INTRODUCTION
What is this document?This document is the privacy policy relating to the website.
Why this document? National and international regulations on the protection of personal data require that you, the data subject, be informed about the personal data that is processed and who will process it, in order to guarantee that the processing is fair and transparent.
Below you will find a clear list of who will process your data, what personal data will be processed, the purposes for which the personal data will be processed, how long the data will be processed, what your rights are, and how to exercise them.

What regulations does this document refer to?
  • Regulation (EU) 2016/679 on the protection of personal data (hereinafter "Regulation")
  • Legislative Decree 196/2003 (hereinafter referred to as the "Privacy Code")
  • Guidelines on cookies and other tracking tools - June 10, 2021 (Official Gazette no. 163 of July 9, 2021)

INFORMATION
  1. DATA CONTROLLER
    B.C. ITALIANA S.R.L., with registered office at Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT No. 00591711205, emailinfo@bcitaliana.it – Tel. (+39) 051 6511913 (hereinafter "Data Controller")
  2. PURPOSE, LEGAL BASIS, RETENTION PERIODS, AND NATURE OF THE PROCESSING
    Depending on the actions taken by the data subject, personal data will be processed for the following purposes:
    1. Responding to requests received through data collection forms:
      • the legal basis for this processing is the need to perform pre-contractual or contractual measures taken at the request of the data subject pursuant to Article 6, paragraph 1, letter b) of the Regulation;
      • the retention period for data processed for this purpose is equal to the time necessary to process the request;
      • the personal data requested are necessary to process the request and any refusal will make it impossible to respond to the data subject.
    2. Sending of informational and promotional material (direct marketing) via email and SMS (mailing lists, offers, etc.), including via instant messaging (WhatsApp, Messenger, etc.):
      • the legal basis for this processing is the explicit consent of the data subject pursuant to Article 6, paragraph 1, letter a) of the Regulation;
      • The retention period for data processed for this purpose is until the data subject requests to unsubscribe from the promotional communication/newsletter service and, in any case, for a maximum of twenty-four (24) months from the last positive interaction of the data subject (e.g., opening or clicking on a communication received). Please note that consent may be revoked at any time without prejudice to the lawfulness of the processing prior to revocation.
      • the provision of personal data is optional and any refusal will make it impossible to send informational and promotional material.
    3. Administrative and management purposes and for the fulfillment of obligations under the law, a regulation, or an order from the Authority:
      • the legal basis derives from the need to comply with a legal obligation to which the data controller is subject pursuant to Article 6, paragraph 1, letter c) of the Regulation;
      • the retention period for data processed for this purpose is linked to individual legal obligations governed by specific reference regulations;
      • the provision of personal data is mandatory, as the data controller must comply with a legal obligation to which it is subject to which it is subject or to requests from the competent authorities.
    4. Preventing or controlling unlawful conduct:
      • the legal basis for this processing is the pursuit of the legitimate interest of the Data Controller to prevent, investigate, and prosecute illegal acts or violations of intellectual/industrial property rights (including those of third parties) or computer crimes or crimes committed through computer networks, defamation, or other similar crimes committed on the Website or during interaction with the respective social media communities managed by the Data Controller (e.g., posting a comment, liking or sharing a post, etc.) pursuant to Article 6, paragraph 1, letter f) of the Regulation;
      • the retention period for data processed for this purpose is equal to the time reasonably necessary to assert the rights of the Data Controller from the moment the unlawful act or its potential commission became known.
  3. PERSONAL DATA PROCESSED
    By processing of personal data, we mean any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. The data subject may also send data to the Data Controller (e.g., information request form in the "message" field) that qualifies, pursuant to Article 9 of the Regulation, as "special categories of personal data," i.e., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data concerning a person's health or sex life or sexual orientation, pursuant to Article 9, paragraph 2, letter e) of the Regulation. Further processing of special categories of data by the Data Controller will only be carried out with prior and explicit consent..

    Additional personal data processed by the Data Controller:
    • Browsing data: During normal operation, the IT systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, URI/URL (Uniform Resource Identifier/Locator) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) etc.) and other parameters relating to the user's operating system and IT environment. This data, which is necessary for the use of web services, is also processed for the purpose of obtaining statistical information on the use of the services (most visited pages, number of visitors per time slot or per day, geographical areas of origin, etc.) and to check the correct functioning of the services offered. Browsing data does not persist for more than seven days and is deleted immediately after aggregation (except for any need to investigate crimes by the judicial authorities);
    • Data provided by the user: The optional, explicit, and voluntary sending of messages to the Data Controller's contact addresses entails the acquisition of the sender's contact details, which are necessary to respond, as well as all personal data included in the communications;
    • Cookies and other tracking systems: Please refer to the detailed information available at the following link: https://www.bcitaliana.it/cookie-policy/
  4. RECIPIENTS OF PERSONAL DATA
    Depending on the actions taken by the data subject, personal data will be processed for the above purposes by:
    • personnel expressly authorized by the Data Controller pursuant to Article 2-quaterdecies of Legislative Decree 196/2003, necessary to perform activities strictly related to the functions assigned, who have committed themselves to confidentiality and who have received adequate operating instructions pursuant to Article 29 of the Regulation;
    • subjects who typically act as "Data Processors" pursuant to Article 28 of the Regulation, i.e., persons, companies, or professionals who provide assistance and advice to the Data Controller;
    • subjects, entities, or authorities to whom it is mandatory to communicate your personal data pursuant to legal provisions or orders from the authorities;
    • subjects with whom it is necessary to interact for the provision of services/products, as independent data controllers.
    The complete list of Data Processors is available by sending a written request to the Data Controller.
  5. TRANSFER OF PERSONAL DATA
    Some of your personal data is shared with recipients who may be located outside the European Economic Area (EEA). The Data Controller ensures that the processing of your personal data by these recipients complies with the Regulation. Indeed, transfers may be based on an adequacy decision or on Standard Contractual Clauses approved by the European Commission. Further information is available from the Data Controller.
  6. EXISTENCE OF AUTOMATED DECISION-MAKING, INCLUDING PROFILING
    The Data Controller does not use automated decision-making processes for the processing of personal data, including profiling, as referred to in Article 22 of the Regulation. Further information is available from the Data Controller.
  7. DATA RELATING TO MINORS UNDER THE AGE OF 18
    Minors under the age of 18 may not provide personal data. The Data Controller shall not be liable in any way for any collection of personal data, or for false statements, provided by minors, and in any case, if such use is detected, the Data Controller shall facilitate the right of access and erasure requested by the guardian, custodian, or person exercising parental responsibility.
  8. RIGHTS OF THE DATA SUBJECT
    The data subject has the right to obtain from the Data Controller, in the cases provided for, access to personal data and the rectification or erasure of such data or the restriction of processing concerning him or her or to object to the processing (Articles 15 et seq. of the Regulation). The specific request to the Data Controller is submitted by contacting the email address designated for responding to the data subject or by filling in the form available in the dedicated privacy area.
  9. RIGHT TO COMPLAIN
    If the data subject believes that the processing of personal data relating to him/her is in violation of the provisions of the Regulation, he/she has the right to lodge a complaint with the Italian Data Protection Authority (www.gpdp.it), as provided for in Article 77 of the Regulation itself, or to take appropriate legal action (Article 79 of the Regulation).
  10. HOW TO EXERCISE YOUR RIGHTS
    To exercise the above rights, you may contact: B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT number 00591711205, e-mailinfo@bcitaliana.it – Tel. (+39) 051 6511913
  11. CHANGES
    The Data Controller reserves the right to modify and/or supplement this Policy at any time and undertakes to publish the changes on the company website in the Privacy section. Interested parties are invited to check the content periodically.
    This policy has been in force since May 27, 2024.
INTRODUCTION
Why this document? National and international regulations on personal data protection require that the data subject be informed about the personal data being processed and who will process it, in order to guarantee that the processing is fair and transparent.
The following sections clearly list who will process the data, what personal data will be processed, the purposes for which the personal data will be processed, how long the data will be processed, what rights you have, and how to exercise them.

What laws does this document refer to?
  • Legislative Decree 196/2003 (hereinafter "Privacy Code")
  • Regulation (EU) 2016/679 on the protection of personal data (hereinafter referred to as the "Regulation")

INFORMATION
  1. DATA CONTROLLER
    B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT number 00591711205, emailinfo@bcitaliana.it – Tel. (+39) 051 6511913 (hereinafter referred to as the "Data Controller")
  2. PURPOSE, LEGAL BASIS, RETENTION PERIOD, AND NATURE OF THE PROCESSING
    Depending on the actions taken by the data subject, personal data will be processed for the following purposes:
    1. Processing of the quote for the purpose of placing a commercial order:
      • the legal basis for this processing is the need to carry out pre-contractual measures taken at the request of the data subject;
      • the retention period of the data processed for this purpose coincides with the validity period of the quote;
      • the personal data requested is necessary for the preparation of the quote and any refusal will make it impossible to prepare it.
    2. Processing of the commercial order following acceptance of the quote:
      • the legal basis for this processing is the need to perform the contract to which the data subject is party in accordance with the provisions of the "General Terms and Conditions of Sale";
      • the retention period for data processed for this purpose is the duration of the contract and, in the event of legal disputes, for the entire duration of the dispute, until the time limits for bringing legal action have expired;
        the data will also be retained in accordance with the time limits set out in administrative, tax, and civil law;
      • the personal data requested is necessary to process the order and any refusal will make it impossible toprocess it.
    3. Fulfilment of contractual obligations between the parties:
      • the legal basis for this processing is the need to perform the contract signed between the customer and the supplier;
      • the retention period for data processed for this purpose is the duration of the contract and, in the event of legal disputes, for the entire duration of the dispute, until the time limits for appeals have expired; the data will also be stored in accordance with the time limits set out in administrative, tax, and civil law;
      • The personal data requested is necessary
    4. Participation in trade fairs:
      • the legal basis for this processing is the need to perform a contract to which the data subject is party;
      • the retention period for data processed for this purpose is the duration of the contract and, in the event of legal disputes, for the entire duration of the dispute, until the time limits for bringing legal action have expired;
      • personal data marked with an asterisk (*) are necessary to participate in the event and any refusal will make it impossible to participate.
    5. Sending of informational and promotional material (direct marketing) via email and SMS (mailing lists, offers, etc.), including via instant messaging (WhatsApp, Messenger, etc.):
      • the legal basis for this processing is the explicit consent of the data subject;
      • the retention period for data processed for this purpose is until the data subject requests to unsubscribe from the promotional communication/newsletter service and, in any case, for a maximum of twenty-four (24) months from the last positive interaction of the data subject (e.g., opening or clicking on a communication received). Please note that consent may be revoked at any time without prejudice to the lawfulness of the processing prior to its revocation;
      • the provision of personal data is optional and any refusal will make it impossible to send information and promotional material.
    6. Responding to contact requests (e.g., requests for information received via email, chat, or telephone, etc.):
      • the legal basis for this processing is the need to perform pre-contractual or contractual measures taken at the request of the data subject to whom it relates;
      • the retention period for data processed for this purpose is equal to the time necessary to process the request;
      • the personal data requested is necessary to process the request and any refusal will make it impossible to respond to the data subject.
    7. Administrative and management purposes and for the fulfillment of obligations under the law, regulations, or orders from the authorities (e.g., bookkeeping, tax formalities, administrative and accounting management, etc.):
      • the legal basis derives from the need to comply with a legal obligation to which the data controller is subject;
      • the retention period for data processed for this purpose is linked to the individual legal obligations regulated by specific reference regulations;
      • The provision of personal data is mandatory, as the data controller must comply with a legal obligation to which it is subject or with requests from the competent authorities.
    8. To prevent or control unlawful conduct:
      • the legal basis for this processing is the pursuit of the legitimate interest of the Data Controller to prevent, investigate, and prosecute illegal acts or violations of intellectual/industrial property rights (including those of third parties) or computer crimes or crimes committed through computer networks;
      • the retention period for data processed for this purpose is equal to the time reasonably necessary to assert the rights of the Data Controller from the moment the unlawful act or its potential commission became known.
  3. PERSONAL DATA PROCESSED
    By personal data processing we mean any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or modification, extraction, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
    Data that can be classified, pursuant to Article 9 of the Regulation, as "special categories of personal data" may also be sent by the Data Subject (e.g., form/coupon/paper form) to the Data Controller, namely data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data concerning a person's health or sex life or sexual orientation. This category of data will be processed by the Data Controller in order to process the request received. Further processing of special categories of data by the Data Controller will only be carried out with prior and explicit consent.
  4. RECIPIENTS OF PERSONAL DATA
    Depending on the actions taken by the data subject, personal data will be processed for the above purposes by:
    • subjects who typically act as "Data Processors" pursuant to Article 28 of the Regulation, i.e., persons, companies, or professionals who provide assistance and advice to the Data Controller;
    • subjects, entities, or Authorities to whom it is mandatory to communicate your personal data pursuant to legal provisions or orders from the Authorities;
    • subjects with whom it is necessary to interact for the provision of services/products, as independent data controllers;
    • personnel expressly authorized by the Data Controller who are necessary to perform activities strictly related to the provision of services/products, who have committed themselves to confidentiality or have an adequate obligation to do so. legal confidentiality obligation and who have received adequate operating instructions pursuant to Article 29 of the Regulation and Article 2-quaterdecies of Legislative Decree 196/2003.
    The complete list of Data Processors is available by sending a written request to the Data Controller.
  5. TRANSFER OF PERSONAL DATA
    Some of your personal data is shared with recipients who may be located outside the European Economic Area (EEA). The Data Controller ensures that the processing of your personal data by these recipients is carried out in compliance with the Regulation. Indeed, transfers may be based on an adequacy decision or on Standard Contractual Clauses approved by the European Commission. Further information is available from the Data Controller.
  6. EXISTENCE OF AUTOMATED DECISION-MAKING, INCLUDING PROFILING
    The Data Controller does not use automated decision-making processes for the processing of personal data, including profiling, as referred to in Article 22 of the Regulation. Further information is available from the Data Controller.
  7. DATA RELATING TO MINORS UNDER THE AGE OF 18
    Minors under the age of 18 may not provide personal data. The Data Controller shall not be liable in any way for any collection of personal data, or for false statements, provided by minors, and in any case, if such use is detected, the Data Controller shall facilitate the right of access and deletion requested by the guardian, custodian, or whoever exercises parental responsibility.
  8. RIGHTS OF THE DATA SUBJECT
    The data subject has the right to obtain from the Data Controller, in the cases provided for, access to personal data and the rectification or erasure of such data or the restriction of processing concerning him or her or to object to the processing (Articles 15 et seq. of the Regulation). The specific request to the Data Controller is submitted by contacting the email address designated for responding to the data subject or by filling in the form available in the dedicated privacy area.
  9. RIGHT TO COMPLAIN
    If the data subject believes that the processing of personal data relating to him/her is in violation of the provisions of the Regulation, he/she has the right to lodge a complaint with the Italian Data Protection Authority (www.gpdp.it), as provided for in Article 77 of the Regulation itself, or to take appropriate legal action (Article 79 of the Regulation).
  10. HOW TO EXERCISE YOUR RIGHTS
    To exercise the above rights, you may contact: B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT No. 00591711205, e-mailinfo@bcitaliana.it – Tel. (+39) 051 6511913
  11. CHANGES
    The Data Controller reserves the right to modify and/or supplement this Policy at any time and undertakes to publish the changes on the company website in the Privacy section. Data subjects are invited to check the content periodically. This policy has been in force since May 27, 2024.
INTRODUCTION
What is this document? This document is the privacy policy regarding the processing of candidates' personal data.
Why this document? National and international regulations on the protection of personal data require that you, the data subject, be informed about the personal data that is being processed and who will process it, in order to guarantee that the processing is fair and transparent.
Below you will find a clear list of who will process your data, >what personal data will be processed, the purposes for which the personal data will be processed, how long the data will be processed, what your rights are, and how to exercise them.

What regulations does this document refer to? The information is provided taking into account the combined provisions of the following regulations:
  • Legislative Decree 196/2003 (hereinafter the "Privacy Code")
  • Regulation (EU) 2016/679 on the protection of personal data (hereinafter referred to as the "Regulation")

INFORMATION
  1. DATA CONTROLLER
    B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), tax code 03048140374 and VAT number 00591711205, emailinfo@bcitaliana.it – Tel. (+39) 051 6511913 ( hereinafter referred to as the "Data Controller")
  2. PURPOSE, LEGAL BASIS, RETENTION PERIOD, AND NATURE OF THE PROCESSING
    Depending on the actions taken by the data subject, personal data will be processed for the following purposes:
    1. To verify the skills necessary for recruitment or for the start of a working relationship with the Company, as well as for purposes connected with or instrumental to the research and selection of candidates.
      • The data is processed for the purposes of searching for and selecting personnel for current and future vacancies, recruiting and integrating company staff, filling vacancies and covering leave. Specifically, data relating to health is processed in the context of establishing an employment relationship, with particular reference to whether the candidate belongs to a protected category and any pre-employment medical examinations. This data is processed as it is necessary to fulfill the obligations and exercise the specific rights of the Data Controller or the data subject in relation to labor law and social security and social protection, in the presence of appropriate safeguards for the fundamental rights and interests of the data subject.
      • the legal basis for this processing is the need to carry out pre-contractual measures taken at the request of the candidate;
      • The retention period for data processed for this purpose is one (1) year if the employment relationship does not materialize. Otherwise, it is for the entire duration of the contract and, in the event of legal disputes, for the entire duration of the dispute, until the time limits for bringing legal action have expired.
      • The provision of personal data is optional, however, any refusal will make it impossible to carry out the personnel selection process, preventing the application from being considered for the establishment of a possible employment relationship.
    2. Candidate profiling:
      • the candidate's common personal data will be profiled and processed for personnel search and selection procedures for current and future open positions. The candidate's special categories of personal data will not be profiled;
      • the legal basis for this processing is the pursuit of a legitimate interest of the Data Controller relating to the evaluation and selection of the application, the verification of the conditions for recruitment, or for the possible proposal of job offers consistent with the professional profile of the data subject;
      • the retention period for data processed for this purpose is 1 (one) year and, in the event of the establishment of a contractual relationship, for the entire duration of the same and, in the event of legal disputes, until the expiry of the terms for bringing legal action.
  3. PERSONAL DATA PROCESSED
    By processing of personal data, we mean any operation or set of operations, performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, erasure or destruction.
    The personal data collected are of a personal, contact, and curricular nature (i.e., relating to the candidate's education and professional experience). The Data Subject may also send the Data Controller data that can be classified, pursuant to Article 9 of the Regulation, as "special categories of personal data," i.e., data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data concerning a person's health or sex life or sexual orientation. Pursuant to Article 111-bis of the Privacy Code, consent is not required for the processing of personal data contained in CVs spontaneously sent to the Data Controller, as the processing is necessary for the performance of pre-contractual agreements to which the data subject is party. Further processing of special categories of data by the Data Controller will only be carried out with prior and explicit consent.
  4. RECIPIENTS OF PERSONAL DATA
    Depending on the actions taken by the data subject, personal data will be processed for the above purposes by:
    • subjects who typically act as "Data Processors" pursuant to Article 28 of the Regulation, i.e., persons, companies, or professionals who provide assistance and advice to the Data Controller;
    • individuals, entities, or authorities to whom it is mandatory to disclose your personal data pursuant to legal provisions or orders from the authorities;
    • subjects with whom it is necessary to interact for the provision of services/products, as independent data controllers;
    • personnel expressly authorized by the Data Controller who are necessary to perform activities strictly related to the provision of services/products, who have committed themselves to confidentiality or have an adequate legal obligation of confidentiality and who have received adequate operating instructions pursuant to Article 29 of the Regulation and Article 2-quaterdecies of Legislative Decree 196/2003.
  5. TRANSFER OF PERSONAL DATA
    Some of your personal data is shared with recipients who may be located outside the European Economic Area (EEA). The Data Controller ensures that the processing of your personal data by these recipients is carried out in compliance with the Regulation. Indeed, transfers may be based on an adequacy decision or on Standard Contractual Clauses approved by the European Commission. Further information is available from the Data Controller.
  6. EXISTENCE OF AUTOMATED DECISION-MAKING, INCLUDING PROFILING
    The Data Controller does not use automated decision-making processes for the processing of personal data, including profiling, as referred to in Article 22 of the Regulation. Further information is available from the Data Controller.
  7. DATA RELATING TO MINORS UNDER THE AGE OF 18
    Minors under the age of 18 may not provide personal data. The Data Controller shall not be liable in any way for any collection of personal data, or for false statements, provided by minors, and in any case, if such use is detected, the Data Controller shall facilitate the right of access and erasure requested by the guardian, custodian, or person exercising parental responsibility.
  8. RIGHTS OF THE DATA SUBJECT
    The data subject has the right to obtain from the Data Controller, in the cases provided for, access to personal data and the rectification or erasure of such data or the restriction of processing concerning him or her or to object to the processing (Articles 15 et seq. of the Regulation). The specific request to the Data Controller is submitted by contacting the email address designated for responding to the data subject or by filling in the form available in the dedicated privacy area.
  9. RIGHT TO COMPLAIN
    If the data subject believes that the processing of personal data relating to him/her is in violation of the provisions of the Regulation, he/she has the right to lodge a complaint with the Italian Data Protection Authority (www.gpdp.it), as provided for in Article 77 of the Regulation itself, or to take appropriate legal action (Article 79 of the Regulation).
  10. HOW TO EXERCISE YOUR RIGHTS
    To exercise the above rights, you may contact: B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT No. 00591711205, e-mailinfo@bcitaliana.it – Tel. (+39) 051 6511913
  11. CHANGES
    The Data Controller reserves the right to modify and/or supplement this Policy at any time and undertakes to publish the changes on the company website in the Privacy section. Interested parties are invited to check the content periodically. This policy has been in force since May 27, 2024.
Image shooting and video recording activities
This information notice, pursuant to Regulation (EU) 2016/679 (hereinafter "Regulation") on the protection of personal data, offers detailed information on the protection of your data as well as on how they are processed by the Data Controller on the occasion of access to and permanence in the premises, as well as in the vicinity of the structures (hereinafter "Premises").
The collection, registration, storage, and, in general, the use of images, necessary for the purposes of accessing the Premises, constitutes personal data processing. Further to this point, to complete the information provided to the data subject via the so-called minimum policy "signs" posted in the appropriate areas of the Premises, we communicate the following to you:
  1. DATA CONTROLLER
    B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), tax code 03048140374 and VAT number 00591711205, emailinfo@bcitaliana.it – Tel. (+39) 051 6511913
  2. WHY AND ON WHAT LEGAL BASIS DO WE PROCESS YOUR PERSONAL DATA
    We will process Your personal data in order to comply with a legitimate interest of the Data Controller, for security reasons, for the protection of clientele, staff and all the subjects who have access to the Premises, as well as to protect the same Premises and the corporate assets against possible aggression, thefts, robberies or acts of vandalism.
  3. WHICH PERSONAL DATA WE PROCESS AND FOR HOW LONG
    The processing operations take place observing the specified purposes and, in any case, in order to guarantee the security and the confidentiality of the same data. For this reason, we make it known that:
    • Video recording takes place using video cameras that are placed in such a way as to restrict the recordings to areas truly subject to the risk of unlawful or harmful behavior by subjects unrelated to the corporate structure;
    • The detected images are registered and stored on electronic or magnetic devices, for the period of time strictly necessary to meet the indicated purposes. Please note that the predefined registration time has been intentionally omitted for security reasons; nevertheless, in order to comply with current regulations, the predefined registration time by the system is made available to the competent Lead Supervisory Authorities in a separate file. However, a longer storage period may depend on the need to comply with specific requests from the Judicial Authority or the judicial police in relation to any ongoing investigative activities.
      • The detection and registration of images are carried out without electronic surveillance of communications and conversations, and there is no automated decisionmaking process, including profiling as referred to in Article 22 of the Regulation.
  4. WHO DO WE SHARE YOUR PERSONAL DATA WITH
    Personal data is processed exclusively by staff explicitly authorized by the Data Controller or by external companies designated as Data Processors and potentially upon specific request of the Judicial Authority and/or authorized individuals upon the specific request of the latter. The data collected are not the object of communication or dissemination. Further information is available from the Controller.
  5. TRANSFER OF PERSONAL DATA
    The data from the registrations are stored on the Data Controller's servers located in Italy. Further information is available from the Data Controller.
  6. WHICH ARE YOUR RIGHTS AND HOW YOU CAN EXERCISE THEM
    You have the right, with your personal data, to ask for the rectification, erasure, restriction, and objection to their use for legitimate grounds (under Article 15 et seq. of the Regulation).
    You have the right to obtain from the Data Controller, in the cases provided, access to your personal data and the rectification or erasure of the same or the restriction of the processing that concerns you or to object to the processing (Article 15 and following of the Regulation). The specific request to the Controller shall be submitted by contacting the email address designated for feedback to the data subject.
    In addition to the aforementioned rights, you have the right to lodge a complaint with the Italian Personal Data Protection Authority.
  7. PROCEDURES TO EXERCISE YOUR RIGHTS
    To exercise the aforementioned rights, you can access the Privacy area on the website www.bcitaliana.it and, alternatively, you can contact the Data Controller: B.C. ITALIANA S.R.L., with registered office in Via Schmidl 9/11 40054 Budrio (BO), Tax Code 03048140374 and VAT number 00591711205, e-mailinfo@bcitaliana.it – Tel. (+39) 051 6511913
English