Who is the Data Controller?
The Data Controller is SOFITO S.r.l. (VAT no.11177490015), with registered office in Turin (Italy), Via XX Settembre 31.
The updated list of Data Processors is available at the above address. For any clarification, question or requirement related to your privacy or the processing of your personal data, you can email us at: privacy@snodo.com

Who will process your data?
Your personal data will be processed by SOFITO’s duly trained and specifically authorised personnel.. In addition, your data may be processed by SOFITO’s suppliers solely for organisational and functional requirements pertaining to services requested by you, as well as, subject to your explicit consent, by third-party companies for marketing purposes (see paragraph “With whom we may share your data”).

What personal data do we collect?
Personal data is any information that identifies a User/Customer.

When you access the snodo.com website or the App and when using their functions, the categories of information we will  collect are the following:
1. Browsing data, such as the website from which the page was called up (so-called “referral”), the IP address, the date and time of the request or access, the request from the visitor’s browser or other client and the operating system used;
2. Real-time geographic position data of your device via IP address, Bluetooth, crowd-sourced wi-fi hotspots, GPS and repeater location, if you use location-based features by activating geolocation services on your (this can be deactivated at any time by changing your geolocation settings);
3. Communications exchanged with us or addressed to us by email;
4. Through the “Reserve your table” form we collect: your name and surname, telephone number, email address, the content of communications exchanged with us and the relevant sensitive data communicated (e.g. any food intolerances).

Payment data will be collected through the App’s booking/ordering system.

Purpose of the processing
The personal data disclosed by you and collected through the snodo.com website or the App will be recorded on electronic databases owned by the Data Controller or on paper, and are necessary to:

– the processing of your requests (in the cases referred to in sections 3 and 4 above);
– gather statistical information on the use of the website/app to identify the pages preferred by Users and thus provide appropriate content and monitor functioning;
– meet contractual obligations;
– comply with legal obligations, EU regulations and standards.

Finally, at the request of the Judicial Authority, the data may be used to ascertain liability, should any alleged cyber crimes be committed against SOFITO S.r.l. or its Users/Customers.

In the cases referred to in sections 3 and 4 above, you are free to decide whether to share with us your personal data but, if you do not, we might be unable to process or carry out your request.

Legal basis for the processing
The legal basis for the processing of the personal data referred to in this notice is, as the case may be:

– the consent of the person concerned (i.e. the Data Subject);
– the contractual relationship;
– legal requirements.

How we process and keep your data secure
Your personal data will be processed by the Data Controller in accordance with the principles of correctness, lawfulness and transparency and with the methods and procedures necessary to provide the services requested and fulfil legal and contractual obligations. The data collected will be recorded on electronic databases owned by the Data Controller or on paper. Consequently, the processing can be automated or carried out manually – in compliance with the provisions of art. 32 GDPR 2016/679 on security measures – by persons specifically appointed by SOFITO S.r.l. as per art. 29 GDPR 2016/679.

To protect the data acquired, the Data Controller adopts appropriate technical and organisational measures for the purpose of the processing (so-called privacy by design and privacy by default). Strict security procedures are followed in the storage and disclosure of personal data, to protect them against accidental loss, destruction or damage. The data you have disclosed to us are protected by SSL (Secure Socket Layer) technology, or other comparable technology, which is the standard method to encrypt personal data and credit card numbers to transfer them securely over the Internet.

All payment data are transmitted via SSL throughout the dedicated network and stored in compliance with the Payment Card Industry Data Security Standards (PCI DSS).
As the Data Controller, we will duly report any data breach to the supervisory authority and, should such breach affect your rights and freedoms, within 72 hours of becoming aware of it. In such case, we will promptly send you a communication containing indications of the breach.
Finally, we may disclose your personal data to third parties for the sole purposes set out in the preceding paragraph (“Purpose of the processing”). We require all third parties to take appropriate technical and operational security measures to protect your personal data, in compliance with Italian and EU legislation on data protection standards.

How do we store your personal data and how long for?
Your personal data will be recorded and stored on protected electronic media and processed with appropriate security measures, including associating and integrating them with other databases.  In accordance with the principles of lawfulness, purpose limitation and data minimisation, your personal data will be stored for the period of time strictly necessary to achieve the purposes for which they were collected. If the legal requirements are met, you may request the deletion of your data by sending an e-mail or a registered letter addressed to the Data Controller’s registered office (SOFITO S.r.l.)

For marketing purposes (see relevant section), we will keep your data for up to 24 months, in accordance with applicable law.

Who we may share your personal data with
Without your explicit consent, the data collected will not be disseminated nor will they be communicated, except for the necessary communications to third-party companies performing on behalf of the Controller tasks of a technical or organisational nature that are instrumental to the provision of the services requested or for marketing purposes and to comply with legal obligations.

This website uses cookies to enable us to improve our service and offer you certain features.
his may include cookies from media and advertising partners which will be stored on your computer or other device each time you visit our website or use our app. In this regard, please consult the relevant policy before granting permission.

Your rights
Pursuant to Articles 15-22 of Regulation (EU) 2016/679, at any time you may:

1. request confirmation of the existence of your personal data;
2. request information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the period of retention;
3. have your data rectified and erased;
4. obtain restriction of processing;
5. obtain data portability, i.e. receive your data, in a structured, commonly used and machine-readable format, and convey them to another Data Controller with no hindrance;
6. object to the processing of your data, provided that certain requirements are met;
7. request from the Data Controller access to your personal data, their rectification or erasure or the restriction of their processing;
8. withdraw your consent at any time, without affecting the lawfulness of the processing based on the consent previously granted;
9. You may exercise your rights by sending a written request to the Data Controller (SOFITO S.r.l.) at the postal address of the registered office by registered letter with acknowledgement of receipt or by sending an e-mail to privacy@snodo.com

Subsequent changes
Our privacy policy may be amended at any time and any changes will be communicated on our website/app