Personal data privacy policy for users provided pursuant to art. 13 of the european general data protection regulation 2016/679 (gdpr)

Biesse S.p.A. provides the User, pursuant to art. 13 of the GDPR, the information relating to the processing of your personal data requested in order to allow you to use the services offered by Biesse SpA, such as, e.g. "Sophia IoT" which offers visibility about specific performance of the machines with remote diagnostics , the analysis of downtime and the prevention of faults, "Sophia Parts" which allows you to order spare parts for the purchased machines and "Sophia ACTIVE", an application integrated with "Service" designed to speed up and facilitate access to Customer Service Biesse (hereinafter, "Multimedia Services").

 

Data controller: Biesse S.p.A., based in Pesaro, via della Meccanica 16, - 61122 Pesaro (PU), e-mail privacy@biesse.com ("Company" or "Owner").

Categories of data processed: the data processed are common data relating to users authorized by the “administrator user” to access the Multimedia Services portal (name, surname, e-mail, password, membership function).

Source of data: Your data is provided to Biesse by the "administrator user" during registration phase.

Data Protection Officer (DPO): e-mail: dataprotectionofficer@biesse.com

Purpose and legal basis of the processing and data retention period

Personal data processing purposes

Legal basis of the processing

Retention period

Allow User to register for the Multimedia services offered by the Company and use them

Execution of the contract between the Company and the User

Contract duration and for 10 years after termination

If necessary, to ascertain, exercise or defend the rights of the Company in court

Legitimate interest of the Data Controller

In the case of judicial litigation, for the entire duration of the same, until the terms of enforceability of the appeals are exhausted

Once the retention period indicated above have elapsed, the data will be destroyed, deleted or made anonymous, compatibly with the technical cancellation and backup procedures.

Data Provision: mandatory for the conclusion and/or execution of the contract for the use of multimedia services. Failure to provide it will make it impossible to use the services.

Categories of recipients of data and transfer to countries outside the European Union

The data can be communicated to Biesse dealers / distributors (including Group companies) to which data subject country of origin is assigned as an exclusive zone, who will process them, as independent data controllers, to provide assistance on Multimedia Services.

The data may be processed by subjects who provide Biesse with services that are instrumental to the purposes indicated in this statement, designated as Data Processors, who are given adequate operating instructions, including the company that carries out the management service of the websites of Biesse and Multimedia Services. For more information on the recipients of the data, see the following link: https://www.biesse.com/data-recipients .

Where the data is transferred to countries outside the European Union (EU) or the European Economic Area (EEA) that have not been deemed adequate by the European Commission, are used as adequate guarantees the standard clauses (Standard Contractual Clauses) adopted by the European Commission pursuant to art. 46, 2, lett. c) of the GDPR, evaluating the possible provision of "additional measures" to ensure a level of protection substantially equivalent to that required by European Union law.

The data may also be communicated to supervisory and control authorities and bodies and, in general, public or private subjects entitled to request / receive data, who operate as independent Data Controllers.

Rights of Data Subjects

Data Subjects may exercise the rights recognized by Articles 15-22 of the GDPR and in particular may request access to data concerning them and the information referred to in art. 15 (purpose of processing, categories of personal data, etc.), their cancellation in the cases provided for by art. 17, the correction of inaccurate data, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18[1],. In addition, if all the conditions referred to in Article 21 (to which the right to data portability is subject) are met, Data Subjects may request to receive the data in a structured format, commonly used and readable by an automatic device, as well as, if technically feasible, to transmit them to another Data Controller without impediments and the opposition to the processing in the hypotheses.

To exercise their rights, Data Subjects can contact the Data Controller by sending a written communication to the physical address indicated above or by writing to the email address privacy@biesse.com.

At any time, the Data Subjects have the right to make a complaint with the competent Supervisory Authority in the Member State in which they habitually reside or work or in the State in which the alleged violation has occurred, as well as to take the appropriate judicial offic
 

[1] What is the right to limitation of processing?

In the temporary submission of data to the sole operation of conservation, in the following cases referred to in art. 18 GDPR:

a) the data subject disputes the accuracy of the personal data, for the period necessary for the owner to verify the accuracy of such data;

b) the processing is unlawful, and the interested party opposes the cancellation of the data and requests instead that its use be limited;

c) the data controller no longer needs it, but the data are necessary for the data subject to ascertain, exercise or defend a right in court;

d) the interested party has opposed the processing pursuant to art. 21.1 of the GDPR, pending verification of the possible prevalence of the legitimate reasons of the owner with respect to those of the interested party.

Cookies help us to provide our services. Using these services, you agree to the use of cookies from us. Info
Go to top of page