Privacy Policy


Mondodelvino S.p.A., via Seganti 73/F – 47121 Forlì (FC), VAT Number and Tax Code 02381900402, as holding company, together with the company of the group, following a network contract they entered into a contract as co-owners of the treatment, pursuant to the EU Regulation 2016/679 (hereinafter “Regulation”). Mondodelvino SpA and the the companies of the group listed in point 5C (hereinafter “Controller”), considers the privacy and protection of Personal Data the main objective of its business. We therefore invite you, before communicating any personal data to the Controller, to read this Information carefully: it contains important information on the processing of your Personal Data. ‘Personal Data’ means any information relating to an identified or identifiable natural person («data subject»); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

This Information:

  • is provided for the Mondodelvino, Shop Mondodelvino and Carriere Mondodelvino websites and for the websites of the companies of the group listed in the paragraph 5.c, (hereinafter: “Website” or “Websites”);
  • and is an integral part of the Website and the services we offer;
  • is provided pursuant to article 13 of the Regulation, to those who interact with the web services of the Website and the Controller, either by simple consultation or through the use of specific services made available through the Website

The Controller can be contacted at

If necessary, you will be asked to give your free and informed consent to the processing of your Personal Data. The information and data provided by you, or otherwise acquired, as part of the use of the Controller’s services, – for instance during participation in events – hereinafter “Services” -, will be processed in compliance with the provisions of the Regulation and the confidentiality obligations that inspire the Controller’s business.

According to the provisions of the Regulation, the processing performed by the Controller will be based on the principles of lawfulness, fairness, transparency, purpose limitation and retention, data minimisation, accuracy, integrity and confidentiality.



  1. Data Controller
  2. Personal Data subject to processing
    • Browsing data
    • Data provided voluntarily by the data subject
  3. Purposes of processing
  4. Legal basis and obligatory or optional nature of processing
  5. Recipients of Personal Data
  6. Retention of Personal Data
  7. Rights of the data subject
  8. Amendments
  9. Cookies


  1. Data Controller

Mondodelvino Spa, Via Seganti 73/F – 47121 Forlì (FC), VAT Number and Tax Code 02381900402, is the Controller of the processing performed through the Website and can be contacted at

  1. Personal Data subject to processing

We inform you that the Controller will process your Personal Data, as you browse the Website, which may consist of an identifier such as a name, an identification number, an online identifier or one or more elements specifying your physical, economic, cultural or social identity, suitable to identify the data subject or to make him/her identifiable.

Other Personal Data provided on a voluntary basis in the information request forms may be subject to processing (for instance to obtain information on events or activities promoted by the Controller). Sensitive data pursuant to article 9.1 of the EU Regulation 2016/679 will not be processed unless prior express consent has been given by the data subject.

  • Browsing data

During their normal operation, the computer systems and software procedures used to operate the Website acquire some Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected in order to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users connecting to the Website, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters relating to the operating system and computer environment. The data are used for the sole purpose of obtaining anonymous statistical information about the use of the Website to check that it is functioning correctly, to identify any anomalies and/or abuse, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of potential computer crimes against the server.

  • Data provided voluntarily by the data subject

We may process personal and/or contact data such as first name, surname, email and telephone number. Data relating to degrees of training and education contained in the curricula. Data relating to payments and other banking information, for example contained in payment receipts of registration fees to events. If you provide to the Controller personal data of third parties, you guarantee – and assume all related liability – that this particular hypothesis of processing is based on an appropriate legal basis pursuant to article 6 of the Regulation, which legitimizes the communication to the Controller and the related processing of the information in question.

  1. Purposes of processing

The processing of data that we intend to perform may have the following purposes:

  1. Allow the provision of the Services requested by you such as:
  • registration on the website;
  • subscription to the email newsletter;
  • sharing of content from the website;
  • general request for information;
  • registration for events and initiatives organized by the Controller;
  • collection and analysis of curricula vitae for collaboration purposes;
  1. responding to requests for assistance or information;
  2. fulfilling any legal, accounting and tax obligations;
  3. sale of products or coupons relating to products;
  4. enforce or defend a right in court, in the event of abuses in using the Website and/or our Services.


  1. Legal basis and obligatory or optional nature of processing

The legal basis of the processing of Personal Data for the purposes referred to in section 3 (a-b) is article 6.1.b) of the Regulation as the processing is necessary for the provision of Services or in order to respond to requests from the data subject. The provision of Personal Data for these purposes is optional, but failure to provide such data would make it impossible to activate the Services provided by the Website.

For the processing falling within the statutory purposes of the Controller, included among those referred to in letter 3(a), data of members or subjects in regular contact with the Controller may be processed. If you have purchased services or goods from the Controller, your data may be processed for the purpose of direct mailing of advertising material in relation to products or services of the Controller similar to those you purchased, without your consent (so-called “soft spam”). The processing of your data for these purposes constitutes the legitimate interest pursuant to article 6.1.f) of the Regulation and pursuant to article 130 paragraph 4 of the Legislative Decree 196/2003. In any case, pursuant to article 21 of the Regulation, you have the right to object such processing at any time, at the time of the first communication or subsequently, in a simple manner and free of charge, by contacting the Controller at the address indicated above, and to obtain an immediate confirmation that confirms the interruption of such treatment (article 15 of the Regulation).

The purpose referred to in section 3(c) constitutes processing of Personal Data carried out pursuant to article 6.1.c) of the Regulation, in order to comply with a legal obligation. Once the Personal Data are provided, the processing is necessary to fulfill a legal obligation to which the Controller is subject. The processing for the purposes referred to in section 3(d) will be carried out pursuant to article 6.1.f) of the Regulation.

  1. Recipients of Personal Data

Your Personal Data may be transferred, for the purposes referred to in section 3 above, to:

  • subjects that typically act as processors pursuant to article 28 of the Regulation, that is: i) persons, companies or professional firms that provide assistance and consultancy to the Controller in accounting, administrative, legal, tax, financial and debt collection matters related to the provision of Services; ii) subjects with which it is necessary to interact for the provision of Services (for instance hosting providers); iii) or subjects delegated to carry out technical maintenance activities (including maintenance of network equipment and electronic communication networks); (collectively “Recipients”); the list of processors can be requested from the Controller.
  • subjects, bodies or authorities, autonomous data controllers, who require the communication of your personal data in accordance with the provisions of law or by order of the authorities;
  • persons authorized by the Controller to process Personal Data pursuant to article 29 of the Regulation, necessary to carry out activities strictly related to the provision of Services, and, for the same reasons, the companies of the holding company Mondodelvino SPA, whether they are committed to confidentiality or have an adequate legal obligation of confidentiality (eg. employees of the Controller). We provide a non-exhaustive list of the companies of the group that could be involved in the processing of your personal data:
    • MGM Mondo del Vino SpA
    • Barone Montalto SpA
    • Azienda Agricola Poderi dal Nespoli
    • Integra Italia Srl
    • Azienda Agricola Santodeno


  1. Data retention

The Personal Data processed for the purposes referred to in section 3 (a-d) will be kept for the time strictly necessary to achieve these purposes in compliance with the principles of minimisation and limitation of retention pursuant to article 5.1.e) of the Regulation. In any case, the Controller will process the Personal Data for the time necessary to fulfill contractual and legal obligations.

Further information on the retention period of personal data and/or the criteria used to determine this period may be requested from the Controller in writing.

  1. Rights of data subjects

Pursuant to articles 15 and following of the Regulation, you have the right to request at any time, access to your Personal Data, rectification or cancellation of the same, limitation of treatment in cases provided for by article 18 of the Regulation, obtaining, in a structured format, in common use and readable by automatic device the data concerning you, in the cases provided for by article 20 of the Regulation. At any time, you can revoke pursuant to article 7 of the Regulation the consent given; propose a complaint to the competent supervisory authority (Personal Data Protection Authority pursuant to article 77 of the Regulation, if you consider that the processing of your data is contrary to the legislation in force.

You can make an objection against the processing of your personal data pursuant to article 21 of the Regulation in which you should set out the grounds underlying the objection: the Controller reserves the right to evaluate the application, which may not be accepted in case of compelling legitimate grounds for the processing which override the interests, rights and freedom of the data subject.

Such objections should be addressed to the Controller.

  1. Amendments

This privacy policy is effective from 25 May 2018. The Controller reserves the right to modify or simply update the content of this privacy policy, in full or in part, including in the case of amendments to the applicable legislation. The Controller will inform you of such amendments as soon as they are introduced and they will be binding when published on the Website. The Controller invites you to regularly visit this section so that you are aware of the most recent and updated version of the privacy policy in order to remain up-to-date on the data collected and their use by the Controller.

  1. Cookies

Please refer to a careful reading of the complete cookie policy