Articles 13 and 14 of Regulation 2016/679/EU (hereinafter also "GDPR")
Why this notice
Gruppo Borghi S.P.A. (hereinafter also referred to as the "Company" or "Owner") is committed to respecting and protecting your privacy and wants you to feel safe both when simply browsing the site and if you decide to register by providing us with your personal data to take advantage of the services made available to its Users and/or Clients. On this page, the Company intends to provide some information on the processing of personal data relating to users who visit or consult the website accessible by electronic means from the address https://www.gruppoborghi.it. This information is provided only for the Company website and not for any other websites that the user may consult through links (for which please refer to their respective privacy policies). Reproduction or use of the pages, materials and information contained in the Site, by any means and on any media, is not permitted without the prior written consent of Company. Copying and/or printing for exclusively personal and non-commercial use is permitted (for requests and clarifications, please contact Company at the addresses indicated below). Other uses of the content, services and information on this site are not permitted.
In relation to the content offered and the information provided, the Company will endeavor to keep the content of the Site reasonably up to date and reviewed, without offering any warranty as to the adequacy, accuracy or completeness of the information provided and expressly disclaims any liability for any errors of omission in the information provided on the Site.
Origin - Navigation data
The Company informs you that the personal data provided by you and acquired at the time of requesting information and/or contact, registering on the website and using the services via smartphone or any other tool used to access the Internet, as well as the data necessary for the provision of such services, including navigation data and data used for the possible purchase of products and services offered by the Company but also only the so-called "navigation" data of the website by Users, will be processed in compliance with the applicable regulations. The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of the Internet. This information is not collected in order to be associated with identified interested parties, but by its very nature could, through processing and association with data held by third parties, allow the identification of navigating users. This category of data includes the "IP addresses" or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numerical code indicating the status of the response given by the web server (successful, error, etc.) and other parameters relating to the user's operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check the correct functioning of the Company's website. It should be noted that the aforementioned data could be used to ascertain responsibility in the event of computer crimes against the Company website or other websites connected or linked to it: except for this possibility, at present the data on web contacts do not persist for more than a few days.
Origin - Data provided by the user
The Company collects, stores and processes your personal data for the purpose of providing the products and services offered on the Site, or for legal obligations. For some specific Services, Products, Promotions, etc., we may also process your personal data for commercial purposes. Company may also process your data for commercial purposes. In these cases, a specific, separate, optional and always revocable consent will be requested in the manner and at the addresses indicated below.
The optional, explicit and voluntary sending of e-mails to the addresses indicated in the relevant section of the Website, as well as the completion of questionnaires (e.g. forms), communication via chat, push notifications via APP, social networks, call centers, etc., entails the subsequent acquisition of some of your personal data, including those collected through the use of the Apps and related services, necessary to respond to your requests. Please also note that when you use your mobile connection to access content and digital services offered directly by the Company or by our Partners, it may be necessary to transfer your personal data to such third parties. Please note that you may access the Site or connect to areas where you may be able to post information using blogs or noticeboards, communicate with others, for example from the Company page on Facebook®, LinkedIn®, YouTube®, and other social networking sites, review products and offers, and post comments or content. Before interacting with these areas, please read the General Terms and Conditions of Use carefully, bearing in mind that, in certain circumstances, the information you publish may be viewed by anyone with access to the Internet and any information you include in your publications may be read, collected and used by third parties.
Purpose of processing and legal basis
The data are processed for the purposes:
- Strictly connected to and necessary for registering on the website, for services and/or Apps developed or made available by Company, for using the relevant information services, for managing requests for contact or information, for making purchases of products and services offered through the website Company;
- for ancillary activities connected to the management of the User/Customer's requests and the sending of feedback, which may include the transmission of promotional material; for the completion of the purchase order of the products and services offered, including aspects relating to payment by credit card, the management of shipments, the possible exercise of the right of withdrawal provided for distance purchases, updating on the availability of products and services temporarily unavailable;
- related to the fulfilment of obligations under EU and national law, the protection of public order, and the detection and prosecution of crime;
- direct marketing, i.e. the sending of advertising material, direct sales, the carrying out of market research or the commercial communication of products and/or services offered by the Company; This activity may also concern products and services of companies in the Company Group and be carried out by sending advertising/information/promotional material and/or invitations to participate in initiatives, events and offers aimed at rewarding users/customers, carried out using "traditional" methods (e.g. paper mail and/or operator calls), or using "automated" contact systems (e.g. SMS and/or MMS, telephone calls without operator intervention, e-mail, fax, interactive applications), pursuant to art. 130 c. 1 and 2 of Legislative Decree 196/03 as amended;
The provision of data for the purposes referred to in points 1), 2) and 3), connected to a pre-contractual and/or contractual phase or functional to a user request or provided for by a specific provision of law, is compulsory and, failing this, it will not be possible to receive the information and access any services requested; with regard to point 4) of this Information Notice, the consent to the processing of data by the user/customer is free and optional and can always be revoked without any consequences on the usability of the products and services except for the impossibility for the Company to keep users/customers updated on new initiatives or special promotions or advantages that may be available.
The Company may send you commercial communications relating to products and/or services similar to those already provided, in accordance with Directive 2002/58/EU, using the e-mail or paper addresses you have provided on these occasions, which you may oppose in the manner and at the contact details set out below.
Methods, logic of processing, storage times and security measures
The data processing is also carried out with the aid of electronic or automated means and is performed by the Company and/or by third parties that the Company may use to store, manage and transmit the data. The data processing will be carried out with the logic of organization and processing of your personal data, also related to the logs originated by the access and use of the services made available via web, of the products and services used related to the above mentioned purposes and, in any case, in order to guarantee the security and confidentiality of the data. The personal data processed will be retained for the period of time envisaged by the legislation applicable at the time.
Again, with regard to data security, in those sections of the website that are set up for particular services, where personal data is requested from the user, the data is encrypted using a security technology called Secure Sockets Layer, abbreviated to SSL. SSL technology encrypts the information before it is exchanged via the Internet between the user's computer and the Company's central systems, making it incomprehensible to unauthorized parties and thus guaranteeing the confidentiality of the information transmitted; furthermore, transactions made using electronic payment instruments are carried out directly using the platform of the payment service provider (PSP) and the Company retains only the minimum set of information necessary to manage any disputes. With regard to the protection of personal data, the user/customer is invited, pursuant to article 33 of the GDPR, to notify Company of any circumstances or events that could lead to a potential "data breach" in order to allow for an immediate evaluation and the adoption of any actions aimed at countering such an event by sending a communication to firstname.lastname@example.org or contacting Customer Services. The measures adopted by the Company do not exempt the Customer from paying the necessary attention to the use, where required, of passwords/PINs of adequate complexity, which he/she shall update periodically, especially if he/she believes they have been hacked/disclosed by third parties, as well as keep them carefully and make them inaccessible to third parties, in order to avoid improper and unauthorized use.
Cookies stored on your terminal equipment cannot be used to retrieve any data from your hard drive, transmit computer viruses or identify and use your email address. Each cookie is unique to the browser and device you use to access the Website or use the Company App. Generally, the purpose of cookies is to improve the operation of the Website and your experience when using it, although cookies may be used to deliver advertisements (as set out below). For more information on what cookies are and how they work, you can visit the "All about cookies" website http://www.allaboutcookies.org .
Scope of communication and transfer of data
For the pursuit of the above purposes, we may communicate and process, in Italy and abroad, your personal data to third parties with whom we have relationships, where these third parties provide services at our request. We will only provide these third parties with the information necessary to perform the services requested, taking all measures to protect your personal data. Data may be transferred outside the European Economic Area if this is necessary for the management of your contractual relationship. In this case, the recipients of the data will be subject to protection and security obligations equivalent to those guaranteed by the Controller. In the case of the use of services offered directly by Partners, we will only provide the data strictly necessary for their performance. In any case, only the data necessary for the pursuit of the intended purposes will be communicated and the guarantees applicable to data transfers to third countries will be applied where required. We may also disclose personal data to our commercial service providers, for marketing reasons, who are appointed as external data controllers for this purpose. In addition, personal data may be communicated to competent public bodies and authorities for the purposes of fulfilling regulatory obligations or to ascertain responsibility in the event of computer crimes against the website, as well as communicated to, or allocated by, third parties (in their capacity as data processors or, in the case of providers of electronic communication services, independent data controllers), who provide IT and telematic services (e.g. hosting services, website management and development) and which the Company uses to perform tasks and activities of a technical and organisational nature that are also instrumental to the operation of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Managers appointed for this purpose by Company.
Personal data may also be known by employees/consultants of the Company who are specially trained and appointed as Data Processors.
The categories of recipients to whom the data may be disclosed are available by contacting the Company at the addresses listed below.
Rights of the persons concerned
You may at any time exercise the rights granted to you by law, including:
- to access your personal data, obtaining evidence of the purposes pursued by the Controller, the categories of data involved, the recipients to whom the data may be communicated, the applicable retention period, the existence of automated decision-making processes;
- to obtain without delay the rectification of inaccurate personal data concerning him/her;
- to obtain, in the cases provided for, the cancellation of your data;
- to obtain the restriction of processing or to object to processing when possible;
- to request the portability of the data you have provided to Company, i.e. to receive them in a structured, commonly used and machine-readable format, also for the purpose of transmitting such data to another data controller, within the limits and constraints set out in Article 20 of the GDPR;
In addition, you may lodge a complaint with the Data Protection Authority pursuant to Article 77 of the GDPR.
For the processing referred to in point 4) of the purposes, the Customer may always revoke consent and exercise the right to object to direct marketing (in "traditional" and "automated" form). The opposition, in the absence of any indication to the contrary, will refer to both traditional and automated communications.
The data controller, pursuant to Article 4 of the GDPR, is Gruppo Borghi S.P.A., SEDE LEGALE: Via Armaroli, 9, 40012 Calderara di Reno Bologna (Italia), SEDE AMMINISTRATIVA E OPERATIVA: Via Armaroli, 9, 40012 Calderara di Reno Bologna (Italia), P.IVA 02653441200, C.F. 02653441200.
The above-mentioned rights may be exercised upon request by the interested party in the manner made known by the Customer Service or on the Company's website or by using the following references: email@example.com
The use of the Website, including those intended for tablets and/or smartphones, by the Client and/or the User implies full knowledge and acceptance of the content and any indications included in this version of the policy published by Company at the time the site is accessed. Company informs you that this policy may be modified without prior notice and therefore we recommend that you read it periodically.