Updated to European Data Protection Regulation No. 679/2016, GDPR and the Legislative Decree No. 101/2018

Our site respects and protects the confidentiality of users by taking proportionate measures not to infringe their rights.

The purpose of this privacy policy is to provide maximum transparency regarding the information the site collects and how it uses it..

TYPES OF DATA PROCESSED

  1. Data provided voluntarily by the User

The optional, explicit and voluntary sending of e-mails to the addresses indicated entails the subsequent acquisition of the sender's address, which is necessary to reply to requests, as well as any other personal data included in the communication.

  1. Navigation data

The computer systems and software procedures used to operate the site acquire, in the course of their normal operation, certain data whose transmission is implicit in the use of Internet communication protocols.

This is information that is not collected in order to be associated with identified interested parties, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. To this category of data belong:

- Internet Protocol (IP) address associated with device used to connect;

- browser type and parameters of the device used to connect to the site;

- name of the internet service provider (ISP);

- date and time of visit;

- The visitor's source (referral) and exit web pages;

- any number of clicks made within the site and any preference expressed

- other parameters relating to the user's operating system and computer environment.

This data may be used in order to obtain anonymous statistical information on the use of the site and to check that it is functioning properly:

- to comply with requirements dictated by national and EU regulations;

- for ascertaining liability in the event of hypothetical computer crimes against the site and for investigations in the event of possible litigation.

Only data collected for surveillance purposes persist on the servers for a period of 12 months.

  1. Geolocation data.

We may collect, use, store your information to: (a) respond, pursuant to applicable law or regulation, to legal process or governmental requests; (b) detect, analyze, prevent and manage fraud and other illegal activities or technical or security issues; (c) protect the rights, property and safety of Bardahl and Users.

Our website that uses geo-localised navigation may also request the user's location via the browser to offer faster searches. Again, this service is absolutely optional, user's location is not transmitted via Firefox or Crome without his explicit consent. The service is operated with complete respect for the user's privacy.

LEGAL BASIS FOR PROCESSING

  1. Data processed on the basis of consent

Blegal basis for the processing of all data for marketing/newsletters, profiling, geolocalisation purposes.

The provision of data and thus the Consensus collection and processing is optional.

The User may withhold consent for marketing, profiling and geolocalisation purposes and may revoke a consent already given at any time.

PURPOSE OF PROCESSING

The data will be processed mainly by electronic means and may be used:

  1. for entering master data into the company's computer databases;

  2. to manage customer relations;

  3. for issuing quotations and offers to active and/or potential customers;

  4. to issue requests for quotations and offers to active and/or potential suppliers;

  5. for sending the newsletter;

  6. to geolocate products or retailers;

  7. to conduct market and statistical surveys, marketing and service preference surveys;

  8. to carry out direct and indirect sales and placement activities;

  9. to fulfil obligations under laws, regulations, EU legislation, civil law and tax law;

  10. to comply with requirements dictated by national and EU regulations;

  11. for security purposes in order to block attempts to damage the site itself or to cause harm to other users, or otherwise harmful or criminal activities.

Secondary purposes of personal data processing

Personal data collected for the above purposes may also be processed to carry out customer satisfaction: the provision of data for these purposes is optional and consent is required for the processing of such data.

By giving consent to the processing for Marketing purposes, the data subject specifically acknowledges these promotional, commercial and marketing purposes in the broad sense of the term of the processing (including the ensuing management and administrative activities) and expressly authorises them, once consent has been given in accordance with the procedures laid down, pursuant to the EU Regulation.

We specifically and separately inform you, as required by Article 21 of the EU Regulation, that if personal data are processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you carried out for such purposes and that if you object to the processing for direct marketing purposes, your personal data may no longer be processed for such purposes.

THIRD-PARTY SERVICE PROVIDERS

Bardahl uses other companies and individuals to perform certain activities on our behalf.

In addition to the data controller, in some cases, categories of employees involved in the organisation of the site, i.e. external parties who may not use the same data for other purposes, may have access to the data, and are also obliged to process personal data in accordance with this Privacy Policy, and pursuant to applicable data protection regulations.

Please note that the computer systems and software procedures used to operate the apps (Apple Store, Google Play) acquire, in the course of their normal operation, certain data referring to the user whose transmission is implicit in the use of internet communication protocols, smartphones and devices used.

The data controller is not involved in such processing and cannot be held responsible for it.

The person concerned may, however, consult the privacy information made available on the following sites:

Apple Store:

https://www.apple.com/legal/internet-services/itunes/it/terms.html


Google Play:

https://play.google.com/intl/it_it/about/play-terms.html

SECURITY MEASURES AND PROCESSING METHODS

Personal data are processed by automated means for the time strictly necessary to achieve the purposes for which they were collected.

For the duration of the processing, please refer to the Data Retention Policy in the company documentation.

Specific security measures are observed to prevent the loss of data, unlawful or incorrect use and unauthorised access, such as encryption and pseudonymisation techniques and specific methods of selective access to data.

COMMUNICATION AND DISSEMINATION

The personal data collected will not be disclosed, sold, exchanged or communicated to third parties other than the Data Controller, without the express consent of the data subject. Communication to third parties, other than the Data Controller, external data processors and designees, appointed pursuant to Art. 13 c.1 letter e) of the EU Regulation is foreseen for the exclusive pursuit of the purposes set out in the paragraph LEGAL BASIS OF THE PROCESSING of this Policy and in any case within the limits of the same, possibly to: subjects and third party supply and technical and IT assistance companies affiliated companies or third parties that provide Bardahl with information processing services or activities complementary to those of the company, to allow the execution of the contract, all of which are committed to the correct and regular pursuit of the purposes described.

In any case, processing by third parties must be carried out fairly and in accordance with the applicable legal provisions.

Therefore, we may disclose the personal data of Customers/Users to other companies or third parties in any of the following cases:

1.when the data subject has consented to the communication;

2.when the communication is necessary to comply with the Customer/User's requests or to provide the requested service;

DATA CONTROLLER AND LOCATION

The data collected from the site are processed by the data controller in accordance with the laws in force, by the company Maroil s.r.l. - Bardahl Italia, Località Ponte alla Ciliegia n. 11, 55011 - Altopascio (Lucca) and can be reached at the following e-mail address: dpo@bardahl.it

TRANSFER OF DATA TO COUNTRIES OUTSIDE THE EU

This site may share some of the data collected with services located outside the European Union. In particular, with Google, through the Google Analytics service. The transfer is authorised on the basis of specific decisions of the European Union for which no further consent is required. The above-mentioned companies guarantee their adherence to the Privacy Shield.

USER RIGHTS

Pursuant to European Regulation 679/2016 (GDPR) and in accordance with the provisions of Privacy Decree No. 101/, the User may, in the manner and within the limits provided for by the legislation in force, exercise the following rights:

- request confirmation of the existence of personal data concerning him/her (right of access);

- obtain information on the logic, methods and purposes of the processing;

- request the updating, rectification, integration, deletion, transformation into anonymous form, and blocking of data processed in breach of the law, including data no longer necessary for the purposes for which they were collected;

- in cases of processing based on consent, receive, at the sole cost of any support, your data provided to the data controller and held by it, in structured, machine-readable form and in a format commonly used by an electronic device;

-the right to lodge a complaint with the Privacy Guarantor or the Judicial Authority;

- Pursuant to Article 2-terdecies of the Privacy Decree No. 101/2018, all rights (Art. 15 up to 22 of the EU Regulation) relating to personal data concerning deceased persons may be exercised by a person who has an interest of his own or is acting on behalf of the data subject, in his capacity as his representative, or for reasons of family members deserving protection

- as well as, more generally, to exercise all the rights recognised to him by the applicable legal provisions.

Requests should be addressed to the Data Controller.

Where data are processed on the basis of the legitimate interests The data subject's rights to the processing are in any case guaranteed (except for the right to portability, which is not provided for by the rules), in particular the right to object to the processing, which can be exercised by sending a request to the data controller. You may object to the processing of your personal data:

(a) for legitimate reasons;

(b) (without the need to give reasons for the objection) when the data are processed for commercial or marketing purposes.

SUBJECT TO THE LIMITATIONS TO THE RIGHTS OF THE INTERESTED PARTIES REFERRED TO IN ARTICLES 2-undecies and 2-duodecies of Legislative Decree No. 101/2018

RECURRENCE

If the User considers that the above-mentioned rights regarding the protection of personal data have been violated, the data subject may lodge a complaint with the Privacy Guarantor pursuant to Art. 77 of the Regulation and Art. 141 of the Privacy Decree or appeal to the Judicial Authority pursuant to Art. 78 and 79 of the EU Regulation and pursuant to Art. 152 et seq. Privacy Decree.

Privacy Preference Center

Privacy Preferences