Of the website www.busattimilano.it pursuant to Regulation UE 2016/679 (“GDPR”)
Dear User, thank you for visiting our website www.busattimilano.it (https://busattimilano.it/). Below are described, among other things, the methods of processing of personal data collected and / or provided through the Site and, therefore, we inform you of the following.
The data controller, according to art. 4 GDPR, is Busatti Milano S.r.l., VAT no. 08452660965, REA Registration Number MI-2027466 with headquarters in Via Turati n. 41, 20083 – Binasco (MI), VAT no. 08452660965, PEC: firstname.lastname@example.org, fax 02 86452055, e-mail email@example.com, tel. 02 86996064 (hereinafter “Busatti” or “Data Controller“).
- TYPES OF DATA AND COLLECTION
We indicate, below, the types of personal data processed by the Controller.
2.1 Navigation data. While browsing the Site, the normal software procedures thereof acquire certain personal data whose transmission is implicit in the use of internet communication protocols. This information is not intended to be associated with identified users but, when associated with other data held by third parties (such as your internet service provider), could allow the identification of users of the Site. The browsing data include IP addresses or domain names of the computers used by the user who connects to the site, the addresses in URL (Uniform Resource Locator) notation of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system. The collection of navigation data from the user is automatic (therefore mandatory) when accessing the Site.
2.2 Cookies. In addition to technical and functional cookies, and only with Your express consent, personal data may be processed through the use of electronic tools known as cookies, in order to improve the offer of services provided by Busatti through the Site.
For further details on cookies and their processing, please refer to the relative information sheet.
2.3 Data provided voluntarily by the users. Through the Site the user may voluntarily provide certain personal data, such as name, surname, address, credit card details, e-mail address, tax code and/or VAT number, as required for the provision of various services provided by Busatti for the purchase of products on the Site. If, by connecting to the site, users intend to send their personal data through the appropriate sections, Busatti will process such data in order to respond to your request or to provide the requested service and, where necessary, subject to your express consent, to send commercial and promotional information and market research on Busatti products and services by means of automatic contact methods (e-mail). It should be noted that any voluntary sending of e-mails by the user of the Site to the e-mail addresses indicated in the same involves the acquisition of the sender’s address as well as any other information contained in the message; such personal data will be used for the sole purpose of providing the service requested.
- METHODS AND PRINCIPLES OF DATA PROCESSING
The data will be processed in accordance with the GDPR, Legislative Decree no. 196/03 and subsequent amendments, and the principles of lawfulness, fairness and transparency, minimization, relevance, proportionality, adequacy and of storage limitation, in both hard copy and electronic form, by persons authorized by Busatti and with the adoption of appropriate measures of protection, so as to ensure the security, integrity and confidentiality of data.
- PURPOSE AND LEGAL BASIS OF DATA PROCESSING
For convenience and ease of understanding, here is a list of the purposes for which your personal data are processed and the related legal bases that justify these forms of treatment.
Verify proper functionality and security of the site through navigation data.
These treatments are based on a legitimate interest of the Controller
(Marketing) To inform You about commercial initiatives, by automated means (e-mail), related to promotions and/or offers, in the interest of the Controller.
Such processing is carried out subject to specific consent provided by the user.
To provide the services requested by the user, to manage the contracts to which the user is a party, to carry out the relative pre-contractual, administrative, accounting, fiscal and legal fulfilments, as well as to process the requests forwarded by the user.
The processing operations carried out for these purposes are necessary for the fulfilment of contractual or pre-contractual obligations and do not require specific consent from the data subject.
Legal defense of the Controller
These treatments are based on a legitimate interest of the Controller
Carry out accounting, tax and legal obligations
Treatments necessary for the fulfillment of a legal obligation to which the Controller is subjected
- COMMUNICATION AND TRANSFER OF DATA
The data will be processed by employees or collaborators in charge of the treatment of the Data Controller and of other subjects (IT service providers, marketing companies, lawyers) who are autonomous data controllers or appointed as data processors. The data will not be communicated to third parties unless required by law or judicial authority and will not be disclosed in any way.
- DATA STORAGE
The Data Controller keeps your personal data if they are necessary to achieve the purposes for which they were collected. In addition, the Data Controller will keep your personal data if this is required by regulatory obligations and until the expiry of the statute of limitations to be able to enforce any existing legal claims.
Surfing data will be kept for no more than seven days, except in case of need to ascertain crimes by the judicial authorities.
The data provided voluntarily by users are kept for the period necessary for the execution of what has been requested by users, in any case no longer than three months, and until the request for cancellation in the event of the newsletter.
For direct marketing purposes we keep your data for a maximum period of 60 months from the date of release or consent.
The storage of personal data in electronic form will take place on servers located within the European Union.
- DATA SUBJECT RIGHTS
In Your capacity as data subject, you are guaranteed all the rights specified in Art. 15 et seq. of the GDPR, including the right to access, amend and erase data, the right to restrict processing, the right to withdraw consent to processing (without prejudice to the lawfulness of processing based on consent obtained before the revocation), the right to obtain in a structured, commonly used and machine-readable format your personal data provided to us subject to our automated processing as well as the right to lodge a complaint with the Italian Data Protection Authority in case You believe that the processing that concerns You violates the Regulation. The above-mentioned rights may be exercised by means of written communication to be sent by certified electronic mail, e-mail or fax, or by registered letter to the offices of Busatti and by e-mail to the address firstname.lastname@example.org.
- SECURITY MEASURES
Busatti uses “secure” and appropriate technologies to protect personal data in order to minimise the risks of destruction or loss of data, unauthorised access or processing that is not permitted or does not conform to the purposes of collection.
You have the right to object at any time, for your own reasons, to the processing of your personal data for marketing purposes or which is based on the legitimate interest of the Controller as above.
Last update: 28.02.2022 – email@example.com