The Legislative Decree no. 196, dated 30th June 2003, applying the Directive 95/46/CE, regulates the processing of personal data, meaning of “whichever operation or group of operations carried even without the electronic devices for collection, registration, organisation, conservation, consultancy, elaboration, modification, selection, extraction, comparison, use, interconnection, blocking, communication, distribution, cancellation and destruction of data, even if not registered in the data bank”.
This page outlines the modes of site managment with reference to processing of personal data of users consulting the site.
Location of data processing
The processing related to the web services of the present site takes place at the headquarters of Vi.Be.Mac. and is carried out by the technicians in charge for processing.
Collection and Use of Personal Data
Personal data is data that can be used for unique identification or contact of a single individual.
Here there are some examples of the types of personal data that Vi.Be.Mac. may collect and how it may use it.
What personal information we collect:
When you create an account, register your products, purchase a product, download a software update, we may collect a variety of information, including your name, mailing address, phone number, email address, contact preferences, and credit card information.
How we use your personal data:
The personal data are used for fiscal or accounting purposes, client and supplier management and dispute management;
The personal data that we collect allows us to keep you updated on Vi.Be.Mac.’s latest product news, software updates and upcoming events. It also helps us to improve our services, content and advertising. If you don’t want to be on our mailing list, you can unsubscribe anytime by writing to email@example.com.
From time to time, we may use your personal data in order to send you some important notices, such as communications on purposes and change of our terms, conditions and policies. Because this information is important for your interaction with Vi.Be.Mac., you should not opt out of receiving these communications.
We may also use your personal data for internal purposes such as auditing, data analysis and research to improve Vi.Be.Mac.’s products, services and customer communications.
None of the data collected by means of this site is subject to disclosure unless for the purpose of providing the services outlined on the present website and exclusively to the clients of the Owner.
Collection and Use of Non-Personal Data
We also collect non-personal data, meaning data in a form that does not permit direct relation with any specific individual. We may collect, use, transfer, and disclose non-personal data for any purpose. The following are some examples of non-personal data that we collect and how we may use it:
We may collect information such as occupation, language, zip code, area code, unique device identifier, location and the time zone, where Vi.Be.Mac's products are used so that we can better understand customers' behaviour and improve our products, services and advertising.
If we do combine non-personal with personal data, the combined data will be treated as personal data as long as it remains combined.
Nature of data provided
You are free to provide or less the required data every time, but in some cases its lack may result in the impossibility to provide the requested services.
Cookies and Other Technologies
If you want to disable cookies, please, check with your browser provider on how to procede.
Disclosure to Third Parties
As is true of most websites, we collect some information automatically and store it in log files. This information includes Internet Protocol (IP) addresses , browser type and language, Internet service provider (ISP), referring and entry/exit pages, operating system, date/time and clickstream data.
We use this information to understand and analyze trends, to administer the site, to learn about user behaviour on the site and to gather demographic information about our user base as whole. Vi.Be.Mac may use this information in our marketing and advertising services.
In some of our email messages, we use a "click-through URL" linked to the content on Vi.Be.Mac.'s website. When customers click on one of these URL, they pass through a separate server before arriving at the destination page on on our web site. We track this click-through data to help us to determine the interest in particular matters and measure the effectiveness of our customer communications. If you prefer not to be tracked in this way, you should not click text or graphic links in the email messages.
Pixel tags enable us to send email messages in a format that customers can read and they indicate us whether mail has been opened. We may use this information to reduce or cancel the messages sent to the customers.
Communication and Disclosure to Third Parties
Sometimes Vi.Be.Mac. can make certain personal data available to strategic partners that work with Vi.Be.Mac. in providing products and services, or that help Vi.Be.Mac. in its commercial activities. Personal data will only be shared by Vi.Be.Mac. to provide or improve our products, services and advertising and will not be disclosed to third parties for their marketing purposes.
Vi.Be.Mac. shares personal data with some service providers such as:
- Consultants, lawyers or collaborators of the Company, in charge of data processing
- Auditors of the Company providing administrative and accountancy services that remain in charge of autonomous processing
- Service providers for Vi.Be.Mac.’s website and operative system management
- Individuals who carry out on behalf of Vi.Be.Mac. technical and organisational tasks
- Credit institutes, banks, financial companies, insurance companies
- Carrier companies in charge of product delivery
- Company or personnel in charge of customers' service
- Companies acting as dealers of our products
These companies are obliged to protect your data and they are located wherever Vi.Be.Mac. operates.
It may be necessary by law, legal process, litigation and/or upon request from public and governmental authorities within or outside your country of residence, for Vi.Be.Mac. to disclose your personal data. We may also disclose information about you if such is necessary for national security, laq enforcement, or other issues of public importance.
We may also disclose information about you if we decide that the disclosure is reasonably necessary to enforce our terms and conditions or protect our operations or users. Additionally, in the event of reorganization, merger or sale we may transfer any or all personal information that we collect to a relevant third party.
Protection of Personal Data
Vi.Be.Mac. takes precautions — including administrative, technical, and physical measures — to protect your personal data against loss, theft, and misuse, as well as against unauthorized access, disclosure, alteration, and destruction.
Vi.Be.Mac.'s online services, such as Vi.Be.Mac Online Store, use Secure Sockets Layer (SSL) encryption on all web pages where personal data is collected. To make purchases from these services, you must use an SSL-enabled browser such as Safari, Firefox, or Internet Explorer. Doing so, protects the confidentiality of your personal data while it is transmitted over the Internet.
Integrity and Preservation of Personal Data
Our Companywide Commitment to Your Privacy
To make sure that your personal data are secured, we communicate our privacy and security guidelines to Vi.Be.Mac.’s employees and strictly enforce privacy safeguards within our company.
Rights according to the Legislative Decree 196/2003
The individuals who give their personal details have the right at any moment to receive confirmation of existence or less of data and to be aware of contents and origin, to verify the accuracy or ask for integration or update or rectification (Legislative Decree n. 196/2003, art.7), by writing to firstname.lastname@example.org
The present article grants the right to ask for cancellation, change to an anonimous form or blocking data processing that is in violation of the law, as well to oppose in any way to data processing for the valid reasons.
You can turn to data processing manager to exercise your rights, as outlined in the art. 7,8,9 and 10 of the Decree on Protection of Personal Data that states the following:
Art. 7. The right to access personal data and other rights
1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
2. A data subject shall have the right to be informed
a) of the source of the personal data;
b) of the purposes and methods of the processing;
c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
d) of the identification data concerning data controller, data processors and the representative designated as per the art 5, comma 2;
e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
3. A data subject shall have the right to obtain
a) updating, rectification or, where interested therein, integration of the data;
b) erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
4. A data subject shall have the right to object, in whole or in part,
a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.
Art. 8 Exercise of rights
1. The rights referred to in the art. 7 may be exercised by making a request to the data controller or processor without formalities, also by the agency of a person in charge of the processing. A suitable response shall be provided to said request without delay.
2. The rights referred to in the art.7 may not be exercised by making a request to the data controller or processor, or else by lodging a complaint in pursuance of the art 145, if the personal data are processed:
a) pursuant to the provisions of decree-law no. 143 of 3 May 1991, as converted, with amendments, into Act no. 197 of 5 July 1991 and subsequently amended, concerning money laundering;
b) pursuant to the provisions of decree-law no. 419 of 31 December 1991, as converted, with amendments, into Act no. 172 of 18 February 1992 and subsequently amended, concerning support for victims of extortion;
c) by parliamentary Inquiry Committees set up as per art. 82 of the Constitution;
d) by a public body other than a profit-seeking public body, where this is expressly required by a law for purposes exclusively related to currency and financial policy, the system of payments, control of brokers and credit and financial markets and protection of their stability;
e) in pursuance of the art 24, c.1, letter f), as regards the period during which performance of the investigations by defence counsel or establishment of the legal claim might be actually and concretely prejudiced;
f) by providers of publicly available electronic communications services in respect of incoming phone calls, unless this may be actually and concretely prejudicial to performance of the investigations by defence counsel as per Act no. 397 of 7 December 2000;
g) for reasons of justice by judicial authorities at all levels and of all instances as well as by the Higher Council of the Judiciary or other self-regulatory bodies, or else by the Ministry of Justice;
h) in pursuance of art. 53, without prejudice to Act no. 121 of 1 April 1981.
3. In the cases referred to in paragraph 2, letters a), b), d), e) and f), the Garante, also following a report submitted by the data subject, shall act as per Sections 157, 158 and 159; in the cases referred to in letters c), g) and h) of said paragraph, the Garante shall act as per Section 160.
4. Exercise of the rights referred to in the art.7 may be permitted with regard to data of non- objective character on condition that it does not concern rectification of or additions to personal evaluation data in connection with judgments, opinions and other types of subjective assessment, or else the specification of policies to be implemented or decision-making activities by the data controller.
Art. 9 Mechanisms to exercise rights
1. The request addressed to the data controller or processor may also be conveyed by means of a registered letter, facsimile or e-mail. The Garante may specify other suitable arrangements with regard to new technological solutions. If the request is related to exercise of the rights referred to in the art. 7, cc. 1 and 2, it may also be made verbally; in this case, it will be written down in summary fashion by either a person in charge of the processing or the data processor.
2. The data subject may grant, in writing, power of attorney or representation to natural persons, bodies, associations or organisations in connection with exercise of the rights as per the art. 7. The data subject may also be assisted by a person of his/her choice.
3. The rights as per the art. 7, where related to the personal data concerning a deceased, may be exercised by any entity that is interested therein or else acts to protect a data subject or for family- related reasons deserving protection.
4. The data subject’s identity shall be verified on the basis of suitable information, also by means of available records or documents or by producing or attaching a copy of an identity document. The person acting on instructions from the data subject must produce or attach a copy of either the proxy or the letter of attorney, which shall have been undersigned by the data subject in the presence of a person in charge of the processing or else shall bear the data subject's signature and be produced jointly with a copy of an ID document from the data subject, which shall not have to be certified true pursuant to law. If the data subject is a legal person, a body or association, the relevant request shall be made by the natural person that is legally authorized thereto based on the relevant regulations or articles of association.
5. The request referred to in the art 7, cc. 1 and 2 may be worded freely without any constraints and may be renewed at intervals of not less than ninety days, unless there are well-grounded reasons.
Art. 10 Response to data subjects
1. With a view to effectively exercising the rights referred to in the art.7, data controllers shall take suitable measures in order to, in particular,
a) facilitate access to personal data by the data subjects, even by means of ad hoc software allowing accurate retrieval of the data concerning individual identified or identifiable data subjects;
b) simplify the arrangements and reduce the delay for the responses, also with regard to public relations departments or offices.
2. The data processor or the person(s) in charge of the processing shall be responsible for retrieval of the data, which may be communicated to the requesting party also verbally, or else displayed by electronic means - on condition that the data are easily intelligible in such cases also in the light of the nature and amount of the information. The data shall be reproduced on paper or magnetic media, or else transmitted via electronic networks, whenever this is requested.
3. The response provided to the data subject shall include all the personal data concerning him/her that are processed by the data controller, unless the request concerns either a specific processing operation or specific personal data or categories of personal data. If the request is made to a health care professional or health care body, the art. 84, c.1 shall apply.
4. If data retrieval is especially difficult, the response to the data subject’s request may also consist in producing or delivering copy of records and documents containing the personal data at stake.
5. The right to obtain communication of the data in intelligible form does not apply to personal data concerning third parties, unless breaking down the processed data or eliminating certain items from the latter prevents the data subject’s personal data from being understandable.
6. Data are communicated in intelligible form also by using legible handwriting. If codes or abbreviations are communicated, the criteria for understanding the relevant meanings shall be made available also by the agency of the persons in charge of the processing.
7. Where it is not confirmed that personal data concerning the data subject exist, further to a request as per the art. 7, cc. 1 and 2, letters a), b) and c), the data subject may be charged a fee which shall not be in excess of the costs actually incurred for the inquiries made in the specific case.
8. The fee referred to in paragraph 7 may not be in excess of the amount specified by the Garante in a generally applicable provision, which may also refer to a lump sum to be paid in case the data are processed by electronic means and the response is provided verbally. Through said instrument the Garante may also provide that the fee may be charged if the personal data are contained on special media whose reproduction is specifically requested, or else if a considerable effort is required by one or more data controllers on account of the complexity and/or amount of the requests and existence of data concerning the data subject can be confirmed.
9. The fee referred to in paragraphs 7 and 8 may also be paid by bank or postal draft, or else by debit or credit card, if possible upon receiving the relevant response and anyhow within fifteen days of said response.
The owner and the person responsable of processing
The owner of the data processing is Vi.Be.Mac Spa, located in San Giovanni Lupatoto VR (Italy), 37057, via Monte Pastello 7/i, in person of its legal rappresentative pro tempore.
The person responsable of the data processing at the headquarters of the Comany, is Ms. Elena Guerreschi, email: email@example.com
Questions regarding privacy