Pursuant to Regulation (EU) 2016/679 (hereinafter the “Regulation”), this page describes how the personal data of users consulting the website of BGreen Technologies S.r.l. are processed.
This information does not concern other sites, pages or online services that can be reached through hypertext links that may be published on the site but refer to resources outside the Owner’s domain.
- PERSONAL DATA CONTROLLER
The personal data controller is BGreen Technologies S.r.l. with registered office and operational headquarters at Via Stezzano 87, 24126 Bergamo, Italy.
E-mail address: firstname.lastname@example.org
- LEGAL BASIS FOR PROCESSING
Consent of the data subject, performance of a contract to which the data subject is party / execution of pre-contractual measures activated at the request of the data subject as well as the pursuit of a legitimate interest are the legal bases that, depending on the data processing performed on the site, will be applicable.
- PLACE OF DATA PROCESSING
The processing operations connected to the web services of this site are based in Italy, and are managed at the headquarters of the Data Controller; they are handled by authorised internal staff of the Data Controller, during updating and maintenance operations. No data deriving from the web service is disseminated. Personal data provided voluntarily by users who submit contact requests through the various forms on the site are used solely for the purpose of performing the service or provision requested, also possibly through external service providers.
- TYPES OF DATA PROCESSED AND PURPOSE OF PROCESSING
The computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes:
- IP addresses or domain names of the computers and terminals used by users;
- the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources requested;
- the time of the request;
- the method used in submitting the request to the server;
- the size of the file obtained in response;
- the numeric code indicating the status of the response given by the server;
- and other parameters relating to the user’s operating system and computer environment.
These data, necessary for the use of web services, are also processed in order to:
- to obtain statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.);
- for ascertaining liability in the event of hypothetical computer crimes to the detriment of the site;
- for statistical purposes;
- to improve site navigation and content.
Data communicated by the user
The optional, explicit and voluntary sending of messages to the Controller’s contact addresses, as well as the completion and forwarding of forms on the site, entail the acquisition of the sender’s contact data, as well as all the personal data included in the communications necessary to, respond to any requests and comment on blog articles.
Cookies and other tracking systems
- DATA RETENTION PERIOD
In accordance with the principles of lawfulness, purpose limitation and data minimisation, pursuant to Article 5 of the GDPR, the period of storage of personal data is established for a period of time that does not exceed the achievement of the purposes for which they are collected and processed and in compliance with the timeframe for the proper provision of the necessary services.
- OPTIONALITY OF PROVIDING DATA
Apart from that specified for navigation data, the user is free to provide the personal data indicated in the request forms. If the data are acquired by consent, the user has the right to revoke it at any time without prejudice to the lawfulness of the processing based on the consent given before revocation .
- PROCESSING METHODS
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorised access.
- RECIPIENTS OF DATA
The recipients of the data collected following consultation of the site are only authorised internal staff of the Data Controller, who act on the basis of specific instructions provided regarding the purposes and methods of data processing.
- DATA TRANSFER ABROAD
Data are not communicated to third countries or international organisations outside the European Union.
- RIGHTS OF DATA SUBJECTS
Pursuant to Articles 15-22 of the GDPR, data subjects have the right to
- request confirmation of the existence or otherwise of their personal data;
- obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated, and when possible, the storage period;
- obtain the rectification and erasure of data;
- obtain the restriction of processing;
- obtain the portability of the data, i.e. receive them from a data controller, in a structured, commonly used and machine-readable format, and transmit them to another data controller without hindrance;
- object to the processing at any time and also in the case of processing for direct marketing purposes;
- object to automated decision-making relating to natural persons, including profiling;
- The data subject is also granted the right to lodge a complaint with a supervisory authority pursuant to Article 77 of the GDPR.
To exercise their rights, data subjects may address a request to the contact details of the Data Controller indicated in this policy. Requests are made free of charge and processed by the Controller as quickly as possible, in any case within 30 days.
- PERSONAL DATA PROTECTION OFFICER (DPO)
You may contact the Personal Data Protection Officer (DPO) by sending an e-mail to: email@example.com.