Site Privacy Policy https://bobspa.com

Hello

This privacy policy contains important information on the processing and protection of personal data of site users https://bobspa.com.

The data collected through the site are processed according to the principles of correctness, lawfulness, transparency, limitation of purposes and conservation, minimization and accuracy, integrity and confidentiality, as required by EU Regulation 679/2016 (GDPR).

Data Controller

The data controller is B.o.B. Sistemi Idraulici s.p.a., Reg. Oltre Rea, 32 – Monchiero (CN), P. IVA 00496180043, mail info@bobspa.com. The contact person for data protection can be contacted by email at the address: marco.brandino@bobspa.com.

Website

B.o.B. Sistemi Idraulici s.p.a. is the owner and owner of the contents of the site https://bobspa.com hereinafter “Site”.

The Site is hosted on hosting managed by Proton s.r.l., based in Savigliano (CN), whose servers are located within the EU (Italy).

What personal data is collected and why (type of data, purpose and legal basis)

By browsing this site, personal data may be collected, as better specified below.

Cookies are also installed, as you can read in the cookie policy.

Navigation Data

The computer systems of the site implicitly collect, during their operation, some personal data (required by Internet communication protocols). These are not associated with specific subjects, except through a complex and complicated system of processing and association with other data held by third parties. This category of personal data includes the IP addresses or domain names of the computers used by users who connect to the site, the browsers and the parameters of the computer system used to connect to the site, navigation data, including the time of the request and response obtained from the server.

Data processed: IP addresses or domain names of the computers used by users who connect to the site, browsers and parameters of the computer system used to connect to the site, navigation data, including the time of the request and response obtained from the server.

Purpose: use of the site, any anonymous statistics on the use of the site.

Legal basis: legitimate interest of the Data Controller.

Non-EU data transfer: no.

Contact form

When completing the contact form on the Site, the User is required to provide their name, surname, telephone number and e-mail address, necessary for the Data Controller to respond to the request received.

Data processed: name, surname, telephone and email address.

Purpose: response to a request received from the User.

Legal basis: consent, expressed at the bottom of the form.

Non-EU data transfer: no.

Warranty activation form

On the Site there is a form, to be filled in to activate the guarantee on the products purchased. The communication of the requested data is necessary for the correct activation of the guarantee.

Processed data: name, surname, email, company name, vehicle model, warranty activation, vehicle serial number, assembly date, equipment model.

Purpose: activation of the guarantee.

Legal basis: consent, expressed at the bottom of the form.

Non-EU data transfer: no.

Social share buttons

The social sharing buttons are installed on the site, which allow the User to share the contents of the Site on the main social networks (or through their e-mail manager).

The use of the social buttons involves the sharing of some information of the User (better specified below) with the social network concerned, which can collect, memorize, analyse, archive it, based on the provisions of the specific information of each social network (linked below).

In some cases, the collection of User data could take place through the use of cookies.

Facebook

Data processed: cookies, usage data

Purpose, legal basis and storage time: see https://www.facebook.com/about/privacy/

Non-EU data transfer: yes.

Linkedin

Data processed: cookies, usage data

Purpose, legal basis and storage time: see https://it.linkedin.com/legal/privacy-policy

Non-EU data transfer: yes.

Twitter

Data processed: cookies, usage data

Purpose, legal basis and storage time: see https://twitter.com/it/privacy

Non-EU data transfer: yes.

Pinterest

Data processed: cookies, usage data

Purpose, legal basis and storage time: see https://policy.pinterest.com/it/privacy-policy

Non-EU data transfer: yes.

Whatsapp

Data processed: cookies, usage data

Purpose, legal basis and storage time: see https://www.whatsapp.com/legal/

Non-EU data transfer: yes.

Links to social profiles

The site contains links to access the social profiles connected to the site. These are links that lead to pages external to the Site, which involve data processing directly by the related social networks, without the involvement of the Site.

Google Fonts

The Google Fonts tool is used to display styles and fonts within the site – https://policies.google.com/privacy?hl=it

Processed data: site usage data.

Purpose: visualization of styles and fonts.

Legal basis: legitimate interest of the Data Controller.

Non-EU data transfer: yes.

Spam filter Google reCaptcha

Protects the site from spam. Here the related policy: https://policies.google.com/technologies/cookies?hl=it

Processed data: site traffic data.

Purpose: Site protection from spam.

Legal basis: legitimate interest of the Data Controller.

Non-EU data transfer: yes.

Widget Google Maps

Through the dedicated widget, it is possible to integrate the contents of Google Maps into the site. Here the related policy: https://policies.google.com/privacy?hl=it

Processed data: cookies and site usage data.

Purpose: use of the Google Maps tool.

Legal basis: legitimate interest of the Data Controller.

Non-EU data transfer: yes.

Font Awesome

The tool provided by fontawesome.com allows you to integrate icons of various types into the site. Here the related policy: https://fontawesome.com/privacy

Processed data: site usage data.

Purpose: use of icons.

Legal basis: legitimate interest of the Data Controller.

Non-EU data transfer: yes.

Google Analytics (anonymised IP)

Analyze traffic data on the site. Here the related policy:

https://support.google.com/analytics/answer/6004245?hl=it&utm_id=ad

Processed data: site usage data.

Purpose: Analysis of traffic data on the Site.

Legal basis: consent.

Non-EU data transfer: yes.

 

Methods of treatment and conservation

Data processing is carried out in an automated form, in compliance with the provisions of art. 32 of the GDPR 2016/679 regarding security measures; that is, the data is processed and managed in such a way as to avoid or in any case limit the risks of loss, destruction, theft and in such a way as to allow their recovery, should one of the cases described occur.

Based on the provisions of art. 4 of the GDPR 2016/679, the data provided can be: collected, recorded, organised, stored, consulted, processed, modified, selected, extracted, compared, used, interconnected, blocked, communicated, canceled and destroyed. Appropriate systems for data protection have been adopted.

 

Appropriate systems for data protection have been adopted.

The data is kept for the technical times necessary for the indicated uses. In particular, with reference to the contact form, storage is linked to response times, for the guarantee activation form, the data are stored for the time required by law, relating to the indicated purpose. For data collected and/or processed through third party service providers, see the individual provider’s policy.

In any case, the User has the right to request the destruction or cancellation of the data provided.

The data may also be kept for a longer period, to fulfill fiscal obligations or the order of an Authority.

At the end of the period necessary for conservation, the data will be deleted and no longer recoverable.

 

Communication and dissemination of data

Personal data will never be disclosed and will not be communicated without the explicit consent of the User.

 

Data access

The data could be made accessible due to a legal obligation, which may involve the transfer of data to public bodies, judicial authorities, insurance bodies.

I dati potrebbero essere visibili ad un consulente/tecnico informatico che debba operare per la riparazione/manutenzione dei sistemi informatici, per la manutenzione del sito e gli aggiornamenti, nonché al social\ media manager addetto alla gestione dei profili social dell’azienda. Inoltre, i dati relativi all’attivazione della garanzia, sono accessibili ai dipendenti della società Titolare, addetti a tale mansione. Per ogni informazione è possibile scrivere via mail, all’indirizzo marco.brandino@bobspa.com.

 

Transfer of personal data

The data could be transferred to third countries not belonging to the European Union, based on what is better specified above, with reference to each function.

 

Special categories of personal data

The Site does not collect or process data that can be classified as “particular categories of personal data”, pursuant to articles 9 and 10 of the GDPR 2016/679.

 

Rights of the interested party

  1. At any time, the user may exercise, pursuant to articles 15 to 22 of the GDPR 2016/679, the right to: request confirmation of the existence or not of personal data concerning him;
  2. obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period;
  3. obtain the rectification and cancellation of data;
  4. obtain the limitation of the treatment;
  5. obtain data portability, i.e. receive them from a data controller, in a structured format, commonly used and readable by an automatic device, and transmit them to another data controller without impediments;
  6. oppose the treatment at any time and also in the case of treatment for direct marketing purposes;
  7. oppose an automated decision-making process relating to natural persons, including profiling;
  8. ask the data controller to access personal data and correct or cancel them or limit their processing or to oppose their processing, in addition to the right to data portability;
  9. revoke the consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation;
  10. lodge a complaint with a Supervisory Authority.
Methods of exercising rights

To exercise the aforementioned rights or to receive clarifications or other information regarding the processing of personal data, you can write to the e-mail address marco.brandino@bobspa.com, a reply will be given within 30 days.

If you intend to lodge a complaint with the Guarantor Authority, you can visit the site
https://www.garanteprivacy.it/home/diritti/come-agire-per-tutelare-i-tuoi-dati-personali,for each information
.

Policy revised in December 2022.