This document concerns the privacy policies on personal data processed by the sole proprietorship:
BNC of Bencini Matteo
Via Firenze 2/A, 57014, Collesalvetti (LI)
(VAT number 01655260493) – Pec: firstname.lastname@example.org
The text describes, in accordance with the General Regulation for the Protection of Personal Data EU 2016/679 (also known as RGDP or GDPR), the methods for managing the processing of personal data of users and visitors to the site as well as the processing of personal data carried out by the Owner who can be contacted using the following e-mail address: email@example.com
The data controller is not obliged to have a Data Protection Officer.
The information provided here is not valid for other websites and related services/software that may be consulted via the links on the site for which the Owner is in no way responsible but for which it is recommended to read the related information.
Information on Data Processing. As required by Article 12 of the GDPR, the Data Controller adopts the following information as a measure to provide the interested party with the information referred to in Article 13 of the GDPR and the communications referred to in Articles from 15 to 22 and 34 GDPR relating to the processing of the data provided, this information is to be understood as general, provided to all those who interact with the site. The Data Controller informs interested users that the personal data provided through contact with the Data Controller will be processed in accordance with the provisions of the GDPR and the privacy code as amended by Legislative Decree n.101/2018. The treatment is carried out on the basis of the conditions of lawfulness established pursuant to Article 6 of the GDPR, i.e. for the purposes inherent to the relationship established with the Data Controller, therefore, its legal basis as required pursuant to Article 13 lett. c) GDPR finds justification in the reasons for which the relationship with the Data Controller is established and in the specific case:
- in relation to navigation on this Site (navigation data)
- Personal data sent through the contact and goods purchase form (personal data necessary for the purchase and shipment of goods)
Navigation Data. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are canceled immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site.
Personal data. are data of a personal nature sent through the contact form, i.e. any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social (art. 4, n. 1, RGPD n. 2016/679).
Purpose and legal basis of the processing. With regard to navigation, the purpose is to allow navigation of the site, while with reference to the personal data sent through the form to satisfy customer requests, the legal basis is the following pursuant to art. 6 par.1 GDPR letters:
a) the interested party has given his consent to the processing of his personal data for one or more specific purposes (Marketing);
b) the processing is necessary for the execution of a contract of which the interested party is a part or for the execution of pre-contractual measures adopted at the request of the same (purchase of products);
c) the processing is necessary to fulfill a legal obligation to which the data controller is subject (tax and company administrative obligations);
f) legitimate interest, i.e. to occasionally communicate promotional initiatives or legislative updates (so-called soft spam).
Methods of treatment. The data processing will be carried out in paper and/or electronic form by persons specifically authorized to process it, it is also specified that no processing is carried out on the basis of automated decision-making processes. The provision of data is optional, however, failure to provide it could make it impossible to perform the service. Some navigation data (on this point, see our cookies policy) are, on the other hand, automatically acquired by the system. The processing of the data provided to the Data Controller will include: management, organization, use, storage, creation of the database, processing in the EU and outside the EU (if there are requirements pursuant to art. 45-49 GDPR) and the statistics, communication to the partners with whom the initiatives will be developed – subjects who will be appointed as data controllers pursuant to art. 28 GDPR or joint controllers in the event that personal data will be disclosed to them. The treatment will also include the communication of future initiatives, the sending of promotional material. We also remind you that the processing of data connected to the web services offered by the site hosted by a company located in Europe whose name will be communicated upon reasoned request, are carried out only by collaborators and in any case authorized subjects in the case of occasional maintenance operations or by the our manager.
Profiling. Only in the event that you give your consent, the same will only concern the type of product purchased on the portal and aimed at sending you purchase proposals in line with your previous purchases.
Rights of data subjects . The Data Controller also communicates that the rights of rectification pursuant to Article 16 of the GDPR are guaranteed, the right to be forgotten pursuant to Article 17 of the GDPR, the right to limitation of processing pursuant to Article 18 of the GDPR as well as the right of access to the personal data provided and to all consequential information as listed under art. 15 GDPR. Data subjects also have the right to:
1. Ask the data controller to access personal data and correct or cancel them or limit their processing or
2. To oppose their treatment;
3. Data portability pursuant to Article 20 of the GDPR (if technically possible);
4. If the treatment is based on article 6, paragraph 1, letter a), or on article 9, paragraph 2, letter a), to revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
5. Propose a complaint to a supervisory authority;
To exercise the rights listed above or for more information, simply send an e-mail to the following e-mail address firstname.lastname@example.org indicating in the subject: " exercise of rights pursuant to the GDPR " and inserting the right in the body of the e-mail that you want to exercise, as well as your name, surname and email address where you want to receive the response from the Data Controller. Once the data received has been processed, the Data Controller will send the relative reply within the terms indicated in Article 12 of the GDPR.
In particular situations, the Data Controller adopts specific information accompanied by the relative consents to be given in order to allow data processing, moreover, the Data Controller warns you that if you intend to further process personal data for a purpose other than that for which they were collected, before this further processing, it will provide the interested party with information regarding this different purpose and any further pertinent information, collecting, in the specific case, consent.
Retention of your data. Personal data will be kept for the time necessary to pursue the purposes for which they were acquired. The data retention period depends on the purposes for which they are processed and therefore could vary, i.e. during the entire period in which the interested party is a customer for legitimate interest (for example defense in court), otherwise for 2 years unless explicitly requested for renewal consent to extend data retention. Personal data functional to the fulfillment of civil and fiscal obligations will also be kept subsequently, in compliance with said obligations in compliance with the conservation times established by the applicable regulations and for the possible defense in court of the owner.
Cookies A cookie is a small text file that is deposited by a website on the hard disk of the user's device, cookies thus uniquely identify the navigator's browser. Cookies do not damage your computer and do not contain viruses. Cookies have the function of streamlining the analysis of web traffic or of signaling when a specific site is visited and allow web applications to send information to individual users.
Only the user can decide to manually delete the cookies from his device or provide for their automatic deletion when the installed browser is closed.
For more information, please visit our cookies policy.
Sending newsletters and marketing. During the data retention period, the owner reserves the right to send commercial offers in a soft way, according to legitimate interest as the legal basis of the processing, or to be the recipient of non-soft marketing communications if he has given consent to the sending of offers commercial based also and possibly on its previous purchases.
Copyright All the contents of this site are protected by the provisions of the law on copyright and intellectual property. Even partial reproduction in any form is prohibited. However, the Owner does not grant any license to copyright, patents or any other intellectual property right
Responsibility The Owner assumes no responsibility towards the navigators of the site in relation to the content of what is published (accuracy and completeness of the information provided) or to the use that third parties may make of it. The material and information on the site are subject to changes or updates by the Owner without notice.
Application of the law The Data Controller regularly updates this information and in general its compliance with the privacy regulations, adapting them to the new provisions issued. For any questions or doubts regarding these Privacy Rules, you can contact us at any time by writing to: email@example.com
Complaints. We will respond to users who send formal written questions and/or complaints to this address firstname.lastname@example.org to investigate the reported problem. We undertake to collaborate with the competent authorities, to settle any complaints regarding the processing of personal data that are not resolved directly between the Data Controller and private individuals.