Privacy Policy
VERS.4/2018- DRAFTED PURSUANT TO ART. 13 AND 14 GDPR 2016/679 EXTRACT. THE FULL TEXT CAN BE OBTAINED FROM THE REFERENCES IN THIS DOCUMENT
The purpose of the Legal Notes and of the Privacy Policy is to ensure the User is able to verify the processing activities of their data on the web in full transparency, together with the importance of having used a service that is attentive to protecting user rights, accustomed to the correct observance of the provisions of the law. Please note that the text below complies with the recent regulations dictated by the GDPR 2016/679, as well as the privacy regulations in force in the countries where Bros Manifatture srl, Bros Usa Corporation and Bros Asia Limited (hereinafter “Bros Group”) offer their website services. The Bros Group hereby declares that Bros Manifatture S.r.l. is the data controller and owner of the domains and websites.
Bros Manifatture S.r.l. therefore provides users who connect to the websites brosway.com; brosmanifatture.it; brostrap.com; pianegonda.com; sagapo.it; rosato.it; shopinbros.com; dhiva.it; pianegonda.us; brosway.us and the company pages on social networks with the rules for the correct and authorised use of photos, images, text and any other document published here.
Furthermore, the term Business Data in this context refers to:
– any type of information that is processed, acquired, known, processed, communicated and extracted in the pages of the above-mentioned sites.
– information from links to other sites is not included.
The Bros Group recognises the importance of protecting the personal data of its customers (such as identification and financial data including credit card numbers) and the data of users of its Website(s). For this reason, the Bros Group adopts specific policies and security measures to comply with current data protection regulations and protect your personal data. It is important to emphasise that what is described below may be revised and added to by this company whenever necessary. In this regard, and for the sake of transparency towards the user, the front cover shows the number corresponding to the current version (currently vers. 4/2018- extract).
PRIVACY POLICY
The information is provided only for brosway.com; brosmanifatture.it; brostrap.com; pianegonda.com; sagapo.it; rosato.it; shopinbros.com; dhiva.it; pianegonda.us; brosway.us and for the company pages present on social networks and not for other websites that may be consulted by the user through links. The information is also based on the provisions of Recommendation no. 2/2001 that the European Data Protection Authorities, united in the Group of European Guarantors ex art 29 have adopted to identify some minimum requirements for the collection of personal data online, and in particular, the methods, timing and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purpose of the connection, together with the provisions of the European directives and the rules of Italian law on data security. In addition, the information contained on the website also meets the conformity requirements dictated by other regulatory provisions and is and has been updated in accordance with Law No. 88 of 7 July 2009 as a regulation implementing the 2008 European Union tax law.
DATA CONTROLLER
For the purposes of the principles of transparency and fairness enshrined in the Privacy Code, processing belongs directly to Bros Manifatture srl whose full details are listed on the home page. The domain is owned by the same data controller, to whom it is regularly registered.
BROS MANIFATTURE
Via Guido Rossa, 1
63025 Montegiorgio (FM)
BROS USA CORPORATION
169 EAST FLAGER STREET
SUITE 1022 MIAMI, FL 33131
Bros Manifatture Asia Limited
Suite 2301, 23rd Floor, Chinachem
Hollywood Centre, 1-13 Hollywood Road
Central, Hong Kong S.A.R.
DATA PROCESSOR
Pursuant to Art. 28 of GDPR 2016/679, the reference for any information and requests to be sent to the Data Processor is provided:
resp.trattamento@brosmanifatture.it
In addition, a complete and up-to-date list of Data Processors can be obtained by writing to the address on this website.
INTERNATIONAL TRANSFERS OF PERSONAL DATA
If the customer has chosen to register on the Bros Group’s customer database, the Bros Group collects the customer’s personal data in their country, for example data relating to their visits to our shops, and then transfers it and stores it, in accordance with current legislation, in another country where the servers of our group companies are located. Customer data will be transferred for the purposes described in this Policy (e.g. to provide the services requested or to offer personalised services in our shops worldwide). The privacy and data protection laws of those countries may not be equivalent to those in the customer’s country of residence. Bros. Group companies will take steps to ensure that customer data is treated securely, in accordance with the principles of fairness, necessity and proportionality and in compliance with this Policy, regardless of the country to which it may be transferred.
Where permitted in the customer’s country, by using the Websites mentioned above or by providing data to us for the purposes set out in this Policy, the customer fully understands and clearly agrees to the transfer of personal data abroad in the context of the Group companies’ normal business operations, including the collection, storage and processing of such data in the United States of America and Asia. These policies represent the rules of conduct relating to the processing of personal data for all Bros Group companies and therefore regulate and allow the transfer of data between the same companies residing in different geographical areas, in compliance with the guarantees established by privacy legislation (principle of Binding Corporate Rules).
LOCATION OF DATA PROCESSING
The processing operations connected with the web services of the websites brosway.com; brosmanifatture.it; brostrap.com; pianegonda.com; sagapo.it; rosato.it; shopinbros.com; dhiva.it; pianegonda.us; brosway.us take place at the registered office located in Via Guido Rossa n. 1 – 63833 Montegiorgio (FM) and are handled by the data controller and any third party companies in their capacity as data processors pursuant to art. 28 GDPR 2016/679. For the sake of transparency, it should be noted that the domain is hosted by an external provider that is responsible for its operation and security and that, in the event of violations, is subject to the responsibilities laid down by the specific rules of the sector. The provider is located in an EU country.
WEBSITE NAVIGATION DATA
This section specifies which data Bros Manifatture S.r.l. may collect during simple navigation on the websites, without logging in as a registered user, and how they are processed.
During normal operations, the computer systems and software procedures used to operate this website acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This category includes the IP addresses or domain names of the computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of the resources requested, the numerical code indicating the status of the response given by the server (e.g. successful, error) and other parameters relating to the user’s operating system and computer environment. This data could be used to ascertain liability in the event of hypothetical computer crimes against the site.
Please note that the Personal Data collected by these websites, either independently or through third parties, includes: Name and surname – Phone number – Email address – Address – City – Province – Country – Company name – Profession – Website – Cookie – Usage data – IP address – Location.
Unless otherwise specified, all the Data requested by these sites are compulsory, to enable the Data Controller to respond to your requests; therefore, if the User refuses to communicate said data, it may be impossible to provide the service.
RETENTION PERIOD
The Data are processed and stored for the time required by the purposes for which they were collected. Therefore:
– Personal Data collected for purposes relating to the performance of a contract between the Data Controller and the User will be retained until the performance of that contract is completed.
– Personal Data collected for purposes relating to the legitimate interest of the Controller will be retained until such interest is met. The User may obtain further information on the legitimate interest pursued by the Controller in the relevant sections of this document or by contacting the Controller.
When processing is based on the User’s consent, the Controller may keep the Personal Data for longer until such consent is revoked. In addition, the Controller may be obliged to retain Personal Data for a longer period in order to comply with a legal obligation or by order of an authority.
At the end of the retention period, the Personal Data will be deleted. Therefore, once such period has elapsed, the right of access, cancellation, rectification and the right to data portability can no longer be exercised.
COOKIES
In compliance with the provision of the Data Protection Authority of 14/06/2014, it is stated that this website contains technical cookies, i.e. navigation cookies, analytics cookies and functionality cookies. No personal user data is acquired by the site in this respect. We do not use cookies to transmit information of a personal nature, nor do we use so-called persistent cookies of any kind, i.e. systems for tracing users. The use of session cookies (which are not permanently stored on the user’s computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to enable safe and efficient exploration of the site. The setting of cookies is carried out by the Web Master appointed by the company, and the above-mentioned domains reside in the server family of an external provider.
The following cookies are also present on this site:
GOOGLE ANALYTICS cookies.
Google Analytics is a free web analytics tool provided by Google, which sends cookies to your device, lasting 2 years. The information generated by your use of the website, including your IP address, is transmitted to Google and stored on its servers. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. However, Google does not associate your IP address with any other data held by Google.
GOOGLE ADWORDS and GOOGLE SHOPPING analytics cookies.
Google Adwords and Google Shopping are tools provided by Google.
To help us keep track of sales and other conversions, a cookie is added to a user’s computer when that user clicks on an ad. This cookie lasts for 30 days and does not collect or track information that can personally identify a user.
FACEBOOK ADS cookies
Facebook Ads is a Facebook tool that uses cookies with a duration of 3 months to show advertisements and make recommendations for companies and other organisations to people who might be interested in their products, services or promoted causes.
For more information visit https://www.facebook.com/policies/cookies/
FACEBOOK SHOPPING cookies
Facebook shopping is a Facebook tool that uses cookies, which last for 3 months, to enable the functionality that enables us to provide Facebook Products. Cookies allow us to store your preferences, to know when you have viewed or interacted with content from Facebook Products and to provide you with personalised content and experiences.
For more information visit https://www.facebook.com/policies/cookies/
CRITEO cookies
We use Criteo cookies to personalise content and ads, to provide social media features and to analyse our web traffic. In addition, we share information about your use of our site with our partners (social media advertising and analytics), who may combine it with other information you have provided or that our partners have collected during the use of their services.
For more information visit https://ailab.criteo.com/cookie-declaration/
SENDINBLUE cookies
The site uses Sendinblue cookies, which are intended to facilitate navigation on the site, perform the service provided by Sendinblue, measure the site’s audience or enable the sharing of the site’s pages.Cookies are placed in the user’s terminal for a maximum period of 13 months after the User’s consent is provided. After this period, consent will be requested again.
For more information visit https://www.sendinblue.com/legal/privacypolicy/
CONTACTLAB cookies
The site uses Contactlab cookies, the purpose of which is to inform the server of the user’s accesses to that particular web page, and any other information it obtains from the system’s readable parameters through functions contained in the web page, to personalise and facilitate the user’s browsing experience and, in some cases subject to their consent, to enrich user profiling for advertising and/or commercial purposes.
Cookies can be ‘temporary’ (or session cookies, they are deleted when the connection is terminated) or ‘permanent’ (they remain stored on the user’s hard drive, unless the user deletes them).
For more information visit https://contactlab.com/it/cookies/
HOTJAR cookies
We use Hotjar to better understand the needs of our users and optimise this service and experience. Hotjar is a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click on, what users do and don’t like, etc.) This allows us to create and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data about the behaviour of our users and their devices (in particular, device IP address (captured and stored anonymously), device screen size, device type (unique device identifiers), browser information, geographic location (country only), preferred language used to view our website). Hotjar stores this information in a pseudonymised user profile. This information will never be used to identify individual users or to match it with further data about an individual user. For further details, please see Hotjar’s privacy policy by clicking on this link https://www.hotjar.com/legal/policies/privacy.
WORDPRESS cookies
The site uses functional WordPress cookies, which expire with the session, to store preferences set by users such as account name, language and location.
For more information visit https://wordpress.org/about/privacy/cookies/
MAGENTO cookies
The site uses functional Magento cookies, which expire with the session, to store preferences set by users such as account name, shopping cart, language and location.
For more information visit https://magento.com/legal/terms/privacy-shield
OPTIONAL PROVISION OF DATA
Apart from what is specified for navigation data, the user is free to provide personal data by writing on the appropriate form in the “CONTACTS” section of the site to request information or other communications. For the sake of completeness, it should be recalled that in some cases, which are not the subject of the routine management of this website, the Authority may request news and information pursuant to GDPR 2016,/679 for the purpose of monitoring the processing of personal data. In these cases, a reply is mandatory under penalty of administrative sanction.
RIGHT TO BE FORGOTTEN
Apart from what has been specified for navigation data, the user is free to provide personal data. The Company respects the User’s right to be forgotten, i.e. the right to obtain the deletion of data concerning them without undue delay.
DATA SUBJECTS’ RIGHTS
Each person has the right at any time to obtain confirmation of the existence or otherwise of data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (art. 7 GDPR 2016/679). It is also the right of each user to revoke any consent previously given for information or marketing purposes. Pursuant to the same article, they have the right to request the erasure, transformation into anonymous form or blocking of data processed in breach of the law, as well as to object to in all cases, for legitimate reasons, their processing. Users also have the right to request the restriction of the use of their data and the right to data portability to another Data Controller.