This policy is drawn up pursuant to art. 13 of EU Regulation 2016/679 (also known as "GDPR") and aims to communicate information regarding the processing of your personal data in the context of the features offered by and during your activities on the www.ilbisonte.com site (hereinafter referred to as the "Website").
The data controller and owner of the website is Il Bisonte S.p.A. (hereinafter the “Company”), a company under Italian law with registered office in Via del Parione 11, Florence, 50123 - Italy. You can contact the Company at the registered office or by mail at email@example.com.
As a result of your interaction with the website, the following information may be collected.
Visitor tracking information
The web connection uses tracking information stored by your device and the software systems necessary to ensure the proper connection to the website. This category of information includes, for example, your IP address, the browser, the operating system, the date and the time of the access and other information relating to your web activities. This information is collected and used in a form that is not directly identifying you (e.g., it is associated with the IP address of your device).
Information collected through cookies and trackers
Information provided by you
You can be requested, or you can freely provide us with some personal information; for example, when you sign up to our private area “Your account” of the website or when you make a purchase of a product.
The information collected will be processed for the purposes listed below. Each purpose is pursued by virtue of a legal basis for the processing. Below you will find an indication of each purpose and the related legal bases, indicated by the underline.
MAKE THE WEBSITE AVAILABLE
To ensure the stability of the connection to the website and the normal functioning of network protocols, some tracking information will be used. We pursue this purpose for the performance of a service requested by the user (art. 6(1)(b) of the GDPR).
REGISTRATION TO “YOUR ACCOUNT”
If you decide to sign up to "Your account" area the information provided will be used to create the user account and provide the related services such as the purchase of our products, the management of the shopping cart and the wishlist, for the performance of a service requested by the user (Article 6 (1) (b) of the GDPR). More information is available in the privacy notice “Your account”.
SENDING OF THE NEWSLETTER
Through specific form, you can subscribe to our promotional newsletter about our products. In this case, you will receive the newsletter only with your consent (art. 6(1)(a) of the GDPR). This consent is optional and freely given. At any time, you may withdraw your consent by clicking on the link in the footer of the emails received or following the procedure described in the section “Consent management”. More information is available in the privacy notice of the newsletter.
If you refuse to provide your consent, you will not receive the promotional newsletter.
To ensure the security and maintenance of the website, it may be necessary to access stored information about your web activities, for example if we detect unlawful activities or following a claim. We carry out this processing activity on the basis of the legitimate interest of the data controller (art. 6(1)(f) GDPR) assessed for the importance of maintaining an adequate level of protection of the website users’ information.
FULFILMENT OF LEGAL OBLIGATIONS AND DEFENCE IN COURTIn the event that a legal dispute arises, we may use the information to act or defend ourselves in court according to the legitimate interest of the data controller (Art. 6(1)(f) GDPR) assessed for the need to prosecute or resist a legal action.
We may use your information to comply with legal obligations or exercise legal rights. For example, the law enforcement authorities may request information concerning our users in the event of computer fraud. In this case, the information will be processed to comply with a legal obligation (art. 6(1)(c) GDPR).
technical, which are necessary to make the website work;
profiling, which are used to provide extra services, not necessary for the functioning of the website; for example, to remember your choices, carry out statistical analysis and other marketing purposes.
At any time, you can withdraw your consent through:
the “unsubscribe” link at the bottom of the emails received
the page ”Newsletter” in “Your account”
sending an email to firstname.lastname@example.org.
All these modalities are alternative and equally effective. The withdrawal of consent will stop the sending of communications, without however affecting the lawfulness of the processing carried out before the withdrawal.
The providing of your website access information is automatically as it is a consequence of your connection to the website and the use of internet protocols. On the opposite, providing with personal information to access some specific services is optional and depends on your own decision.
The data will be processed directly by the data controller’s organization, through employees or other appropriately appointed and instructed subjects, who will act as authorized people as well as by external companies that perform services on the data controller behalf, also as data processors pursuant to art. 28 of the GDPR (for example, IT providers and editorial services company) only for the purposes stated in this policy.
The data will not be transferred to third parties for commercial purposes and will not be disclosed. Some information may be communicated to autonomous data controllers, such as public bodies or law firms, only in the case provided by the law.
The list of data processors is available upon request to email@example.com.
Your data may be transferred to countries located outside of the European Economic Area that does not offer adequate level of protection according to the European Commission. In this case, the transfer will take place on the basis of adequate and additional guarantees necessary to ensure a level of security equivalent to that provided for in the European Union. The transfer to countries without adequate protection is subject to further additional measures that are constantly updated on the basis of the law in force. The list of countries and appropriate guarantees is available upon request to firstname.lastname@example.org.
Data processing will be carried out through electronically and manually according to logic strictly connected to the purposes referred to in this policy. We ensure the security of personal data by implementing specific security measures, proportioned to the risks for the rights and freedoms of the people. The security measures include, among others, the encryption of communication.
At any moment, you may obtain from the data controller, if the conditions are met, the access to your personal data, their rectification, cancellation or restriction of processing (articles 15 and following of the GDPR). You can also withdraw your consent at any time. If the conditions are met, you can object to the processing based on the legitimate interest of the data controller.
You can exercise your rights mentioned above, by sending a request via e-mail at email@example.com, or a letter with return receipt to the registered office of the company.
You also have the right to lodge a complaint with the Supervisory Authority for the protection of personal data pursuant art. 77 of GDPR or appeal to the judicial authority (art. 79 of GDPR) if you believe that the processing of your personal data is not compliant with the data protection regulations.
This policy may be subject to revisions and amendments also to reflect legal and regolatory changes. You can view the last updated policy on this website.