STATUTORY PRIVACY POLICY


In accordance with the "Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data" ("GDPR"), this is our privacy policy for the administration of the website www.bucci-composites.com, applicable to any data subject who interacts with the web services offered by our website, but it shall not apply to any other website that our visitors may land on through links from our website. To secure maximum compliance with data protection regulations in force, the Company has established its own privacy policy. The Controller is Bucci Composites S.p.A. (the “Controller”) acting through its pro tempore legal representative, with registered address in Via Mengolina 22, 48018 Faenza, Italy.

Personal Data Collected

During or following consulting this website, Personal Data that may be processed include:

  • User identification data, therefore regarding identified or identifiable persons, such as, for example: name, last name, company, position in company, e-mail and telephone contacts;
  • Utilisation Data, username, website, profession, State, company name, VAT number, address, fax number, province and postal code;
  • Various types of Data, town, taxpayer ID and business area.

Users may submit their Personal Data voluntarily or, in the case of Utilisation Data, their data may be collected automatically while browsing this website. Specific privacy notices containing full details about each category of Data collected are displayed before the data are collected.

Data regarding user preferences, expressed while browsing the website.

Data provided voluntarily by the user - identification information - for access to certain services offered through the website, for which you should refer to the specific information in the relevant sections.

Browsing data - Computer systems and software procedures used to operate this Website may collect, during their normal operation, a series of personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected with the intent of associating it with identified users but, by its very nature, it may lead to the identification of users through processing and through association with data held by third parties. This category of data includes "IP addresses" or domain names of computers used by users connecting to the Website, a unique sequence of characters or URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the web server, the size of the file obtained in response, the numerical code showing the status of the response from the web server (successful, error, etc.) and other parameters regarding the user operating system and computer environment. It should be noted that said data may be used to ascertain liability in case of cybercrimes against the website of the Controller or other websites linked or associated therewith.

Regarding the use of cookies, these are text files that are automatically generated by the user's computer following a visit to certain pages of the website. Some of these files (session cookies) are automatically removed when the browser is closed. Instead, another type of Cookies is registered and stored on the User's computer (for example, for making the access procedure to the reserved area automatic, the User may choose that his User-id and password identification data be stored in one of such files). Another type is made up of analytical cookies, used to collect information, in aggregate form, on the number of users and the ways in which they visit the website. Such cookies may be installed directly by the website administrator or by another website that installs them through the first (so-called third-party analytical cookies). Finally, the last type of Cookies - consisting of profiling cookies, used for the purpose of sending advertising messages, for example through personalised banners, in line with the preferences expressed by the User while surfing the web.

Purposes of the processing

The Controller processes personal data for the following purposes:

  • For managing the correct use of the website;
  • For evaluating, in statistical form, the use of the website by users;
  • For collecting information regarding the user's choices while browsing the web;
  • For sending commercial information in line with the preferences expressed by the user during the browsing experience:
  • For ascertaining any offenses committed by users to the detriment of third parties or to the detriment of the Controller;
  • For managing purchase orders: The Controller collects and processes user Customer personal data in connection with the collection and processing of purchase orders and the handing of any complaints after the purchase, and to provide the services available to the Customers. These Data are necessary to manage purchase orders, also with our business partners (e.g., logistic services providers, couriers, banks, etc.). For such purpose, a Personal area may be created, where applicable – Customer login: the Personal Data regarding Customers and their purchase orders are saved in the Controller's system but will not be freely accessible, for security reasons. The Controller guarantees that each Customer may access to its personal area through a safe password. In that area, Customers may view all the Data concerning their purchase orders, delivered and being processed, and may also edit their Personal Data and the data about their subscription to our newsletter service. Customers are required to use their access data responsibly and in compliance with the laws in force, and refrain from disclosing them to third parties. The Controller will accept no liability whatever for any incorrect or inappropriate use of the passwords by Customers;
  • For promotional purposes, to send them information about the products offered on its website. Whenever Users enter their Data in our contact form, they consent to the use of their Data for the purpose of responding to their requests for information, requests for quotations, or other requests shown in the heading of the form. Personal Data collected: postal code, town, taxpayer ID, last name, e-mail, User ID, address, State, fax number, telephone number, VAT number, profession, province, company name, business area and various types of Data. Customers' e-mail addresses will always be used subject to the restrictions provided under applicable regulations or, where necessary, subject to the Customers' express consent. Customers will regularly receive advertisements by e-mail. The mailing of such advertisement may be suspended without any charge by sending a request by e-mail to privacy@bucci-industries.com or by calling the free phone number +39 0546 698000 or also by clicking on the “Click here if you do no longer wish to receive this newsletter” option available at the foot of all advertising e-mails.

Lawfulness of the processing

This website processes the data mostly based on User consent. Consent is given by accepting Cookies, or when online forms are completed, or by using or visiting the website, as an act implying intent. By using or visiting the website, visitors and Users approve this privacy policy and consent to the processing of their Personal Data in the manner and for the purposes described herein. By completing a contact or request form, Users also give additional consent in relation to the specific purpose of the service requested. The submission of Data and consequent consent to their collection and processing is optional. Users may deny and/or revoke their consent at any time (through the cookie setting of their browsers). However, refusal to give consent may make it impossible for us to provide certain services and compromise the browsing experience on our website. Therefore, unless otherwise specified, all Data requested are mandatory. Whenever a User refuses to submit data, this application may be prevented from providing the service. In cases where this application specifies that certain Data are optional, Users may refrain from submitting them, without affecting the availability or operativity of the service.

Unless otherwise specified, this application, or the controllers of third-party services used by this application, make use of cookies or other tracking tools for the purpose of providing the services requested by Users, and for other purposes described in this document and in the Cookie Policy.

Users are liable for any third-party Personal Data obtained, published or shared by means of this application, and warrant that they are entitled to disclose or disseminate them, releasing the Controller from any liability in respect of third parties.

Form of processing

The Controller has taken appropriate security measures to prevent the unauthorised access, disclosure, modification or destruction of the Personal Data. The Data are processed by means of computerised and/or online systems, with organisation patterns and methods strictly related to the purposes specified. Apart from the Controller, in certain cases other parties may access such Data:

  • other parties belonging to the Controller’s organisation involved in the administration of this website (e.g., administration, sales or marketing staff, legal department staff and system administrators);
  • third parties in charge of tasks strictly related and instrumental to the operation of our services (e.g., third-party technical services providers, mail couriers, hosting providers, IT companies and communication agencies). Whenever necessary, such parties will be appointed as Processors by the Controller. An updated list of Processors may be requested from our privacy department at any time.

Personal information is not disclosed to other third parties without consent, except when required by law or by an Authority, nor is its dissemination foreseen.

There is no transfer of personal data to third countries or to international organisations. Nevertheless, the Controller is entitled to use cloud services; in this case, the service providers will be selected from among those who provide adequate guarantees, as required by article 46 GDPR 679/16.

Retention periods

The Data are processed and retained for as long as it is necessary, according to the purposes for which they were collected. Therefore:

  • the Personal Data collected for purposes related to entering into an agreement, in accordance with statutory provisions
  • the Personal Data collected for purposes related to the legitimate interests of the Controller will be retained until such interests have been satisfied. Users may obtain further information about the legitimate interests pursued by the Controller in the corresponding sections of this document, or from our privacy department.

When the processing is based on user consent, the Controller is entitled to retain the Personal Data for a longer period, until such consent is revoked. The Controller may also have a duty to retain the Personal Data for a longer period due to a statutory requirement or to an order issued by any authority. At the end of the retention period, the Personal Data will be deleted. Therefore, upon expiration of the retention period, the right to access, delete and correct the Data and the right to Data portability may no longer be exercised.

Data Subject rights

Users (Data Subjects) are entitled to exercise certain rights with respect to the Data processed by the Controller. Specially, Data Subjects have the right to:

  • Withdraw their consent at any time. Users may revoke consent to the processing of their Personal Data that they may have previously given.
  • Oppose the processing of their Data. Users may oppose the processing of their Data whenever such processing is made based on lawfulness other than their consent. For further details on rights to oppose processing, please see the section further on.
  • Access their Data. Users have the right to be informed about the Data processed by the Controller and about certain aspects of the processing, and to receive a copy of the Data processed.
  • Verify the Data and request their rectification. Users are entitled to check the accuracy of their Data and request their update or correction.
  • Obtain restricted processing. Under certain conditions, Users may request the restricted processing of their Data. In such case, the Controller will refrain from processing the Data for any other purpose than their storage.
  • Obtain the deletion or removal of their Personal Data. Under certain conditions, Users may request the deletion of their Data by the Controller.
  • Receive their Data or have them transferred to another controller. Users are entitled to receive their Data in a structured, commonly used and machine-readable format and, where technically feasible, to obtain their seamless transfer to another controller. This provision applies wherever the Data are processed by automated means and based on user consent, under an agreement with a user or under contractual provisions related thereto.
  • File a complaint. Users may file complaints with the competent data protection authority or start an action in the Courts.

Procedure for exercising the rights. To exercise their rights, Users may send a request to our privacy department. All requests will be processed by the Controller as soon as possible, and however within one month.

Additional information on the processing

Defence in Court. A User's Personal Data may be used by the Controller in a trial or in the preparation of a trial, by way of defence from an abusive use of this website or of its services by such User. Users represent that they are aware that the Controller may be under a duty to disclose their Data by order of any public authority.

Specific information. By request of a User, in addition to the information contained in this privacy policy, this website may provide Users with additional, in-context information about certain special services, or about the collection and processing of Personal Data.

System login and maintenance. For requirements linked to operation and maintenance, this website and any third-party services used by it may collect system logins, i.e. files where interactions with users are recorded that may also contain Personal Data, such as the Users' IP addresses.

Information not contained in this policy. Any other information about the processing of Personal Data may be requested at any time from the Controller by sending an e-mail to our privacy department.

Reply to “Do Not Track” requests. This website does not support “Do Not Track” requests. To find out whether any third-party service used by this website supports such requests, Users are encouraged to review those third-party providers' respective policies.

Amendments to this privacy policy. The Data Controller is entitled to amend this privacy policy at any time, subject to informing the Users on this webpage and, where possible, on this website and, if technically and legally feasible, by sending a notice to Users to their contact details that are in the Controller's possession. Therefore, we recommend frequently visiting this page and checking the date of last update shown at the foot of the page. Whenever the amendments affect consent-based processing, the Controller will obtain Users' consent again, if necessary.

Definitions and reference regulations

Personal Data (or Data). An item of personal data is any piece of information capable of identifying or making identifiable a natural person, directly or indirectly, and also by cross-referencing with any other information, including a personal ID number.

Utilisation Data. This is the information collected automatically by this website (and by any third-party application embedded in this website), such as: IP addresses or computer domain names of Users logging on to the website, URI (Uniform Resource Identifier) addresses, time of a request, method used to submit a request to the server, size of the file obtained in reply, numeric code showing server reply status (e.g., successful, error, etc.), country of origin, characteristics of the browser and OS used by visitors, time features of the visits (e.g. time of permanence on each webpage) and details of the itinerary followed within the application, in particular the sequence of pages visited, and other parameters of the Users' OS and IT environment.

User. Any natural person using this website. Unless otherwise specified, a User is the same as a Data Subject.

Data Subject. The natural person whose Personal Data are processed.

Data Processor (or Processor). The natural or legal person, public administration or any other entity processing personal data on behalf of the Controller, in accordance with this privacy policy.

Data Controller (or Controller). The natural or legal person, public administration, service or other organization that, on its own or jointly with others, establishes the purposes and means of, and the tools used for, the processing of personal data, including the security measures related to the operation and utilization of this website. Unless otherwise specified, the Data Controller is the owner of this website.

This Website (or this Application). The hardware or software tool by which the Users' Personal data are collected and processed.

Service. The Service provided by this Website as defined in the relevant terms and conditions (as the case may be) available in this website/application.

European Union (or EU). Unless otherwise specified, any reference to the European Union contained in this document is intended to cover all the States that are presently Member States of the European Union and of the European Economic Area.

Cookie. Small piece of data stored on Users’ devices.

Cookie Policy

This website uses technical cookies necessary for the operation of the website and third-party cookies, necessary for the operation of some features, such as statistical analysis of access modes (for example, the use of Google Analytics). This website uses different types of technical cookies, but not profiling cookies. The Controller lists the specific categories of cookies used, the purpose and the consequence of deactivating them further on.

Type of Cookies, Purpose, Retention Periods and Consequences whenever Cookies are Deactivated

Technical cookies for website management. They allow safe and efficient operation and exploration of the website Valid for the browsing session. These are cookies necessary for using the Website and blocking them will prevent the website for working properly.

Functional cookies. These facilitate browsing and the service provided to the user according to a series of criteria selected by the latter. Valid for the browsing session. Not using such cookies would make it impossible to retain the choices made by users while browsing.

Cookie Analytics. This process collects information in aggregate form on browsing activity by users to optimise the browsing experience and the services. Established by the third party It would no longer be possible for the Controller to acquire aggregate.

Third-party cookies Third-party cookies are also operational on this website, i.e. cookies created by a website other than the one the user is currently visiting. The Controller is required to provide the updated link to the information and consent forms of third parties with which specific agreements have been entered into for the installation of Cookies through its website.

The Controller's website uses analytical and third-party profiling cookies, third parties meaning, specifically:

Whenever the User prefers not to receive Cookies, he/she may prevent their transmission by the website by appropriately configuring the web browser in use. In certain cases, however, the use of certain parts of the site may be conditioned by the storage of cookies on the user's computer.

Privacy Policy updates

This statutory privacy policy is subject to periodic review, both in relation to the relevant legislation and case-law, and in relation to changes in corporate processes. In the event of significant changes, such changes will be published, well in advance, on the home page of the website or through the special Newsletter. In any case, the data subject is invited to regularly view this policy. To facilitate such checking, the Privacy Policy will show the date of publication on the website.

Last updated: 24/05/2021.