Privacy Policy CH
PRIVACY POLICY ON THE PROCESSING OF PERSONAL DATA
Pursuant to Article 13 of EU Regulation 679/2013
 

This privacy policy is provided pursuant to Regulation (EU) 2016/679 (hereinafter the "Regulation" or "GDPR") and describes the methods for processing the personal data of users who consult and use this website, accessible at the address www.sleepbymsc.com (hereinafter the “Website”), listing the measures to protect the rights of the data subjects as identified or identifiable natural persons. It is not related to other sites or external online services that can be reached through links found on the Website.

 

SECTION I. - PRIVACY POLICY

 

  1. Data Controller and Processing purpose

1. The Data Processor is B&T SpA - DORELAN (Tax Code and VAT No.: 00903510402), with registered offices in Via Due Ponti No. 9, 47120, Forlì (FC), Tel.: 0543/1917400, fax: 0543/1917420, E-mail: info@sleepbymsc.com - Certified E-mail Address: dorelancertificata@pec.it.

2. In compliance with current legislation on the protection of personal data, the acquisition and subsequent processing may take place solely for the following purposes:

a)  to guarantee access and use of the Website, its features and the services requested;

b)  to fulfil any obligations established by law and European legislation;

c)  for operational and management needs internal to the Data Controller and inherent to the services offered through the Website;

d)  for statistical purposes, in a completely anonymous and aggregate form;

e)  for user registration and use of the e-commerce platform, to allow access to specifically dedicated sections such as the account profile and the requested online services;

f)   to provide the newsletter service, when requested by the user by filling in the special form on the Website.

3. If the data collected is used for purposes other than those indicated in the previous point, users will always be asked for an express and explicit consent to be given so that the further processing can be carried out.

 

2. Specific type of data processed

Depending on the service provided, personal data of different types may be processed, as specified in this article.

 

a)    Browsing data

During their normal operation, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the browsing.

However, this information could identify users through processing and association with the data held by third parties, even if it was not collected for the purpose of being crosschecked with the data of identified data subjects.

This data includes:

-    IP addresses or domain names of computers used by users connecting to the website and URL addresses of requested resources,

-    the time when the request was sent;

-    the method used to send the request to the server;

-    the size of the output file;

-    the numeric code indicating the response status provided by the server;

-    the parameters relating to the operating system and the platform used by users.

This data is used only to obtain anonymous statistical information on the use of the website, to check its correct functioning and will be deleted immediately after processing.

In the case of computer crimes against the website, the data collected could be used to ascertain any criminal liability: without prejudice to this possibility, data relating to web contacts does not persist for more than seven days.

Regarding cookies, please refer to section II ("Cookie Policy").

 

b)    Data provided by the user

The optional, explicit and voluntary sending of communications by means of contact forms on the website or e-mail to the addresses indicated on this website, involves the subsequent acquisition of the data communicated by the user, including the e-mail address. In this way, the user gives consent to the receipt of any reply messages to requests made.

The personal data provided in this way is used for the sole purpose of satisfying or responding to requests transmitted and are communicated to third parties only if this is necessary for that purpose.

 

c)     Access and registration to the website

B&T DORELAN collects and processes information that is data for the purpose of registering the user and uses its own e-commerce platform, when creating special programs or initiatives, to allow access to specific sections especially dedicated to the user, such as the required account profile and online services.

This category of data includes the e-mail address and other personal data that may be indicated in requests for assistance, as well as contact and personal information, e-mail and password, which are inserted when making a personal account and when, subsequently, the user accesses the website as a registered user. This data is requested because user identification is required, and to allow B&T DORELAN to provide related services.

The data communicated during the creation and use of the personal account are used to provide reserved services and allow the user to make purchases on the e-commerce platform, and are activated at the request of the user.

If the user purchases products through the Website, this data will also be used for purposes related to the implementation of the contract concluded with the Data Controller (for more information, see the conditions of sale published on the Website), including accounting, administrative, declarative, and financial and credit management.

The data collected will in any case be kept for the times specifically prescribed by law (for example, tax laws or laws related to the exercise of rights in court) and, in any case, for the time strictly necessary to follow up the activities for which the data has been collected and/or until the user revokes his or her consent or until the user makes an express request for cancellation.

 

d)    Newsletter

The Newsletter is distributed via e-mail, automatically and free of charge, to those who request it by filling out the form on the Website. The data provided will be used with IT and electronic tools for the sole purpose of providing the requested service. The data will be processed exclusively by the Data Controller's staff and collaborators or by its data processors.

To stop receiving the newsletter, simply select the unsubscribe link in each -email received. Cancellation is managed in an automated way; therefore, the user may receive further communications, the sending of which was planned before receiving the request for cancellation for a period not exceeding 72 hours. Notification of this can be sent to the Controller by e-mail in case of technical problems.

 

3. Provision of data and processing legal basis

1. The provision of personal data is mandatory if the user intends to use the services offered through the Website. Any refusal to process data for such purposes will prevent the execution of the requested services.

However, the Website can be consulted without the provision of any personal data, but certain features and functions may not be available.

B&T Dorelan uses a different legal basis depending on the type of data processed:

a)    Browsing data is the legitimate interest of the controller for the correct functioning of the Website and in making its services safe for users;

b)    Data provided by the user is needed to access and register to the website www.sleepbymsc.com, the provision of the services requested by the data subject, and the fulfilment of the contractual obligations relating to the purchase relationship if products are purchased;

c)    The user’s consent, provided freely and expressly by registering using the form on the Website is needed for the Newsletter service;

d)    Cookies (for greater details see section II. – Cookie Policy) it a legitimate interest for the correct functioning of the Website and technical and analytical cookies. The user’s consent is required for any profiling cookies.

2. The provision of data is not mandatory for purposes other than those stated in the previous point, since the legal basis of the processing, in this case, will always be the informed, free and optional consent of the user. In the absence of explicit consent, such services will not be provided.

 

4. Data processing methods

1. Personal data is processed lawfully and fairly and used only for the purposes indicated in Article 1 paragraph 2. The processing will take place using instruments that guarantee the security and confidentiality of personal data and with automated tools to store, manage, and transmit the data. Specific security measures are adopted to prevent the loss of data and contain the risks of illicit or incorrect use and unauthorised access.

2. Personal data will be stored for the time prescribed by law and, in any case, for the time strictly needed to follow up the activities for which they were collected and/or until the revocation of the consent given if processing is carried out for purposes with the user's consent as the legal basis (as in the newsletter service).

 

5. Recipients of the collected data

The Data Controller’s personnel, who act based on specific instructions provided for the processing purposes and methods, process the personal data collected.

Furthermore, the managers appointed by the Data Controller are recipients of the collected data from consulting the Website. The relative list can be requested from the Data Controller using the contact data referred to in Article 1 paragraph 1 ("Data Controller and processing purpose").

 

6. The data subjects’ rights

1. Each data subject party has the right to access his or her data at any time to verify the correctness and the lawfulness of the processing performed. The interested party may also exercise all the rights recognized by current national and European legislation on the protection of personal data (from Legislative Decree 196/2003 and EU Reg. No. 2016/679 and subsequent amendments and additions). In particular, at any time the data subject can ask for the correction and updating of incorrect or inaccurate data, the limitation of the processing, and the cancellation of the data (right to be forgotten), and can lodge a complaint with the Authority for the protection of personal data.

2. With reference to personal data processed by automated means, the data subject may also receive his or her data in a structured and commonly used format and forward them, if necessary, to another data controller (right to data portability).

3. Each data subject is also entitled to revoke the consent given at any time, without prejudice to the lawfulness of the processing performed by the Data Controller before such revocation, as well as the possibility of objecting to the processing of his or her data if it is carried out for marketing purposes direct by the Data Controller; in this case, your data will no longer be processed for these purposes, depending on the specific consent previously issued by the Data Controller or any third parties (right of opposition).

 

7. Changes to the Privacy Policy

This Privacy Policy may be modified, also as a result of legislative or regulatory changes, technological developments, and the provision of new services or modifications of those already rendered. Therefore, the user/visitor/client is invited to periodically consult the B&T Dorelan Privacy Policy.

 

 

SECTION II. - COOKIE POLICY

 

  1. General information

What are cookies? Cookies are information stored by the browser when a website is visited with any suitable device (such as a computer, tablet, or smartphone). Each cookie contains different data (for example, the name of the server from which it comes, a numeric identifier, etc.), can remain in the system for the duration of a session (or until the browser is closed) or for long periods, and can contain a unique identification code.

What are they used for? Cookies are used for different purposes depending on their type: some are strictly necessary for the correct functionality of a website (technical cookies), while others optimise their performance to offer a better user experience or allow to acquire statistics on the use of the site, such as analytical cookies or to display personalised advertising, such as profiling cookies.

Consent: the data controllers, within their respective competences, using a technical cookie, can store any provision of user consent.

How can they be disabled? It is possible to disable cookies both through the browser settings (see the "How to disable cookies? General information" section) and through the mechanisms made available by some third parties.

 

  1. Types of cookies used on the website

Technical cookies (first party):          they are essential for the correct functioning, the visualisation of the website, and the storage of the user's consent to the use of cookies.

Analytical cookies (third party):         they are used for the aggregate analysis of visits to the website through the use of a third-party service.

Profiling cookies (third party):            they are used to create user profiles and are used to send advertising messages in line with the preferences shown by the user during web browsing, through the use of a third party service.

 

  1. Types of cookies used on the website

Analytical Cookies

Google Analytics: http://www.google.com/intl/it_ALL/analytics/learn/privacy.html and https://tools.google.com/dlpage/gaoptout (for disabling - opt-out);

 

Profiling Cookies

Google Inc.:                            http://www.google.com/intl/it_ALL/analytics/learn/privacy.html and https://tools.google.com/dlpage/gaoptout (for disabling - opt-out);

 

 

  1. How are cookies disabled? General information

Control via browser: The browsers commonly used (e.g., Internet Explorer, Firefox, Chrome, Safari) accept cookies by default, but the user can change this setting at any time. This applies to both computers and mobile devices such as tablets and smartphones. This is a generally and widely supported function.

Therefore, cookies can easily be disabled or disabled by accessing the options or preferences of the browser used and generally only third-party cookies can be blocked; in general, these options will be effective only for that browser and on that device, unless options are active to unify the preferences on different devices. Specific instructions can be found on the options or help page of the browser. However, disabling technical cookies can affect the full and/or correct functioning of various websites, including this website.

As a rule, the browsers currently used:

-          offer the "Do not track" option, which is supported by some websites (but not all). In this way, some websites may no longer collect certain browsing data;

-          offer the option of anonymous or incognito browsing. In this way, data will not be collected in the browser and the browsing history will not be saved, but the browsing data will still be acquired by the operator of the website visited;

-          allow to delete cookies stored in whole or in part, but, they are normally installed during a new visit to the website if this possibility is not blocked.

Below are the links to the most popular browser support pages (with instructions on disabling cookies on these browsers):

-          Firefox (https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie);

-          Internet Explorer (https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies);

-          Safari (iOS) (https://support.apple.com/kb/ph21411?locale=it_IT);

-          Chrome (https://support.google.com/chrome/answer/95647?hl=it).

Third-party cookies: third party cookies can be disabled with the method described above or by referring to each third party (by going to the links indicated in the section above).

On-line instruments: Please note that information on cookies can be acquired from the website http://www.youronlinechoices.com/it/ as well as to verify the installation of the numerous cookies on your browser or device and, where supported, and information on how to deactivate them.