Last update: 2/03/2023
Information on the processing of personal data
Pursuant to Article 13 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
Why this information?
As required by Regulation (EU) 2016/679, this page provides information on the processing of personal data of users who visit the website of BUP srl, accessible online at www.bupsolutions.com.
As a consequence of visiting the website, data relating to identified or identifiable natural persons may be processed.
The purpose of this statement is to provide information on all of the ways BUP gathers, uses, discloses, and manages personal data of users visiting its website. According to Italian and European legislation, this information is provided by the data controller to users that access the web pages of BUP, regardless of why they visit the website.
The information provided in this statement does not concern other websites, pages or services that can be accessed via hyperlinks that may be published on the web site but relate to resources outside BUP’s domain.
The data controller is the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
For this website, the data controller is:
Address: Via Cavour 256, 00184 Rome, Italy
The data processor is the natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
Pursuant to art. 28 of Regulation (EU) 2016/679, the data controller has appointed Aruba S.p.a. (located in Via San Clemente 53, Ponte San Pietro, BG) as data processor, as provider of the web hosting service of the site.
Legal basis for the processing
Categories of personal data, purposes of the processing and data retention policies
Personal data collected by the controller consists exclusively of technical and analytical data, automatically collected through the use of automatic logs or technical cookies.
The information systems and software procedures relied upon to operate this website acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. For operation and maintenance purposes, system logs are collected, i.e. files that record interactions and may also contain personal data.
This data category includes the IP addresses and/or the domain names of the computers and device used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the date and time of such requests, the method used for submitting a given request to the server, the returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and software environment.
These data are necessary to use web-based services and access the website, and are also processed in order to:
- extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.);
- check the correct functioning and security of the offered services.
This data is never used for the identification or profiling of the user.
Browsing data collected by the website are used exclusively for the purposes indicated above and are kept for no longer than 90 days (except where judicial authorities need such data for establishing the commission of criminal offences).
Data communicated by users
Sending messages, on the basis of the user’s free, voluntary, explicit choice, to BUP’s contact addresses, or sending private messages to BUP’s social media pages and profiles (where this option is available), entail the acquisition of the sender’s contact information (for example, the e-mail address), which is necessary to provide a reply, as well as of all personal data included by the users in their messages.
Specific information notices will be displayed and made available, where needed, on the pages of the website that are used for providing certain services.
Cookies and other tracking tools
Cookies are small text files that are sent by the websites to users’ devices, where they are stored and then sent back to the same sites the next time the user visits them.
So-called technical cookies are used for navigation and to secure and facilitate access to and use of a website, supporting functionalities such as user authentication, sessions tracking and storage of specific information about the users that access a web page.
So-called analytics cookies are used to collect information, in aggregate form, on the number of users and on how they visit a website, in order to draw up general statistics on the service and its use.
So-called profiling cookies are instead used to monitor and profile users that visit a website, on the basis of personal choices and preferences.
From the point of view of their duration, it is possible to distinguish between temporary session cookies that are automatically deleted at the end of the browsing session when the browser is closed, and persistent cookies that remain stored on the user’s device until a preset expiration date or until they are deleted by the user.
Cookies used by this site
This website uses technical persistent functional cookies that allow remembering user’s preferences and settings, such as language preferences. These cookies, for which consent is not required, do not contain any information that allows identifying the user, and they are not used for user profiling.
This website does not use analytics cookies, nor third-party cookies; no cookies are used to profile users nor are other user tracking systems implemented.
Specifically, the cookies used on this website are listed and detailed in the following table.
|Name of the cookie
|This website (first-party cookie)
|Anonymously remember the language chosen by the user to browse the site
|This website (first-party cookie)
Browser settings and cookie management
Users can manage cookies through the settings of the browser they use. Most browsers allow controlling cookies through their settings preferences. However, limiting the ability of websites to set cookies or deleting cookies may worsen user experience, as this will remove the preferences or prevent the site to provide a personalised experience. Browser manufacturers provide help pages relating to cookie management in their products. Users can choose to enable or disable cookies by adjusting browser settings according to the instructions made available by browser manufacturers.
Please see the following links for more information.
- Google Chrome
- Internet Explorer
- Mozilla Firefox
- Mozilla Firefox (for Android)
- Mozilla Firefox (for iOS)
- Safari (Desktop)
- Safari (Mobile)
Use of third-party tools and services
Some data may be collected by the following third-party services used in this website.
This website uses fonts provided by the Google Fonts service. Google Fonts is a service of Google LLC that allows the website to integrate fonts into its pages. The use of the service does not require authentication. No cookies are sent to the service by the visitors of the website.
Data processing location
The data collected by the website are processed at the headquarters of the data controller, and at the data center of Aruba S.p.a., as web hosting service provider and data processor. This data center is located within the territory of the European Union and meets all the requirements necessary to comply with national and European laws and regulations on data processing, confidentiality and data protection.
Please note that no personal data will be transferred or communicated to any country or third party outside the European Union.
The following entities, appointed as data processors by BUP pursuant to Article 28 of the Regulation, are recipients of the data collected by this website:
- Aruba S.p.a, as provider of the web hosting service for the website.
Personal data that may be collected is also processed by staff from BUP, acting on specific instructions concerning purposes and arrangements of such processing.
Data subjects’ rights
Data subjects have the right to obtain from the controller, where appropriate, access to their personal data as well as rectification or erasure of such data or the restriction of the processing concerning them, and to object to the processing (pursuant to Articles 15 to 22 of the Regulation).
In cases where the user has given consent to the processing, any withdrawal of the consent shall not affect the lawfulness of the processing previously made on the basis of the consent.
Any request should be addressed to the data controller.
The data controller also guarantees that no automated decision-making methods are being used that have legal effects on the user.
Right to lodge a complaint
If a data subject considers that the processing of personal data relating to him or her as performed via this website infringes the Regulation, he or she has the right, pursuant to Article 77 of the Regulation, to lodge a complaint with the Italian Authority Garante per la protezione dei dati personali (www.garanteprivacy.it), or else to bring a judicial proceeding against the controller pursuant to Article 79 of the Regulation.
Changes and updates to this information notice
The data controller reserves the right to make changes to this policy, giving publicity thereof to users on this page.
Users and visitors of this website are invited to periodically return to this page, taking as a reference the date of the last update indicated at the beginning of the text.