for the time strictly necessary to achieve the purposes for which the data was collected.
Specific security measures are enforced to prevent data loss, their illicit or incorrect use and unauthorised access, in full compliance with the provisions of arts. 31 ff. of the Privacy Code and the Technical Specifications – Annex B to the Privacy Code – concerning minimum security measures.
The personal data provided by users in relation to the web services offered by this Website is processed at the Data Controller’s registered office specified above. The Controller's data centres are located in Italy. The Data Controller also relies on the technological services of ecx international AG to process personal data for the purposes described above, which means that the data will also be stored at their offices.

5. COMMUNICATION AND DISSEMINATION

Your personal data may be communicated to external subjects whose assistance is necessary and functional to the provision of the Website services.
Your ordinary personal data may be transferred to third parties such as: 1. individuals, companies or professional firms that provide assistance and advice to the Data Controller, aptly designated as Data Processors; 2. entities, bodies or authorities to whom the communication of personal data is compulsory under the law or by order of the competent authorities; 3. subjects that are delegated by the Data Controller and/or to whom the Data Controller has assigned the task of carrying out activities strictly related to the purposes mentioned above (including technical systems maintenance), aptly designated as Data Processors; 4. business partners, identified by category, who process the data for direct marketing purposes as independent data controllers, but only if the user has granted specific consent for them to do so.
The Data Controller will not process data if such processing involves their dissemination, unless it has first obtained the user’s specific consent.

6. YOUR RIGHTS

Data subjects are entitled at any time to obtain confirmation of the existence of their personal data in the Data Controller’s records, and to know their content and origin, the data processing methods and purposes, as well as the logic applied to data processed with the aid of electronic instruments. In addition, data subjects have the right to verify the accuracy or request the integration, updating, or rectification of their personal data (art. 7 of the Privacy Code).
Pursuant to the same article, data subjects are entitled to request the cancellation, transformation into anonymous form or blocking of their data processed in violation of the law, and in any case to object to their processing (provided they have legitimate reasons to do so).
Such requests should be sent by e-mail to: privacy@schaer.com.

7.  AMENDMENTS

The Data Controller may modify or simply update this Privacy Policy, partly or completely, even following variations of the laws and regulations that govern such policies and protect the rights of data subjects. These variations and updates of the Privacy Policy will be communicated to Website users on the home page as soon as they are introduced and will be binding once published on the Website. Please visit this section regularly to be informed of the most recent and updated version of this Privacy Policy, so that you always know which personal data we collect and how we use them.

8. CONTACT INFO

If you wish to receive any information about personal data processed by the Data Controller, you may contact our Company (i.e. the Data Controller) by letter, fax or e-mail to the address: privacy@schaer.com

NOTICE OF RISK 
in accordance with the Privacy Guarantee of 23 January 2012. 
Dr. Schär s.p.a, in its capacity as owner of the websites www.schaer.com and all other companies websites is required to notify site users that: 
- they must be aware that by providing personal data (including email addresses) a user's identity can be detected, whether directly or indirectly; 
- they must consider whether or not to publish photos or videos in which people or places can be identified or made identifiable; 
- they must pay particular attention to the possibility that they could reveal the identity of third parties, directly or indirectly, such as people linked to the author of a post who has or has had the same condition, human experience or medical treatment; 
- anything written in these forums/online communities can be made accessible and found using general search engines (such as Google, Yahoo). 
To clarify, any data included in these forum/online communities can only be viewed by other registered users of the sites.