Information on data processing

This Privacy Policy is intended to describe how the website is managed, with reference to the processing of the personal data of users/visitors.

The policy is provided only for the aforementioned site and not for other websites that may be consulted by the user through specific links. This privacy policy is intended to describe how the website is managed, with reference to the processing of the personal data of users/visitors.

BINHEXS SRL, with registered office in Busto Garolfo (MILAN) Via Maroncelli N. 73 Postcode 20020 and operational and administrative headquarters in Via Alcide de Gasperi 111, 20017 Mazzo di Rho (MILAN), VAT number: 05516730966, e-mail, as Data Controller of personal data, guarantees compliance with the legislation on the protection of personal data (Reg. 2016/679/EU Legislative Decree 196/03, as amended from Legislative Decree 101/2018). The company has appointed the Data Protection Officer, who can be contacted at the following email address: Users/visitors are therefore invited to read this Privacy Policy carefully before sending any type of personal information by e-mail and/or filling out any electronic form on the site.

Data Controller

In addition to the Data Controller company as identified above, any partner sites that from time to time participate in data processing activities independently can take on the role of autonomous Data Controllers.

The computer systems and software procedures used to operate this site acquire, in normal operation, some personal data which is then implicitly transmitted in the use of Internet communication protocols.

This is information that by its nature could, through associations and processing with data held by third parties, allow users/visitors to be identified (e.g. IP address, domain names of computers used by users/visitors who connect to the site, etc.).

This data is used only for statistical information and to check the correct functioning of the site.

Data on web contacts is not kept, however, for more than seven days, except for any investigations of computer crimes against the site.

No data deriving from the web service will be communicated or disseminated.

Data provided voluntarily by users/visitors

If users/visitors connecting to this site send their personal data to access certain services, that is to make requests via e-mail, they are aware that this involves the acquisition by the Data Controller of the sender’s address and/or any other personal data that will be processed exclusively to respond to the request, that is for the provision of the service.

The personal data provided by users/visitors will be communicated to third parties only if the communication is necessary to comply with the requests of the users/visitors themselves or by legal obligation (as in the case of billing).


In addition to the data expressly given to the Data Controller, other data deriving from the user’s navigation on the site may be recorded: when the user accesses it, in fact, the site can send the user a “cookie”. A cookie is a small text file that the site can automatically send to the user’s computer when they view our website pages. Cookies are used to make navigation easier, as well as to obtain information on the navigation of the individual user within the site and to allow the operation of some services that require the identification of the user’s path through different pages of the site. For any access to the site, regardless of the presence of a cookie, the site records the type of browser (eg. Internet Explorer, Chrome, Firefox), the operating system (eg. Windows, Macintosh), the host and the URL of origin of the user-navigator, in addition to the data on the requested page. This data can be used in aggregate and anonymous form for statistical analysis on the use of the site. For the complete management of cookies, consult the Cookie Policy page of this website.

Processing methods

Processing is carried out through automated tools (e.g. using electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data was collected and, in any case, in compliance with the relevant regulations in force.

Specific security measures are observed to prevent the loss of data, illicit or incorrect use of the same and unauthorised access, in order to allow access only to persons in charge or responsible persons appointed in accordance with the provisions of the law in force. The list of external Data Processors pursuant to Art. 28 of EU Regulation 679/2016 is available at the headquarters of the Data Controller or by sending a request remotely to the addresses indicated above.

Purpose of processing

In addition to those indicated in the individual information that precedes the compilation of the forms of the various sections of the site, the purposes of the processing carried out by the Data Controller must be understood as:

  1. collection, storage and processing for the purposes of establishing operational and administrative management of the contractual relationship connected to the performance of the contractual relationship established and to the provision of the service offered on the site;
  2. use of the user’s personal data (in particular the e-mail address) to carry out direct marketing communications;
  3. processing of personal data provided and those obtained from browsing the site in order to provide a service consistent with the information transmitted during the use of the service;
  4. collection, storage and processing of data to perform statistical analysis in anonymous and/or aggregate form;
  5. purposes functional to the performance of our business, for instance offering personalised content such as newsletter services or sending direct marketing communications.

Legal basis of processing

The legal basis of the processing of customer data carried out by the Data Controller through the site indicated in the epigraph consists, with regards to the indications referred to in the previous point sub a) in the stipulated contract, or in the pre-contractual phase connected to it, with the data subjects, whilst sub b), c), d), e) the legal basis is to be found in the legitimate interest of the Data Controller in the free economic initiative referred to in Art. 41 of the Constitution. With regards to the further and future purposes that may require consent, these will be requested in a specific form and likewise must be considered a valid legal basis.


In addition to the Data Controller, in some cases, the categories of Data Processors and authorised persons involved in the company organisation (administrative, commercial, marketing, legal, accountants, system administrators) may have access to the data. Furthermore, the Data Controller may make use of external parties (such as third party technical service providers, transporters, hosting providers, cloud services, IT companies, communication agencies) who will be appointed as external Data Processors. The updated list of data Processors can always be requested from the Data Controller, by contacting the address indicated above.

Transfer to a third country

The Data Controller does not transfer the data of the customers/users/navigators of the site to other countries outside the European Union. Data processed by the Data Controller will never be disclosed.

Place of data processing

The processing connected to the web services of this site takes place in Italy and therefore, on the basis of Reg. 2016/679/EU, to be considered suitable as it falls within the EU.

Data is only processed by technical staff of the office in charge of processing. If necessary, the data connected to the newsletter service may be processed by the staff of the company that manages the Data Centre (Data Processor pursuant to Article 28 of Reg. 2016/679/EU), at the company’s headquarters.

Time and place of data retention

Data is only processed for the time necessary to perform the service requested by the user and then destroyed with secure means of destruction, such as paper shredders, and wiping of data on computer media.

Optional or compulsory provision of data

Apart from what is specified for navigation data that acquire data automatically, users/visitors are free to choose whether they provide their personal data. Failure to provide data may result in it being impossible to obtain what is requested. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests for services, products or information, as well as any other personal data included in the message.

Rights of data subjects

The subjects to whom the personal data refer have the right at any time, pursuant to the GDPR, to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration, updating, or rectification. Requests should be sent to BinHexS Srl by post to our address: Via Alcide de Gasperi 111- 20017 Mazzo di Rho – MILAN or directly to the e-mail address

In relation to the processing of the aforementioned data, the customer has the right to obtain from the Data Controller:

  • confirmation of the existence or otherwise of their personal data, its communication in an intelligible form and knowledge of its origin, as well as the logic on which the processing is based;
  • the cancellation, within a reasonable period, of their data, its transformation into anonymous form or the blocking of data processed in violation of law;
  • the updating of data, its rectification or, when relevant, its integration;
  • certification that the operations referred to in points 2) and 3) above have been brought to the attention of those to whom they have been communicated, provided that it is not impossible or involves a disproportionate use of means;
  • the customer/user also has the right to obtain the rectification or erasure of data concerning them or the limitation of processing;
  • the customer/user has the right to revoke the consent relating to optional treatments not related to the execution of the contract signed with the Data Controller;
  • the customer/user also has the right to oppose, for legitimate reasons, the processing of personal data concerning them. This is even if it is pertinent to the purpose of collection, to request its portability, to exercise the right to be forgotten, as well as to contact the ordinary judicial authority or the supervisory authority competent for the protection of personal data for any violation it deems to have suffered. For Italy, this is the Data Protection Authority contactable via e-mail at the following address:, by fax: 06 696773785, or by post, to the Data Protection Authority, based in Rome (Italy), Piazza Venezia No. 11 – Postcode 00187.

Automated decision-making processes

No automated decision-making processes are carried out on the aggregate data collected, unless necessary for the improvement of the management of the site.


This site and the controller’s services are not intended for minors under the age of 18 and the Controller does not intentionally collect personal information relating to minors. In the event that information on minors is unintentionally registered, the Data Controller will remove it in a timely manner, at the request of users.

Final clauses

Considering the current state of evolution of the legislation on the protection of personal data, we inform you that this privacy policy may be subject to updates.

Contact us