Dear Data Subject, Besana Moquette srl has considerable respect for Users’ privacy. Any data that may be transmitted by the User via the Site will be processed with the utmost care and with all tools required to guarantee its security, in full compliance with applicable data privacy legislation. We wish to inform you that “Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation)” (hereinafter “GDPR”) provides for the protection of natural persons in relation to the processing of personal data as a fundamental right. Pursuant to article 13 of the GDPR, therefore, We inform you that:
A. CATEGORIES OF DATA: your personal data may be processed; this may include:
a. Automatically collected data. Digital systems and applications dedicated to the operation of this web site, during their normal functioning, collect certain data (whose transmission is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected includes IP addresses and domain names of the computers used by the users who connect to the site, addresses in URI (Uniform Resource Identifier) notation of requested resources, the method used to make the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.), and other parameters relating to the operating system, browser and digital environment used by the user, internet service provider (ISP) name, date and time of visit, originating (referral) and exit web pages.
b. Data voluntarily provided by the user. Voluntary and express sending of e-mails to addresses indicated in the different access channels of this site does not require consent requests and involves the acquisition of the sender’s address and other data, required to meet the requests, as well as any other personal data contained in the message.
d. Plug-ins. Furthermore, the site incorporates plug-ins and/or social network buttons, in order to allow for easy sharing of contents on your favourite social networks. These plug-ins are programmed in order to avoid setting any cookies when accessing the page, to protect users’ privacy. The cookies will be set, if provided for by the social networks, only when the user voluntarily uses the plug-in. It is worth remembering that if the user browses while logged into the social network then they have already given permission for the cookies transmitted via this site when registering on the social network. The collection and use of information obtained via the plug-ins is regulated by the respective social network privacy policies which you should refer to.
B. DATA CONTROLLER: The data controller is Besana Moquette srl, VIA EUROPA 51-53, 23846 GARBAGNATE MONASTERO (LC), ITALY – VAT no. IT01697520136 , and can be contacted by phone on +39 031 860 113 C. SOURCE OF PERSONAL DATA: Personal data held by the Data Controller is collected from the data subject directly.
D. PURPOSES AND LEGAL BASIS FOR THE DATA PROCESSING: Purpose and legal basis for processing of your data:
1. For automatic data collection, the legal basis is the legitimate interests of the owner and the purpose is to guarantee and improve the web browsing experience.
2. For data voluntarily provided by the user, the legal basis is consent and, when sending e-mails to our addresses, the purpose is to be able to answer the specific requests made by the user; for the forms, the purpose is indicated in the specific policy.
E. RECIPIENTS OF THE DATA: Within the boundaries set for the purposes of data processing, your data may be forwarded to partners, consultants, private companies, third-party technical service providers, hosting providers, IT companies and communications agencies …
F. TRANSFER OF DATA TO THIRD COUNTRIES: The transfer of your data to a third country is not provided for. This site may share some of the data collected with services located outside of the European Union. Specifically, via the social media plug-ins and Google Analytics service. Such transfers are authorised and strictly regulated by article 45, para. 1 of Regulation (EU) 2016/679, for which no specific authorisation is required.
G. PERIOD OF STORAGE: Based on the principle of storage limitation (art. 5, GDPR), stored data is periodically checked to see whether it has become obsolete in relation to the purpose it was collected for. In particular:
a) Data collected automatically is processed, for the minimum amount of time needed to solely gather statistical information on the use of the site and to check its regular functioning, including for security purposes or based on the deadlines set out by law.
b) Data provided voluntarily by the user will be stored for a period no longer than that required to meet the purposes it is processed for, or on the basis of expiry dates established by applicable legislation.
H. RIGHTS OF THE DATA SUBJECT: The Data Subject always has the right to ask the Data Controller for access to their data, to have it corrected or deleted, restrict or object to processing, request data portability, and to revoke consent to processing, enforcing these and other rights established in the GDPR simply by notifying the Controller. The Data Subject may also put in a complaint with the supervisory authority.
I. COMPULSORY NATURE OF CONSENT: Providing data is compulsory while browsing our web site with regard to points E.1 and E.2 of the above-mentioned purposes, in order to allow for the service to be provided correctly. Providing data for points E.3 is, on the other hand, optional and will not compromise the supply of the service in any way.
J. DATA PROCESSING METHODS: The personal data you provide will be processed in compliance with the aforementioned regulation and with the confidentiality obligations underlying the Data Controller’s activities. The data will be processed using digital tools, on paper and any other appropriate media in compliance with the suitable security measures set out in art. 5 par. 1 F of the GDPR.
K. FINAL POINTS AND UPDATING METHODS: This policy is valid only for this internet site and not for other web sites which may be viewed by the user accessed via hyperlinks found on this site. The policy may be subject to change due to the introduction of new regulations; the user is, therefore, invited to periodically check this page in order to remain up to date on the latest legislative changes. The previous versions of this policy can always be requested from the Data Controller.