Privacy and cookie policy

(Information on the processing of personal data pursuant to Legislative Decree 196/2003 and subsequent amendments of art. 13 of EU Regulation 679/2016)

Sr.Roch s.r.l., as Data Controller (hereinafter also: “Owner“) pursuant to Legislative Decree 196/2003 and ss. mm. (hereinafter “Privacy Code“) and EU Regulation 679/2016 (hereinafter: “GDPR“) – Before communicating any personal data to the Data Controller, you are invited to carefully read this Privacy Policy because it contains important information on the protection of your personal data.

This Privacy Policy:

is intended for the site (hereinafter: “Site“)
forms an integral part of the Site and the services we offer,
is provided pursuant to art. 13 of the GDPR and of the Privacy Code to those who interact with the web services of the Site or who contact by telephone by post, fax or email St.Roch s.r.l.

The processing of your personal data will be based on the principles of correctness, lawfulness, transparency, purpose limitation and conservation, minimization and accuracy, integrity and confidentiality, as well as the principle of accountability pursuant to art. 5 of the GDPR.

Your personal data will therefore be processed in accordance with the legislative provisions of the GDPR and the confidentiality obligations set forth therein as well as those of the Privacy Code still in force today.

By processing of personal data we mean any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, registration, organization, structuring, storage , adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction, as defined in art. 4.2 of the GDPR.

We inform you that the personal data being processed may be constituted – also depending on your decisions on how to use the services – from any information concerning your person suitable for making him or her identified or identifiable, including textual information, photographic or video images and any other information provided, depending on the type of services requested.


Below we provide the index of this Privacy Policy so that you can easily find information relating to the processing of your personal data that interest you.

3.Navigation data
4. Data provided voluntarily by you
5. Cookies


The data controller is ST.ROCH S.R.L., with registered office in Torrent de Maillod, 4 – 11020 Quart (AO), C.F. and VAT number 01078630074, R.E.A. AO – 65936 which operates in the wine production sector.

We inform you that the personal data being processed may be constituted – also depending on your decisions on how to use the services – by an identifier such as the name, an identification number, location data, an online identifier, cookie or one or more characteristic elements of your physical, physiological, genetic, psychological, economic, cultural or social identity suitable for making the interested party identified or identifiable, depending on the type of services requested (hereinafter only “personal data”).

The personal data processed through the Site are as follows:

  1. Navigation data
    The computer systems and software procedures used to operate the Site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining and any anonymous statistical information on the use of the Site to check its correct functioning, to identify anomalies and / or abuses, and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the Site or third parties.
  2. Data provided voluntarily by you
    Except for the reference to specific information, this Privacy Policy is also intended for the processing of data voluntarily provided by you through the Site. In this regard, we invite you not to enter in the forms contained within the Site and not to communicate information that may fall within the special categories of personal data referred to in art. 9 of the GDPR (for example, data referring to racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, life / sexual orientation as well as genetic data, biometric data or data relating to your state of health).

Your personal data will be processed, with your consent where necessary, for the following purposes, where applicable:

3.1. allow navigation of the Site and the provision of the services of St.Roch s.r.l. through the Site;

3.2. find specific requests, including telephone requests, addressed to St.Roch s.r.l.;

3.3. fulfill any obligations under applicable laws, regulations or legislation

community, or satisfy requests from the authorities;

3.4. exercise the rights of the owner;

3.5. for statistical purposes, without it being possible to trace your identity.

Your personal data will be processed with automated and non-automated tools.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.

The legal basis for the processing of personal data for the purposes referred to in sections 3.1 and 3.2 is art. 6 (1) (b) of the GDPR ([…] the processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same), as the treatments are necessary to the provision of services. The provision of personal data for these purposes is optional, but failure to provide it would make it impossible to activate the requested services.

The legal basis for the purpose referred to in section 3.3 is art. 6 (1) (c) of the GDPR ([…] the processing is necessary to fulfill a legal obligation to which the data controller is subject). In fact, once the personal data has been provided, the processing is indeed necessary to fulfill legal obligations to which St.Roch s.r.l. is subject.

The legal basis for the purpose referred to in section 3.4 is art. 6 (1) (f) of the GDPR (…. Processing is necessary for the pursuit of the legitimate interest of the owner or third parties, provided that the interests or fundamental rights or freedoms of the interested party do not prevail ..).

It is also specified that the processing referred to in section 3.6 is not performed on personal data and therefore can be freely carried out by St.Roch s.r.l.

Your personal data may be shared, for the purposes referred to in section 3 of this Privacy Policy, with:

5.1. subjects, bodies or authorities to whom it is mandatory to communicate your personal data by virtue of legal provisions or orders of the authorities;

5.2. persons authorized by St.Roch s.r.l. to the processing of personal data necessary to carry out activities strictly related to the provision of services, which are committed to confidentiality or have an adequate legal obligation of confidentiality and which guarantee the processing of data in accordance with the GDPR.

The complete and updated list of Managers is kept at the Data Controller’s operational headquarters, located in Torrent de Maillod, 4 – 11020 Quart (AO) and can be sent by sending a written request to the Data Controller at the addresses indicated in the “Contacts” section of this informative.

The personal data processed for the purposes referred to in section 3.1-3.2-3.3-3.4 will be kept for the time strictly necessary to achieve those same purposes as well as, in the case of treatments carried out for the provision of services, up to the foreseen and permitted period of time. by the Italian legislation to protect Savio’s interests and right of defense, having regard to the limitation periods provided for by the applicable legislation.

For the purposes referred to in section 3.5, your personal data will instead be processed, as a general rule, until your consent is revoked. In case you withdraw from the services of St.Roch s.r.l. without having revoke such consents, the data could also be processed after your withdrawal. Further information regarding the data retention period and the criteria used to determine this period can be requested by sending a written request to the Data Controller at the addresses indicated in the “Contacts” section of this statement. In any case, the possibility for St.Roch s.r.l. to keep your personal data for the period of time envisaged and permitted by Italian law to protect your interests and the right of defense, having regard to the limitation periods provided for by the applicable legislation.

In your capacity as interested party, pursuant to art. 15 and ss. of the GDPR and art. 7 of the Privacy Code, you have the right to:

  1. obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
  2. obtain the indication: a) of the origin of personal data; b) the purposes and methods of the processing; c) the logic applied in case of processing carried out with the aid of electronic tools; d) the identification details of the owner, managers and designated representative pursuant to art. 5, paragraph 2 of the Privacy Code and article 3, paragraph 1, of the GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
  3. obtain: a) updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the attention, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right;
  4. object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning you, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without the intervention of an operator by e-mail and / or through traditional marketing methods by telephone and / or paper mail, It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to the traditional ones and which, in any case, save the possibility for the interested party to exercise the right of opposition even only partially. Therefore, the interested party can decide to receive only communications using traditional methods or only automated communications or neither of the two types of communication.
    Where applicable, it also has the rights referred to in Articles. 16 – 22 of the GDPR (Right of rectification, right to be forgotten, right to limitation of processing, right to data portability, right to object, right to object to automated processing including profiling).

Requests must be sent in writing to the Data Controller at the addresses indicated in the “Contacts” section of this statement.

In any case, you always have the right to lodge a complaint with the competent supervisory authority (Guarantor for the protection of personal data), pursuant to art. 77 of the GDPR, if you believe that the processing of your data is contrary to the legislation in force.


St.Roch s.r.l reserves the right to modify or simply update the content of this Privacy Policy, in part or completely, also due to changes in the applicable legislation St.Roch s.r.l. It will inform you of such changes as soon as they are introduced on the Site. St.Rcoch s.r.l We therefore invite you to visit this section regularly to become aware of the most recent and updated version of the Privacy Policy in order to be always updated on the data collected and on the use made of it by St.Roch s.r.l

The Data Controller of personal data is St.Roch s.r.l, with registered office in Torrent de Maillod, 4 – 11020 Quart (AO), telephone: 0165-774111, email:

Information on cookies

This policy describes “what cookies are” and the types of cookies used on our website.

What are cookies?

A cookie is a simple text file that is stored on the user’s computer or mobile device by a website server and that can be read or retrieved from the server itself. It contains some information and allows the website to remember, for example, user preferences. The Directive on Electronic Communications and the Provision of the Privacy Guarantor of 8 May 2014, no. 229, on the subject of “Identification of simplified procedures for the information and the acquisition of consent for the use of cookies”, provide that the use of cookies can only be allowed with the consent of the user.

Do we use cookies on our website?

Yes. Cookies are used to improve your website and to provide services and features to users. You can limit or disable the use of cookies through your web browser. However, in this case some features of the website may become inaccessible.

Why we use cookies?

Cookies can be used for various reasons. In some parts of our site cookies are essential and without them you may not be able, for example, to navigate the site correctly or browse the lists. We are always looking for ways to improve our website and to better spread the knowledge of our services. To do this, it is important for us to understand how our site is used. Cookies also help us to provide a better and richer experience: for something that is interesting, you could put the “Like” on Facebook, or tweet it (cookies facilitate these operations).

What types of cookies are used on our website?

Technical cookies
Technical cookies are those used for the sole purpose of “carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service “(see art. 122, paragraph 1, of the Privacy Code).

They are not used for other purposes and are normally installed directly by the website owner or manager. They can be divided into:

Navigation or session cookies
They are used in order to record data useful for the normal navigation and use of the website on the user’s computer (allowing, for example, to remember the preferred page size in a list). These cookies can then be distinguished by their persistence on the user’s computer: those that are automatically deleted at the end of each navigation are called session cookies. If, on the other hand, they have a longer life, they are called permanent cookies.

Functional cookies
These cookies allow the website to remember the choices made by the user in order to optimize functionality. For example, functional cookies allow the website to remember a user’s specific settings, such as country selection and, if set, permanent access status.

Analytical cookies
These cookies allow you to collect data on the use of the website by the user, including the elements that are clicked on while browsing, in order to improve the performance and design of the site itself. They may be shared with our third party analytics providers. However, they are used solely for purposes related to our website.

Third party cookies
These cookies are linked to services provided by third parties, such as ‘Like’ and ‘Share’, and monitor the effectiveness of advertising. The third party provides these services in exchange for information regarding the user’s visit to our site. It follows, even for third-party cookie suppliers, the obligation to comply with the relevant legislation. For this reason, we refer to the links on the web pages of third-party sites, where the user can find the cookie consent forms and their related information. If the services were provided by indirect contacts with third parties, the user must consult the sites of the subjects who act as intermediaries between us and the third parties themselves.

There are no third-party cookies on the site.

How can cookies be deactivated or removed?

Most browsers accept cookies automatically, but you can also choose not to accept them. We do not recommend this last choice since this could prevent normal navigation and enjoy all the features of the site. If you do not want your computer to receive and store cookies, you can change the security settings of your browser (Internet Explorer, Google Chrome, Safari etc.). In any case, note that certain parts of our Site can be used to their full extent only if your browser accepts cookies; otherwise, you will not be able, for example, to access the reserved area. Consequently, your choice to remove and not accept cookies may adversely affect your stay on our site. If you wish to change the settings of your cookies, by entering the settings of the various browsers, below are brief instructions on how to do this in the most popular browsers.