INFORMATION ON THE PERSONAL DATA PROCESSING

pursuant to article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27th April 2016

The management methods of the site www.begnigroup.it (hereinafter site) are described here in relation to the personal data processing of users who consult it. This is a document of a general nature which informs about the criteria for the correct processing of personal data carried out on or through the site, criteria which the user can also find illustrated in detail within the individual information published in the various sections of the site to specify the methods and purposes of the processing connected to the provision of information of various kinds. This information is also provided pursuant to Article 13 of the General Data Protection Regulation (European Union Regulation 2016/679 of the European Parliament and of the Council of 27 April 2016 relating to the protection of natural persons with regard to the processing of personal data , as well as to the free circulation of such data, hereinafter Regulation) to those who interact with the web services of the site and does not include processing carried out on other sites possibly consulted by the user via links on the site itself. The information is also inspired by Recommendation no. 2/2001 that the European authorities for the protection of personal data, gathered in the Group established by Article 29 of Directive no. 95/46/EC, adopted on 17 May 2001 to identify some minimum requirements for the collection of personal data online, and in particular, the methods, times and nature of the information that data controllers must provide to users when they link to web pages, regardless of the purpose of the link. Users must read this information carefully before submitting any type of personal information.

The owner of the personal data processing

Following consultation of this site, data relating to identified or identifiable persons may be processed. The data controller of personal data is Begni Group S.p.A. (henceforth owner). As of today, any information relating to the owner, together with the updated list of managers and system administrators possibly designated, can be found at the headquarters of Begni Group S.p.A. in Via Brescia, 145 – 25039 Travagliato (BS).

Place of processing of personal data

The processing connected to the web services of this site takes place:

  • at the owner’s headquarters,
  • at the headquarters of T. Immagine S.r.l. responsible for the creation and maintenance of the site,
  • at the Data Center Caldera headquarters in via Caldera in Milan. owner of the infrastructure (server) on which the site is installed.

The processing connected to the web services of this site is also handled by the technical personnel in charge of processing, or by any persons in charge of occasional maintenance operations.

Purpose of the processing of personal data

The personal data provided by users who access the site by sending an electronic mail (e-mail) to the data controller (also using the form provided in the specific section of the site), will be used for the sole purpose of performing the requested service. The optional, explicit and voluntary sending of e-mails to the addresses indicated on the site, by its very nature, involves the subsequent acquisition of the sender’s e-mail address, necessary to respond to requests, as well as any other personal data included in the message . The owner processes personal data within the limits of what is strictly necessary for the performance of the functions for which the service is requested, excluding processing when the purposes pursued can be achieved using anonymous data or methods that allow the user to be identified only in case of need. We invite our users, in requests for information via email or other sections of the site, not to send names or other personal data of third parties that are not strictly necessary, nor data belonging to particular and judicial categories pursuant to articles 9 and 10 of the Regulation. If the user sends personal and contact data of any third party in the requests, he acknowledges that this operation represents a processing of personal data with respect to which the user acts as an independent owner, assuming all the obligations and responsibilities envisaged by the Regulation. In this sense, the user guarantees the owner that any data of third parties has been acquired by the user in full compliance with the Regulation (consent also documented in writing and issued by the third party). The user grants on this point the broadest indemnity with respect to any dispute, claim, request for compensation for damage from processing that may reach the owner from any third party, due to the provision of the data indicated by the user in violation of the rules on protection of personal data. The lawfulness of the processing of personal data is based on the legitimate interest of the owner in responding to what is spontaneously requested by the user and ascertaining liability in the event of any computer crimes against the site, and on the legitimate interest in responding to user requests.

Newsletter/Mailing list

Subject to express and explicit consent, the user’s personal data (name, surname, e-mail address, etc.) are processed for the sending of promotional and/or advertising information material, for carrying out market research, for communications commercial and for direct sales activities on the services and products offered by the owner. The lawfulness of the processing of personal data for the above purposes is based on the free, express and explicit consent of the user (art. 6.1 letter a) of the Regulation).

The user’s personal data are kept for the time necessary to provide the requested service, or until the user revokes consent and in any case up to a maximum of two years or for the time necessary to manage any appeals or disputes .

Types of personal data processed

The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols (browsing data). This information is not collected to be associated with identified users, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the users’ IT environment.

This data is used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning. The data in question could be used to ascertain responsibility in the event of any computer crimes against the site in question.

Cookie

The specific information describing the use of cookies carried out by the site is available and consultable in the “Cookie policy” document.

Methods of processing personal data

Personal data is processed with automated tools. Specific security measures are observed to prevent the loss, illicit and/or incorrect use, unauthorized access of data. The processing of personal data is carried out within the limits of what is strictly necessary for the performance of the functions for which the service is requested, excluding processing when the purposes pursued can be achieved using anonymous data or methods that allow the user to be identified only in case of necessity. No personal information about the user that reveals racial or ethnic origin, religious, philosophical or other beliefs, political opinions, membership of parties, trade unions, associations or organizations of a religious, philosophical, political or trade union, as well as personal data revealing one’s health and sexual life.

Communication and dissemination of personal data

Personal data, if necessary, can be communicated (this term meaning giving knowledge to one or more specific subjects) to subjects whose right to access the data is recognized by national and European Union law provisions and to third parties to satisfy requests forwarded by the user through the site. Personal data are in no case disclosed, this term meaning making them known in any way to a plurality of indeterminate subjects.

Optional provision of personal data

Apart from what is specified for navigation data and cookies, the user is always free to provide personal data for the purposes for which he connects to the site. Failure to provide them will make it impossible to obtain what is requested.

Criteria used to determine the retention period of personal data

Browsing data

The user’s personal browsing data are stored for the period necessary to comply with the storage terms established by law regarding electronic communications.

Changes to the information

The data controller reserves the right to make changes to this information at any time by advertising them to the user on this page. Please therefore consult this page often to be constantly updated.

Rights of the interested party (user)

We inform you that, at any time, the user can exercise the following rights:

• right to revoke consent to the processing of personal data at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation;

  • right to receive in a structured, commonly used and machine-readable format the personal data concerning the user provided to a data controller and has the right to transmit such data to another data controller without impediments by the data controller treatment to which he provided them;
  • right to obtain access to your personal data;
  • right to obtain rectification of your personal data where this does not conflict with current legislation on data retention;
  • right to obtain the deletion of one’s personal data where this does not conflict with current legislation on data retention;
  • right to obtain the limitation of processing of your personal data;
  • right to object at any time for reasons related to your particular situation, to the processing of your personal data pursuant to Article 6, paragraph 1, letters e) or f), including profiling on the basis of these provisions;
  • right to object at any time to the processing of your personal data for direct marketing purposes including profiling to the extent that it is connected to such direct marketing;
  • right not to be subjected to a decision based solely on automated processing including profiling, which produces legal effects concerning you or which similarly significantly affects you.

The interested party can exercise the above rights with a request addressed without formalities to the data controller of the personal data by hand delivery, traditional mail, registered letter, fax or by email (info@begnigroup.it).

To facilitate the exercise of these rights, the Italian Personal Data Protection Authority has prepared a specific form that can be downloaded from the website www.garanteprivacy.it

Right to lodge a complaint

The user is informed that he has the right to lodge a complaint with a supervisory authority (in particular the Italian Personal Data Protection Authority).

BEGNI GROUP S.p.A.

Via Brescia, 145

25039 Travagliato (BS) Italia

www.begnigroup.it

www.cobrashop.it

Tel.+39-030-68.65.044

Fax. +39-030-68.63.208

info@begnigroup.it

C.F./P.IVA 03428660173

Share capital €100.000 i.v.

REA registration BS 396043