Dear User, during the consultation and use of the website http://bmb-beschlaege.it (hereinafter, “Site”), some of your personal data will be collected and processed as defined by art. 4, par. 1 of EU Regulation 2016/679 (hereinafter, the “GDPR”).
The purpose of this information (hereinafter, the “Information”) is to offer an exhaustive overview on the purposes, methods of collection and use of personal data as well as on the data retention times of each interested party (hereinafter, “Interested” or , in the plural “Interested”).
This information is provided pursuant to art. 13 of the GDPR and in compliance with the European and Italian laws that integrate it (“Privacy Law”).
Each interested party is invited to read this Notice, so as to better understand the methods of processing their personal data including their rights under the Privacy Law.
1. Holder of the processing of personal data
The data controller of your personal data is BMB Beschläge S.r.l. (“Owner”) with registered office in Via Paolo VI, 2 Abbiategrasso (MI), email pec email@example.com
2. Categories of interested parties
The Data Controller processes the personal data of the users of the Site.
3. Categories of data processed
Through the Site, various categories of personal data are collected and processed (hereinafter, “Personal Data”):
4. Purpose and legal basis of the treatments.
Personal Data will be processed by the Data Controller within the exclusive limits of the correct functioning of the Site and for the provision of the services necessary for its correct consultation.
This Site does not publish advertisements and does not use navigation data for the purpose of sending advertising, nor does it use other third-party services with the same purpose. It also makes every possible effort to protect the privacy of users and minimize the collection of personal data.
In order to carry out the video functions and connect with the functions of Google Maps, the Site uses the help of third-party services that may send cookies (and therefore collect data) within the limits of the use of the aforementioned functions.
Per maggiorni informazioni sull’utilizzo dei dati personali da parte delle Google API è possibile consultare la relativa informativa: Informativa Privacy di Google.
5. Methods of data processing and storage
In relation to the purposes indicated in paragraph 4 above, the processing of Personal Data is carried out by the Data Controller in accordance with the Privacy Law, in particular:
– is carried out by manual means and also with the aid of electronic or automated means, in any case, suitable for guaranteeing its security and confidentiality, as well as to avoid unauthorized access to Personal Data by third parties;
– is carried out directly by the owner’s organization, on the basis of a contract signed pursuant to art. 28 of the GDPR.
Personal Data will be kept only for the time necessary for the purposes for which they are collected, respecting the principle of minimization pursuant to art. 5, par. 1, lett. c) of the GDPR as well as the legal obligations to which the Data Controller is required, without prejudice, in any case, to the right to withdraw consent, at any time, by the interested party.
6. Data communication
In pursuit of the purposes referred to in paragraph 4, Personal Data will not be communicated and / or shared with third parties, except with public administrations in accordance with the law.
7. Rights of the interested parties
Pursuant to art. from 15 to 22 of the GDPR, the interested party has the right to obtain, from the Data Controller, confirmation that the processing of Personal Data concerning him is in progress and in this case, to obtain access to his data .
Furthermore, the interested party has the right to:
– know the purposes of the processing;
– know the categories of data in question;
– know the recipients or categories of recipients to whom the data have been or will be communicated, in particular if they are recipients of third countries or international organizations;
– know, when possible, the expected data retention period or, if not possible, the criteria used to determine this period;
– ask the data controller to rectify or delete data or limit the processing of data concerning him;
– Oppose the processing of data, without prejudice to the right of the owner to evaluate your request, which may not be accepted in the event of the existence of compelling legitimate reasons to proceed with the processing that prevail over his interests, rights and freedoms;
– propose a complaint to a supervisory authority;
– if the data are not collected from the interested party, receive all available information on their origin;
– withdraw the consent at any time, without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
– be made aware of the existence of an automated decision-making process, including profiling pursuant to art. 22, par. 1 and 4, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the interested party;
– in the cases and with the limits provided for by the GDPR and by the Applicable Privacy Regulations, obtain data portability, i.e. receive them from the Data Controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments.
Requests must be sent in writing to the Data Controller.
This information is updated on 07/29/2019.