Skip links

PRIVACY POLICY in accordance with EU Regulation 2016/679 (“GDPR”)


The Data Controller is BAGLIONI S.p.A. with registered office in Via Biandrate, 24, 28100, Novara (Novara) – P.IVA/C.F.: 01169330030, contactable at amministrazione@baglionispa.com, DPO email address: amministrazione@baglionispa.com.

1. INTRODUCTION

The company BAGLIONI S.p.A. in the person of its pro-tempore legal representative, with registered office at Via Dante Alighieri no. 8 -28060 San Pietro Mosezzo Novara (NO), VAT no. 01169330030(hereafter the two companies will be jointly referred to as “data controller“), have always considered of paramount importance the protection of the personal data of their customers and users, to whom they ensure the processing of personal data in full compliance with the protections and rights recognized by the EU Regulation 2016/679 of the European Parliament and of the Council of April 27, 2016, on the protection of individuals with regard to the processing of personal data and on the free movement of such data (hereinafter also referred to only as “Regulations“) and in general by the entire data protection legislation.

In Art. 4 in point 1) of the Regulation we find the definition of “personal data” as “any information relating to an identified or identifiable natural person; an identifiable person is any natural person who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier, or to one or more characteristic features of his or her physical, physiological, genetic, mental, economic, cultural or social identity” (henceforth referred to as “Personal Data“). And therefore, the data controller, in pursuit of its business purposes, may become aware of or request Personal Data from you, such as your first and last name, your e-mail address, your telephone and postal contact information, your Tax Identification Number or VAT number, your date of birth, and other identifying data.

The Regulations require that, prior to the processing of Personal Data – by which term is to be understood, according to the relevant definition in Art. 4 under (2) of the Regulation, “any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction” (hereinafter the “Processing“) – adequate information to the person to whom such Personal Data belongs about the purposes of the Processing, the manner in which the Processing will be conducted as well as in relation to as much other information as is required by law.

In this regard, the contents of this notice are intended to provide you, in a simple and intuitive manner, as much information as possible to supplement that contained in the specific privacy notices made pursuant to Art. 13 of the Regulations when providing and collecting your Personal Data.

This notice, therefore, has been prepared, on the basis of the principle of transparency, precisely to provide all the elements required by Articles 13 and 14 of the Regulations, and, in deference to a principle of absolute ease of consultation, is divided into individual sections (hereinafter “Sections” and individually “Section”), each of which deals with a specific topic so as to make your reading quicker, easier and more intuitive (hereafter the contents of this Internet page will be referred to jointly and briefly as “Disclosure.”).

1.1. COMPANIES THAT ARE OWNERS AND/OR JOINT OWNERS OF THE PROCESSING

The companies of the data controller, which will process your Personal Data independently or jointly, depending on one or more of the purposes as resulting from the specific notice that is given during the collection of the Personal Data, as well as – by way of example and not limited to – within Section C of this Notice, are as follows:

  1. A. S.T.R.A. Baglioni S.p.A.,
  • San Pietro Mosezzo Plant- via Leopardi 27, San Pietro Mosezzo, Novara: production of air-oil separators for screw compressors, line filters, adsorption dryers, and small and medium-sized special tanks. The facility is also the headquarters of the SPE Division that co-ordinates the relative activities within the Group.
  • San Pietro Mosezzo facility – via Dante Alighieri 12, San Pietro Mosezzo, Novara: production of custom made medium and large sized special vessels and vessels for high-pressure applications. Liquid and powder coating, assembly of vessel components
  • Corigliano d’Otranto plant – VIA S.S. 16, Corigliano D’Otranto, Lecce: production of small and medium-sized tanks
  • Galliate Plant – Via Antonio Meucci 1, Galliate, Novara: The plant where the Oil & Gas division is based, producing shell and tube heat exchangers, air coolers, air chillers…
  • Casalvolone Plant – Via Villata 2, Casalvolone, Novara Production of medium-sized tanks for the compressed air market

Production is B2B-oriented mainly to manufacturers in the EMEA region

         2. C.S.C. Baglioni S.p.a.

 The aforementioned companies may independently play the role of data controller, that is-as per the relevant definition in Art. 4 in item 7) of the Regulations – “The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data“; or, in some specific cases, they may play the role of co-processors, this term being understood to mean “Two or more companies that jointly determine the purposes and means of processing” as stipulated in Art. 26 of the Regulations (within this Disclosure each of the above two companies will be referred to individually as “Data Controller“, or both will be jointly referred to as “Co-Processor of the Treatment“).

This privacy policy (henceforth “Privacy Policy“) is proposed to describe how to manage – as to the processing of personal data of users/visitors in accordance with the Regulation (hereinafter only “Users“) – of the websites and Apps owned by the data controller’s companies, which are listed below: www.baglionispa.com (hereafter jointly referred to as “Internet Sites“). All Internet sites other than those listed above, even where the User accesses them through links and/or banners on the Internet Sites, are not covered by the Privacy Policy.

The data controller, in compliance with privacy regulations and according to the guidelines described in the Privacy Policy, intends to ensure the protection and security in the processing of personal data of each User of the Internet Sites, which include Cookies, usage data, e-mail addresses, first and last name, telephone number, and home/residence addresses.

In any case, even in the absence of specific Privacy Notice pursuant to Art. 13 of the Regulations, the Privacy Policy will be valid as a document capable of providing the proper indications referred to in Articles 13 and 14 of the Regulations, for all Users of the Internet Sites who find themselves interacting with the Data Controller in order to take advantage of the services offered by the same Internet Sites.

1.2.CO-OWNERSHIP TREATMENTS

With a view to making specific processing activities more functional to both the interests of its customers/users and its own objectives, both companies of the Baglioni Group as identified within Section B of this Notice, on May 2, 2018, entered into a co-ownership agreement pursuant to Art. 26 of the Regulations, whereby they undertook to jointly carry out the following purposes (i) personnel selection activities, (ii) Direct marketing activities, (iii) indirect marketing activities, (iv) profiling activities. For these purposes, the Data Controllers have also jointly determined the methods of Processing and have defined, in a clear and transparent manner, the procedures for providing you with timely feedback should you wish to exercise your rights, as provided for in Articles 15, 16, 17, 18 and 21 of the Regulations as well as in the cases of portability of Personal Data provided for in Art. 20 of the Regulations as more fully described within Section H of this Notice.

1.3. OBJECT OF TREATMENT

With regard to the data processed by this website, the owner processes:

Personal, identifying data hereinafter, “personal data.”

  • Browsing data: this category of data includes IP addresses or domain names of computers and terminals used by users, addresses in URI/URL (Uniform Resource Identifier/Locator) notation, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment. These data, which are necessary for the use of web services, are also processed for the purpose of:
  • Obtain statistical information on the;use of services (most visited pages, number of visitors by time slot or daily, geographical areas of origin, etc.);
  • Monitor the proper functioning of the services offered.
  • data communicated by the user: such as, for example, personal data provided by you through the “contact” form or data provided in the “Contact” section.
  • Cookies and other tracking systems: for details of the cookies used by this site, see the section on cookies in the following data protection notice.

In particular, it is specified that the data processed by means of the website are:

  • Derived Data – Information that our servers automatically collect when you access the Site, such as your IP address,  browser type,  operating system, access times, and the pages you viewed directly before and after accessing the Site.
  • Facebook permissions -TheSite can, by default, access basic Facebook account information, including  name, email, gender, birthday, current city, and profile picture URL, as well as other public information.
  • Data from social networks –User information from social networking sites, Facebook, Google+, Linkedin including name, social network username, location, gender, date of birth, email address, profile photo, and public contact information, if the user links their account to such social networks.
  • Third-party data – the site does not send data to third parties.

In terms of the company’s main activity, the owner deals with:

personal, identifying data hereinafter, “personal data” provided by the user by means of interaction with this site aimed at using the services of the Company.

Regarding applications pertaining to personnel selection, the data processed and the related processing methods are as follows:

Contact information (such as, address, e-mail address, phone number, etc.);

  1. Data on education, professional experience and previous activities;
  2. Special categories of personal data (such as, for example, health status, union membership, etc.) only to the extent that such information is contained in the cv
  3. Photo as it is on the cv

Processing is carried out in both manual and computerized ways and with the support of paper, computer (management software, accounting, etc.) or otherwise automated and telematic means.

In any case, the processing of data is carried out with the adoption of all appropriate measures to ensure the security and confidentiality of personal data, in particular, in compliance with the security measures referred to in Art. 32 of European Regulation no. 2016/679 and in accordance with the principles of lawfulness, necessity and proportionality.

2.THE PURPOSES AND LEGAL BASES OF PROCESSING

Each Data Controller, except for specific cases of co-ownership as set forth below, may require you to provide your Personal Data for the Processing purposes set forth below:

2.1.Regarding the processing purposes of the site of Baglioni S.p.a.

Pursuant to Art 6 EU Regulation No.679/2016 (and subsequent legislative adaptation provisions Legislative Decree 101/2018) (GDPR) for the following Service Purposes:

(a) interaction and navigation on the site:

  1. enable the enjoyment and use of this website, as well as to carry out maintenance and technical support necessary for its proper functioning;
  2. To enable the Controller to respond to requests made by you through this website.

Legal basis and lawfulness of the processing: The legal basis underlying the processing referred to in (a) of this point is provided by ‘art. 6 par.1 lett. f) GDPR, which states that “the processing is necessary for the pursuit of the legitimate interest of the data controller or a third party”.

The Processing of your Personal Data will be legally based on the contractual relationship that will be created between you and the Data Controller as a result of your interaction with the company’s specific website;

2.2.With regard to the purposes of the processing of Baglioni S.p.a.’s activities:

(b) purchase of products and/or services.: The Data Controller, in order to enable the purchase of its products and/or services, needs to collect some of your Personal Data, as requested within the subscription or purchase form.

Legal basis and lawfulness of processing: contractual purpose/legal obligations ex art. 6 letters (b) and (c) of the Regulations – the Processing of your Personal Data will be conducted by the Data Controller to enable you to receive what you have requested and purchased and will therefore be legally based on the contractual relationship that will be created between you and the latter;

c) participation in events: the Data Controller, in order to allow you to participate in one of the events organized by the same, needs to collect some of your Personal Data, as requested within the event registration form/form.

Legal basis and lawfulness of processing: contractual purpose/legal obligations ex art. 6 letters (b) and (c) of the Regulations – the Processing of your Personal Data will be conducted by the Data Controller to register you for the event and ensure your participation and therefore will be legally based on the contractual relationship that will be created between you and the latter;

(d) request for information: The Data Controller, in order to follow up on your request for information received by the same through one of the modalities present on its websites, needs to process some of your Personal Data as requested within the form collection and/or as spontaneously conferred by you.

Legal basis and lawfulness of processing: pre-contractual purpose ex art. 6 letter b) of the Regulation – the Processing of your Personal Data will be conducted by the Data Controller to provide feedback to your request for information and will be legally based on the pre-contractual relationship that will be created between you and the latter;

(e) personnel selection activities: the Data Controller, in order to initiate the personnel selection processes and properly evaluate your candidacy both for a specific search activity and voluntary, needs to process your Personal Data contained within the Curriculum Vitae and/or required in the form Of collection prepared by the Data Controller.

Legal basis and lawfulness of processing: pre-contractual purpose ex art. 6 letter b) of the Regulation – the Processing of your Personal Data will be conducted by the Data Controller evaluating your application and will be legally based on the pre-contractual relationship that will be created between you and the latter.

For this specific purpose, candidates are reminded that they can consult the appropriate data protection notice at this link.

(f) establishment and management of employment or collaboration relationship: The Data Controller, in order to establish and manage an employment or collaboration relationship, needs to collect some of your Personal Data as required within the employment or collaboration contract. The Processing of your Personal Data will be conducted by the Data Controller and will be legally based on the contractual relationship of employment or collaboration that will be created between you and the latter;

Legal basis and lawfulness of processing: contractual purpose/legal obligations ex art. 6 letters (b) and c) of the Regulations – The Processing of your Personal Data will be conducted by the Data Controller to give effect to the establishment and management of your employment or collaboration relationship with it and will be legally based on the contractual employment or collaboration relationship that will be created between you and the Data Controller;

g) execution of contractual documentation: The Data Controller, in order to give effect to the contractual relationship between you and the latter as well as the related fulfillments, needs to collect and process some of your Personal Data as requested within the individual contractual document;

Legal basis and lawfulness of processing: contractual purpose/legal obligations ex art. 6 letters (b) and c) of the Regulations – The Processing of your Personal Data will be conducted by the Data Controller to follow up on the signing of the individual contractual document and will be legally based on the contractual relationship that will be created between you and the latter;

(h) Compliance with legal obligations: The Data Controller, in order to comply with legal obligations, needs to collect and process certain of your Personal Data as, from time to time, required by specific legal regulations;

Legal basis and lawfulness of processing: legal obligations under Art. 6 letter c) of the Regulation – The Processing of your Personal Data will be conducted by the Data Controller to comply with legal obligations and will be legally based on the applicable legal regulations;

(i) marketing activities: The performance by the Data Controller of its own promotional and/or marketing activities towards you. This category includes all activities performed to promote products, services, sold and/or provided by the Data Controller; subject to your specific consent.

Legal basis and lawfulness of processing: legitimate interest under Article 6 letter f) of the Regulation – The Processing of your Personal Data will be conducted by the Data Controller and will be legally based on its legitimate interest in promoting its products and services;

Legal basis and lawfulness of processing: consent of the data subject ex art. 6 letter a) of the Regulation – The Processing of your Personal Data will be conducted by the Data Controller and will be legally based on your free, express and unequivocal consent.

3. PROCESSING METHODS AND HOW DATA ARE COLLECTED

The processing of your personal data is carried out by means of the following operations: collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, deletion and destruction of data.

The processing will be carried out either by manual and/or computerized and telematic tools with logics of organization and processing strictly related to the purposes themselves and in any case in such a way as to ensure the security, integrity and confidentiality of the data themselves in compliance with the organizational, physical and logical measures provided for in Articles 24 and 25 and 32 of the GDPR.

The personal data subject to processing are collected directly by the Data Controller or by third parties expressly authorized by the Data Controller, or communicated by the Data Controller to such third parties for the pursuit of the purposes set forth in this policy.

The Data Controller carries out periodic checks so that no personal data are processed, collected, stored or retained that are not necessary in relation to the processing and related purposes as set out in this policy.

 4. NATURE OF DATA PROVISION AND CONSEQUENCES OF REFUSAL TO RESPOND

Please be informed that, taking into account the purposes of the processing referred to in points (a)-(h) as illustrated above in point 2., the provision of the data necessary for the purposes related to the contractual services of the co-processing companies is free, but their failure, partial or inexact provision may have, as a consequence, the impossibility of carrying out the pre-contractual and contractual activities and fulfillments as provided for in the contract of sale and/or supply of products.

For the purposes of items i)   the express consent of the data subject is required instead.

 5. ACCESS TO DATA BY PROCESSING EMPLOYEES

Your data may be made accessible for the exclusive purposes set forth in this notice:

  • to employees and collaborators of the Controller, the auxiliaries and third persons employed companies and companies in supply and outsourcing relationship with the Controller in their capacity as authorized persons for processing and/or internal data controllers and/or system administrators;
  • to third-party companies or other entities  that perform outsourced activities on behalf of the Controller, in their capacity as external data controllers.
 6. COMMUNICATION OFPERSONAL DATA

Personal Data may be disclosed to specific entities considered to be recipients of such Personal Data, which should be understood as natural or legal persons, public authority, service or another body receiving communication of Personal Data, whether or not they are third parties.

With this in mind, in order to properly carry out all Processing activities necessary to pursue the purposes set forth in this Notice, the following Recipients may be in a position to process your Personal Data:

Third parties who carry out part of the Processing activities and/or activities related and instrumental to the same on behalf of the Data Controller or the Co-Processors. These individuals have been appointed as data controllers, that is, natural or legal persons, the public authority, service or other body that processes Personal Data on behalf of the Data Controller;

Individuals, employees and/or contractors of the Data Controller or the Co-Processors, who have been entrusted with specific and/or multiple Processing activities on your Personal Data. These individuals have been given specific instructions regarding the security and proper use of Personal Data and are defined as the “persons authorized to process Personal Data under the direct authority of the Data Controller or Processor.”

where required by law or to prevent or suppress the commission of a crime, your Personal Data may be disclosed to public bodies or judicial authorities without, however, being defined as Recipients. In fact, the regulation states that public authorities who receive communication of Personal Data as part of a specific investigation conducted in accordance with Union or Member State law are not considered Recipients.

Without the need for express consent, the Data Controller may disclose your data for the above purposes  to Supervisory Bodies, Judicial Authorities, insurance companies for the provision of insurance services, as well as to those subjects to whom communication is obligatory by law for the fulfillment of the said purposes.

Specifically, data recipients can be:

  • information society and information technology assistance;
  • companies, or professional firms offering professional and/or consulting services with respect to accounting, legal, tax, administrative, financial, and debt collection matters;
  • IT infrastructure and solution providers;
  • Web service providers;
  • banks and payment service providers, acting as Processors, to whom your personal data may be disclosed for the purpose of processing your payments;
  • consultants, to the extent necessary for the performance of their professional duties.

The communication concerns the categories of personal data whose transmission to the above-mentioned third parties is necessary for the performance of the activities and for the purposes referred to in this notice.

An up-to-date list of Data Processors and Authorized Persons is kept at the Data Controller’s office and is available upon request to be made by e-mail at

Some of these parties may process data in their capacity as autonomous data controllers.

Your data will not be disseminated.

Data communications may also relate to:

  • Law or exercise of rights

If it is considered that the release of information  is necessary to respond to legal process, to investigate or remedy potential violations of our policies, or to protect the rights, property, and safety of others, we may share information as permitted or required by any applicable law, rule, or regulation. This includes exchanging information with other entities for fraud protection and credit risk reduction.

  • Third-party service providers

The site shares information with third parties who perform services for the site or on our behalf, including  data analysis, emailing, hosting services, customer service, and marketing support.

  • Cookies and web beacons

We may use cookies, web beacons, tracking pixels and other tracking technologies on the Site to help personalize the Site and improve your experience. When you access the  Site,  personal information is not collected through the use of tracking technologies. Most browsers are set to accept cookies by default. You can remove or reject cookies, but be aware that such action may affect the availability and functionality of the Site. The user cannot reject web beacons. However, they can be rendered ineffective by rejecting all cookies or by changing your web browser settings to notify you each time a cookie is offered, allowing you to accept or reject cookies on an individual basis. We may use cookies, web beacons, tracking pixels and other tracking technologies on the Site to help personalize the Site to improve your experience.

Below are the cookies used by this site:

SESSION COOKIES

Name

Domain

Path

Value

wp-wpml_current_language

baglionispa.com

/

en

 
7.THIRD-PARTY WEBSITES

The site does not contain links to third-party websites and applications of interest, including  external services, which are not affiliated with us.

PERMANENT COOKIES

Name

Domain

Path

Deadline

Deadline in days

Content

_gid

.baglionispa.com

/

19/09/2023 15:09:59

0

GA1.2.1747774004.1695042599

_gat_UA-77710364-1

.baglionispa.com

/

18/09/2023 15:10:59

0

1

_ga_2SH0K54ZHH

.baglionispa.com

/

17/09/2025 15:09:59

729

GS1.1.1695042599.1.0.1695042599.60.0.0

_ga

.baglionispa.com

/

17/09/2025 15:09:59

729

GA1.1.818026393.1695042599

8. PERIOD OF RETENTION OF PERSONAL DATA (SO-CALLED DATA RETENTION)

Personal data are stored mainly by both paper and digital procedures in Italy, within the European Union and precisely also outside the Holder’s Head Office and in full compliance with the provisions and requirements necessary for the purposes of security and proper location of data storage units. Digital preservation methods are limited only to the sending of documentation and are carried out in full compliance with the provisions and requirements necessary for the security and proper location of data storage units( pc and secure back up tools) as well as for the security of paper archives.

The Owner will process personal data for as long as necessary to fulfill the above purposes and in any case for no longer than the termination of the relationship carried out for the Service Purposes.  It is considered that The Data Controller will process personal data for the time necessary to fulfill the above purposes and in any case for no longer than 10 years after the termination of the relationship for the Billing and Accounting Service Purposes; For the purposes related to direct and indirect marketing, please note that the retention period does not exceed 24 months from the date of re-collection.

Retention time related to data processing carried out by this website:

Personal data will be processed and stored for as long as necessary for the purposes for which it was collected.

Therefore:

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be retained until the full performance of that contract.
  • Personal Data collected for purposes of legitimate interest of the Data Controller will be retained for as long as necessary to fulfill those purposes. Users can find specific information about the legitimate interests pursued by the Owner in the relevant sections of this document or by contacting the Owner.
  • The Controller may be authorized to retain Personal Data for a longer period if the User has given consent to such processing, provided that such consent is not withdrawn. In addition, the Data Controller may be obliged to retain Personal Data for a longer period if this is required to fulfill a legal obligation or by order of an authority.
  • Once the retention period has expired, the Personal Data will be deleted. Therefore, the right of access, the right to erasure, the right to rectification, and the right to data portability cannot be exercised after the retention period has expired.
9.COOKIE BANNER TEXT

“Notice

We and selected third parties use cookies or similar technologies for technical purposes and, with your consent, for functionality, experience, measurement, and marketing (personalized ads), as specified in the Cookie Policy. Refusal of consent may make related functionality unavailable.

Users can freely give, withhold, or withdraw their consent at any time.

Use the “Agree” button to consent. Use the “Reject” button to continue without accepting.”

Panel in the banner

“In this panel you can express some preferences regarding the processing of your personal data.

You can review and change the choices made at any time by reappearing at this panel via the link provided.

To deny consent to the specific processing activities described below, turn off the toggles or use the “Deny All” button and confirm that you want to save your choices.”

10.EXTRA EU/SEAS TRANSFER

The Data Controller does not make any transfers of your personal data abroad (to be understood as foreign all countries outside the European Economic Area. In any case, data will be transferred outside the EU in compliance with the provisions of Articles 51-59 of the GDPR.

11.RIGHTS OF THE DATA SUBJECT

In your capacity as a user you are entitled to the following rights:

-Right to access your data,  obtain confirmation of the existence or non-existence of personal data concerning you, even if not yet registered, and their communication in an intelligible form; -obtain indication: (a) of the origin of personal data; (b) of the purposes and methods of processing; (c) of the logic applied in case of processing carried out with the aid of electronic instruments; (d) of the identification details of the data controller, data processors and the data controller’s representative and designated authorized persons for processing (e) of the subjects or categories of subjects to whom the personal data may be communicated or who may become aware of them in their capacity as designated representative in the territory of the State, data processors or persons authorized to process them; (Art. 15 GDPR).

Right to  updating,  rectification or, when interested, integration of data; (Art. 16 GDPR).

  • Right to erasure, transformation into anonymous form or blockingof data processed in violation of the law, including data whose retention is not necessary in relation to the purposes for which the data were collected or subsequently processed ; (art. 17 GDPR).
  • Right to request the restriction of use of data for the sole reasons of public interest and for the establishment or defense of a right, in cases where the data subject disputes the accuracy of the data and processing, in the case of exercising the right to object to processing under Art. 21 GDPR  and in the other cases provided for in Art.18 GDPR; (art.18 GDPR).
  • Right to receive personal data provided to the owner of the processing in a structural format or on a commonly used, intelligible and accessible computer medium for any operating system (USB or properly encrypted ZIP file), and to Move without constraints, the complexes of information and data about you by this owner or another owner chosen by you according to your purposes and in full compliance with the principles of transparency, lawfulness and proportionality of processing.  This  right to data portability is without prejudice to other rights; (Art. 20 GDPR).
  • Right to object,  in whole or in part: on legitimate grounds to the processing of personal data concerning you, even if relevant to the purpose of collection; to the processing of personal data concerning you for any other purpose not relevant to the processing; (Art. 21 GDPR).
OPPOSITION TO PROCESSING AND WITHDRAWAL OF CONSENT

As provided for in the Regulations, if you have given your consent to the Processing of your Personal Data for one or more of the purposes for which you have been requested, you may, at any time, withdraw it in whole and/or in part without affecting the lawfulness of the Processing based on the consent given before the withdrawal.

The ways to revoke consent are very simple and intuitive, you just need to contact the Data Controller and/or the Co-Processor companies using the contact channels reported to you within this Policy.

In addition to the above and for the sake of simplicity, should you find yourself in the condition of receiving advertising e-mail messages from the Data Controller companies that are no longer of interest to you, simply click on the text “IF YOU NO LONGER WISH TO RECEIVE OUR NEWSLETTERS, YOU CAN UNSUBSCRIBE BY CLICKING HERE

placed at the bottom of them to stop receiving any further communication or, if not present, by using the additional contact channels made available by the Data Controller or the Co-Processor companies.

  • Right To withdraw consent where provided and at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent given before the withdrawal;
  • Right to file a complaint with the supervisory authority, 
  • Right to withdraw consent: consent to data processing can be withdrawn at any time by the data subject.
13. WAYS OF EXERCISING RIGHTS
You may exercise your rights at any time by sending a request by email to the email address: privacy@baglionispa.com – Privacy Office of Baglioni S.p.a. 
  1. By calling the number:
  2. +39 0321 485211
  3. FAX:+39 0321 53571 and asking for the Privacy Office or the data controller.

and may also exercise its rights by contacting the Privacy Guarantor, with headquarters at  Piazza Venezia no. 11 – 00187 Rome, Telephone switchboard: (+39) 06.696771,Fax: (+39) 06.69677.3785. General information can be sent by e-mail to: protocollo@gpdp.it, protocollo@pec.gpdp.it

14. AMENDMENTS TO THIS POLICY

The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving notice to users on this site. Therefore, please consult this page often, taking as reference the date of last modification given at the end of the document. In the event that you do not accept the changes made to this Privacy Policy, you may request the Data Controller to delete the personal data concerning you.

15. MATERIALS

All content on the Internet Sites (not uploaded by users) is part of the Baglioni S.p.a archives (including co-owner companies), including images. Some of the photographic materials are taken from online archives. The user when registering and entering content, whether photographic or textual, for the purpose of publication on the Internet Sites, declares that he or she owns the rights (including for commercial purposes) to the uploaded images. The user therefore takes full responsibility for the provenance and legality of images uploaded to the Internet Sites.

16. PROCEDURE FOR REVOCATION OF CONSENTS ON DATA PROCESSING BY THE ENTITY:

BAGLIONI S.p.A. with registered office in Via Biandrate, 24, 28100, Novara(Novara) – P.IVA/C.F.: 01169330030.

Dear User, You may request revocation of one or more of the privacy consents listed below by sending an email to the following address: amministrazione@baglionispa.com or to amministrazione@baglionispa.com (DPO email address) and stating one or more of the options you wish to revoke.

  • Revocation of Email Communications
  • Revocation of third-party marketing communications by email

Once the request is received, it will generally be processed within 48 hours.

HOW TO DISABLE COOKIES OF ANY BROWSERS USED BY THE USER FOR BROWSING BY BROWSER CONFIGURATION?

Chrome

  1. Running the Chrome Browser
  2. Click on the menu on the browser toolbar next to the url entry window for browsing
  3. Select Settings
  4. Click Show Advanced Settings
  5. In the “Privacy” section, click “Content Settings” button.
  6. In the “Cookies” section, you can change the following cookie-related settings: – Allow data to be saved locally – Change local data only until the browser is closed -Prevent sites from setting cookies – Block third-party cookies and site data – Manage exceptions for certain websites – Delete one or all cookies

For more information visit the dedicated page.

Mozilla Firefox

  1. Run the Mozilla Firefox Browser
  2. Click on the menu on the browser toolbar next to the url entry window for browsing
  3. Select Options
  4. Select the Privacy panel
  5. Click Show Advanced Settings
  6. In the “Privacy” section, click “Content Settings” button.
  7. In the “Tracking “section, you can change the following cookie-related settings: – Require sites to do no tracking – Notify sites of your willingness to be tracked – Do not communicate any preferences regarding tracking of personal data
  8. From the “History” section you can: – Enable “Use custom settings” by selecting to accept third-party cookies (always, from the most visited sites or never) and to keep them for a specified period (until they expire, when Firefox closes, or to ask each time) – Remove individual stored cookies.

For more information visit the dedicated page.

Internet Explorer/Edge

  1. Run the Internet Explorer/Edge Browser
  2. Click on the Tools button and choose Internet Options
  3. Click on the Privacy tab, and in the Settings section, change the slider to function
    Of the desired action for cookies:
  • Block all cookies/ Allow all cookies
  • Selection of sites from which to obtain cookies: move the cursor to an intermediate position so as not to block or allow all cookies, then press on Sites, in the Website Address box enter a website and then press on Block or Allow

For more information visit the dedicated page.

Safari 6

  1. Running the Safari Browser
  2. Click on Safari,select Preferences and press on Privacy
  3. In the Block Cookies section, specify how Safari should accept cookies from Internet sites.
  4. To view which sites have stored icookie click on Details

For more information visit the dedicated page.

Safari iOS(mobile devices)

  1. Running the iOS Safari Browser
  2. Tap on Settingsand then Safari
  3. Tap on BlockCookie and choose from the options, “Never,” “Third-Party and Insiders,” or “Always”
  4. To clear all cookies stored bySafari, tap on Settings, then on Safari, and finally on ClearCookies and Data

For more information visit the dedicated page.

Opera

  1. Running the Opera Browser
  2. Click on Preferencesthen on Advanced and finally on Cookies
  3. Select one of the following options: -Accept all cookies – Accept cookies only from the site you are visiting: third-party cookies and that are sent from a domain other than the one you are visiting will be rejected – Never accept cookies: all cookies will never be saved

For more information visit the dedicated page.

 17. DEFINITIONS AND LEGAL REFERENCES
Personal Data (or Data)

Personal data is any information that, directly or indirectly, including in connection with any other information, including a personal identification number, makes a natural person identified or identifiable.

Usage Data

This is the information collected automatically through this Application (including by third party applications integrated into this Application), including: the IP addresses or domain names of the computers used by the User who connects with this Application, the addresses in URI (Uniform Resource Identifier) notation, the time of the request, the method used in forwarding the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..) the country of origin, the characteristics of the browser and operating system used by the visitor, the various temporal connotations of the visit (e.g. the length of time spent on each page) and the details of the itinerary followed within the Application, with particular reference to the sequence of pages consulted, the parameters relating to the User’s operating system and computer environment.

User

The individual using this Application who, except where otherwise specified, coincides with the Data Subject.

Interested

The natural person to whom the Personal Data refers.

Data Processor (or Manager)

The natural person, legal entity, public administration and any other entity that processes personal data on behalf of the Controller, as set forth in this privacy policy.

Data Controller (or Owner)

The natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of the processing of personal data and the means adopted, including the security measures relating to the operation and use of this Application. The Data Controller, unless otherwise specified, is the owner of this Application.

This Application

The hardware or software tool by which Users’ Personal Data are collected and processed.

Service

The Service provided by this Application as defined in the relevant terms (if any) on this site/application.

European Union (or EU)

Unless otherwise specified, any reference to the European Union in this document is understood to extend to all current member states of the European Union and the European Economic Area.

Cookie

Cookies are Tracking Tools that consist of small portions of data stored within the User’s browser.

Tracking Tool

Tracking Tool means any technology – e.g., cookies, unique identifiers, web beacons, embedded scripts, e-tags, and fingerprinting – that allows tracking Users, for example, by collecting or storing information on the User’s device.

Legal references

This privacy policy is prepared based on multiple legislative orders, including Articles 13 and 14 of Regulation (EU) 2016/679.

Unless otherwise specified, this privacy policy covers this Application only.

18. ACCEPTABLE USE POLICY FOR WEBSITE USERS

Prohibited Use: You may not use the Services to post content or engage in activities that are illegal under applicable law, harmful to others, or that could expose us to liability, including but not limited to the following activities, each of which is prohibited by this AUP:

  • Phishing or identity theft
  • Distribution of computer viruses, worms, Trojan horses (TROJAN) or other malicious codes (MALWARE, RANSOMWARE, etc.).
  • Distribute pornography or adult content or offer escort services.
  • Promoting or facilitating violence or terrorist activities
  • Infringement of intellectual property or other property rights of others.

Application

Your services may be suspended or discontinued with or without notice if you violate this policy. Any violation may result in immediate suspension or termination of your account.

Reporting violations

To report a violation of this policy, contact us as per Section 13 of this policy

We reserve the right to change this policy at any time, and you will be promptly updated of this. To make sure you are up to date with the latest changes, we recommend that you visit this page often.