In addition to the Data Controller company as identified above, any partner sites that from time to time participate in data processing activities independently can take on the role of autonomous Data Controllers.
The computer systems and software procedures used to operate this site acquire, in normal operation, some personal data which is then implicitly transmitted in the use of Internet communication protocols.
This is information that by its nature could, through associations and processing with data held by third parties, allow users/visitors to be identified (e.g. IP address, domain names of computers used by users/visitors who connect to the site, etc.).
This data is used only for statistical information and to check the correct functioning of the site.
Data on web contacts is not kept, however, for more than seven days, except for any investigations of computer crimes against the site.
No data deriving from the web service will be communicated or disseminated.
If users/visitors connecting to this site send their personal data to access certain services, that is to make requests via e-mail, they are aware that this involves the acquisition by the Data Controller of the sender’s address and/or any other personal data that will be processed exclusively to respond to the request, that is for the provision of the service.
The personal data provided by users/visitors will be communicated to third parties only if the communication is necessary to comply with the requests of the users/visitors themselves or by legal obligation (as in the case of billing).
Processing is carried out through automated tools (e.g. using electronic procedures and media) and/or manually (e.g. on paper) for the time strictly necessary to achieve the purposes for which the data was collected and, in any case, in compliance with the relevant regulations in force.
Specific security measures are observed to prevent the loss of data, illicit or incorrect use of the same and unauthorised access, in order to allow access only to persons in charge or responsible persons appointed in accordance with the provisions of the law in force. The list of external Data Processors pursuant to Art. 28 of EU Regulation 679/2016 is available at the headquarters of the Data Controller or by sending a request remotely to the addresses indicated above.
In addition to those indicated in the individual information that precedes the compilation of the forms of the various sections of the site, the purposes of the processing carried out by the Data Controller must be understood as:
The legal basis of the processing of customer data carried out by the Data Controller through the site indicated in the epigraph consists, with regards to the indications referred to in the previous point sub a) in the stipulated contract, or in the pre-contractual phase connected to it, with the data subjects, whilst sub b), c), d), e) the legal basis is to be found in the legitimate interest of the Data Controller in the free economic initiative referred to in Art. 41 of the Constitution. With regards to the further and future purposes that may require consent, these will be requested in a specific form and likewise must be considered a valid legal basis.
In addition to the Data Controller, in some cases, the categories of Data Processors and authorised persons involved in the company organisation (administrative, commercial, marketing, legal, accountants, system administrators) may have access to the data. Furthermore, the Data Controller may make use of external parties (such as third party technical service providers, transporters, hosting providers, cloud services, IT companies, communication agencies) who will be appointed as external Data Processors. The updated list of data Processors can always be requested from the Data Controller, by contacting the address indicated above.
The Data Controller does not transfer the data of the customers/users/navigators of the site to other countries outside the European Union. Data processed by the Data Controller will never be disclosed.
The processing connected to the web services of this site takes place in Italy and therefore, on the basis of Reg. 2016/679/EU, to be considered suitable as it falls within the EU.
Data is only processed by technical staff of the office in charge of processing. If necessary, the data connected to the newsletter service may be processed by the staff of the company that manages the Data Centre (Data Processor pursuant to Article 28 of Reg. 2016/679/EU), at the company’s headquarters.
Data is only processed for the time necessary to perform the service requested by the user and then destroyed with secure means of destruction, such as paper shredders, and wiping of data on computer media.
Apart from what is specified for navigation data that acquire data automatically, users/visitors are free to choose whether they provide their personal data. Failure to provide data may result in it being impossible to obtain what is requested. The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests for services, products or information, as well as any other personal data included in the message.
The subjects to whom the personal data refer have the right at any time, pursuant to the GDPR, to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration, updating, or rectification. Requests should be sent to BinHexS Srl by post to our address: Via Alcide de Gasperi 111- 20017 Mazzo di Rho – MILAN or directly to the e-mail address firstname.lastname@example.org.
In relation to the processing of the aforementioned data, the customer has the right to obtain from the Data Controller:
No automated decision-making processes are carried out on the aggregate data collected, unless necessary for the improvement of the management of the site.
This site and the controller’s services are not intended for minors under the age of 18 and the Controller does not intentionally collect personal information relating to minors. In the event that information on minors is unintentionally registered, the Data Controller will remove it in a timely manner, at the request of users.