Privacy disclaimer According to the EU Regulation 2016/679 (GDPR) and Legislative Decree 196/03 (and s.m.i.) regarding the protection of individuals in relation to the processing of personal data Informative Version: 2.0 dated 25/05/2018 Definitions Data controller: the natural person, the legal person, the public administration and any other institution, association or system which has the responsibility, including jointly with another owner, for making decisions regarding the purposes, methods of processing personal data and tools used , including the information security profile. Data Processor: the person, the company, the institution, the association or the organization to whom the owner entrusts, even externally, for the specific experience or capability, of management tasks and control of data processing. End-User or Interested: these terms refer to those browsing through one of the BDREAMB S.R.L., uses an APP distributed by BDREAMB S.R.L. , is contacted or inserts data through one of the platforms managed by BDREAMB S.R.L. such as "ADA". ADA: one of the digital marketing platforms used by BDREAMB S.R.L. ChatBot: chat bot, chatbot or chatterbot, is a software designed to simulate a conversation with a human being. The main purpose of these softwares is to simulate human behavior and are used for various purposes such as online help, to answer the FAQs of users who access a site etc.; BDREAMB S.R.L. could offer, within its web spaces, the possibility for customers to interact with a chatbot to improve the user experience with the disclosure of information (menus, allergens or other), to acquire contact information and /or to make a reservation for services. Websites: the sites or web pages managed by BDREAMB S.R.L. as www.bormoline.it Personal Data: we consider personal any information that is sent voluntarily and personally identifies someone, including contact information such as name, e-mail address, company name, address, phone number and other information about you or your business. Personal information may also include information on any transaction, both free and paid, information that is available on the Internet, such as from Facebook, Linked In, Twitter and Google, or information available widely. We consider particularly important personal data also credit or debit card numbers, personal financial account information, passport numbers or other identity documents. Sensitive Data: we consider sensitive data racial or ethnic origin, conditions or information on physical or mental health, judicial or health, bio metric. Navigation Information: refer to information on your computer and to visits to this website (and other BDREAMB SRL managed web pages) such as IP address, geographic location, browser type, reference source, the duration of the visit and viewed pages. Consent: We refer to the free expression of will of the person, with whom she/he expressly accepts a specific treatment of his /her personal/sensitive data, of which he/she has been previously informed by the Data Controller. Data Controller BDREAMB SRL with registered office in via Bondi 89 CAP 23030-Livigno (So), PI 93025670147 ("the Company", "BDREAMB SRL" or the "Owner"), in the person of its legal representative pro tempore, guarantees the respect of the discipline regarding the protection of personal data by providing the following information about the processing of data communicated or collected during the use of the ADA platform (the "platform" or "ADA"), other digital marketing platforms and proprietary websites . 3. Data processed, purposes and legal bases of processing Data generated from access to the site The computer systems and software procedures used to operate the websites managed by BDREAMB S.R.L. and of the ADA digital marketing platform, acquire during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. These data (such as domain names, IP addresses, operating system used, type of browser device used for connection) are not accompanied by any additional personal information and are used for: I) obtain anonymous statistical information on the use of the platform; II) manage control requirements of the conditions of use of the same; III) ascertain responsibility in case of hypothetical computer crimes. The legal basis that legitimates the processing of such data is the need to make the site functionalities usable, following access by the user. Data provided voluntarily by the user Personal information, which includes name, postal address, e-mail address, telephone number, IP address or any other identifier used to contact the person concerned online or offline or any other information that may be attributed directly or indirectly to the interested party and that will be provided by the same person through registration procedure that can be done in paper form and directly or through online forms, are collected and processed for the following purposes: for the execution of the contract: in case of a contract between BDREAMB S.R.L. and the counterpart. This includes the administrative purposes, the management of payments, the management of any possible complaints that the interested party should forward us, for the fulfillment of legal obligations such as, for example, those of an accounting, fiscal nature, or to initiate requests from the judicial authority; in the presence of specific consent, for marketing activities such as periodic transmission, by e-mail, newsletters and advertising material, and for receiving updates on our activities, notifications of promotional communications and invitations to events, theme lunches and dinners, special promotions, participate in market analysis or research or commercial communication with automated contact methods, or through remote communications (i.e. through mobile and fixed networks, with SMS, MMS etc) and traditional (paper mail); In the presence of specific consent, the data will be processed for profiling purposes, in particular for the creation of a commercial profile and / or for the analysis of preferences, habits or consumption choices, also through the crossing of such personal data with other information collected through profiling cookies eventually accepted. The processing of your personal data for profiling purposes will be carried out with tools and in a manner better provided for in paragraph 5 below (Processing methods). Data provided voluntarily by the user through the ADA Platform As data processing and sending of communications addressed to the customer, the data controller will also use the ADA platform itself, which, through statistical tracking systems, allows the detection of the opening of a message, the clicks made on the hyperlinks contained within the email, from which IP address or with what type of browser the email is opened, and other similar details. The collection of such data is functional to the use of the platform and constitutes an integral part of the functionality of the system for sending messages. The legal basis that legitimates the processing of such data is the execution of a contract to which the interested party is a party. 3.1 The technologies that BDREAMB S.R.L. and the third parties, that provide content and applications, can use for this automatic data collection include: COOKIES. A cookie is a small file placed on your computer's hard drive. You can refuse to accept cookies by properly configuring your browser. However, if you select this setting you may not be able to access some of the services of the ADA platform or of the websites managed by BDREAMB SRL. Unless you have adjusted your browser settings so as to refuse cookies, our system may issue cookies while using the ADA platform or web pages managed by BDREAMB SRL . In the browser, it is possible to disable the storage of cookies or remove registered cookies, but this could lead to a reduction in functionality, a slowdown or the impossibility of using certain parts of the ADA platform. For more information on cookies and how to delete them based on the type of browser used, refer to: www.allaboutcookies.org. The ADA platform and the websites managed by BDREAMB S.R.L. use the following types of cookies: The strictly necessary cookies are cookies that allow you to consult the ADA website, use its functions and access protected areas reserved for registered users. If the use of these cookies is disabled, some parts of the ADA platform may not be able to be used properly. Functional cookies and saving preferences, are cookies that allow the ADA platform and the websites managed by BDREAMB S.R.L. to record the choices (such as user name, choice of language and country, font and size of the script, password etc.), as well as preferences of visitors (such as pages visited, etc.), in order to facilitate the use of the platform and be able to offer visitors a more relevant and personalized experience. The ADA platform uses the following cookies: Name Expiration date Purpose Supplier PHPSESSID End navigation Navigation Owner ANALYTICS 30 days Navigation tracking Owner 4. Nature of the provision Apart from what specified for navigation data and for data collected through the ADA Platform, the provision of data: in relation to the purposes referred to in point 3 under letter a) it is optional, but refusal will make it impossible for BDREAMB S.R.L.dio carry out the contractual commitments undertaken. In relation to the purposes referred to in point 3 in letters b) and c), membership is optional and the use of the data for these purposes is strictly conditioned by the release of explicit consent from the client or end-user. Any refusal of treatment of all or part of them will make it impossible for BDREAMB S.R.L. to carry out the processing for the purposes described. 5. Processing methods and data retention times The data collected will be processed by electronic or automated, computerized and telematic means, or by manual processing with reasons strictly related to the purposes for which the personal data was collected and, in any case, in order to guarantee the security of the same in each case. . The data is stored for the time strictly necessary for the management of the purposes for which the data is collected in compliance with current regulations and legal obligations. In any case, BDREAMB S.R.L. and the data processors appointed by you, apply rules that prevent data retention for an indefinite period and therefore limit the storage time in compliance with the principle of minimizing data processing by carrying out an annual check on the data processed and on the possibility of to be able to cancel them if they are no longer necessary for the intended purposes. The processing of personal data for profiling purposes will take place, in the event of consent, with data processing tools which, following data-crossing, will create a commercial and behavioral profile on the web. This data processing tool relates the data collected during navigation on the web pages through the use of first party profiling cookies accepted with the data collected through the previously specified methods. 5. Subjects authorized to process, responsible and communicate data The data collected is processed by personnel in charge of BDREAMB S.R.L. for this purpose, identified and authorized for processing in accordance with specific instructions issued in compliance with current legislation. The data collected, if it is necessary or instrumental for the execution of the indicated purposes, may be processed by third parties appointed as external Data Processors, (whose updated list may be requested from info@bormoline.it) and, depending on the situation, communicated to them as autonomous owners, namely: Companies of the BDREAMB S.R.L. for the purposes referred to in point 3 lett. to); Persons, companies, associations or professional offices that provide assistance and consultancy services to our Company, for the purposes referred to in point 3 letter a); III) Third party providers of content and value-added services requested by you; IV) Companies, organizations, associations that perform services connected and essential to the execution of the above-mentioned purposes (market analysis and research service, credit card payment management, IT system maintenance); Public authorities, when the conditions are met The data processors appointed by BDREAMB S.R.L. they will process the data only as indicated by BDREAMB S.R.L. and are not authorized to process them for different purposes for the functions for which they were collected. All data will be used exclusively and in a limited way to the purposes determined following the contracts signed. Furthermore, personal data collected and processed will never be disclosed. 5.1 Transfer of personal data outside the EU Your data may also be processed by IT service providers, in their capacity as Data Processors. If the same operate outside the European Union, BDREAMB SRL, in compliance with the regulations on the transfer of data in a non-European country, undertakes to stipulate, if necessary, agreements that guarantee an adequate level of protection and/or to sign contractual terms as per the decision of the European Commission of 5 February 2010, n. 2010/87 / EU. 6. Rights of the interested party At any time it is possible to access the data, confirm its existence, know its origin, oppose the processing or request the cancellation, modification or updating of all or part of the personal information collected by BDREAMB SRL, exercising the right to the limitation of processing and the right to data portability, by sending an e-mail to info@bormoline.it using the e-mail account chosen during registration to ADA or to the website www.bormoline.it It is also possible to file a complaint with a supervisory authority (privacy authority). 7. Details on data security Personal data are protected by technical, IT, organizational, logistic and procedural security measures, against the risks of destruction or loss, even accidental, and of unauthorized access or unauthorized processing. These measures are periodically updated based on technical progress, the nature of the data and the specific characteristics of the treatment, constantly monitored and verified during time. These security measures correspond to the requirements that the Data Controller and the managers appointed by him have identified as appropriate. Periodic "Risk Analysis" activities are carried out to verify compliance with the adopted security protocols and new security measures are introduced or updated, if necessary, following organizational changes and technological innovations or changes in the type of data collected. Safety measures are constantly monitored and periodically verified.