This policy statement describes the methods used to manage the website with respect to the processing of the personal data of users who consult the website, as well as details on how any data transmitted by the user (hereinafter also referred to as the ‘Data Subject’) via this website to the Data Controller may be processed. The data may be sent to the Data Controller as the result of a request for information or the compilation of online forms via the website http://www.brevi.eu/ or sent to BREVI MILANO S.P.A. in any other manner.
This statement is made pursuant to Article 13 of Italian Legislative Decree 196/2003 ‘ Code for the Protection of Personal Data ‘ and concerns all those who interact with the web services provided by the company, BREVI MILANO S.P.A. (hereinafter also referred to as ‘Brevi’), having its head office in Via Lombardia 15/17 24060 Telgate, (BG), Italy, which can be accessed online via its website, the homepage being http://www.brevi.eu/
The statement only pertains to the website in question, which belongs to Brevi, and not to any other websites which users may access through any links in said website.
THE ‘DATA CONTROLLER’ AND THE TYPES OF PROCESSING
The ‘Data Controller’ responsible for processing the personal data is BREVI MILANO S.P.A. having its head office in Via Lombardia 15/17 24060 Telgate, (BG), Italy. Data processing means: any operation or set of operations, carried out even without using electronic instruments, concerning the collection, recording, organization, conservation, consultation, processing, modification, selection, extraction, comparison, use, interconnection, block, communication, cancellation and destruction of data, even if not recorded in a database. The data will not be disclosed in any way.
PLACE OF THE DATA PROCESSING AND EXTERNAL MANAGER
The processing operations associated with the web services provided by this website are carried out at the aforementioned head office and on servers managed by the external company, Seeweb Srl. They are handled only by personnel specifically assigned to processing, belonging to categories with marketing, commercial, administrative and accounting, technical-IT, quality control and product management and customer relations duties, or by any personnel in charge of occasional maintenance tasks.
Personal data are handled, also by automatic and electronic means, for the length of time which is strictly required to achieve the purposes for which they have been collected.
The personal data provided by users who register, forward requests for the sending of informative material (bulletins, newsletters, answers to questions, etc.) or fill in online forms are used only for the purpose of performing the requested service and/or providing information requested and are only communicated to third parties not directly appointed by the Data Controller to process or be responsible for the data in the event of the said data being necessary for that purpose (subject to consent by the Data Subject, as the result of the necessary operations in order to execute the contract or as required by law).
The user may contact the dealer to ask for further information directly and autonomously, by filling in a specific form. The user is required to provide all the personal data requested in the form in order to benefit from the aforementioned services; it will therefore be impossible to provide the user with a suitable response should he fail to provide any data or provide only partial or inexact data. The aforementioned data will not be circulated on line.
Brevi will, in such a case, collect the user’s personal data solely to guarantee the correct transmission of information and to improve the quality of the services offered to the user.
Brevi cannot be held liable regarding the use and divulgation of any data provided to third parties in the event that the user provides his personal data to third-party dealers by using the form provided within the reserved communication service on the website http://www.brevi.eu/.
TYPES OF DATA PROCESSED
SURFING DATA AND RELEVANT PURPOSES
During normal operations, the IT systems and software procedures set up for the operation of this website acquire certain personal data, the transmission of which is implicit in the use of Internet communication protocols.
This information is not collected in order to be associated with identified data subjects, but by its very nature it could enable the identification of users through processing and association with data held by third parties.
This category of data includes IP addresses or computer domain names used by users who connect to the site, URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the code number indicating the status of the reply given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.
The data are used for the sole purpose of acquiring anonymous statistical information on the use of the site and to ensure that it is functioning correctly (please also see the paragraph on Cookies). The data could be used by the pertinent authorities to ascertain responsibility in the event of any IT crimes against the site.
Personal data voluntarily provided by the user may also be processed. Certain surfing-related data can be transferred outside the European Union, only towards third countries considered to be secure pursuant to art. 44 of the aforementioned Code.
The use of session cookies (that are not persistently stored on the user’s computer and disappear as soon as the browser is closed) is strictly limited to the transmission of session identification codes (consisting of random numbers generated by the server) required to allow secure and efficient browsing of the site and of its applications.
The session cookies used on this site avoid the use of other IT techniques that could compromise the confidentiality of the user’s surfing and do not allow for the acquisition of personal data identifying the user.
No other use is made of cookies for the transmission of information of a personal nature, nor will other persistent cookies or other user tracing systems be used. Please note that users can set their internet browser software (e.g. Firefox, Internet Explorer, Safari, Chrome) so that it will not accept cookies, thereby activating the so-called anonymous navigation. In this manner no information will be processed through these systems.
PROVISION OF DATA OTHER THAN NAVIGATION DATA AND RELEVANT PURPOSES
Apart from the aforementioned methods and practices concerning navigation data, the optional, explicit or voluntary sending of electronic mail (e-mails) to the addresses indicated on this website or through communication forms entails the subsequent acquisition of the sender’s address, needed for replies to requests, and of any other personal information contained in the message. Specific summary information and requests for consent will be progressively posted or displayed on the website pages dedicated to particular services (e.g. subscription to newsletters, registration). Failure by the user to provide his consent to use said data could, in some cases, make it impossible for him to obtain the requested services. After browsing this site and any voluntary registration, data pertaining to identified or identifiable people may be processed, but not any sensitive data or data likely to reveal the user’s health condition, except for the information spontaneously sent to Brevi by the user, who nevertheless should consider himself warned not to use transmission connections or protocols which are not coded when sending sensitive data. In fact, there is no https secure protocol installed on the www.brevi.eu website.
RIGHTS OF DATA SUBJECTS
The Data Subjects to whom the personal data refer are entitled, at any time, to obtain confirmation of their existence or otherwise, to know their content and origin, to check their accuracy and to ask for their integration, updating or correction (art. 7 of Italian Legislative Decree no. 196/2003).
Pursuant to the same article, users have the right to ask for the deletion, conversion into an anonymous form or blocking of any data processed in breach of the law, as well as to oppose, in any case, the processing of their data on legal grounds.
Requests must be sent to the Data Controller’s physical address or by e-mail to this address: firstname.lastname@example.org.