Privacy - BVG Communication Technologies Italy

PRIVACY – BVG

BVG Communication Technologies Italy srl complies with the laws on personal data protection with respect to its customers, partners, and all subjects who, for any reason, interact with it.

Any requests regarding Privacy can be sent to BVG Communication Technologies Italy srl using the following e-mail addresses: bozen@bvg-i.com

Privacy Policy

BVG Communication Technologies Italy srl pays particular attention to the protection of personal data of the visitors to its website www.bvg-i.com (“data subjects” or “users”). Therefore, we would like to share the methods and the purposes of processing of the personal data of those who access the website, pursuant to art. 13 and 14 of the Regulation (EU) 2016/679 (“Regulation”).

This Policy considers the national and European laws applicable from time to time to the protection of personal data.

For specific services, specific information notices will be provided to the data subjects and, where necessary, specific consent will be requested for the processing of their personal data.

The Data Controller and the Data Protection Officer (DPO)

The Data Controller is BVG Communication Technologies Italy srl, a company with registered office at via Luigi Galvani, 33, 39100 Bolzano (“BVG”).

Pursuant to Art. 37 of the Regulation, BVG has appointed the Data Protection Officer (DPO), who can be reached via the e-mail address. dpo@bvg-I.com

Place of the data processing

The personal data of which BVG is the Data Controller is processed at the BVG offices by authorized and trained personnel.

Processed data

Navigation data

Computer systems and software procedures used to operate this website acquire, during their normal operations, some personal data whose transmission is implicit in the use of internet communication protocols.

This data is not collected to be associated with identified data subjects, but they can be processed and linked with data held by third parties, only upon explicit request from the Judicial Authority, and could identify users.

This category of data includes the IP addresses or the domain names of the computers used by the users, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the code related to the status of the response given by the server (successful, error, etc.) and other parameters related to the operating system and the user’s IT environment.

This data constitutes the register of connections and is used for the sole purpose of obtaining anonymous statistical information about the use of the website and checking its operations. The register of connections is kept at the disposal of the Judicial Authority and exhibited only upon explicit request.

Data provided voluntarily by the user.

The optional, explicit, and voluntary sending of e-mails to the addresses indicated on the website implies the subsequent acquisition of the personal data provided, such as, for example, the sender’s e-mail address used to respond to requests.

Specific information notices set up for specific services on request are available on the website.

For information on the cookie policy, please refer to the dedicated section.

Data provision

Except as specified for the navigation data above, the user is free to provide the personal data requested, but refusing the provision may make it impossible to provide the requested services.

Processing methods and data retention

Personal data is processed using automated means for the time strictly necessary to achieve the purposes for which it was collected and, in any case, in accordance with relevant applicable regulations.

After this period, the data will be deleted or transformed into anonymous form, unless its further retention is necessary to comply with legal obligations or to comply with orders given by Public Authorities and / or Supervisory Bodies.

Specific security measures are taken to prevent data loss, illicit or incorrect use and unauthorized access in accordance with Art. 32 of the GDPR.

Finally, no personal data coming from web services will be disclosed.

Categories of recipient

To achieve the purposes, or if this is necessary or required by law or authority, the Data Controller reserves the right to communicate the data to the following recipients:

companies of computer maintenance or similar services.
Public Authorities and Supervisory Bodies and, in general, relevant public or private subjects (e.g., Prefecture, Police Headquarters, Judicial Authority, in any case only within the limits of the applicable laws).
other companies of the group of which the Data Controller is part, or any parent company, subsidiary, or associated companies, pursuant to Art. 2359 of the Italian Civil Code.

Personal data related to the users will not be transferred outside the EU.

Data subjects’ rights

At any time, data subjects may exercise their rights towards the Data Controller according to Chapter III of the GDPR, such as the right of access, rectification, integration, erasure, restriction of processing, portability, and the right to object in presence of legal conditions.

The right to object (opt-out) the processing for direct marketing can be invoked at any time.

To assert their rights, data subjects shall send a communication to the registered office of BVG by specifying “Privacy” in the subject. Alternatively, such communication can be sent via e-mail to privacy@bvg-i.com or by contacting the Data Protection Officer (DPO) by sending an email to dpo@bvg-i.com. In the same manner, data subjects can request the list of Data Processors.

Finally, users may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

BVG reserves the right to change or update this policy at any time. Any changes or updates will take effect immediately following their publication.

Cookie Policy

No personal user data is acquired directly from BVG via site cookies. We do not use cookies to transmit information of personal nature.

The use of session cookies (which are not memorized in a persistent way on the user’s computer and disappear when the browser is closed) is limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to consent the secure exploration and efficient site.

The session cookies used on this site avoid recourse to other potentially prejudicial techniques for the confidentiality of users’ browsing, and do not allow acquisition of personal data identifying the user.

Also used on this site are persistent cookies, i.e., cookies that remain stored on the computer’s hard disk until their expiration or cancellation by the users/visitors. The deletion of cookies does not preclude the use of the sites and/or applications listed above.

Through persistent cookies, users accessing the site are automatically recognized at each visit.

Users can set the browser on their own computer or mobile device to accept/refuse all cookies or to alert them every time it is stored in a cookie to evaluate whether to accept it.

By default, all web browsers are set to accept cookies automatically.

The user can still change the default configuration. Below are the references to set the management of cookies for major browsers:

Internet Explorer: http://support.microsoft.com/gp/cookies
Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Chrome: https://support.google.com/chrome/answer/95647?hl=it
Safari: https://support.apple.com/it-it/HT201265
Opera: http://help.opera.com/Windows/10.00/it/cookies.html

The deletion of cookies does not preclude the use of the Service but involves the repetition of the authentication procedure, i.e., the reintegration of the access credentials from the user.

If you want to decide whether to accept cookies, you can also configure your browser to generate a warning each time a cookie is saved.

Warning: the disabling of all or part of the technical cookies can impair the use of the functionality of the Web site reserved for registered users. On the other hand, it is also possible to disable cookies completely regarding the usability of the public content.

The Web site www.bvg-i.com allows the transmission of Web site cookies or different web servers (CD cookies of “third parties”) that the user might receive on his terminal. This happens because the site may present elements such as images, maps, sounds, specific links to web pages of other domains that reside on a server different from the one in which the page requested is. In other words, these cookies are set directly by the operators of websites or servers other than our own.

The disabling of cookies “third party” does not in any way affect the navigability.

BVG is outside the “third party cookies” operations, which is the responsibility of such third parties.

Information notice on the processing of personal data: potential customers for pre-contractual purposes

BVG Communication Technologies Italy srl, with registered office at via Luigi Galvani, 33, 39100 Bolzano, in its capacity of Data Controller (“BVG”), pursuant to Art. 13 and 14 of the Regulation (EU) 2016/679 (“GDPR”) wishes to inform you of the following.

Categories of personal data

Your personal data is made up of common data such as, for example, your name, your e-mail address, your telephone numbers, your job position within the Company that may have a contractual relationship for the purchase of products and/or services with BVG.

Purposes of the processing

Your personal data may be processed for the following purposes:

execution of a pre-contractual relation on your request (or of the Company that you represent for the offer) in case you have requested to receive information about our products or services, or if you have requested quotations, or in general commercial information.
fulfilment of legal obligations (i.e., privacy legislation).
corporate security if you have access to the BVG premises.
information security.
any defense needs.

Processing methods

The processing will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality.

Source of personal data and nature of the processing

Your personal data may be collected from you or provided by your employer or, in any case, by the Company on behalf of which you operate and perform your activity.

Data provision is optional, but necessary for the execution of your information request for pre-contractual purposes.

Legal basis for the processing

Your data may be processed for legitimate interest, pre-contractual purposes on your request and related legal obligations. The legal basis for the processing is the legitimate interest of the Data Controller as well as the fulfilment of the pre-contractual and legal obligations with the Company that you represent. The legitimate interest also consists of security purposes, defense purposes, (video surveillance if you access the premises of the Data Controller) or infra-group communication. You can always object to processing carried out for legitimate interests by the Data Controller.

The Data Controller, in the event of exercising the right to object by the data subject, refrains from further processing of personal data unless he/she demonstrates compelling legitimate reasons for the processing that overrides the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.

Transfer of personal data

Your data may be disclosed to companies belonging to BVG Group if necessary to satisfy your request for information, as well as to third parties to ensure the exercise of the right of defense (law firms) or judicial authorities to fulfil orders of the same.

Your data may be disclosed to other parties only if necessary for the purposes of prevention, detection, or repression of crimes, in compliance with the applicable regulations.

Data retention

Your data will be stored for the period strictly necessary for the fulfilment of legal obligations and/or pre-contractual obligations to allow you to evaluate and accept or not the offer made by BVG and, eventually, for the exercise of the right of defense of the Data Controller.

Data Subjects’ rights

At any time, you may exercise your rights towards the Data Controller referred to in Chapter III of the GDPR, such as, for example, the right of access, rectification, integration, erasure, restriction of processing, portability, and the right to object in presence of legal conditions.

To assert your rights, you shall send a communication to the registered office of BVG by specifying “Privacy” in the subject. Alternatively, you may exercise your rights by sending an e-mail to privacy@bvg-i.com, or by contacting the Data Protection Officer (DPO) by sending an e-mail to dpo@bvg-i.com. In the same manner, you may request the list of the internal and external data processors.

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: contact persons of potential suppliers

Categories of personal data

Your personal data is made up of common data such as your name, your e-mail, your telephone numbers, and your employment position within the Company that could have a contractual relationship for the supply of products and/or services with BVG.

Purposes of the processing

Your personal data may be processed for the following purposes:

pre-contractual at your request (or the Company that you represent for the offer) or at our request for a quotation or, in general, for commercial information.
execution of the related management obligations such as the offer storage and the fulfilment of the obligations required by the ISO standards.
fulfilment of legal obligations.
verification of the solvency by consulting public databases managed by authorized companies according to applicable regulations.
security to allow you access to the BVG premises.
information security.
any defense needs.

Processing methods

The processing will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality.

Source of data and nature of the processing

Your data is collected from you or your employer or the Company that you represent for the offer or has been provided to BVG by third parties (for example, in the context of promotion events or by companies in commercial relationships with BVG).

The provision of data is optional but necessary for the purpose of evaluating your offer.

Legal basis of the processing

The legal basis of the processing concerns the legitimate interest of the Data Controller, as well as the fulfilment of the pre-contractual and legal obligations with the company of which you are the contact person.

The legitimate interest also concerns the purposes of security, defense (video surveillance in the case of accessing the premises of the Data Controller) or communication within BVG. You can always object to the processing carried out for the legitimate interests of the Data Controller.

Data transfer of personal data

Your data may be disclosed to companies of BVG Group, as well as to third parties to ensure the exercise of the rights of defense (law firms) or judicial authorities.

The data concerned may be disclosed to other parties only if necessary for the purposes of prevention, detection, or repression of crime, in compliance with the applicable regulations.

Data retention

Your data will be stored for the period strictly necessary for the fulfilment of legal obligations, pre-contractual obligations to evaluate whether to accept your offer and during the whole period of existence of the need of the estimated service or product and, if required, for the exercise of the right of the Data Controller’s defense.

Data subjects’ rights

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: customers

Categories and source of personal data

BVG processes your personal data as if you are the legal representative, attorney and/or interface designated by the Client company in the management of contractual relationships between the customer and BVG, or other companies of the BVG Group.

Your personal data is made up of common data such as name, digital and telephone details, the role/responsibility held by you within the Client company, together with the economic and financial data, company name, registered offices, and bank details of the Client company.

The personal data has been collected from you or has been provided by your employer or, in any case, by the Client company on behalf of which you operate and perform your activity.

Purposes of the processing

Your personal data may be processed for the following purposes:

execution of the contractual relationship between BVG and the Client company of which you are the interface designated and/or the legal representative or the attorney; such a contract can be, without limitation, a sale, services, licensing, maintenance contract, etc.
execution of related managerial, administrative, and accounting obligations.
fulfilment of legal obligations.
promotion of new products like those already sold by the Data Controller, by sending promotional brochures, informative material, invitations to symposia, extraordinary events, conferences, seminars, workshops, etc.
market research prior to the development of new products/services like those already sold by the Data Controller and the identification and evaluation of the needs of the market (e.g., by filling in questionnaires) in relation to the market sector in which the Data Controller operates.
information security.
any defense needs.

Legal basis for the processing

The legal basis for the processing is the fulfilment of contractual obligations between the parties, the related legal obligations, the legitimate interests of the Data Controller and the consent of the data subject.

The legitimate interest is established by the security and defense needs of the Data Controller. You can always object to the processing carried out for the legitimate interests of the Data Controller.

For the purpose of direct marketing of products and services similar to those that BVG has already sold you, your prior consent for the use of your e-mail previously issued is not necessary but you can withdraw consent at any time, easily and freely rejecting such use, for example, using the links for the opt-out option included in each commercial communication.

Processing methods and data retention

The processing will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality strictly related to the purposes of the processing.

Your data is stored for ten years starting from the termination of the contractual relationship, or until the expiration term of the rights that you or the Client company which has relations with BVG could claim and, in case of legal action in progress, until the conclusion of all judicial levels of any process.

Nature of the processing

Data provision is optional but necessary for the execution of the contractual relationship and to fulfil the contractual obligations and any related administrative and accounting obligations.

Transfer of personal data

The data of the Client company and, where necessary, your personal data can be disclosed to:

auditing company for legal tax and accounting obligations.
suppliers of products and services for the execution of the contractual relationship or for related obligations.
public subjects and other customers for confirming the technical and professional requirements limited to the data concerning the economic activity.
public administration and public entities for complying with the law.
banking institutions and insurance companies for the participation in tenders.
third parties to ensure the exercise of the right of defense (law firms) or judicial authorities, in compliance with their orders.

The above subjects will operate as autonomous Data Controllers (e.g., public entities), or as Data Processors. The data concerned may be disclosed to other parties only if necessary for purposes of prevention, detection, or repression of crime, in compliance with the applicable regulations.

Data subjects’ rights

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: consultants and contact persons of the supplier.

Categories of personal data

Your personal data is made up of common data such as your name, your e-mail, your telephone numbers, your employment position within the Company that has a contractual relationship for the supply of products and/or services with BVG and, if you are a consultant, also your bank references, VAT number, tax, and legal domicile.

Purposes of the processing

Your personal data may be processed for the following purposes:

Execution of the supply contract between BVG and the Company of which you are the contact person or execution of the consultancy contract in force with you.
execution of the related managerial, administrative, and accounting obligations.
quality management.
execution of any maintenance obligations.
fulfilment of legal obligations.
corporate security to allow you access to the BVG premises.
information security.
any defense needs.

Processing methods

The processing will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality.

Nature of the processing

The provision of data is optional but necessary for the execution of the consultancy contract in force with you or the supply contract with the Company of which you are the contact person.

Source of data and legal basis of the processing

Your data is collected from you but may also have been provided by your employer, for example, as you are the contact person for BVG.

The legal basis of the processing concerns the legitimate interest of the Data Controller as well as the fulfilment of the contractual and legal obligations with you or the Company of which you are the contact person.

The legitimate interest also concerns the purposes of security, defense (video surveillance in the case of accessing the premises of the Data Controller) or communication within the BVG Group. You can always object to the processing carried out for the legitimate interests of the Data Controller.

Transfer of personal data

Your data can be disclosed to:

auditing company for legal tax and accounting obligations.
certification bodies for ISO compliance.
public entities for complying with legal obligations, or in case of inspection.
third parties to ensure the exercise of the right of defense (law firms) or judicial authorities, in compliance with their orders.
the bank indicated by you for the payment of your fees, in case of consultancy contract with you.

The data concerned may be disclosed to other parties only if necessary for purposes of prevention, detection, or repression of crime, in compliance with the applicable regulations.

Data retention

Your data will be stored for the period strictly necessary for the fulfilment of legal obligations, contractual obligations, and, if required, for the exercise of the right of defense of the Data Controller.

In case you are the legal representative or an attorney of the supply company or other attorney or have already signed a consultancy contract or other accounting documentation relevant for the purposes of the contractual relationship or for purposes of fulfilment of legal obligations, your data may be stored up to ten years as well as, in the event of an arising defensive need, up to the persistence of the right of defense.

Data subjects’ rights

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: contact persons of public entities

Categories and source of personal data

Your personal data is made up of common data such as your name, your employer details (Public Entity), the registered and employment office, the competent offices of the specific business, your e-mail and telephone numbers.

Your personal data is collected directly from you or your employer, public documents, or the entity’s website where such data is available for the sole purpose of making communication with public subjects easier.

Purpose and legal basis of the processing

Your personal data may be processed for the following purposes:

participation in tender procedures, projects promoted by public entities, financing requests and other projects involving public entities.
fulfilment of legal obligations related to the purposes or to the general conduct of business operations.
information security.
any defense needs.

The legal basis of the processing concerns the legitimate interest of BVG in pursuing its core business and, more generally, its business activities.

In the case of legitimate interest of the Date Controller, for example in presence of defense needs, you always have the right to object.

The Data Controller, in the event of exercising the right to object by the data subject, refrains from further processing of personal data unless he/she demonstrates compelling legitimate reasons for the processing that overrides the interests, rights, and freedoms of the data subject for the establishment, exercise or defense of legal claims.

Processing methods and data retention

The processing will be performed using manual and/or automated means, which are appropriate to ensure data security and confidentiality.

Your data will be processed for a period strictly needed for the execution of the purposes and to provide proof of the implementation of the same purposes to the competent authorities. Therefore, the period of data retention depends exclusively on the legal obligations of the Data Controller.

Nature of the processing

Data provision is optional but necessary to allow BVG to pursue the purposes for which it is collected, or for the participation in tenders, project financing and other projects in which BVG intends to participate, fulfilment of legal obligations related to the above activities, as well as to other company activities.

Transfer of personal data

Your personal data can be disclosed to:

public administrations for law obligations.
third parties to ensure the right of defense, or judicial authorities in compliance with their orders.

The subjects will work as autonomous Data Controllers. The data concerned may be disclosed to other parties only if necessary for purposes of prevention, detection, or repression of crime in compliance with the regulations governing the matter.

Your data will not be transferred abroad.

Data subjects’ rights

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: direct marketing

Categories and source of personal data

Your personal data such as your name and contact data has been collected from you or third parties (such as suppliers or partners).

Purposes of the processing

Your personal data may be processed for the purpose of direct marketing by sending, through e-mail or other means, promotional material related to products and services of BVG Group, including promotional brochures, invitations to workshops, congresses, fairs, or other events.

Your personal data will also be processed for the fulfillment of legal obligations and for defense claims or fulfillment of orders of the Authorities.

Legal basis for the processing

Your personal data will be processed for that purpose. To revoke your consent, you can contact BVG directly or click the link in the promotional e-mail. Any reply e-mail you will send will be processed in compliance with the GDPR.

The only consequence of the missed consent is that we will not be able to use your personal data for promotional purposes.

Processing methods and data retention

The processing of your personal data will be performed using manual and/or automated means that are appropriate to ensure data security and confidentiality strictly related to the purposes of the processing.

Your personal data will be stored for two years from the last contact unless you give your consent again.

Data subjects’ rights

The right to object (opt-out) the processing for direct marketing can be invoked at any time. In this regard, BVG will remind you, on each promotional mailing, how to object to it freely and easily (for example, by clicking on a special link or by sending a simple email to a dedicated address).

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).

Information notice on the processing of personal data: Prospect Employees

Categories and source of personal data

Your personal data is made up of common data such as your name, your e-mail, your telephone number and has been provided to us by yourself, the school, a former employer, or an online employment platform.

Purposes of the processing

Your personal data may be processed for the purposes of sending you our employment offer or informational e-mails about our workplace. Furthermore, your personal data may be processed for analytical purposes, to measure performances and other metrics. In case of acceptance of our employment offer, your personal data will be saved in our systems, according to our employee privacy policy.

Legal basis for the processing

To revoke your consent, you contact BVG directly and your personal data will be deleted from our systems. Any further data provided by interactions with you, will be processed in compliance with the GDPR.

Processing methods and data retention

Your personal data will be stored securely for two years from the last contact unless you give your consent again or you enter an employment agreement with BVG.

Data subjects’ rights

The right to object (opt-out) the processing can be invoked at any time.

Finally, please remember that you may lodge a complaint to the Italian Data Protection Authority (www.garanteprivacy.it).