Privacy Policy

Dear Interested Party, Brera Cicli protects the privacy of Users. The data that may be communicated by the User through the Site will be treated with the utmost attention and with all the tools required for its security, in full compliance with current legislation. We wish to inform you that the "European Regulation 2016/679 relating to the protection of individuals as regards the Processing of Personal Data, as well as the free movement of such data" (hereinafter "GDPR") provides for the protection of individuals treating personal data as a fundamental right. Pursuant to Article 13 of the GDPR, therefore, we inform you that:

DATA CONTROLLER.

the data controller is Brera Cicli with headquarters in Via Tommaso Grossi, 20841 Carate Brianza (MB), VAT number 00684800964.

DATA PROTECTION OFFICER (DPO)

Brera Cicli has appointed a data protection officer (DPO), who the interested party can contact via this email address: info@mandelli.net


DATA CATEGORIES.

The following may be the object of processing:

  1.  Data collected automatically. The computer systems and applications dedicated to the operation of this website detect, during their normal operation, some data (the transmission of which is implicit in the use of Internet communication protocols) potentially associated with identifiable users. The data collected includes the IP addresses and domain names of the computers used by users who connect to the site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters regarding the operating system, the browser and the IT environment used by the user, the name of the internet service provider (ISP), date and time of visit, web page of origin of the visitor (referral) and exit.
  2.  Data provided voluntarily by the user . The voluntary and explicit sending of e-mails to the addresses indicated in the different access channels of this site does not require consent and involves the acquisition of the sender's address and data, necessary to respond to requests, as well as any other personal data included in the letter. Such data is intended to be voluntarily provided by the user at the time of requesting the provision of the service. By inserting a comment or any other information the user purposefully accepts the privacy policy. On the contrary, specific summary information will be reported or displayed on the site pages designed for particular services on request (form). The user must therefore explicitly consent to the use of the data reported in these forms in order to send the request.
  3. Cookies . The site uses cookies. The data collected thanks to cookies can be used to access parts of the site or for statistical purposes or to make the browsing experience more pleasant and more efficient in the future, trying to evaluate user behaviour and give users content which is based on it. For further information, a specific cookie policy is available

PURPOSE OF DATA PROCESSING AND LEGAL BASIS: 

The processing of your data has the following purposes and legal basis:

  1. For data collected automatically, the legal basis is the legitimate interest of the owner and the purpose is to guarantee and improve the web browsing experience.
  2. For data provided voluntarily by the user, the legal basis is specified in the individual information provided, depending on the various services requested and provided through the site.
  3. For cookies: compare the specification cookie policy.

RECIPIENTS OF THE DATA

Within the limits relevant to the indicated processing purposes, your data may be communicated to partners, consultancy firms, private companies, third-party technical service providers, hosting providers, IT companies, communication agencies. The recipients are appointed Data Protection Officers.

TRANSFER OF DATA TO THIRD COUNTRIES:

The transfer of your data to a third country is not foreseen. In the event of any processing of personal data outside the European Union, the same will take place only after adopting adequate guarantees, as required by mandatory legislation.

STORAGE PERIOD:

Due to the principle of limitation of conservation (art.5, GDPR), the verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically. In particular:

  1. The data collected automatically are processed, for the time strictly necessary, for the sole purpose of obtaining statistical information on the use of the site and to verify its regular functioning, also for security purposes or according to the deadlines established by law.
  2.  The data provided voluntarily by the user will be kept for a period of time not exceeding the achievement of the purposes for which they are processed or based on the deadlines established by law.
  3. Data collected via cookies: refer to the specific cookie policy

RIGHTS OF THE INTERESTED PARTY:

As "Interested Parties" to the processing, the user has the right:

  • To access, rectification, cancellation, limitation and opposition to the processing of data
  • To obtain the data without impediments from the data controller in a structured format commonly used and readable by an automatic device to transmit them to another data controller
  • To revoke consent to processing, without prejudice to the lawfulness of the processing based on the consent acquired before the revocation
  • Propose a complaint to the Guarantor Authority for the Protection of Personal Data.
  • In the event that it is not possible to request the deletion of the data, you may still object to the processing when this is justified by reasons inherent to your particular situation.

The exercise of the aforementioned rights can be exercised by written communication to be sent to info@mandelli.net .

DATA PROCESSING METHODS: 

The personal data provided by you will be the subject of processing operations in compliance with the aforementioned legislation and the confidentiality obligations which inspire the Data Controller's activity. The data will be processed both with IT tools and on paper supports and on any other type of suitable support (e.g. cloud systems, digital archiving and substitute conservation systems, ...), in compliance with adequate technical and organizational security measures envisaged by the GDPR.

FINAL PROVISIONS: 

the information is provided only for this website and not for other websites that may be consulted by the user via links contained in this site. The information may undergo changes due to the introduction of new regulations; the user is therefore invited to periodically check this page to always be updated.

AUTOMATED DECISION MAKING PROCESSES:

There are no automated decision-making processes.