Privacy Policy

1. DATA PROCESSING CONTROLLER

The Personal Data Processing Controller is “Borromeo Design s.r.l.”,

  • with registered office in Via Vincenzo Bellini, n. 12, 35121, Padova, taxpayer Number, VAT Number and registration in the Register of Companies of Padova Number 02466760285
  • operating headquarters: via Boscato, 17, CAP 35030, Sarmeola di Rubato (PD).

The identification/contact details of the Data Controller are found on the Home Page or in the “Contatti/Contacts” section of this website.

2. CATEGORIES OF DATA PROCESSED AND COLLECTION METHODS

Your navigation on our website and/or your entry of certain data in the same may lead to our collection and subsequent further processing of your Personal Data. The computer systems and software procedures in operation automatically administer and/or acquire certain information (merely for purposes of example, so-called cookies – as specified below).

3. PURPOSES OF DATA PROCESSING AND LEGAL BASIS FOR PROCESSING

Your Personal Data will be processed for the following purposes. The legal basis for the processing of each type of data is specified as follows:

n. Purpose of processing Legal basis of processing
1 Management of and reply to your specific requests by contacting us directly Fulfilment of a contract or pre-contractual measures required e
2 Purposes of accounting, fiscal, or administrative nature Fulfilment of a legal obligation
3 Direct marketing Consent by the Data Subject

4. HOW WE PROCESS YOUR DATA

The processing of your Personal Data may include any of the following types of operation: collection, recording, organization, structuring, conservation, adaptation or modification, extraction, consultation, use, disclosure by means of transmission, dissemination or any other form made available, comparison or interconnection, restriction, cancellation, or destruction.
Such operations can be conducted with or without the use of electronic or automated instruments.
Processing is conducted by the Data Controller and/or the parties appointed to processing operating under the Data Controller’s direct authority in respect of the instructions provided by such latter or the third parties assigned responsibility for external processing.

5. WHERE WE PROCESS YOUR DATA

Your Personal Data is processed primarily at the offices of the Data Controller and in the places in which the parties responsible for processing operate.

6. THE PERIOD OF TIME FOR WHICH YOUR DATA IS CONSERVED

The Data Controller will not conserve your Personal Data for a longer period of time than necessary for the accomplishment of the purpose for which it was collected. Such data will be conserved for the time allowed or required by law.
Cookies will be conserved in your browser only until the end of the period of navigation.
In order to ensure the respect of the principles of necessity and proportionality of processing, the Data Controller has established different Personal Data conservation times for the single purposes pursued as follows:

  1. for the purpose of managing and replying to your requests regarding our products and activities, your Personal Data will be conserved for the period of time strictly necessary to meet your request;
  2. for the purpose of marketing activities and commercial communication also by e-mail concerning the transmission of promotional and advertising material, your Personal Data will be conserved until the moment you inform us that you no longer wish to receive such material by following instructions for cancellation provided on each one;
  3. for the purpose of managing fulfilling the obligations prescribed by law (of accounting, administrative, and fiscal nature, etc.), your Personal Data will be conserved for 10 years.

7. WHO THE RECEIVERS OF YOUR PERSONAL DATA ARE

Your Personal Data may be disclosed to and processed by:

  1. the legal or natural persons designated in outsourcing as responsible for external processing by the Data Controller or the third parties assigned to such activity by the former (which may include those entrusted with activities regarding assistance, communication, marketing, advertising, promotion and sale of products and/or services, and advertisers, concessionaires, advertising operatives, IT service providers, website/APP managers, electronic platform managers, partners, credit institutes, studios of professionals;
  2. employees and/or associates of the Data Controller (including system administrators) operating under the direct authority of the latter and as such authorized to process your Personal Data; and
  3. employees and/or associates of the legal or natural persons designated as responsible for external processing (including system administrators) operating under the direct authority of these latter processers designed by the Data Controller and as such authorized to process your Personal Data

Your Personal Data will not be disclosed to third parties, except whenever your Personal Data must be communicated by the Data Controller to consultants in defense of rights.

8. OBLIGATORY CONFERMENT OF DATA

The conferment of data must be deemed obligatory for the processing that the organization must perform in fulfilment of its obligations to the Data Subject on the basis of the relationship (or contact) in force or in fulfilment of its legal, normative, and regulatory obligations.
Consent to conferment is not obligatory for any other purposes, and even after it has been granted may be revoked in any moment by the Data Subject.

9. REFUSAL TO CONFER DATA

Refusal to confer the data that the Data Subject is obliged to confer may lead to the impossibility of satisfying your requests and initiating a business relationship and the contracts intended to be fulfilled with the Data Controller.
In the event of refusal to confer data that the Data Subject is not obliged to confer, the consequences will be evaluated specifically case by case and presumably the service linked to such data will be impossible to provide.

10. RIGHTS OF THE DATA SUBJECT:

Privacy Policy grants you, the Data Subject, numerous rights, among which, in particular, the following:

Right Description
Right of revocation of the consent provided (GDPR Art. 13, paragraph II, letter A and Art. 9, paragraph II, letter A) In any moment whatsoever you have the right to revoke your consent to any of the types of processing whose legitimacy is based on your consent, as indicated in the table of purposes above.
Your revocation of consent does not compromise the legitimacy pf previous processing.
Right of access to data (art. 15) You have the right to request a) the purposes of processing; b) the categories of Personal Data in question; c) the receivers or categories of receiver to which your Personal Data has been or will be disclosed, and in particular whether such receivers are located abroad or whether international organizations are involved; d) whenever possible, the period of conservation envisioned for the Personal Data, or whenever this is impossible, the criteria used to determine such period; e) to ask the Data Processing Controller to rectify or erase your Personal Data or the restriction of the processing of your Personal Data or your opposition to their processing; f) to lodge a protest with a control authority; g) whenever the data has not been collected from you, all the information possible on its origin; h) the existence of an automated decision-making process including the profiling specified in Article 22, paragraphs 1 and 4, and at least in some cases, significant information on the type of processing logic adopted, and the importance and consequences envisioned for such processing for you. You also have the right to request a copy of your Personal Data that has been processed.
Right of rectification (Art. 16) You have the right to request the rectification of inexact Personal Data that regards you and to obtain the integration of incomplete Personal Data.
Right of erasure (Art. 17) You have the right to obtain from the Data Processing Controller the erasure of Personal Data that regards you whenever such Personal Data is no longer necessary to the purpose for which it was originally collected or otherwise processed, whenever your revoke your consent, whenever any legitimate and prevailing reason to proceed to profiling processing no longer exists, whenever the data has been processed unlawfully, whenever there is a legal obligation for their erasure; and whenever the data regards web services provided to minors without consent. Erasure may be performed except when the right to freedom of expression and information prevails or whenever it is conserved for the fulfilment of a legal obligation or for the execution of an operation performed in public interest or in the exercise of the powers of public authorities for public health reasons, for the purposes of the filing of scientific or historical research or statistical purposes or for purposes of ascertainment or the exercise or defense of a right during legal proceedings.
Right of restriction of processing (Art. 18) You have the right to obtain from the Data Processing Controller the restriction of the processing of your Personal Data whenever you have protested the exactitude of such Personal Data (for the period required by the Data Processing Controller to verify the correctness of your Personal Data) or whenever the processing is unlawful and you oppose the erasure of Personal Data and ask instead that its use be restricted or if it is necessary to you for the ascertainment, exercise or defense of a right during legal proceedings and for the Data Controller it is no longer necessary.
Right of portability (Art. 20) You have the right to receive in commonly used structured format legible by an automatic device the Personal Data that regards you and that you conferred to us, with the right to transmit it to others if the processing is based on consent, on contact, and if the processing has been performed with the use of automated systems except whenever the processing is necessary for the execution of an operation of public interest or regards the exercise of the power of public authorities and whenever such transmission does not infringe on the rights of others.
Right to lodge a protest with the Data Protection Authority (Personal Data Protection Authority) (Art. 77) With all rights reserved to further of administrative or judicial claims, whenever you have reason to believe that the processing of your Personal Data violates Personal Data Protection regulations, you have the right to lodge a protest with a Protection Authority in the member state in which you regularly reside, work, or in which the presumed violation took place.

11. METHODS TO BE ADOPTED FOR THE EXERVISE OF RIGHTS

You may in any moment exercise these rights by contacting the Data Controller at the addresses above.
You may lodge a protest with the Data Protection Authority by following the instructions provided at the latter’s website in the section entitled “Forms” under the heading “Protest (or by clicking on the following link).

12. INFORMATIVE NOTE ON COOKIES

12.1 What cookies are

Cookies are small text files that the websites visited by users send to their terminals, where they are memorized prior to being retransmitted to the websites the next time that the user visits the website. So-called “third-party” cookies are instead set up by a different website from the one that the user is visiting. This is because every website may contain elements (images, maps, sounds, specific links to web pages of other domains, etc.) residing in different servers than the one of the website the visitor is visiting.

12.2 The purpose that cookies serve

Cookies are used for different purposes: executing information technology authentication, monitoring sessions, memorizing information on specific configurations regarding users accessing the server, memorizing preferences, etc. For such reason, for a facilitated and complete use of a website, the user should configure his or her browser in such way as to accept these cookies.

12.3 Characteristics and purposes of cookies for our web pages

Our website uses only technical cookies (of the first party, e.g. the Data Controller) or in other words, navigation and session cookies and cookies to save your display of the banner that signals the presence of cookies.
Our website does not use profiling cookies or third party cookies (e.g. cookies from other websites).

12.4 How to enable or disable cookies on your browser

You can block your navigation browser’s acceptance of all cookies or only third-party cookies. This operation might completely obstruct or compromise your access to certain website pages or services. We provide the ways to block the acceptance of cookies offered by the leading browsers:
Internet Explorer: http://windows.microsoft.com/it-it/internet-explorer/delete-manage-cookies#ie=ie-11
Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Chrome: https://support.google.com/chrome/answer/95647?hl=it
Safari: http://support.apple.com/kb/HT1677?viewlocale=it_IT