This document describes the manner by which the site bebit.it (“Site”) is managed, with reference to the processing of personal data belonging to the users (“User/Users”) consulting it.
It is an information notice issued in accordance with section 13 of the Italian Legislative Decree no. 196/2003 (“Privacy Code”), for those who communicate by filling the specific online form for asking information on the services promoted through the Site or for sending a spontaneous job applications, available at section “Contact us” of the Site, or by sending an email message to the addresses indicated on the Site. The information notice is provided only for the Site and not for any other websites viewed by users through the links.
1. The data controller
The data controller is Libera S.r.l., with registered office in 10152 Turin, Via Andreis 18/16/M, Cortile del Maglio (“Data Controller”).
The data processor is Bebit S.r.l.. For an updated data processor lists, please write to the following email address: firstname.lastname@example.org.
2. Types of data processed and purposes of the processing
2.1 Personal data
The personal data provided by the User are collected and processed by the Data Controller in order to:
a) allow the User to ask the Data Controller for information on that services which the latter promotes on the Site; b) answer to the Users requests and send them the required estimate of fee; c) provide feedbacks to the spontaneous job applications sent by the User; d) send to the Users which have provided their prior consent that marketing communications and/or informative newsletters which are related to Bebit services.
2.2. Browsing data
During normal use, the electronic systems and software procedures enabling this Site to operate, acquire certain personal data; transmission of same is implicit in the use of internet communication protocols. This information is not being collected in order to be associated to well-identified data subjects, but its nature, by means of processing and associations with data held by third parties, could make the users identification possible.
The category of data could be listed as follow: (i) IP addresses or domain names of computers used by users connecting to the Site, (ii) addresses in URI (uniform resource identifier) notation for resources requested, (iii) the time of request, (iv) the method used to submit the request to the server, (v) the dimension of the file obtained in response, (vi) the numerical code indicating the status of the response given by the server (success, error etc) and (vii) other parameters regarding the user’s operating system and the IT environment.
This data is used only to glean anonymous statistical information on the use of the Site and to check that it operates correctly and this data is deleted immediately after processing. The data could be used for ascertaining liability in the event of hypothetical computer crimes against the Site: with the exception of this eventuality, data on web contacts does not remain for more than seven days.
2.4 Data provided by users of their own free will
In addition to this data, the Data Controller will also process any other information that User may spontaneously provide by sending an email message to the address indicated on the Site or by requesting information through section “Contact us” of the Site. Such information will be processed by the Data Controller only for the purpose of providing a feedback to the User.
3. Manner of data processing
The personal data is processed through computerised, automated manual systems for such period of time which is necessary to achieve the purposes for which the data is collected.
The Data Controller adopts specific security measures in order to ensure that data is processed in compliance with the Privacy Code, paying particular attention to the prevention of loss of data, unlawful or incorrect use or unauthorised access to databases.
4. The type of data collected and the consequences of any refusal to respond
The processing of the User personal data is necessary to request information to the Data Controller, to provide a feedback to the Users requests and to send to the latter the estimate of fee required for the fruition of Bebit services. Therefore, the refusal to allow their data to be processed would make impossible for the Users to communicate with the Data Controller and/or for the latter to provide a feedback to the Users.
The processing of the Users data for sending them marketing communications and/or informative newsletters is not mandatory. However, the refusal to allow their data to be processed would make impossible for the Users to remain updated on the news and/or promotions offered by Bebit.
5. The data subject’s rights
At any time, the data subject is entitled to obtain confirmation of whether or not there is personal data concerning him/her, even if such data has not been registered yet, and is entitled to receive notice of such data in a form that is legible.
In particular, the data subject is entitled to obtain information as to:
a) the source of personal data; b) the purpose and manner of data processing; c) the reasoning applied in the event of processing undertaken with the aid of electronic systems; d) details allowing identification of data controllers and data processors; e) individuals or entities or categories of individuals or entities to whom personal data may be communicated or who may gain knowledge thereof in their capacity as designated representative in Italy, data processors or persons in charge of the processing.
The data subject is also entitled to obtain:
f) updating, rectification, and, when requested, integration of the data; g) erasure, anonymization or blocking of data that have been processed unlawfully, including data which it is not necessary to preserve in respect of the purposes for which the data is collected or subsequently processed; h) certification that the operations as per points 1) and 2) have been brought to the attention, also with regard to their contents, of those to whom the data has been communicated or disseminated, with the exception of those cases in which such a legal obligation proves to be impossible or entails use of means which are patently disproportionate compared to the entitlement being safeguarded.
The data subject shall have the right to object, either wholly or partially: a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection; b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication survey.
In order to exercise the aforementioned rights, it is necessary to write to Libera, at the abovementioned registered office or at the e-mail address email@example.com, specifying “Bebit – exercise of the data subject rights” as object.
6. Communication of data
The personal data collected by the Data Controller through the Site will not be distributed, sold or transferred to third parties, save for those eventualities contemplated by law.
In any case, it remains understood that the Data Controller retains the right to communicate the Users personal data to the companies in charge for carrying out specific services within its activity and/or, in general, in its favor, that will operate as independent data controllers or processors, as well as the right to communicate and/or to distribute the User personal data that, in compliance with the applicable law, the police, the judicial authority, the information and security agencies or other public subjects might ask for purposes related to defence or State security or to preventing, detecting or suppressing crimes.
8. Duration of the processing
The processing will last for such period of time that is necessary for achieving the purposes for which the data were collected in compliance with the obligations of civil, fiscal and tax current regulations.
*** *** ***