Information notice pursuant to Art. 13 of the Reg. UE 2016/679 (General Data Protection Regulation | GDPR)

Pursuant to Reg. UE 2016/679 (General General Data Protection Regulation) we provide you the deserved information concerning processing of collected personal data. The notice is not valid for external links; Data Controller is not to be considered responsible for third parties’ web pages.

The notice is drawn up pursuant to art. 13 Reg. UE 2016/679 (General Data Protection Regulation) inspired to Directive 2009/136/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 25 November 2009, and to Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies – 8 may 2014 by Italian Data Protection Authority, considering the EDPB Guidelines 05/2020 on consent under Regulation 2016/679.

Personal data

Any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can directly or indirectly be identified, in particular by reference to an identifier such as a name, an identification number, a location data, an online identifier or to one or more specific factors to the physical, physiological, genetic, mental, economic, cultural or social identity (C26, C27, C30).

Navigation data

Computer systems and procedures software preceded to the operation of this site, acquire, during their normal exercise, some personal data whose transmission is implicit using Internet communication protocols. This category includes: IP addresses, URI/URL (Uniform Resource Identifier/Locator), time of request, type of request, outgoing packet size, server status of response (received, error, etc…) and other parameters related to the operating system (for further information see Cookies policy of this site).

Data provided by data subject

The optional, explicit and voluntary dispatching of messages to contact-addresses, as well as compilation and forwarding of forms that are on the Data Controller’s website, involves the acquisition of sender’s personal data necessary to reply, as well as all the personal data included in messages themselves.

Cookies

Click here for more information about the cookie policy.

1. Who is the data controller? How to contact him?

Pursuant to art. 4 ad 24 Reg. UE the Data Controller is BIMECC S.R.L, with registered office in 21023 Besozzo (VA)–Via Leonardo da Vinci, 15.

Data Controller’s contact details: email info@bimeccsrl.com, telephone number 0332/773922

2. Purposes of processing, legal basis, data retention and nature of conferral

Purpose A) – Website browsing.

• LEGAL BASIS: legitimate interest (art. 6 par. 1 lett. f) and recital 47 GDPR): processing is necessary for pursuing data controller’s (or third party) legitimate interest, provided that the interests or the fundamental rights and freedoms of the data subject are not overriding, taking into consideration his reasonable expectations based on the relationship with controller. Activities strictly necessary for site operation and platform browsing services.
• DATA RETENTION: single session. For further information see the Cookies policy.
• NATURE OF CONFERRAL: mandatory in order to permit the website navigation.

Purpose B)– Eventual contact form filling.

• LEGAL BASIS: legitimate interest | answering data subject requests (art. 6 par. 1 lett. f) and recital 47 GDPR).
• DATA RETENTION: for the time necessary to reply to the request and in any case no longer than 1 year.
• NATURE OF CONFERRAL: the provision of data is necessary to allow the Data Controller to provide feedback to the requests received through the form. Failure to provide the data marked with the symbol* or the indication (required), will make it impossible to obtain the information requested.

3. Who the collected data will be communicated to?

Provided data will be shared with recipients who will treat them as data Processors (art. 28 Reg. UE 2016/679) and/or as natural person acting under the controller’s or processor’s authority (art. 29 Reg. UE 2016/679) for former purposes.

Namely, data may be shared with:

• subjects who provide services for the management of the information system used by the Data Protection Officer Association and telecommunications networks;
• platform managers for the services listed above (site hosting);
• competent authorities for compliance with legal obligations and / or provisions of public bodies, upon request;

The list of the data Processors is constantly updated and available writing to info@bimeccsrl.com or sending a traditional mail to the Data Controller registered office.

4. Does BIMECC S.R.L. transfer data to a third country and/or to international organisations?

We do not transfer data to countries outside the EU.

5. Are personal data processed by an automated mean?

We do not process data by automated mean, profiling included.

6. Which rights am I entitled to? How can I exercise them?

You can exercise your rights, as required by art. 15 and subsequent of the General Data Protection Regulation UE 2016/679 (GDPR) contacting the data Controller at the email address: info@bimeccsrl.com. You have the right, at any time, to obtain from the data Controller the access to your personal data, request their rectification, erasure or processing restriction and, if applicable, data portability. Furthermore, you have the right to object anytime to your personal data processing based upon legitimate interest. Where applicable, you have the right to withdraw consent without prejudice to the lawfulness of the processing based on the consent given before the withdrawal.

Without prejudice to any other administrative or judicial remedy, in case you consider the processing conflicting with Reg. UE 2016/679, pursuant to article 15 lett. f) UE 2016/679, you have the right to lodge a complaint with a supervisory authority (www.garanteprivacy.it).

In case of request for data portability, the Data Controller will provide your personal data in a structured format, commonly used and readable by automatic device.

7. More information

Data controller retains the right to modify, update, add or remove parts of this statement at his own discretion, in any moment. In order to facilitate such verification, the information notice will include the date of update.

Date of review: March 22, 2021