A. Serimm srl Privacy Statement:This section contains the information, the definitions, and the clarifications which are necessary for the collection, use and processing of Personal Data, in compliance with the “Privacy Code”, Legislative Decree n. 196/2003, as updated by the European laws contained in the 679/2016 UE Regulation (herein after “GDPR”), implemented in the internal legislation with the Legislative Decree 101/2018. By browsing on the Chianti Estates website, and/or by using the mobile apps and/or by supplying in any other way the personal information to Chianti Estates (by email, by phone, etc), the User accepts the data collection, use and sharing in compliance with this Privacy Statement. For any clarifications, doubts, questions about the Personal Data use, you can email to: firstname.lastname@example.org
B. Recall of Knight Frank Group Privacy Statement Serimm s.r.l. (hereinafter just “Serimm”) is a commercial partner of Knight Frank Group. Therefore this statement is additional to the one contained on the website https://www.knightfrank.com/legals/privacy-statement, available by clicking here (legal terms and conditions). The User, by giving his consent to his Personal Data processing by Serimm, at the same time gives his consent to the communication of his data to every partner of Knight Frank Group.
C. Definitions “User” means the person who is browsing on the Serimm website and who is supplying his Personal Data. “Personal Data” mean every information or data combination which are expressly provided by the User or indirectly collected through the mobile applications or through other website connections, which are useful to identify the User and/or his preferences. “Data Processing” means any activity of collection, recording, organization, storage, consultation, processing, modification, selection, use, comparison, interconnection, blocking, communication, cancellation and destruction of data. The processing operations can be made with electronical or not electronical modalities. “Data Collection” means the activity of receiving and storing Personal Data. The collection activity is inspired by the principles of: (i) User’s liability about the correctness and truthiness of the information he provided; (ii) Pertinence, that is the usefulness of the Data in relation to the services performed by Chianti Estates; (iii) Transparence, because the collection and the subsequent data processing are made under the control and with the consent of the User. The “Owner of Data Processing” means the company Serimm s.r.l., VAT entry and Italian Fiscal code 02388980464, registered office in Lucca (LU), Via della Fratta 17, 55100. The “Responsible of Data Processing” is the legal representative of the company, Mr. Alessandro Deghè, office in Lucca, via Della Fratta 19, tel. 0583.467450, mail: email@example.com The “Subjects authorized to the processing” mean every employee/cooperator of Serimm. In according with the s.c. principle of “limitation of purposes and minimization of data”, art. 5 comma 1, lett. b) and c) of GDPR, every employee or cooperator processes only those data which are indispensable to perform his tasks, depending on the internal organization and mainly on the purposes indicated and proposed to the User.
D. Data Collection and Processing
D.1. Type of Data collected by Serimm: Serimm collects: (i) The User’s Identifying Data, such as but not limited to: Name, Email address, Postal address, User name and password, Telephone number and/or fax number, Date of Birth, Demographic information, Payment information (such as credit card) and bank account details, communication of Future preferences, Income level, Education level; (ii) The Profiling Data, such as but not limited to: Information on browser and operating system, IP address, visited websites, Clicked links, Marketing ID or similar identifier, Information about machine operating system, Information about how the app is used, Information made available such as blogs, videos, post on internet and contents generated by the User.
D.2. Way of Personal Data collection The Personal Data referred to in the above point D.1. are collected: (i) Because provided directly from the User at the time when he: (a) asks for information by email or by phone; (b) gives his consent requested to proceed with the browsing on the website; (c) downloads the mobile applications or other services of Serimm or Knight Frank; (d) chooses to be a part of offers or programs of Knight Frank Group. The User, with the above instrument of registration, in addition to providing his Personal data, also gives in a simplified way his consent to Data processing. (ii) Because indirectly collected: (a) from public contents; (b) from Applications connected to Serimm website for which the User provided his consent to his Data processing; (c) by access to Serimm or Knight Frank websites realized through a social network or another third parties account; (d) through Cookies (please see below sub point G.)
D.3. Personal Data Collection with social networks or third parties
D.3.1. The access with a social network or with another account of third parties might give Serimm access to information collected by such social network or such third party. The access function might also transfer information to social network or third parties, as the Username or the password to authenticate the User. The social network or the third parties could also automatically collect information such as the IP address, the browser and system information, and the address visited by the User.
D.3.2. The access function might also insert and read third parties cookies, which might contain an unique identifier assigned to the User from the social network or other third parties. The functionality and the use of the login are ruled by the privacy statement and by the terms set by the part who provided the access functionality.
D.3.4. Moreover, the mobile applications connected to Serimm and Knight Frank websites wight collect information on the User’s localization and position, also through services provided from third parties. It’s possible to deactivate at any time the continuous collection of such information by ruling the localization setting on User’s device.
D.3.5. Our websites might allow the login by using a social network or a third party’s account. An example of third party’s access is “Login with Facebook”. Logging into one of our websites with your social network or with other third parties’ account may allow us to collect information that you give permission to access from that social network or third party. The login function may also transfer information to social network or third parties, such as the username and the password to authenticate you. The social network or the third parties may also automatically collect information such as your IP address, information about your browser and device, and the address of the webpages the User is visiting. The login function might also place and read cookies from third parties that may contain a unique identifier which the social network or other third party assigns to the User. The functionality and the use of the login are ruled by the privacy statement and terms of the party that provided the login functionality.
D.3.6. The information that the User sends or publishes as contents generated by users on the social media websites becomes public information. Serimm cannot prevent other subjects from using those information in such a way as to infringe this Privacy Statement, the laws or the personal privacy and security, and expressly rejects whatsoever responsibility at such regard.
E. Personal Data collection and processing
E.1. Purposes The User’s Personal Data are collected by Serimm for the purposes below, which are reported by way of example and not exhaustively: (a) Communication Purposes: answering to User’s questions, enrolling him for the programs and/or events he asked for, sending him information, creating and handling the user Account, processing the requested payments for Serimm or Knight Frank services; allowing the User to share contents on social networks and applications. (b) Promotional, advertising and marketing purpose: Offering to the User products, offers and services which are specifically designed on his profile; sending the User emails, messages or phone calls with information we assume to be of his interest; Personalise the User’s experience on the Knight Frank and Serimm websites. (c) Business development purposes: developing new products, offers and services; Analyzing the use and the development of our products, services and marketing; protecting the users’ account and identifying possible fraudulent transactions.
E.2. Personal Information retention period: Serimm will process the users’ personal Data in accordance with their requests and with their own legitimate interest, and (concerning the purpose referred to the above point E.1.b), according with their permission. The Personal Data processed by Serimm according with the User’s permission will be retained for the time strictly necessary to fulfil the purposes for which the data are originally collected for, and, in any case, they are not going to be processed after the User’s possible revoke of the consent provided. If the Personal Data processing is made in compliance with legal, tax or judicial enforcement, or to find out the liability in case of hypothetical informatics crimes against the website, the Data will be retained until a maximum period of ten (10) years.
E.3 Effects of not given consent to Personal Data Processing: It’s necessary to provide the data when creating the account on the website of Serimm: the data are necessary for the relation with the Owner. The User can decide, at every time, to not give his Personal Data or to revoke the given consent (infra sub I), but in this case he cannot establish or continue the relationship with Serimm. The providing of data for advertising and marketing purposes referred to the above point E.1.b. is optional: the refusal to provide them doesn’t impede the use of Serimm services. However, If the User decides not to give his consent for such purposes, he will not receive the initiatives and the offers, neither those sent to all users nor those designed specifically on him.
F. Personal Data communication and sharing:
F.1. Communication inside Knight Frank Group Serimm will not communicate the collected information to third parties, except for the Knight Frank Group commercial partners, for the only purposes expressed in the Processing Purposes. If the sharing is directed to persons extraneous to the Knight Frank Group, Serimm will ask for the special consent in accordance with privacy laws.
F.2. Personal Data communication to external partners: Serimm might also communicate the User Personal Data to the third parties who perform external services, limited to those information need by the same to perform the requested services (e.g.: IT services provider, hosting provider, etc.). Such third parties are contractually obliged towards Serimm to protect the collected information and not to use them for other purposes than the performance of the committed service. For example, Serimm can engage a third party service provider to: (a) accomplish the assistance requests and answer User’s questions; (b) Host the website; (c) Analyze the data collected, sometimes combined with data collected from other sources; (d) Make researches and analyze data to improve products, services and websites. In any case, the third party will not be authorized to use the Serimm data or the combined data for his own marketing independent purposes. The service provider may however be authorized to send the User combined communication. Should you prefer not to receive such combined communication, it is always possible to refuse them by following the instruction contained in such communications or by contacting the Serimm Privacy Responsible as referred above. In order to obtain a list of Serimm service providers who can have access to User’s personal Data, please send an email to firstname.lastname@example.org
F.3. Communication of Non-personal data: Serimm shares aggregated and/or anonymous information that do not identify the User for Serimm business purposes, as for example the number of visitors of Serimm’s or Knight Frank’s sites or services. The aggregated and/or anonymous information, not giving the possibility to identify the User, can be freely shared with commercial partners also for their own purposes.
F.4. Other situations about personal data communication: Serimm can transfer or otherwise process the User’s Personal Data: (a) As part of the sale of a Serimm or of a Knight Frank brand to another company; (b) When it receives the User’s instructions in order to share information to another entity in charge for it; (c) To protect, defend or exercise the rights and titles of Serimm; (d) When it is required by law and/or by government authorities.
F.5. Personal Data transfer to foreign countries: Serimm, if requested to transfer the Users personal data to foreign countries, will do the transfer: (i) according with applicable laws; (ii) guaranteeing to the User the minimum protection level imposed by GDPR and European laws.
G. Cookies Policy
G.3. Cookies setting and deactivation Most browsers are configured for automatic accepting of cookies. Serimm uses the “Opt-in System”: in lack of contrary instruction, the website browsing implies User’s consent to this cookies policy. However, the User can modify the setting to deactivate this function by blocking any kind of cookie or by accepting only some cookies and by blocking some others. Please find below the links to manage or to deactivate the cookies on every browser: (a) Internet Explorer: https://windows.microsoft.com/it-it/windows7/block-enable-or-allow-cookies (b) Safari: – https://support.apple.com/it-it/HT201265 (c) Chrome: https://support.google.com/chrome/answer/95647?hl=itIT&hlrm=fr&hlrm=en (d) Firefox: https://support.mozilla.org/it-IT/kb/enable-and-disable-cookies-website-preferences Chianti Estates reminds you that the disabling of browsing or functionality cookies might limit the possibility of website browsing and impede the User to benefit from its functionalities.
H. User’s rights Serimm considers fundamental to inform the users about some rights existing in the field of personal data protection and expressly mentioned in the GDPR, as referred herein below.
H.2. Right of information: The User always has the right to be informed of the way his personal data are being processed, for which purposes and on other information referred in art. 13 GDPR.
H.2. Right to revoke the consent: The User has the right to revoke the consent at any time for all those processing the legitimacy of requires his consent. The revocation of consent does not affect the legality of the data previous processing.
H.3. Right of access to Personal Data: The User may request the Responsible of Data Processing: a) the purposes of the processing; b) the categories of personal data; c) the recipients or categories of recipients to whom the personal data were or will be communicated, in particular if they are recipients of third countries or international organizations; d) when it is possible, the period of storage of personal data or, if this is not possible, the elements used to fix this period; e) the existence of a right of the User to request the Processing Owner to rectify or delete the personal data, or to limit the processing of personal data concerning him or to oppose their processing; f) the right to lodge a complaint with a controlling authority; g) if the data were not collected from the User, all available information on their origin; h) the existence of an automated decision-making process, including the profiling and, at least in such cases, significant information on the logic used, and the importance and expected consequences of such treatment for the User. The User also has the right to request a copy of the personal data processed.
H.4. Right of rectification The User has the right to ask for the rectification of incorrect personal data that concern him and to obtain the integration of incomplete data.
H.5. Right of oblivion The User has the right to obtain from the Owner the deletion of personal data concerning him: if the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; if he revokes the consent; if there is no legitimate prevailing reason to proceed with the profiling processing; if the data were unlawfully processed; if there is a legal obligation to delete them; if the data relate to web services provided to persons not of age without the consent of the parents or in any case of persons having the legal parental authority. The deletion can be made, unless the right to freedom of expression and information prevails, unless the data are kept to perform a legal obligation, or for the execution of a task carried out in the public interest or in the exercise of public powers, for reasons of public interest in the health sector, to file them in the public interest, for scientific or historical research or for statistical purposes or for ascertaining, exercising or defending a right in Court.
H.6. Right to limit the data processing The User has the right to obtain from the Owner the limitation of the data processing when he claimed the inaccuracy of the Personal Data (for the period necessary for the Owner to verify the accuracy of such personal data) or if the data processing is illegal; the User can instead request to limit the use of Personal Data if these are necessary for the ascertainment, exercise or defense of a right in court, while such data are no longer necessary for the Owner.
H.7. Right of portability The User has the right to receive in a structured format of common use and readable from automatic devices, the Data concerning him which were provided to the Owner, and he has the right to transmit them to another entity, unless this is contrary to a public interest or such transmission might violate third parties rights.
H.8. Right of opposition: The User has at any time the right to oppose, entirely or partially, against the processing of his Personal data when such processing is done for direct marketing purposes.
H.9. Right to contact the Privacy Guarantor for personal data protection: Except for any other administrative or judicial appeal, if the User believes that the data processing related to him is violating the Regulation on Personal data protection, he has the right to file a complaint to a controlling authority, namely in the member Country where he lives, works or in the place where the presumed violation occurred.
I. Way of exercising rights and revoke of consent: The requests of updating, rectifying, deleting, or anyway related to data processing or storing, must be addressed to the Owner of data processing to our registered office in Lucca (LU), via Della Fratta 19, 55100, or by email to the address email@example.com, by specifying in the object “Persona Data Deletion”. The letter must contain the identification data of the requesting party, the written request of deletion/updating/rectification, the email address used for the login, the password for the access to personal area (if available), the address and telephone number for the contact. Moreover, by deleting the account from our website, all the information relating with it will be deleted, and all the data about the use of the account will become anonymous. The account deletion will not delete the data that User independently shared with Serimm.
M. Present Privacy statement update: Serimm will take care to make the changes to this document that will be needed by new laws and for the transformation of safety standards. Should this statement be substantially changed, the User will be specifically informed thereof by an email sent to the address he provided, or by publishing on this website the notices about the changes made. Serimm untertakes to guarantee the security and the protection of data supplied by the Users, which will be stored and managed with security measures always updated. For any further information about privacy, please do not hesitate to contact us any time, sending an email to firstname.lastname@example.org