Privacy policy
This Privacy Policy aims to describe how Enecta BV ("Enecta," "we," "us," or "our") collects, uses, and shares information about you through our website Enecta.farm, owned by us (referred to here as the "Site"). Please read this policy carefully to understand our practices.
We are a company established in the Netherlands with its registered office at Corantijnstraat 5-I, 1058DA Amsterdam, Netherlands, which will be the data controller of personal data as described in this Privacy Policy.
The data concerning you will be processed for the purposes described in this policy also by the company Enecta s.r.l, with registered office at Viale Panzacchi 17, 40136, Bologna, Italy, of which Enecta B.V. is the sole shareholder and expressly appointed by Enecta B.V. as data controller, in accordance with Article 28 of EU Regulation 679/2016 ("GDPR").
SECTION 1 – CONSENT AND HOW WE USE INFORMATION
a) Browsing and cookies
While browsing our store, we automatically receive the Internet Protocol (IP) address of the computer from which the user is browsing, to provide us with information about the browser and operating system.
As Controllers, during navigation on our site, we collect some of your data for the purpose of analysis and processing of information, according to your preferences, browsing experiences. To perform this activity, we use technologies such as cookies (our own or third-party).
Can we do this without your consent? Only partially. The collection of data through the use of technical cookies, useful for the correct functionality and security of the site, is based on our legitimate interest (Art. 6, para. f, GDPR).
The collection of personal data through the use of cookies, both proprietary and third-party, not strictly necessary, only occurs with your explicit consent (Art. 6 para. a, GDPR). We notify you of this through a specific banner that appears when you first connect to our site. Here you can choose analytically which cookies you want to install.
b) Contact form
When contacting us via the appropriate form, we collect user's personal information such as name, surname, address, email address, and phone number. The processing of your data is necessary to fulfill your request. For this reason, we may contact you via email or telephone using the data you provided to simplify the provision of information.
Furthermore, we may send you commercial communications, exclusively via email and only if you have provided your consent by checking the appropriate box.
Such processing is based on your consent (Art. 6 para. 1 letter a GDPR).
You can request the deletion of your personal data at any time, without affecting the lawfulness of the processing carried out before its revocation, and you have the possibility to object to receiving further commercial communications via the opt-out link at the bottom of each email.
c) Profile creation
To place orders on our Site, it is necessary to create an account. In this regard, we will ask for your email to send you the access code. You will then be able to add additional information to the account, such as the delivery address.
Such data will be processed solely for the purpose of allowing you to make requests and/or orders, and such processing is based on your consent (Art. 6 para. 1 letter a GDPR).
d) Purchases on the Site
When providing personal information for the completion of a transaction such as credit card verification, order completion, organization of a delivery, or return of a product, it is assumed that the user consents to the collection and use of data only for that specific purpose.
In any case, when purchasing a product on our Store, we may use the provided data to send you communications regarding products or services similar to your purchase, as provided by art. 13 of Directive 2002/58/CE.
In any case, you may always object to receiving further communications via the opt-out link available in each communication.
e) Subscription to the Newsletter
By registering for our Newsletter, we will use the strictly necessary and instrumental data for this purpose, i.e., the data communicated by you separately, to regularly send you our newsletter via email and surveys, based on your consent (Art. 6 para. 1 letter a GDPR).
You can unsubscribe from the Newsletter at any time, either by sending a message to privacy@enecta.com or via a dedicated link available in each Newsletter.
After cancellation, we will delete your email address, unless you have expressly consented to further use of your data and subject to our reservation to further use of the data, use of which you have been correctly informed in this statement in accordance with the GDPR.
f) B2B Sign up – Susbsricption to Catalogue
By registering with our catalog, we will use the personal information you enter in the appropriate form to send you marketing emails regarding our products and to provide you with assistance regarding sales, distribution and private label services offered by Enecta.
Such processing takes place on the basis of your consent (Art. 6 par. 1 lett a GDPR).
You can unsubscribe from the catalog at any time via a link found in each e-mail or by sending an e-mail to privacy@enecta.com.SECTION 2 - COMMUNICATION TO THIRD PARTIES
We may disclose user's personal information if required by law to do so or if the user violates the Terms of Service.
SECTION 3 - SHOPIFY
Our store is hosted on Shopify Inc.'s servers. Shopify Inc. provides us with the online e-commerce platform that allows us to sell our products and services.
User data is collected through Shopify's databases, applications, and software.
All data is stored on a secure server and protected by a firewall.
Payments: If you choose a direct payment gateway to complete your purchase, Shopify stores your credit card data. The transaction and data transmission are encrypted through and in accordance with the Payment Card Industry Data Security Standard (PCI-DSS).
Purchase transaction data is stored only for the time necessary to complete the purchase transaction. Once the transaction is completed, the purchase information is deleted.
All direct payment gateways adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council, a joint effort of companies and companies such as Visa, MasterCard, American Express, and Discover.
PCI-DSS requirements help ensure the secure handling of credit card information on our store and its service providers.
For more information, it is advisable to also read Shopify's terms of service or privacy policy.
SECTION 4 - HUBSPOT
Hubspot CRM is a platform provided by Hubspot Inc. that allows us, among other things, to manage existing and potential customers, communicate with them, and plan and execute marketing activities in line with their interests. Hubspot CRM allows us to acquire, organize, and analyze customer interactions across multiple channels.
Personal data is stored on the Hubspot CRM platform following best security practices and is accessible via a dedicated password only by authorized personnel.
For more information, we recommend consulting Hubspot's Privacy Policy. https://legal.hubspot.com/privacy-policy.
SECTION 5 - THIRD-PARTY SERVICES
In general, third-party providers we use will only be authorized to collect, use, and disclose information to the extent necessary to enable them to perform the services they provide to us.
However, some third-party service providers, such as payment gateways and other payment transaction operators, have their own privacy policies regarding the information they are required to provide for transactions related to them.
For these providers, we recommend reading their privacy policies to understand how personal data is handled.
In particular, we remind you that some providers may be located in or have facilities located in a jurisdiction different from ours or yours.
So, if you choose to proceed with a transaction involving a third-party service provider, the shared information may be subject to the laws of the jurisdiction(s) in which those service providers or their facilities are located.
For example, if you are in Canada and the transaction is processed by a payment gateway located in the United States, the personal data used to complete that transaction may be subject to disclosure under United States legislation, including the Patriot Act.
LINKS
When clicking on a link on our store, the user may be redirected to a site or platform different from ours. Enecta is not responsible for the privacy policy of third-party sites and platforms; we suggest you inform yourself each time and read the privacy policy documents of such platforms.
SECTION 6 - SECURITY
To protect personal data, we take every reasonable precaution, follow industry best practices to ensure that they are not improperly lost, disclosed, altered, destroyed, or used or misused.
Credit card data entered by the user is encrypted using Secure Socket Layer (SSL) technology and stored with AES-256 encryption.
Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement regular updates following all generally accepted industry standards.
SECTION 7 – DATA RETENTION
Personal data will be stored in a form that allows the identification of the data subjects for a period not exceeding the achievement of the purposes for which they are processed and in any case within the legal terms (e.g., in the case of purchases on the site, within the legal terms for storage of the relevant invoices).
SECTION 8 - CHANGES TO THIS PRIVACY POLICY
We reserve the right to modify the privacy policy document at any time, so please review it frequently to stay informed of any changes.
Changes and clarifications will take effect immediately upon their posting on the Site. In case of substantial changes to this policy, we will inform users here that it has been updated, so that the user is always aware of the information we collect, how we use it, and under what circumstances, if any, it is used and/or disclosed.
In the event that our Site is acquired or merged with another company, the data may be transferred to the new owners to ensure continuity of service.
SECTION 8- RIGHTS OF THE DATA SUBJECTS
You have the right to be informed free of charge about your personal data stored by us and to request its rectification or deletion, as well as the limitation of processing, in addition to the right to authorize its transferability. For questions regarding the collection, processing, or use of your personal data, for information, related to the right of access to the data, their rectification, to delete them or block their use as well as for questions regarding the possible revocation of consents already given or opposition to a specific use of the data, we invite you to contact us directly by sending an email to privacy@enecta.com or writing by ordinary mail to:
Enecta BV
Corantijnstraat 5-1
Amsterdam NL 1058DA
The Netherlands
Finally, we would like to remind you, your right to appeal to the competent data protection supervisory authority.