Bonomi North America Inc. is a company that is particularly attentive to its users' privacy. Through this Disclosure therefore, the management methods of the website www.bonominorthamerica.com are described with reference to the processing and protection of personal data of the users who access it. This is a general disclosure made in compliance with EU Regulation 679/2016 "Regulation on the protection natural persons of individuals with regard to the processing of personal data, and on the free movement of such data" (hereafter referred to as EU Reg) exclusively for the site www.bonominorthamerica.com of which Bonomi North America Inc. is the owner, and not for other websites that may be consulted by the user through links on its pages for which Bonomi North America Inc. is in no way responsible.
- Data Controller
The data controller of the data provided by the user to the www.bonominorthamerica.com is Rubinetterie Bresciane Bonomi S.p.A. based in Gussago (BS), Via Massimo Bonomi, 1 - C.P. 83, Fiscal Code 00296000177, VAT no. 00551700982, Tel. +39 030/8250011 - Fax +39 030/8920465
- Type of data collected
a) Internet Usage Data
The computer systems and programs used to operate the site collect some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected with the intent of associating it with identified users but, due to its nature, could lead to the identification of users through processing and association with information held by third parties. This category of data includes IP addresses or domain names of computers used by persons who connect to the site, the URI (Uniform Resource Identifier) of requested resources, the time of request, the method used to submit the request to the server, the size of the file received in reply, the numerical code indicating the status of the reply given by the server (successful, error, etc.) and other parameters regarding the user's operating system and computer environment.
b) Data provided voluntarily by the user (Article 4.1 EU Reg
When consulting the website the user is not required to transfer any personal information. However the optional, explicit and voluntary sending of e-mails to the addresses indicated on this site, the insertion of data in the section “Work with us”, or registration to “Member Area” involves acquiring the sender's address and some data entered by the user necessary to follow up the requests sent.
Specific information is gradually provided or displayed on pages of the site that offer specific services on request. In the emails and requests the users are encouraged not to send names or other third party personal data unless strictly necessary for the performance required.
- Purpose and legal basis for processing
The legal basis of the processing of internet usage data (point 2, letter a) is that of following the legitimate interests of the Data Controller in relation to the management of the Site. The data is used for the following purposes:
- to make access to and navigation on the site possible
- to collect data and information in an exclusively grouped and anonymous way, in order to check the correct functioning of the site
- to collect data and information in order to protect site security (spam filters, firewalls, virus detection) and users
- to obtain anonymous statistical information on the use of the site
In case of computer crimes committed against the Site, navigation data could also be used to ascertain accountability.
The data provided voluntarily by the user (point 2 letter b) by sending spontaneous e-mails to the contacts indicated, is treated in order to give feedback to the interested party, to perform the service or the requested service including the management of any candidacies sent spontaneously by the user, except as expressly indicated in the specific disclosures.
With reference to the purpose of processing the data entered in the registration form in Member Area” and in the form in the section “Work with us”, reference is made to the information in the respective sections of the site.
The data provided will not be disclosed to third parties without first obtaining effective and unambiguous consent from the data subject.
- Data processing methods
The processing, carried out only by personnel directly authorized by the Data Controller, is carried out according to principles of correctness, lawfulness, transparency and can be carried out with or without the aid of electronic or automated tools. This treatment will include all the operations envisaged by Art. 4, n. 2, EU Reg (collection, registration, organization, structuring, storage, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of provision, comparison or interconnection, limitation, deletion or destruction of data) and necessary to the processing in question, including communication to the subjects listed in the following paragraph “Data communication”.
The data will be recorded and stored both in paper and electronic archives, according to principles of correctness, lawfulness and transparency, with organisational systems related to the purposes of the processing. In addition, to protect data from destruction or loss (including accidental) and to ensure its integrity and confidentiality (including against unauthorized access or disclosure) and in general to ensure the rights of the data subject, the Data Controller has adopted technical and organisational security measures in compliance with the provisions of the EU Reg (with particular reference to Articles 24, 32 and 35).
- Communication of data
In addition to the Data Controller, in some cases, even parties authorised to process data may access the data pursuant to Art. 29 EU Reg (employees of the Data Controller) for the purposes of the processing itself.
The collected data can also be communicated to external subjects (e.g., third party technical service providers, hosting providers, IT companies), appointed as Data Processors pursuant to Art. 28 EU Re, operating on behalf of Rubinetterie Bresciane Bonomi S.p.A. and according to its instructions, but only for activities strictly related to the purposes indicated above (e.g., to guarantee the operation of the Internet service, the management of the IT and telecommunications system). An updated list of data processors can be obtained by contacting the Data Controller.
- Dissemination of data
Personal data collected for the purposes indicated will not be disseminated.
- Duration of data retention
Internet usage data (point 2, letter a) and data provided voluntarily by the user (point 2, letter b) will be kept in accordance with the provisions of the current legislation, for a period of time not exceeding that necessary to achieve the purposes for which they are processed.
- Consequences of the failure to disclose personal data
The internet usage data collected in the context of this processing (point 2, letter a) is mandatory as strictly functional to the management of the site.
The provision of personal data voluntarily provided (point 2, letter b) is optional and aimed solely at following up the user's requests; failure to provide the necessary data makes it therefore impossible to reply to Rubinetterie Bresciane Bonomi S.p.A.
- Place of data retention
Personal data will be stored at the operational headquarters of the Data Controller and in any case within the European Union.
- User rights
The visitor to whom the personal data refers has the right to request access to, obtain from the Data Controller (Article 15 EU Reg), correct (Article 16 EU Reg) and cancel his personal data at any time (right to be forgotten) (Article 17 EU Reg). The visitor is also granted the right to limit the processing of personal data (Article 18 EU Reg), the right to the portability of the same (Article 20 EU Reg) and the right to object to its processing, for legitimate reasons (Article 21 EU Reg).
In any case, the visitor has the right to lodge a complaint with the Guarantor, as required by Art. 77 EU Reg, or to appeal to the appropriate courts pursuant to Art. 79 EU Reg if it considers that the processing of personal data referring to him has occurred in violation of the provisions of the EU. Reg.
- Methods of exercising the rights
The user can exercise his rights at any time by sending an e-mail to firstname.lastname@example.org; to the attention of the Internal Privacy Contact Person; a fax to the number +39 030/8920465; or a registered letter to the following address: Rubinetterie Bresciane Bonomi S.p.A. based in Gussago (BS), Via Massimo Bonomi, 1.
- Changes to this Disclosure
Rubinetterie Bresciane Bonomi S.p.A. reserves the right to modify this Disclosure. The date indicated at the start of the Disclosure is the date of the latest update to the same. In case of substantial changes, a notice will be provided through the Website, or by other means, to give the user the opportunity to verify the changes before they become effective.