+39 0172 812600 | info@melform.com
IT | EN | FR

Privacy Notice for our Customers and Supplier

Bonetto S.r.l., with registered office in Pinerolo (TO), Via Ferrua no. 1, Vat Code, Tax Code and Registration in the Register of Companies of Turin no. 01982210013 (hereinafter for the sake of brevity "The Controller"), in its capacity of Controller of the Processing of the Personal Data of its Customers and Suppliers - natural persons, legal persons or professionals - provides this Notice on the protection of this important Data.

 

  1. Categories of Personal Data and Sources

The Controller will collect the following types of Personal Data:

  • Personal Data related to Customers and Suppliers: name, business contact data, details of any contracts signed, content of communication (such as, by way of example, emails), information on payments and billing etc.
  • Personal data concerning the employees of the Business Partner: name, business contact data, business, the name of the employer, title/qualification, content of communication (such as, by way of example, emails), etc.

 

  1. Purposes of the processing

The personal data of the data subject are processed in order to perform the existing contractual relationship with the Customer or Supplier (including the fulfilment of the obligations imposed by the agreement, billing, exchanging communications, and for legal tasks), for commercial purposes and for safety reasons.

The Controller relies on the following legal grounds for these processing activities:

  • Performance of the contractual relationship with the Customer or Supplier (Art. 6 (b) of GDPR)
  • The legitimate interest of the Controller, its subsidiaries and any other third parties (such as government agencies or courts of justice) (Art. 6(f) of GDPR)
  • The legitimate interest may include, in particular, internal sharing of information, marketing activities, improper use of IT systems, the need to ensure the physical safety, the IT security and the security of corporate networks, internal surveys
  • Consent (Art. 6 (a) GDPR)
  • Compliance with law obligations (Art. 6 (c) of GDPR).

 

  1. Processing methods

The processing of the Personal Data is carried out by means of IT and/or telematic tools, with organizational arrangements and with logics that are strictly related to the stated purposes.

In addition to the Controller, in some cases, other parties which provide administrative and IT support and which ensure the provision of services to Customers and Suppliers, may access the Data. Said parties, appointed if necessary as Processors by the Controller, are allowed to access the Personal Data of Customers and Suppliers whenever necessary, and will be contractually obliged to keep it private.

The updated list of the Processors can be requested via email to the address info@bonetto-group.com

 

  1. Data Retention Period

The Controller will process the Personal Data for the time necessary to fulfil the purposes related to the performance of a contract between the Controller and the Customer and Supplier and, anyway, not beyond the term of 10 years from the end of the relationship with the Customer and Supplier

When the processing of the Personal Data is necessary for the pursuit of a legitimate interest of the Controller, the Personal Data will be retained until such interest is fulfilled.

If the processing of the Personal Data is based on the consent of the Customer and Supplier, the Controller can retain the Personal Data until its withdrawal.

The Personal Data can be retained for a longer period if necessary for the fulfilment of an obligation of law or following an order of an authority.

 

  1. Place

The Data is processed at the registered and operating offices of the Controller and in any other place in which the parties involved in the processing may be located. For additional information, please contact the Controller at the following email address info@bonetto-group.com

 

  1. Automated decision-making processes

No Data collected will be the subject of any automated decision-making process, including profiling, which can produce legal effects for the person or that may affect him/her in any significant way.

 

  1. Rights of the users

The Customers and Suppliers can exercise certain rights with reference to the Data processed by the Controller. In particular, the User has the right to:

  • Withdraw the consent at any time;
  • Oppose to the processing of the Personal Data;
  • Access their Personal Data;
  • Check and request corrections;
  • Obtain the limitation of the processing;
  • Obtain the cancellation or removal of the Personal Data;
  • Receive their Data or have them transferred to another Controller;
  • Lodge a complaint to the Data Protection Authority and/or engage in legal proceedings.

To exercise their rights, the Customers and Suppliers can address a request to the contacts of the Controller reported in this document. The requests are free of charge and are fulfilled by the Controller in the shortest possible time, in any case within 30 days.

 

  1. Data Controller

The Data Controller is Bonetto S.r.L., with registered office in Via Ferrua 1, 10064 Pinerolo (TO) Italy, Tax Code / VAT Code 01982210013, TO - 521060, e-mail address info@bonetto-group.com

 

 

An Overview of Your Rights

 

  1. Right of Access

The Data Subject has the right to obtain from us confirmation about the processing or not of his personal data, and, if appropriate, to request access to the personal data. Access to information includes - inter alia - the purpose of the processing, the categories of personal data concerned, and the recipients and the categories of recipients whom were or will be provided with the personal data. In any case, this is not an absolute right and the interests of other parties may restrict the right to access assigned to the Data Subject.

The Data Subject has the right to obtain a copy of the personal data undergoing processing. In the event of request for additional copies, we may charge a reasonable fee due to the administrative costs incurred.

 

  1. Right to rectification

The data subject has the right to obtain from us the rectification of the incorrect personal data. According to the purposes of processing, the Data Subject has the right that any personal data that may be incomplete are completed, also providing supplementary statements.

 

  1. Right to be forgotten

In certain circumstances, the Data Subject may have the right to obtain the deletion of the personal data and we could be forced to proceed with the deletion.

 

  1. Right to restriction of processing

In certain circumstances, the Data Subject may have the right to obtain a restriction to the processing of the personal data. Where that is the case, the related data will be identified and can be processed only and exclusively for certain purposes.

 

  1. Right to Data Portability

In certain circumstances, the Data Subject may have the right to receive the personal data that he has provided to the Controller, in a structured format customarily used and in digital format and may have the right to transmit this data to another entity without any interference from us.

 

  1. Right to object

In certain circumstances, the Data Subject may have the right to object at any time, on the basis of reasons related to his specific situation, or if the personal data are processed for the purpose of direct marketing, to the processing of the personal data by the Controller, who consequently could no longer proceed with the processing of such data.

Moreover, should the Personal data of the Data Subject be used for direct marketing purposes, the Data Subject will have the right to object at any time to the processing of the personal data for such marketing purpose, including profiling, within the limits in which the same is related to such direct marketing purposes. Where that is the case, the Personal Data of the Data Subject will no longer be processed by the Controller for such purpose.


Web site privacy policy 

The purpose of this document is to inform Users with regard to the Personal Data collected from the web site http://www.melform.com (hereinafter "Site"). The Data Controller, as subsequently identified, may change or simply update, in whole or in part, this Notice informing the Users. Changes and updates will be binding as soon as published on the Site. The User is therefore prompted to read the Privacy Notice every time he accesses the Site. In the case of non-acceptance of the changes made to this Privacy Notice, the User is obliged to stop using this Site and may request the Controller to remove the Personal Data.

 

  1. Personal data collected by the Site

The Controller collects the following types of Personal Data.

A. Content and information provided voluntarily by the User

Contact data, credentials, content: for example personal data, email address or postal address and other contact data, passwords and security information used for authentication and access to the account, interests and personal preferences and other personal content, etc.

Personal data collected from Social Media: the Users can share with the Site the Data communicated to the social media. The User has the option to verify the Personal Data to which the Site can access when he allows access to his social media accounts and via the privacy settings available in the social media in question. Associating accounts managed by social media with the Site and authorising the Controller to access such data, the User consents to the acquisition, processing and retention of the data supplied by said social media in accordance with this Privacy Notice. The failure on the part of the User to provide some Data could prevent this Site from providing its services. The User takes the ownership of the Personal Data of third parties published or shared via this Site and guarantees that he has the right to communicate or disclose it, holding the Controller harmless in respect of third parties. If the processing of the Personal Data is based on the consent of the User, the same may withdraw it at any time.

B. Data and content acquired automatically during the use of the Site

Technical data: the computer systems and software procedures used to operate this Site may acquire, during their normal operation, some Personal Data whose transmission is implicit in the use of internet communication protocols. This information is not collected to be associated with identified interested parties, but by its own nature could, through processing and association with Data held by third parties, allow to identify the users. This category includes the IP addresses or domain names used by the Users who connect to the Site, the addresses in URI (Uniform Resource Identifier) format of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc

C. Personal data collected via cookies or similar technologies

This site uses cookies, web beacons, unique identifiers and other similar technologies to collect Data about the visited pages and links, and the other actions that the User performs when using our Services, inside advertising content or emails. They are stored to be sent again to the same sites when the same User visits them again. The user can read the full Cookie Policy at the following address: http://www.melform.com/cookie.php

 

  1. Purpose

The collected Data may be used for the following purposes:

Registration and authentication of the User

Support and contact with the User

Viewing content from external platforms

External management of payments via credit card, bank transfer, or other methods. The Data used for the payment are acquired directly by the provider of the requested payment service without being processed in any way by this Site.

Sending emails or newsletters and managing mailing lists

Design and/or execution of commercial communication campaigns

Communication for commercial and promotional purposes

Statistics with anonymous data only

External management of payments via credit card, bank transfer, or other methods. The Data used for the payment is acquired directly by the provider of the requested payment service without being processed in any way by this App. Payments are provided by communicating the data to PayPal (Europe) S.à r.l. et Cie, S.C.A. and Banca di Caraglio, in the Cuneo district, and Riviera dei Fiori scrl - Credito Cooperativo

Comments and feedback

Interaction with live chat

Management of the users database

Provision of updates and information relating to products or services

 

  1. Processing methods

The processing of the Personal Data is carried out by means of IT and/or telematic tools, with organizational arrangements and with logics that are strictly related to the stated purposes.

In addition to the Controller, in some cases, other parties involved in the organization of this Site that provide support in the management of the Site and of the tasks and which provide services to the User, may access the data. Said parties. appointed if necessary as Processors by the Controller, are allowed to access the Personal Data of the Users whenever this is necessary, and will be contractually obliged to keep it private.

The updated list of the Processors can be requested via email to the address info@melform.com

 

  1. Legal grounds of the processing

The Controller processes Personal Data of the user in case one of the following conditions occurs:

The User has provided the consent for one or more specific purposes:

The processing is necessary for the performance of a contract with the User and/or the performance of precontractual measures;

Processing is necessary for compliance with a legal obligation to which the Controller is subject;

Processing is necessary for the performance of a task carried out in the public interest or in the exercise of the official authority vested in the Controller;

Processing is necessary for the pursuit of the legitimate interests of the Controller or of third parties.

You can always request the Controller to clarify the actual legal grounds of each processing operation.

 

  1. Place

The Data is processed at the registered and operating offices of the Controller and in any other place in which the parties involved in the processing may be located. For additional information, please contact the Controller at the following email address info@melform.com

 

  1. Security measures

Processing is carried out according to methods and with tools suitable to guarantee the safety and confidentiality of the Data, since the Controller has implemented suitable technical and organizational measures that guarantee, and allow to demonstrate that the processing is carried out in conformity with applicable laws.

 

  1. Data Retention Period

The Controller will process the Personal Data for the time necessary to fulfil the purposes related to the execution of a contract between the Controller and the User and, anyway, not beyond the term of 10 years from the end of the relationship with the User.

When the processing of the Personal Data is necessary for the pursuit of a legitimate interest of the Controller, the Personal Data will be retained until such interest is fulfilled.

If the processing of the Personal Data is based on the consent of the User, the Controller can retain the Personal Data until its withdrawal.

The Personal Data can be retained for a longer period if necessary for the fulfilment of an obligation of law or following an order of an authority.

The full Personal Data will be deleted at the end of the retention period. Upon expiry of that period, the right to access, delete, amend and the right to Data portability shall no longer be exercised.

  1. Automated decision-making processes

No Data collected will be the subject of any automated decision-making process, including profiling, which can produce legal effects for the person or that may affect him/her in any significant way.

 

  1. Rights of the User

The Users can exercise certain rights with reference to the Data processed by the Controller. In particular, the User has the right to:

Withdraw the consent at any time;

Oppose to the processing of the Personal Data;

Access their Personal Data;

Check and request corrections;

Obtain the limitation of the processing;

Obtain the cancellation or removal of the Personal Data;

Receive their Data or have them transferred to another Controller;

Lodge a complaint to the Data Protection Authority and/or engage in legal proceedings.

To exercise their rights, the Users can address a request to the contacts of the Controller reported in this document. The requests are free of charge and are fulfilled by the Controller in the shortest possible time, in any case within 30 days.

 

  1. Data Controller

The Data Controller is Bonetto S.r.L., with registered office in Via Ferrua 1, 10064 Pinerolo (TO) Italy, Tax Code / VAT Code 01982210013, TO - 521060, e-mail address info@melform.com