Data Controller, Data Processors and Data Protection Officers
The Data Controller responsible for processing the personal data is Pelletterie Bianchi e Nardi S.p.A. (with Tax Code and VAT number 00385830484), having its registered office in Scandicci (FI), Via delle Fonti no. 2, and email firstname.lastname@example.org, in the person of its legal representative pro tempore, Mr Gabriele Bianchi (hereinafter referred to as the “Data Controller”).
The updated list of designated Data Protection Officers may be provided upon request from interested parties and/or Users.
INFORMATION COLLECTED AUTOMATICALLY BY THE WEBSITE – COOKIES
a) Information collected automatically
Like all websites, our Website also uses log files in which information is automatically collected and stored during your visits. In fact, the IT systems and software procedures used to operate the Website automatically acquire certain information throughout utilisation, the transmission of which is implicit in the use of Internet communication protocols.
The information collected is as follows:
- Internet Protocol (IP) address or the domain name of the device you are using;
- Type of browser and device parameters used to connect to the Website;
- The addresses in the Uniform Resource Identifier (URI) notation of the requested resources or the method used to submit the request to the server;
- Name of the Internet Service Provider (ISP);
- Date and time of the visit;
- The User’s webpage of origin (referral) and of exit;
- Number of clicks, where applicable;
- Size of the file obtained in response;
- The numerical code indicating the status of the response given by the server (success, error, etc.);
- Other parameters relating to the operating system and the IT environment of your device.
This information is processed in an automated manner and collected only in aggregate form in order to verify the correct functioning of the Website.
The Website utilises cookies.
WHAT ARE COOKIES?
Cookies are text files stored on a computer, which permit the recording of certain parameters and data communicated to the IT system, through the browser you use. These tools thus facilitate an analysis of your habits in using the Website for a number of purposes: the execution of IT authentication, monitoring sessions, storage of information on specific configurations regarding users accessing the server, recording preferences, etc.
Cookies are distinguished between:
- a.Technical cookies: used to effectuate navigation or to provide a service requested by you. Without the use of these cookies, certain operations could not be performed or would be more complex and/or less secure.
- b.Profiling cookies: used to track your navigation and create profiles on your tastes, habits, choices, etc. In this way, advertising messages can be transmitted to your device in line with preferences already expressed by the User when navigating online.
For the installation of technical cookies, your consent is not required. For the installation of profiling cookies, your consent is required. If you do not want your device to receive and store profiling cookies, you can change the security settings of your browser. Below are brief instructions on how to do this for the four most common browser types:
- Microsoft Internet Explorer: click on the “Instruments” icon in the upper right corner and select “Internet Options”. In the pop-up window, select “Privacy”. Here, you can adjust the cookie settings.
- Google Chrome: click the wrench in the upper right corner and select “Settings”. At this point, select “Show advanced settings” then change the “Privacy” settings.
- Mozilla Firefox: from the drop-down menu in the upper left corner, select “Options”. In the pop-up window, select “Privacy”. Here, you can adjust the cookie settings.
- Safari: from the drop-down menu in the upper right corner select “Preferences”. Select “Security”, where you can then adjust the settings of the cookies.
It should be noted, however, that by deactivating the use of profiling cookies, you will not be able to take full advantage of certain features of the Website.
THE PERSONAL DATA YOU PROVIDE TO US BY USING THE WEBSITE: PROCESSING PURPOSES
Your data is processed for the following purposes:
(i) to execute your purchase orders for products online via the Website, to fulfil the relative administrative and accounting obligations (for example, completing your order, correspondence, invoicing) and to arrange for delivery of the same through the E-commerce platform (such as delivery and/or collection, any requests for information, complaints, etc.);
(ii) to fulfil legal obligations;
(iii) to carry out the technical management of the Website;
(iv) to inform you about all our promotional and marketing initiatives, including direct, also by sending advertising and/or promotional material, using automated tools and/or traditional methods of contact, for example via push notifications, email (the “Newsletter”) and/or by sending SMS and MMS (being “Marketing Services”);
(v) to analyse your preferences, habits, interests and consumption choices, including the type, frequency, location of purchases, in order to compile statistics, create specific user profiles and carry out predictive activities in relation to your future consumption (henceforth, the “Profiling Activities”).
The processing of data for the aforementioned purposes is carried out in accordance with the Privacy Code, the Privacy Regulations and all the specific industry regulations.
In respect of the “Guidelines on Marketing and Combating Spam” of 4th July 2013, we underline that the consent you may provide for the sending of commercial, promotional and marketing communications through automated tools will also extend to the traditional methods of contact.
The data supplied by you shall be processed mainly using IT tools under the authority of the Data Controller, by persons specifically appointed, authorised and instructed to process such in accordance with Article 30 of the Privacy Code and Articles 28 and 29 of the Privacy Regulation. We inform you that appropriate security measures are observed, also pursuant to Article 5 and 32 of the Privacy Regulations, in order to prevent the loss of data or its illicit or incorrect use and unauthorised access.
THE MANDATORY OR OPTIONAL NATURE OF PROVIDING CONSENT FOR THE PROVISION OF DATA, THE CONSEQUENCES OF REFUSAL AND THE LEGAL BASIS OF THE PROCESSING
Please be aware that for the purposes referred to in points (i), (ii) and (iii) of the previous Article 3, the provision of your personal data is mandatory since without, you cannot use the Website Services offered through the Website, including the services of transport, delivery and/or collection of products through the E-commerce platform.
The provision of your personal data is not mandatory and is rather optional for the purposes referred to in points (iv) and (v) of the previous Article 3. Failure to provide data for the purposes indicated above will not allow us to send you the Newsletter, provide the Marketing Services, or carry out the Profiling Activities. To this end, you can freely decide whether or not to give consent for such purposes, without this impacting upon the ability to access the Website Services.
Please keep in mind that, in any case and at any time, you can request to have the Data Controller delete your data through a simple communication to be sent, without any particular formalities, to the addresses referred to in the previous Article 1.
With reference to the purposes referred to in points (i), (ii) and (iii) of the previous Article 3, the legal basis of the processing is in fact the execution of the services provided through the Website and requested by you (pursuant to Article 6, paragraph 1, letter b of the Privacy Regulations and Article 24, paragraph 1, letter b of the Privacy Code). With reference to the purposes referred to in points (iv) and (v) of the previous Article 3, the legal provisions mean you are free to provide your consent to the processing (pursuant to Article 6, paragraph 1, letter a of the Privacy Regulations and Article 23 of the Privacy Code).
SOCIAL MEDIA BUTTONS AND SOCIAL MEDIA
On the Website www.bianchienardi1946.it, there are particular “buttons” (called “social media buttons/widgets”) that depict the icons of social media networks (for example, Facebook, Instagram, etc.). These buttons allow users who are browsing on the sites to interact directly with the social media networks shown there with a simple “click”. In this case, the social media networks acquire data relating to the user’s visit, however the Data Controller will not share any navigation information or user data acquired through their Website with the social media networks accessed via the social media buttons/widgets.
It follows that through our website, we offer you broad personal support also via social media (Facebook, Instagram) and the opportunity to stay in touch with us. Social media services directly capture personal data, for example through your profile created on these social media sites or via so-called social media plugins implemented on third-party websites.
If you send us a request via one of these social media sites, we will forward the request to the appropriate division. The data will be used exclusively to respond to your request and will not be given to third parties.
These concern offers from the following US companies:
Facebook Inc. (1601 S. California Ave, Palo Alto, CA 94304, USA)
If you open a page on our website containing one of these plugins, your browser will create a direct link to the servers of the company concerned. The contents of the plugin will be transmitted from these servers directly to your browser and integrated into the website. We thus have no authority and hence no responsibility regarding the amount of data that each company detects through such plugins. In any case, we hereby inform you of what we know.
By integrating the plugins, the individual company receives information related to the fact that you have referred to the relevant page of our Website. If you are registered with one of the aforementioned companies, they may associate the visit with your personal account. If you interact with the plugins, this information is transmitted directly from your browser to the company concerned and subsequently registered. If you do not have an account with the aforementioned companies, there is still the possibility that they will acquire and register your IP address.
Non si può escludere dunque che le summenzionate società rilevino ciascun visitatore del nostro sito Internet sulla base del suo indirizzo IP e dell’URL richiamato, anche nel caso in cui l’utente non abbia cliccato sui plugin e non sia registrato tramite un account presso la società interessata.
To find out about the purpose and scope of the collection, treatment and use of data by these companies, as well as your rights and the possibility of revocation to protect user privacy, we invite you to read the privacy information of:
TO WHOM AND IN WHAT CONTEXT MAY WE TRANSMIT YOUR DATA
Within the EU, your data may be communicated in full compliance with the provisions of the Privacy Code and Privacy Rules, to the following subjects:
(i) to the financial administration and/or other public authorities, whereby required by law or upon their request;
(ii) to credit institutions for purposes instrumental to the online purchase of the Products;
(iii) to the structures, subjects and external companies used by the Data Controller for the performance of activities that are connected, instrumental or consequent to the execution of the Website Services – including the cloud computing storage service, transport, delivery and/or collection of Products through the E-commerce platform – along with sending the Newsletter and providing the Marketing Services and completing the Profiling Activities.
(iv) external consultants (for example, for the management of tax obligations), if not designated in writing to the Data Processors.
The information collected automatically by the Website, as per paragraph 2, along with certain anonymous data pertaining to the number and type of interactions on the activities combined with loyalty purposes in the strictest sense, may also be transferred to third-party Cloud servers even located outside of the EU, resulting in the processing necessary for the execution of the Website Services and those requested by you. The legal basis for such processing is Article 49, paragraph 1, letter b of the Privacy Regulations and Article 43, paragraph 1, letter b of the Privacy Code.
Please bear in mind that at any time, you can exercise the rights referred to in Article 7 of the Privacy Code and pursuant to Articles 15, 16, 17, 18, 20, 21 and 22 of the Privacy Regulation, by sending written communication to the address of the Data Controller referred to in the previous Article 1 and in order to:
- a) request confirmation of the existence or otherwise of personal data;
- b) obtain information on the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data has been or will be communicated and, where possible, the retention period;
- c) obtain the correction and deletion of data;
- d) obtain a restriction of processing;
- e) attain data portability, receiving such from the Data Controller in a structured format that is commonly used and readable by automatic devices, to be transmitted to another Data Controller without hindrance;
- f) oppose the processing at any time, including for direct marketing purposes;
- g) object to an automated decision-making process concerning individuals, including profiling;
- h) request the Data Controller for access to and rectification or erasure of personal data or the restriction of processing the data concerning the data subject or to object to the processing, as well as the right to data portability;
- i) withdraw consent at any time without affecting the lawfulness of any processing based on consent given prior to the revocation;
- j) file a complaint with a supervisory authority.
With reference to the Newsletter and to the Marketing Services, we would like to point out that your right to request the cessation of processing carried out through automated means of contact also extends to traditional methods. Furthermore, you also have the option to exercise this right only in part, being by requesting the interruption, for example, of promotional communications being sent via one or some of the contact methods for which you have previously given consent.
DURATION OF THE PROCESSING
Subject to legal obligations, personal data will be stored for a specified period, based on criteria founded on the nature of the services provided.
Please note that the data stored for Profiling or Marketing purposes will be kept for a period not exceeding 12 and 24 months respectively from the time of registration.
a) Particular categories of personal data
Pursuant to Articles 26 and 27 of the Privacy Code and Articles 9 and 10 of the Privacy Regulation, you may provide data that can be qualified as “specific categories of personal data”, being data “revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.” These categories of data may be processed only upon your free and explicit consent, expressed in writing in a document separate from this present declaration.
Through the Website, your data is processed in compliance with the applicable laws and using appropriate security measures in compliance with the legislation in force also pursuant to Articles 5 and 32 of the Privacy Regulations.
In this regard, we confirm the adoption of appropriate security measures to prevent, amongst other things, unauthorised access, theft, disclosure, modification or destruction of your data.