GENERAL INFORMATION ON BFT’S WEBSITE
The following information is provided pursuant to Article 13 of EU Regulation No. 679/2016 (hereinafter the “Regulation”), to users who access the services available on the website http://www.bft-automation.com. When consulting the site, information concerning users – which constitutes personal data pursuant to the Regulation – may be collected. This information is provided exclusively for the website mentioned above and does not affect any other websites accessible by the users through the links available on the said website.
The Data Controller is the company BFT S.p.A., with registered office in Via Lago di Vico 44, Schio (VI), Italy (hereinafter “Bft” or the “Company”).
The Data Processor is the company Pallino&co S.r.l., with registered office in Via Decorati al Valore Civile 57/A, Padova (PD), Italy (hereinafter “Pallino”).
DATA PROTECTION OFFICER (“DPO”)
Pursuant to Article 37 of the Regulation, the Data Protection Officer for the Somfy group, which includes the Company, is Francoise De Schutter, available on the e-mail address email@example.com.
PLACE OF DATA PROCESSING
The processing of data related to the web services of this website is carried out at Bft’s premises mentioned above and it is performed by employees, duly appointed as Persons in charge of processing, and external specialists for management and maintenance operations, duly appointed as Data Processors.
TYPES OF PROCESSED DATA
In the course of normal operation, the IT systems and the software procedures used for the functioning of this website acquire certain personal data whose transmission is implicit in the use of Internet’s communication protocols. Such information is not gathered to be connected with identified persons, but by its very nature it could allow the identification of users through processing and connection with data held by third parties. This category of data includes IP addresses or domain names of the computers used by the users who connect to the website, URI addresses (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply from the server (successful, error, etc.) and other parameters regarding the operating system and the IT environment of the user. Such data are used with the only purpose of gathering anonymous statistical information about the use of the website.
Data voluntarily provided by the user
The sending of optional, explicit and voluntary e-mails to the addresses shown on this website and the filling in of forms specifically provided therein involve the subsequent acquisition of the sender’s e-mail address and the additional personal data provided in the electronic communication, together with the sender/user’s data which are necessary to reply to the requests or to provide the service.
Specific summarised information will be provided in relation to specific services.
COOKIES (in case only session cookies are used)
We do not use IT techniques for the direct acquisition of the user’s personal identification data.
The use of session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (i.e. random numbers generated by the server) which are necessary to enable a safe and efficient surfing on the website.
The session cookies used on this website avoid the use of other technologies that could compromise the privacy of the users and do not allow the acquisition of users’ personal identification data.
In case the user wants to disable the installed cookies, he should manage the settings of his or her browser. However, it should be noted that, in such a case, malfunctions might occur on the website or on certain functions. The procedure to follow varies upon the browser used by the user. In order to obtain detailed information, we invite you to click on the following links:
• Internet Explorer: support.microsoft.com/en-in/help/17442/windows-internet-explorer-delete-manage-cookies
• Google Chrome: support.google.com/chrome/answer/95647
• Safari iOS (iPhone, iPad, iPod touch): support.apple.com/en-us/HT201265
If the browser used is none of the above, in order to obtain information on how to proceed, you may go on the website www.aboutcookies.org or select the function “Help” on your browser.
METHOD OF PROCESSING
Personal data are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected. Specific security measures have been taken to prevent loss of data, their unlawful or incorrect use and unauthorised access.
PURPOSE OF PROCESSING
The user’s personal data, freely communicated and acquired in connection with the activities carried out by the Company, will be processed lawfully and in good faith for the following purposes:
A. the data will be collected and used exclusively for the purposes directly connected to the registration and activation of your account and for the functioning of the services provided by the Company;
B. if the data are inserted in the "Information request" section of the website, personal data will be collected and used for the exclusive purposes of satisfying and managing the requests for information submitted by the user;
C. if the data are inserted in the "Careers" section of the website, personal data contained in the resume will be processed by Bft for the selection concerning the job position or other similar positions;
D. Subject to prior specific and separate consent of the user and until its withdrawal (Article 7 of the Regulation), personal data will be processed both through automated contact systems such as e-mail, fax, MMS (Multimedia Messaging Service) or SMS (Short Message Service) and automated calling systems without human intervention and through traditional devices such as telephone (mobile and fixed) with human intervention (so-called Telemarketing), to send commercial proposals related and/or connected to the services provided by the Company and the Bft Group and to send advertising material connected to the abovementioned products or services or marketing communications, including the newsletter on the offers available on the website, and to conduct market research also aimed at assessing the level of user satisfaction (so-called marketing purposes).
Failure to provide consent to the purposes referred to under point D above will not affect in any way whatsoever the user’s opportunity to register on the website and use the services provided by Bft.
The user shall have the right to object to processing referred to under point D at any time after giving his or her consent:
- by clicking a specific link available at the end of any promotional e-mail sent by Bft of by the Bft Group;
- by modifying his or her preferences within the website on the section “My account – Newsletter and marketing communications” and/or “Telemarketing”.
E. Soft Spam: the e-mail address provided by the user when purchasing a product or service might be used by Bft to send communications by e-mail concerning the direct sale of products or services similar to those purchased by the user without the user’s express prior consent (so-called “soft spamming”), provided that the user does not exercise the right to object referred to under point D above.
LEGAL BASIS OF PROCESSING
User’s consent and performance of contractual obligations or obligations provided by law constitute the legal basis of processing.
OPTIONAL DISCLOSURE OF DATA
Except as specified above with reference to surfing data, the user is free to provide his or her personal data in the application forms or otherwise indicate them in order to request any information material or other communications. However, failure to provide personal data may make it impossible to fulfil the user's requests.
Providing personal data for the purposes referred to under point D above is optional. The refusal to consent for the purposes referred to under point D above, or the exercise of the right to object to processing for the so-called “soft spamming” referred to under point E above, would not lead to negative consequences on the supply of services.
COMMUNICATION AND DISSEMINATION OF DATA
In any other case, personal data will not be communicated, unless it is necessary to reply to requests by the Judicial or Public Security Authorities. The data collected will not be disseminated in any case whatsoever.
PERSONAL DATA STORAGE PERIODS
Personal data processed for the purposes referred to under point A above will be stored for the period strictly necessary for the performance of the requested services, to which it shall be added the further period envisaged by the law in compliance with civil and tax obligations.
Personal data processed for the purposes referred to under point B above will be stored for 18 months starting from the date of receipt of data through the section “Information request” available on the website http://www.bft-automation.com, or from the date of last update communicated by the user.
Personal data processed for the purposes referred to under point C above will be stored for 18 months starting from the date of receipt of the resume through the section “Careers” available on the website http://www.bft-automation.com, or from the date of last update communicated by the user.
Personal data processed for the purposes referred to under point D above will be stored for 24 months starting from the date of consent.
At the end of the storage period, personal data shall be erased, or made permanently anonymous.
RIGHTS OF THE DATA SUBJECT
Pursuant to the Regulation, the natural person whose personal data have been processed may assert a number of rights. In particular, if certain conditions are met and there are no restrictions pursuant to Article 23 of the Regulation, the user shall have the right to:
• obtain confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to his or her personal data and their disclosure (Art. 15 of the Regulation);
• obtain the rectification of inaccurate personal data concerning him or her as well as have incomplete personal data completed, including by means of providing a supplementary statement (Art. 16 of the Regulation);
• withdraw his or her consent on which the processing is based, and however obtain the erasure of personal data concerning him or her without undue delay, if certain requirements are met (Art. 17 of the Regulation);
• obtain the restriction of processing (Art. 18 of the Regulation);
• receive personal data concerning him or her in a structured, commonly used and machine-readable format and transmit those data to another controller (Art. 20 of the Regulation);
• object at any time to processing of personal data concerning him or her (Art. 21 of the Regulation);
• file a complaint before a supervisory authority.
Articles from 15 to 23 of the EU Regulation are available on the following URL: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=celex%3A32016R0679.
The abovementioned rights may be exercised by acceding to your “Reserved area” on the website.
This document was written in Italian and translated into other languages.
If there are any differences among the various versions or doubts about interpreting, the text in Italian shall prevail.