PRIVACY POLICY
Do you want to clear all the site cookies?
If you are logged in, you will need to log in again
The Web Site (hereinafter also “Service”) at the URL http://www.BabbiniPresses.com collects some personal data.
Data controller (hereinafter also “Controller”)
Babbini S.p.A.Head office: Loc. Belchiaro, 135/A – 47012 Civitella di Romagna (FC) Italy
VAT number 03240710404
Telephone: +39 0543 983400
Email: babbinispa@babbinipresses.com
Three basic rules on data processing
- Confidentiality – We respect your privacy. Without your permission, we will not share your personal information (e.g. name, surname, email, phone number, date of birth and gender) with third parties who have nothing to do with the management of this Service, unless required to do so by law.
- Management – On the other hand, it is possible that the above and other data may be used by external technical and communication service providers for the sole purpose of improving your experience using the Service. You may at any time request the Controller to submit a list of these providers.
- Timing – You will be able to know your processed data, to check them or to request their modification, deletion or interruption of processing at any time.
Data processing modes
The processing of data necessary to make use of this Service is carried out in two different modes.
1. Data directly processed by the Service
The Service requires your explicit permission to allow you to use the following modules (all or a subset of them)..
Registration and user login
Purpose | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|
authentication, content customization, statistics | (all or a subset of them) name, surname, company, vat number, taxpayer number, password, email, phone number, date of birth, gender, billing address, shipping address | filling out the relevant form or through social login |
|
|
password encrypted with blowfish hash algorithm |
.
Comments system
Purpose | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|
identification of the author of a comment | name, email address, IP address | filling out the relevant form | upon request, use of cookies to pre-fill the form in subsequent comments (technical cookie) |
|
— |
.
Contact form
Purpose | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|
sending of a message from the user to the Controller | (all or a subset of them) name, surname, company, email, telephone number, address | filling out the relevant form | — |
|
— |
.
Booking form
Purpose | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|
Reservation request for a resource (e.g., requesting a hotel room, ordering a product, responding to a post…) | (all or a subset of them) name, surname, company, VAT number, taxpayer number, email, telephone number, billing address, shipping address | Filling out the relevant form | — |
|
for a possible digital payment we use third-party service (e.g. PayPal) |
.
2. Data indirectly processed by third-party service providers used by the Service
The Service, for the sole purpose of enhancing your user experience, may integrate services from external vendors, governed by their respective privacy policies.
Google Analytics
Supplier | Scope | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|---|
Google Inc. | statistics on access to the Service | partial or complete IP address, user agent, Service use data | automatically while using the Service | use of cookies to support analysis (profiling cookies) | Google Inc. server in the USA |
|
.
YouTube videos
Supplier | Scope | Data | Modes | Cookies | Place | Notes |
---|---|---|---|---|---|---|
Google Inc. | integration of videos within the Service | no information is shared by the Service in which the Plugin is incorporated | user’s interaction with the video | use of cookies to support content analysis and customisation (profiling cookies) | Google Inc. server in the USA |
|
.
Abuse
The data subject to processing may be used by the Controller for his own defence in case of abuse of the Service or of an external service by you or by third parties.
Privacy policy updates
The Controller reserves the right to change the present Privacy Policy at any time, informing you in this regard on this page, while maintaining the same level of protection for your data.
Legal references
This privacy policy is drawn on the basis of several legislative orders, including Articles 13 and 14 of the EU Regulation 2016/679.
Unless otherwise specified, this privacy policy covers this Application only.
Tipe of collected data
The Personal Data collected by this Application, either independently or through third parties, include: Cookies, Usage Data, various types of Data, email, name, surname, telephone number, company name, Videos and Data disclosed during the use of the service.
Full details on each type of collected Data are provided in the relevant sections of this privacy policy or through specific informational texts displayed prior to the collection of such Data.
Personal Data may be freely provided by the User or, in the case of Usage Data, automatically collected during the use of this Application.
Unless otherwise specified, all Data required by this Application are mandatory. If the User refuses to provide them, it may be impossible for this Application to provide the Service. In cases where this Application indicates certain Data as optional, Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.
Users who may have doubts about which Data is mandatory are encouraged to contact the Data Controller. The possible use of Cookies – or other tracking tools – by this Application or the owners of third party services used by this Application, where not otherwise specified, has the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookies Policy, if available.
The User is responsible for the Personal Data of third parties obtained, published or shared through this Application and warrants that he or she has the right to communicate or disclose them, releasing the Owner from any liability towards third parties.
Processing modes and place for collected data
Processing modes
The Controller takes appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.
The processing is carried out by means of computer and/or telematic tools, with organizational methods and logics strictly related to the indicated purposes. In addition to the Controller, in some cases, other parties involved in the organization of this Application (administrative, sales, marketing, legal personnel, system administrators) or external parties (such as third party technical service providers, postal couriers, hosting providers, IT companies, communication agencies) also appointed, if necessary, Data Processors by the Data Controller may have access to the Data. The updated list of Data Processors can always be requested to the Data Controller.
Legal basis for data processing
The Controller processes Personal Data related to the User if one of the following conditions occurs:
- the User has given consent for one or more specific purposes;
Note: in some jurisdictions, the Controller may be authorized to process Personal Data without the need for the User’s consent or for another of the legal bases specified below, as long as the User does not object (“opt-out”) to such processing. However, this does not apply if the processing of Personal Data is governed by European legislation on the protection of Personal Data; - the processing is necessary for the performance of a contract with the User and/or the execution of pre-contractual measures;
- the processing is necessary to comply with a legal obligation to which the Controller is subject;
- the processing is necessary for the performance of a task of public interest or for the performance of public authority by the Controller;
- processing is necessary for the pursuit of the legitimate interest of the Controller or third parties.
However, it is always possible to ask the Data Controller to clarify the actual legal basis of each processing and in particular to specify whether the processing is based on law, required by a contract or necessary to conclude a contract.
Place
The Data are processed at the Controller’s operational offices and at any other location where the parties involved in the processing are located. For more information, please contact the Data Controller.
The User’s Personal Data may be transferred to a country other than the country where the User is located. To obtain more information about the processing location, the User may refer to the section on Personal Data processing details.
The User has the right to obtain information concerning the legal basis for the transfer of Data outside the European Union or to an international organization under public international law or established by two or more countries, such as the UN, as well as concerning the safety measures taken by the Data Controller to protect the Data.
The User can verify whether one of the transfers described above takes place either by examining the section of this document relating to the details on the processing of Personal Data or by requesting information from the Data Controller by contacting him at the contacts indicated here above.
Storage period
The Data are processed and stored for the time required by the purposes for which they were collected.
Therefore:
- Personal Data collected for purposes related to the execution of a contract between the Controller and the User will be stored until the execution of this contract is completed.
- Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be stored until such interest is fulfilled. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.
When the processing is based on the User’s consent, the Controller can store the Personal Data for longer, until said consent is revoked. Furthermore, the Data Controller may be obliged to store Personal Data for a longer period in compliance with a legal obligation or by order of an authority.
At the end of the storage period, the Personal Data will be deleted. Therefore, upon expiry of this term, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
Purposes of Processing of Collected Data
User Data are collected to enable the Controller to provide his Services, as well as for the following purposes: SPAM protection, Backup storage and management, Statistics, Visualisation of contents from external platforms, Social Features, Contacting the User, Interaction with live chat platforms and Contacts management and message sending.
To get further detailed information on the purposes of processing and the Personal Data actually relevant for each purpose, the User may refer to the relevant sections of this document.
User’s rights
Users may exercise certain rights with respect to the Data processed by the Controller.
In particular, the User has the right to:
- revoke consent at any time. Users may revoke their previously expressed consent to the processing of their Personal Data.
- object to the processing of their Data. The User may object to the processing of his/her Data when this is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
- access to his/her own Data. The User has the right to obtain information about the Data processed by the Data Controller, about certain aspects of the processing and to receive a copy of the processed Data.
- check and request correction. Users may check the accuracy of their Data and request their updating or correction.
- obtain processing restrictions. When certain conditions occur, the User may request the restriction of the processing of his/her Data. In this case, the Data Controller will not process the Data for any purpose other than their storage.
- obtain the deletion or removal of his/her own Personal Data. When certain conditions occur, the User may request the Data Controller to delete his/her Data.
- receive his/her Data or have his/her Data transferred to another controller. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred unimpeded to another data controller. This provision is applicable when the Data are processed by automated means and the processing is based on the User’s consent, on a contract in which the User is a party or on contractual provisions related thereto.
- propose a claim. The User may submit a claim to the relevant data protection supervisory authority or take legal action.
Details on the right to object
When Personal Data are processed in the public interest, in the exercise of public powers by the Data Controller or in pursuit of a legitimate interest of the Data Controller, Users have the right to object to the processing for reasons related to their particular situation.
Users are advised that in case their Data were processed for direct marketing purposes, they may object to the processing without providing any reasons. To find out whether the Data Controller processes Data with direct marketing purposes, Users can refer to the respective sections of this document.
How to exercise rights
To exercise the User’s rights, Users may send a request to the Controller to the contacts indicated in this document. Requests are filed free of charge and processed by the Controller as soon as possible, in any case within one month.
Disabling cookies
Users can delete cookies directly through their browsers. The links to the cookie management procedures of the most popular browsers can be found here below:
To learn about the profiling cookies saved on your device and disable them singularly, please refer to the following link: youronlinechoices.com
Glossary
- Cookie:
- small files that a website stores on your computer to store information that is useful (and sometimes necessary) for the website to run properly. (for further details: wikipedia)
- Technical cookies:
- these are the cookies that are used to keep the Session active or to perform an action requested by the user within the Service.
- Profiling cookies:
- these are the cookies used (usually by third-party services) to track the user’s web browsing and to create profiles based on their tastes, habits, choices, etc…
- Session:
- timeframe in which an individual user uses the Service. (for further details: see wikipedia)
- Plugin:
- a small specific application that can be integrated within a Service. (for further details: see wikipedia)
- Server:
- a computer providing services to other computers through the network. (for further details: see wikipedia)
- Hosting:
- Service of servers and network connection rental to host a website and make it reachable through the web. (for further details: see wikipedia)
- Backup:
- Security copy of data inside mass storage archives. (for further details: see wikipedia)
Civitella di Romagna (FC) on February 1st, 2023
___
NOTICE
pursuant to art. 13 of EU Regulation 2016/679
BABBINI SPA (hereinafter referred to as “Controller”), as Data Controller pursuant to art. 13 of the EU Regulation 2016/679 (hereinafter “Privacy regulation”) and its subsequent amendments and additions, collects and subsequently processes personal data relating to its Customers and Suppliers (hereinafter referred to as “Concerned Party”).
1. Type of processed data.
The processed personal data consist in:
Common personal data. Such information include, but are not limited to, personal data and contact data (e-mail address and telephone number).
2. Scope and modes of data processing.
The personal data of the Concerned Party are processed in the frame of the standard Controller activity for the pursuit of the following purposes:
- Correct and complete performance of the contractual obligations in force (hereinafter referred to as the “Contract”);
- Administrative and accounting obligations strictly connected with the Contract;
- Fulfilment of specific obligations provided by law, by a regulation or by the EU legislation;
- Promotional activities concerning products and services.
The personal data processing is carried out under the Controller’s authority by specifically appointed and authorised persons, trained in data processing pursuant to art. 29 of the Privacy Regulation, by means of manual, computer or telematic tools, with logics strictly related to the purpose and, in any case, in a way that guarantees the confidentiality and safety of personal data. The processing of personal data may also take place, on behalf of the Data Controller, by Data Processors specifically appointed pursuant to art. 28 of the Privacy Regulation.
3. Legal basis of processing and nature of data provision.
With reference to the purposes referred to in the above paragraph 2 points 1, 2, 3, the provision of personal data is mandatory and constitutes a necessary requirement for the execution of the Contract and for the fulfilment of its related tax and administrative obligations. Failure to provide the data leads to the impossibility of receiving the service as per the Contract. The legal basis for the related processing is the correct execution and management of the Contract.
With reference to point 4) – promotional activities concerning products and services -, the legal basis is the legitimate interest of the owner. The customer can stop receiving these communications via e-mail at any time.
4. Data recipients and scope of data communication.
With reference to the above indicated processing purposes and strictly within their limits, the personal data of the Concerned Party will or may be communicated to the following categories of subjects:
- Financial administration and other public authorities, where required by law or upon their request;
- Banks for payment orders or other financial instrumental activities for the Contract execution;
- External subjects performing control activities, such as auditing firms, boards of auditors, supervisory bodies;
- Companies and organizations for credit management and/or for the protection of interests and rights;
- Subjects appointed as external data controllers pursuant to art. 28 of the Privacy Regulation, for activities connected with, instrumental or consequent to the Contract execution.
The updated list of the subjects appointed as external controllers can be provided by the Data Controller upon request of the Concerned Party.
5. Data transfer outside the EU.
The personal data will not be transferred to countries outside the European Union. In case, for reasons connected to the contract execution or to the fulfilment of legal obligations, a transfer to non-EU countries and/or organizations becomes necessary, said transfer will be carried out in compliance with the applicable regulations. Transfers will be carried out through suitable guarantees, such as adequacy decisions, standard contractual clauses approved by the European Commission or other legal instruments.
6. Data retention period or criteria for period definition.
The personal data of the Concerned Party are stored by the Controller for the time needed to fulfil the purposes referred to in paragraph no. 2 (points 1 to 3), as well as for the time provided for by civil, tax and regulatory provisions and in any case no longer than 10 years from the termination of the contractual relationship.
For what concerns promotional purposes towards already acquired customers (paragraph 2, point 4) the concerned party’s data will be processed until the exercise of its right of opposition (which can be exercised from the beginning, when sending the individual communications and/or through direct contact with the controller).
Once the retention period has elapsed, the data will be anonymized or deleted, unless their retention is necessary for other purposes provided for by express provision of law.
7. Rights of the concerned party.
Articles 15 to 21 of the Privacy Regulation grant to the Concerned Party the right to:
- Access the Personal Data, (or a copy of such Personal Data), as well as to further information about the ongoing data processing;
- Correct or update of the personal data processed by the Data Controller, in case they are incomplete or not updated;
- Delete the personal data from the Data Controller’s databases in the cases provided for by the current legislation;
- Limit the personal data processing by the Data Controller;
- Obtain a structured, commonly used and machine-readable format for the personal data concerning him or her;
- Object to the processing of personal data by the Data Controller (e.g. promotional activities)
The concerned party may exercise his/her rights by writing to BABBINI SPA at the following email address: babbinispa@babbinipresses.com.
In any case, s/he always has the right to file a claim with the competent Data Protection Authority (Guarantor for Personal Data Protection).
8. Modifications to privacy information
The controller reserves the right to modify, update, add or remove parts of this information, giving notice to the interested parties.
Notice last updated in December 2023