Privacy e Cookie Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

of the users visiting the websites bipcybersec.com

Pursuant to Article 13 of the EU Regulation 2016/679

DATA CONTROLLER

The Data Controller of your personal data is Business Integration Partners S.p.a. (hereinafter referred to as “Bip” or the “Controller” or the “Company”), with registered office in Piazza San Babila 5, 20122 Milan (Italy) – tel. +39 0241521, whom you may contact in order to exercise your rights pursuant to Articles 15 et seq. of Regulation (EU) No. 2016/679 (hereinafter referred to as “GDPR”), also through the e-mail address [email protected] and the PEC address [email protected].

DATA PROTECTION OFFICER

Bip has appointed a Data Protection Officer (DPO), whose contact details are as follows:

  • ordinary mail, Piazza San Babila 5, 20122 – Milan, (Italy), to the Data Protection Officer
  • e-mail, [email protected]
  • telephone number, +39 24541521.

CATEGORIES OF PERSONAL DATA

The following personal data relating to you may be collected and processed:

  • Browsing data;
  • Personal data voluntarily provided by you through the information request forms on the website (name, surname, e-mail, telephone, company in which you work, company role, etc.);
  • Personal data collected through Cookie;

Browsing data;

The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.

This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.

These data are necessary to use web-based services and are also processed in order to

  • extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.) (most visited pages, visitors by time/ date, geographical areas of origin, etc.);
  • check functioning of the services.

Browsing data are kept for no longer than seven days (except where judicial authorities need such data for establishing the commission of criminal offences).

Data communicated by users

Entering personal data, on the basis of the user’s free, voluntary, explicit choice, via contact forms available on the website entail the acquisition of the sender’s contact information – which is necessary to provide a reply – as well as of any and all the personal data communicated in that manner.

Cookies and other tracking devices

Cookies are small text files that are sent by the website visited and stored by the software (e.g. a web browser) installed on the device used by the user for browsing. Cookies are then transmitted back to the aforementioned website the next time the user visits.

Cookies make it possible to store information about a user’s visits to a website and are a very useful technology, as they allow websites to function, for example, to improve the user experience by allowing the website to store the information in the memory of the user’s computer or other device.

Technical cookies are those used for the sole purpose of carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide such service. They are not used for any further purposes and are normally installed directly by the website owner or operator. They fall into this category:

  • browsing or session cookies, which ensure normal navigation and use of the website (allowing, for example, authentication to access restricted areas)
  • analytical cookies, which are assimilated to technical cookies only if
    • used only for aggregate statistics and in relation to a single site or mobile application;
    • anonymized through the masking of the IP address;
    • are not combined by any third parties with further processing for purposes other than statistical analysis only;
    • functionality cookies, which allow the user to navigate according to a set of selected criteria (e.g. language, products selected for purchase) in order to improve the service rendered to the user.

The installation and use of such cookies does not require the prior consent of users, while the obligation to provide adequate information regarding the processing of personal data concerning them remains in place.

This site uses exclusively technical cookies. These cookies, being of a technical nature, do not require the prior consent of the user in order to be installed and used.

We do not use cookies for user profiling. Nor do we use cookies to provide targeted advertising.

Below are the cookies currently used and their classification (Scanned on 11/07/2022):

COOKIE NAME

CLASSIFICATION

DESCRIPTION

DATA SENT IN

EXPIRY (Time of data deletion)

ARRAffinity

TECHNICAL

Used to distribute site traffic over several servers to optimise response times.

Germany

Session

ARRAffinitySameSite

TECHNICAL

Used to distribute site traffic over several servers to optimise response times.

Germany

Session

pll_language

TECHNICAL FUNCTIONAL

Used to determine the visitor’s preferred language and to set the site language according to that preference, if possible

Germany

1 Year

 

Users may always choose to enable or disable cookies by adjusting the settings of their browsers according to the instructions made available by the relevant providers at the links below:

Chrome

Firefox

Safari

Internet Explorer

Opera

PURPOSE AND LEGAL BASIS OF THE PROCESSING

The processing of the user’s personal data is carried out:

  1. through the use of cookies and navigation, exclusively to improve the user’s browsing experience (determination of the visitor’s preferred language and to set the language of the website) and the improvement of the website’s performance; such processing does not require your consent and is necessary for the pursuit of the legitimate interest of the Data Controller pursuant to Article 6(1)(f) of the GDPR;
  2. through the use of forms on the website, to enable the handling of requests for information submitted by the user; such processing does not require the user’s consent as it is necessary to fulfil the specific user’s requests as Data Subject (pre-contractual measures) pursuant to Article 6(1)(b) of the GDPR;
  3. to send its newsletters on privacy and data protection news and commercial and promotional communications on the Company’s services by means of distance communication tools; such processing requires consent pursuant to Article 6(1)(a) of the GDPR

PROVISION OF PERSONAL DATA AND CONSEQUENCES OF A REFUSAL TO PROVIDE  

The provision of personal data for the purposes under b) is optional and the refusal to provide them will only imply the impossibility for the Data Controller to manage and process the user’s requests.

STORAGE PERIOD

Users’ personal data will be stored for no longer than is necessary to process your enquiry and in all cases deleted or anonymised within 12 months from collection , except where processing is necessary to comply with a legal obligation under Article 6(1)(c) of Regulation EU 2016/679.

COMMUNICATION OF DATA TO POSSIBLE RECIPIENTS  

Personal data may be made accessible or communicated, in compliance with the regulations in force and the purposes described above, to companies of the group to which the Data Controller belongs (parent companies, subsidiaries, affiliated) and external companies appointed by the Data Controller to perform services of various kinds, such as, by way of example, website maintenance, commercial activities, service quality measurement activities, etc. Therefore, the Data Controller designate such entities as Data Processors pursuant to Article 28 of the GDPR, from among those that present sufficient guarantees to put in place adequate technical and organisational measures so that the processing meets the requirements of the Regulation and guarantees the protection of the rights of the data subjects.

Personal data are not subject to dissemination to unspecified persons, in any form, including by making them available or consulting them.

DATA SUBJECT’S RIGHTS

Data subjects have the right to obtain from the Data Controller confirmation as to whether or not personal data relating to him or to her are being processed and, if so, to obtain access to the personal data and to the following information the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed (including recipients in third countries or international organisations), the period for which the personal data are to be retained or, if this is not possible, the criteria used to determine this period, the origin of the personal data if not collected from the data subject, the existence of an automated decision-making process including profiling and information on the logic used.

Furthermore, the data subjects have the right, in the cases provided for by the GDPR to obtain:

  • Withdrawal of consent at any time without affecting the lawfulness of the processing based on the consent given before its withdrawal;
  • Rectification of inaccurate personal data;
  • Integration of incomplete personal data;
  • Deletion (right to be forgotten);
  • Limitation of the processing of personal data (in which case, data are processed only with the consent of the data subject, except for the necessary storage of the data and in the other cases permitted by law);
  • Data portability, including by means of transmission of the data subject’s personal data from one data controller to another, where technically feasible;
  • Object to the processing.

Some of the rights that may be exercised by the data subject are detailed below

Right to object

Each data subject has the right to object at any time to the processing of his or her personal data carried out in pursuit of a legitimate interest of the Data Controllers. In the event of an objection, personal data will no longer be processed, unless there are legitimate grounds for processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defence of a legal claim.

Right to withdraw consent  

In the event that consent is required for the processing of personal data, each data subject may, at any time, withdraw consent already given, without prejudice to the lawfulness of the processing based on consent given before the withdrawal.

Right to lodge complaint to the Supervisory Authority  

If the data subject considers that the processing carried out by the Data Controller may have violated the applicable data protection rules, he/she has the right to lodge a complaint with the Data Protection Authority pursuant to Article 77 of Regulation (EU) No. 2016/679.

UPDATES

This Information on the processing of personal data will be subject to updates. The Data Controller therefore invites users who wish to know the methods for processing personal data collected through the Site to periodically visit this page.

GOOGLE reCAPTCHA

This site is protected by reCAPTCHA, its use is subject to
Privacy Policy e ai
termini di utilizzo di Google.