Privacy Policy


This policy describes how they Brawo use the personal data of users


PRIVACY POLICY of www.brawo.it

(Updated on 25 May 2018)

 

Information Notice under art. 13 of Regulation (EU) 679/2016 (GDPR)

 

Dear User,

Brawo S.p.A. pays great attention to ensuring the privacy of its Users. This page describes the procedures used to manage its website (www.bravo.it) with regard to the processing and protection of the personal data of such users. It is an Information Notice provided in accordance with the requirements of Regulation (EU) 679/2016 “Regulation on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereinafter EU Reg.) to all those browsing the Brawo S.p.A. website. Browsing this website, and registration with the same, may infer the recording, use, erasure and, more generally, the processing of the personal data of identified or identifiable users. The Information Notice only covers the Brawo S.p.A. corporate website and does not apply to any other websites which users may consult by clicking links on the website pages, for which Brawo S.p.A is under no circumstances responsible.

 

  1. Data Controller

The Data Controller for the personal data provided by Users is Brawo S.p.A. with registered office in Via XXV Aprile, 36 – 25050 Pian Camuno (Brescia), Tax Code and VAT no. 00566320982. Tel. 0364/591556 - Fax 0364/599073. Email: lfacchetti@brawo.it

  1. Type of collection

 

  1. Browsing Data

The data processing systems and software procedures used by this Site acquire some personal data, the collection of which is implicit when using Internet communication protocols.

This refers to information which is not collected to be associated with identified data subjects but, due to their nature, could permit the identification of the user if they are processed and associated with data held by third parties.

This category of data includes IP addresses or computer domain names used by the users to connect to the website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of request, the method used to make the request to the server, the size of the file received in reply, numerical code indicating the status of the reply given by the server (successful, error etc.) and other parameters of the operating system and the environment used by the User.

  1. Data provided spontaneously by the User (art. 4 (1) of the EU Reg.)

No collection of User personal data is required to browse the website. However, if electronic messages are sent spontaneously, voluntarily and explicitly to the email addresses indicated on this website, or the use of the “Contact Us” section, this will lead to collection of the sender’s e-mail address, required in order to respond to the request, and any other personal data included in the message.

 

  1. Cookies

Please read our Cookie Policyfor further information on the use of cookies on our website.

 

  1. Purpose and legal basis of the processing

The legal basis of the processing of browsing data (point 2 letter a) is to pursue the legitimate interests of the Data Controller regarding the management of the website and are used to:

  • allow access and browsing of the website

  • collect data and information in an aggregated and anonymous manner to verify the correct functioning of the website;

  • collect data and information for the purpose of protecting the security of the website (antispam filters, firewalls, virus detectors) and its users;

  • collect anonymous statistics on the use of the website.

In the event of unlawful IT offences committed to the detriment of the website, browsing data may also be used to ascertain responsibility.

The data provided voluntarily by the user (point 2 (b)) on the website contact form (“Contact Us” section) or by spontaneous email to the indicated contact details, are processed for the sole purpose of responding to the data subject, provide a service or supply of goods requested, including the management of any job candidatures sent spontaneously by the user. These data shall be processed by the Data Controller using both electronic and paper formats. It should be noted that only common data shall be processed and any “particular data” or “judicial data” under arts. 90 and 10 of Reg. (EU) 679/2016 shall be erased if collected. The collected data shall not be transferred to third-parties without obtaining the specific and unequivocal prior consent of the data subject.

 

  1. Data processing methods

User personal data shall be processed lawfully, fairly and in a transparent manner using manual and/or electronic means, with organisational systems correlated to the purpose of the processing and in order to guarantee the security, integrity and confidentiality of the data and the rights of the data subject, in accordance with the provisions of Reg. (EU) 679/2016 (making particular reference to arts. 24, 32 and 35).

Security measures of a technical and organisational nature have been adopted and put in place to protect the data against unlawful destruction or accidental loss.

The processing operations may be carried out with or without the use of electronic or automated tools.

 

  1. Disclosure of personal data

In addition to the Data Controller, in some cases other internal Brawo S.p.A. personnel (administration, sales, legal, system administrators) may also access the data, and be granted processing authorisation for the purpose of such processing.

Collected data may also be disclosed to independent subjects (e.g. third-party technical service providers, hosting providers, IT and software firms), who are designated as Data Processors, under art. 28 of Reg. (EU) 679/2016, and operate on behalf of, and according to the instructions of Brawo S.p.A., exclusively for activities strictly related to the aforementioned purposes (e.g. to guarantee the operation of Internet services and the management of the IT and computerised systems).

Data subjects can request a complete and updated list of such subjects using the contact details provided below.

 

  1. Duration of data retention

Browsing data (point 2 (a) shall be retained, in accordance with the provisions of the applicable regulations in force for no longer than is strictly necessary for the purposes for which the data were collected.

The Data Controller shall process the data provided voluntarily by the user (point 2 (b)) for the time strictly necessary to provide the service requested and, in any case, no longer than 30 days.

 

  1. Collection of personal data

Browsing data collected for the scope and purpose of this processing (point 2 (a)) are strictly functional to the computerised management of the website.

Collection of personal data voluntarily provided (point 2 (b)) is optional and has the sole purpose of processing the requests submitted by the user; failure to grant consent to such collection will make it impossible for Brawo S.p.A. to process such requests.

 

  1. Data storage location

Personal data are processed at the Data Controller’s operating headquarters and in any other place, within the EU, where the parties involved in the processing are located.

 

  1. Rights of the data subject

Data subjects can exercise specific rights on the data processed by the Data Controller, in particular, under art. 15 of Reg. (EU) 679/2016, data subjects have the right to:

  • access personal data (data subjects have the right to obtain information on the data processed by the Data Controller, certain aspects of the processing and receive a copy of the processed data)

  • verify and request rectification of personal data (data subjects have the right to verify the accuracy of their personal data and request the updating or rectification of the same)

  • obtain the erasure of personal data (under certain conditions, data subjects have the right to obtain the erasure of all their personal data by the Data Controller)

  • obtain the restriction of processing of personal data (under certain conditions, data subjects have the right to request the restriction of processing of their personal data. In this case the Data Controller shall not process the data for any purpose other than retention of the same)

  • obtain data portability (data subjects have the right to receive their data in a structured format, commonly used and readable by automatic devices and, where technically feasible, to obtain unhindered transfer of such data to another data processor. This provision is applicable when the personal data are processed using automated systems and the processing is based on the consent of the data subject on a contract of which the data subject is party, or contractual measures related to the same)

  • lodge a complaint with a Supervisory Authority (Data Protection Supervisor) or engage in legal proceedings.

 

  1. Exercising of rights

Data subjects can exercise their rights at any time by sending:

  • an email to lfacchetti@brawo.it

  • a fax to number 0364/599073

  • registered mail with advice of receipt to the following address: Brawo S.p.A. with registered office in Via XXV Aprile, 36 – 25050 Pian Camuno (Brescia) Italy.

 

  1. Amendments to this Information Notice

Brawo S.p.A. reserves the right to amend this Information Notice. The date indicated at the beginning of the Information Notice refers to the date of issue of the most recent version. A notice on the website, or via other means, will be provided if any substantial changes are made to give all users the chance to verify the amendments before they become effective.