in accordance with article 13 of EU Regulation 2016/679
This policy is provided in accordance with EU Regulation 2016/679 ("Regulation" or "GDPR" hereinafter) and describes the procedures for processing the personal data of users that consult and use this website, accessible at the address www.sleepbymsc.com ("Website" hereinafter), setting out the measures taken to protect the rights of Data Subjects as identified or identifiable natural persons. Conversely, it does not regard other websites or online services that may be reached using links present on this Website.
1.Data Controller and Purposes of the Processing
1. The data controller is B&T S.p.A. - DORELAN (taxpayer identification number/VAT number: 00903510402), with registered office at Via Due Ponti n. 9, 47120, Forlì (FC), Italy, Tel.: +39 0543 1917400, Fax: +39 0543 1917420, E-mail: firstname.lastname@example.org - P.E.C. Italian Certified Email address: email@example.com.
2. In accordance with current personal data protection legislation, personal data can only be acquired and subsequently processed for the following purposes:
a) access to and use of the Website, its functionalities and the services requested,
b) compliance with any obligations provided for by law and European legislation,
c) the internal operating and management requirements of the Data Controller and regarding the services offered through the Website,
d) statistical processing, in a completely anonymous, aggregate form,
e) user registration and use of the Website's e-commerce platform, the creation of special programmes or initiatives, and to enable access to specific dedicated sections, such as the account profile and the online services requested.
3. In cases where the data collected are also used for purposes other than those specified in subparagraph 2 above, the user will always be asked for their express and explicit consent regarding any further processing performed.
2. Specific types of data processed
The types of personal data processed vary depending on the service provided, as specified in this article.
a) Browsing data
The computer systems and software procedures used for the operation of this website obtain certain personal data during their normal operation which is transmitted as an integral part of a user's browsing.
This information could, however, allow users to be identified through processing and association with data held by third parties, despite not having been collected for the purpose of cross-referencing with the data of identified data subjects.
These data include:
- The IP addresses or domain names of the computers used by users connecting to the Website and the URLs of the resources requested.
- The time the request was sent.
- The method used to submit the request to the server.
- The size of the output file.
- The numerical code indicating the status of the response provided by the server.
- The parameters regarding the user's operating system and platform.
These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website, to monitor that it is functioning correctly, and shall be deleted immediately after processing.
In the event of cybercrime against the site, the data collected could be used to ascertain any criminal responsibility: excepting in such cases, the data on web contacts is not stored for more than seven days.
b) Data provided by users
The sending of any communication voluntarily, explicitly and optionally using the contact forms on the Website or by email to the addresses provided on this Website entails the subsequent acquisition of the data communicated by the user, including their email address. The user thus gives their consent to receiving any messages that respond to their requests.
The personal data provided in this way are used for the sole purpose of satisfying or responding to the requests sent and are only communicated to third parties if necessary for said purpose.
c) Access to and registration on the Website
B&T DORELAN collects and processes information that constitutes data for the purposes of user registration and the use of its e-commerce platform, the creation of special programmes or initiatives, and to enable access to specific dedicated sections, such as the account profile and the online services requested.
This data category includes the user's email address and any other personal data provided in their request/s for assistance, along with their personal and contact details, the email and password entered when registering for a personal account and when subsequently returning to the site as a registered user. These data are requested because they are necessary to identify the user and to enable B&T DORELAN to provide the related services.
The data communicated when setting up and using the personal account are used to provide the reserved services and to enable the user to make purchases on the e-commerce platform, and are activated at the user's request.
In the case of product purchases through the Website, these data shall also be used for purposes connected with the performance of the contract concluded with the Data Controller (see the Conditions of Sale published on the Website for further information), including accounting, administrative, declaration, financial and credit management purposes.
The data collected in this manner shall, however, be stored for the time specifically prescribed by law (for example, tax law or related to the exercise of rights in a court of law) and, under all circumstances, for the time strictly necessary to proceed with the activities for which they were collected and/or until the user withdraws their consent or expressly asks for them to be erased.
3. Provision of the data and legal basis of the processing
1. When the user intends to use the services offered through the Website, it is mandatory for them to provide the personal data requested, since any refusal of processing for those purposes would prevent the services requested from being provided.
The Website can, however, be consulted without providing any personal data, although certain functionalities and features may consequently not be available.
B&T Dorelan relies on a different legal basis depending on the type of data being processed:
a) For Browsing data, it is the legitimate interest of the Data Controller.
b) For Data provided by users, and for the data necessary to access and register on the Website www.sleepbymsc.com, it is the provision of the services requested by the Data Subject, and compliance with the contractual obligations of the buyer-seller relationship in the case of product purchases.
2. It is not mandatory for you to provide your data for purposes other than those set out in the previous subparagraph, in that the legal basis of the processing would in such cases always be the user's free and optional informed consent.
Any such services will not be provided without your explicit consent.
4. Data processing procedures
1. Your personal data are processed lawfully, following the proper procedures and only used for the purposes specified in Article 1, subparagraph 2 . The processing shall be carried out using tools suitable for ensuring the security and confidentiality of your personal data and using automatic tools suitable for storing, managing and transmitting said data. Specific security measures have been adopted to prevent data loss and to contain the risks of illegal or improper use and unauthorised access.
2. Your personal data shall be kept for the time prescribed by law and, under all circumstances, for the time strictly necessary to proceed with the activities for which they were collected and/or until you withdraw the consent provided in those cases where processing was performed for the purposes specified in Article 1, subparagraph 3.
5. Data Recipients
The personal data collected is processed by the Data Controller's personnel, following specific instructions provided with respect to the processing purposes and procedures.
Moreover, the Data Processors appointed by the Data Controller are the Data Recipients of the data collected subsequent to consultation of the Website. You may contact the Data Controller to request the related list using the contact data provided in Article 1, subparagraph 1 (“Data Controller and Purposes of the Processing”).
6. Rights of data subjects
1. Each Data Subject has the right to access the data regarding them at any time to verify that they are correct and have been processed lawfully. The Data Subject may in addition exercise all the rights provided for by current national and European personal data protection legislation (in particular by Italian Legislative Decree 196/2003 and EU Regulation 2016/679 and subsequent amendments and additions): specifically, they may at any time request that incorrect or inaccurate data be corrected and/or updated, that the processing carried out be restricted and that the data be erased (right to be forgotten), as well as submit a complaint to the Data Protection Authority.
2. Where personal data processed using automatic means are concerned, the Data Subject may also receive the data regarding them in a structured, commonly used format and transmit them, if desired, to another Data Controller (right to data portability).
3. Each Data Subject also has the right to withdraw their consent at any time, even when the processing by the Data Controller prior to said withdrawal is lawful, and to object to the processing of their data when it is for the marketing purposes of the Data Controller. In such cases, the data will no longer be processed for said purposes by the Data Controller or any third parties depending on the specific consent previously given (right to object).
What are cookies? Cookies are information saved using your browser when you visit a website using any suitable device (such as a PC, tablet or smartphone). Every cookie contains a variety of data (e.g.: the name of the server it comes from, a numerical identifier, etc.), may remain in the system for the duration of a session (or until you close your browser), or for long periods, and may contain a unique identifier.
What's their purpose? Cookies are used for different purposes depending on what type they are: some are strictly necessary for the proper functioning of a website (Technical Cookies), while others optimise the website's performance to offer a better user experience or enable statistics on the use of the website to be obtained, such as Analytical Cookies, or enable personalised advertising to be displayed, such as Profiling Cookies.
Consent: Any consent given by the user can be saved by Data Controllers, within the scope of their remit, using a Technical Cookie.
How can I disable them? You can disable cookies using your browser settings (see the section "How do I disable cookies? General Information”) or mechanisms offered by certain third parties.
2.Types of cookies used on the Website
Analytical Cookies (third party): Analytical Cookies are used for the purposes of aggregate analysis of visits to the Website using a third-party service.
Profiling Cookies (third party): Profiling Cookies are used to create user profiles and to send advertising messages that are aligned with the preferences a user has shown during their Internet browsing, using a third-party service.
3.Cookies used on the Website
Google Analytics: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html e https://tools.google.com/dlpage/gaoptout (to disable - opt out).
Google Inc.: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html e https://tools.google.com/dlpage/gaoptout (to disable - opt out).
Control by browser: The most popular browsers (e.g.: Internet Explorer, Firefox, Chrome and Safari) are set to accept cookies by default, but the user can change this setting at any time. This applies both to PCs and to mobile devices such as tablets and smartphones: it's a widely-supported function.
It is therefore easy to deactivate or disable cookies by accessing your browser options or preferences, which also generally allow you to just block third-party cookies. As a rule, these options only apply to the browser and device in question, unless you have activated options that align your preferences across different devices. Dedicated instructions can be found in the Options or Help page of your browser. Disabling Technical Cookies can, however, impact the full and/or proper functioning of many websites, including this Website.
Today's browsers normally:
- Offer a "Do not track" option which is supported by some but not all sites. This means that some sites may no longer be able to collect certain browsing data.
- Offer an anonymous or incognito browsing option that means data won't be collected in your browser and your browsing history won't be saved, but your browsing data can, however, be acquired by the managers of the sites you visit.
- Allow you to delete all or some of the cookies stored, but they will normally be installed whenever you visit a site again if this possibility hasn't been blocked.
Links to the support pages for the most popular browsers (with instructions on how to disable cookies on those browsers) are provided below:
- Safari (iOS) (https://support.apple.com/kb/ph21411?locale=it_IT).
Third-Party Cookies: Third-Party Cookies can be disabled by either following the procedures referred to above or applying to each third party directly (following the links in the previous section).
Online Tools: The site http://www.youronlinechoices.com/it/ not only provides information on cookies, but also allows you to check for the installation of many cookies on your browser/device and, where supported, to disable them as well.