PRIVACY POLICY

About Us

The Birra Nursia European Online Store is a website selling specialty beer brewed by the Monks of Norcia. For more information see our homepage or visit our monastery website.

What Information We Gather

We may gather certain information, either personal or anonymous, based on your activities or data submitted while browsing our website, in the following formats.

Form information

If you submit an order, and/or opt in to a mailing list on our website, we collect any personal data submitted by you in order to process your request.

Statistical information

Our website uses the following tools to collect statistical information about browsing behaviour and device or browser information, in order to improve the experience of our website:

To opt out of Google Analytics data collection, you can install this tool.

Cookie information

We collect cookies, both directly and through trusted third-parties, in order to improve the performance and user experience on our website. Please see our Cookie Policy for more information on usage and to manage your cookie settings.

Embedded content from other websites

Articles on this site may occasionally include embedded content (e.g. videos, certain advertisements). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Links

We sometimes provide links to third-party websites. While on these sites, these parties may collect information about you. Because we do not control the information policies or practices of these third parties, you should review their privacy policies to learn more about how they collect and use personally identifiable information.

How We Use Your Information

We may use your personal information when we have a valid reason to do so. This includes:

  1. Deliver subscriber services such as mailing list blasts or newsletters. The processing of data is carried out based on the consent given by the user (Article 6 (1)(a) GDPR);
  2. Send you by email updates on news and commercial offers relating to Birra Nursia products. The processing of data is carried out based on the consent given by the user to the use of his/her personal data for marketing purposes (Article 6 (1)(a) GDPR). However, consent is not required when we use your email address to send you information about similar products and services to those you have already purchased. In this case, the processing activities are performed on the basis of the legitimate interest of the data controller (so-called “soft spam”);
  3. Process and/or respond to an order. The processing of data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1)(b) GDPR);
  4. Respond to questions, support requests and any other special requests. The processing of data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1)(b) GDPR);
  5. Enable you to browse our website and to manage your account registrations and functionalities. The processing of data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Article 6 (1)(b) GDPR);
  6. Improve your website experience. The processing of data is carried out based on the legitimate interest pursued by the controller or by a third party (Article 6 (1)(f) GDPR);
  7. Defending our rights in the event of complaints. Processing is necessary for the purposes of the legitimate interests pursued by the controller (article 6(1)(f) GDPR).

The provision of your personal data is essential to interact with our website, to provide you with the services you have requested and to allow you to send us a request for information or support. The provision of data for the purposes based on consent is optional with consequence that your refusal to provide such data for the said purposes will not affect your possibility to browse this website or use its services. You have the right to revoke your consent and the right to request that we cease to use or store your information. See Accessing your data for more information.

How We Protect Your Information

We take the greatest care in the security of your submitted information. Our website uses up-to-date Secure Socket Layers (SSL) encryption in order to protect the transmission of your data upon submission to our servers.

Where your information is stored

Depending on the type of information you have submitted, your data will either be stored securely in a database on our server; or in the database of our trusted third-party partners, if data was directly submitted by you for a particular purpose on our website. These third-party partners include:

  1. MailChimp – for email mailing list subscriptions and for sending communications for marketing purposes;
  2. Paypal – for orders or subscriptions submitted via PayPal on our website;
  3. Stripe – for orders or subscriptions submitted via credit card on our website;
  4. ShippyPro – for providing order fulfillment and shipping services;;
  5. Farchioni – for orders or subscriptions submitted for distribution;
  6. Salesforce – for form and email list submissions, in order to organize submission data and facilitate any required communications;
  7. Google – for statistical information, and/or personalized data (for visitors from outside the EU)

Information stored by these third-parties is protected by and subject to their privacy policy. You can find their policies at the links below:

Mailchimp   PayPal   Stripe   ShippyPro   Farchioni   Salesforce   Google

In order to obtain an updated list of the subjects who may become aware of your personal data, please contact us by email at privacy@nursia.org , taking care to specify the reason for the request.

International Transfers

The Birra Nursia European Online Store is hosted on a server located in Germany. Due to the multinational locations of our vendors, as well as our third-party partners, any information which you consented to provide may be transferred to a location outside of the country or region you are located in. Data will only be transferred to either:

a) our servers;

b) trusted third-party partners, as indicated in the above section, which we determine to have adequate transparency and security parameters in place for the protection, storage and accessibility of your data.

In these cases, we will transfer your personal data on the basis of an adequacy decision adopted by the European Commission or by implementing appropriate safeguards to ensure adequate protection of your personal data in the place of destination pursuant to articles 44 ff. of the GDPR.

Data breach prevention

Our servers and website infrastructure are kept up to date and secured by a Web Application Firewall (WAF) to protect against a data breach via a third party attack.

In the unlikely event of a breach where your stored data is, or may have been compromised, we will inform you accordingly to article 34 of GDPR.

Note that due to a multitude of different vulnerabilities which are present during the submission of data and are outside of our control (local computer viruses, unsecured/compromised internet connections, etc.), we cannot guarantee and are not responsible for compromised data which occurs during the submission of data and as the result of such factors outside of our control. However, once the data has been submitted and is stored in our infrastructure, we ensure that the data is responsibly held and secured.

Data Controller

The data controller is the organization/entity responsible for the protection of information on and submitted to this website. The Data Controller is Monastero di San Benedetto in Monte Via Case Sparse n. 164, CAP 06046 Norcia (PG), Italy.

Complaints, concerns or requests will be fielded by the Data Controller, who can be reached by submitting this form or at privacy@nursia.org

How Long We Store Your Data For

Personal information submitted directly on our website through a form will be kept as long as necessary to fulfill the purposes indicated above, without prejudice to the cases in which the retention for a longer period is necessary to comply with the applicable legislation or with requests received by competent authorities. The personal data that we process on the basis of your consent are retained until your consent is withdrawn.

Data collected by Google for statistical and personalization purposes is retained for 50 months before being deleted automatically. More information about Google’s data retention policy can be found here.

Accessing Your Data

If you have submitted data on our site, you can request access to your personal information, or correct or update out-of-date or inaccurate personal information we hold about you. You may also request that we delete personal information that we hold about you.

You can object to processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information; if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time; withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent. You can exercise you rights by filling a request through the form provided or by contacting the Data Controller at privacy@nursia.org

You also have the right to lodge a complaint with a Data Protection Authority about our collection and use of your personal information, in particular in the Member State in which you habitually live or work or in the place where the alleged violation took place.

Google

Our data collected via Google Analytics is anonymized and therefore not personally traceable to you unless you are signed into your account. If you have a Google account, you can request a copy of your information from Google here.

Our Cookie Policy

We use cookies to provide e-commerce user features, personalise content and to analyze our traffic. We also share information about your use of our site with our marketing and analytics partners who may combine it with other information that you’ve provided to them or that they’ve collected from your use of their services.

In order to see the cookies we use, or to change your cookie settings, view our Cookie Policy.

Changing your cookie settings

You can adjust your cookie settings or withdraw your consent on our Cookie Policy page.

Changes To This Policy

This policy may be subject to modification also as a consequence of any regulatory changes. We kindly invite you to periodically review this Privacy Policy for the latest information on our privacy practices.

Last update: July 2021

Inquiries

For any inquiries related to this Privacy Policy, please contact privacy@nursia.org

0
    0
    Your Cart
    Your cart is emptyReturn to Shop