Privacy policy

Information notice on the processing of personal data pursuant to Articles 13-14 of Reg. (EU) 2016/679

Data subjects. Website Browsers

Bieffe Co Srl, in its capacity as Data Controller of your personal data, pursuant to and for the purposes of Regulation (EU) 2016/679 (hereinafter “GDPR”), hereby informs you that your personal data will be collected and processed in compliance with the applicable rules and regulations, also with regard to compliance with the principles of confidentiality, lawfulness, transparency, integrity, minimisation and confidentiality.

Purposes and legal bases of the processing. Your personal data will be processed for the following purposes:

  • Purposes inherent to and/or connected with technical and/or functional access to the Site (no data are stored after closing the Browser);
  • Purposes inherent to and/or connected with the fulfilment of the legal obligations of the Data Controller, including the fulfilment of the requests of the Public Authorities (including the Judiciary);
  • Purposes inherent to and/or connected with the performance of a contract in which you are a party and/or the pre-contractual measures adopted at your request, also by filling in the forms on the Site;
  • Purposes necessary to ascertain, exercise and/or defend a right in court.

Therefore, the legal bases of the processing of your data are:

  • The fulfilment of a legal obligation to which the Data Controller is subject;
  • The performance of a contract in which the data subject is a party or the performance of pre-contractual measures adopted at the request thereof.

Personal data are also collected and processed when the data subjects send them to us and fill in the appropriate text fields in the computerised contact forms on the site. The text fields marked with an asterisk (*) collect Personal Data necessary to allow the Data Controller and/or Recipients to fulfil the purposes for which the Personal Data have been collected and processed.

Some data (so called navigation data) are collected automatically using Internet browsing protocols. These data are temporary and necessary for the use of web services.

Processing methods. Your personal data may be processed in the following ways:

  • With computers, both with the use of software systems managed and/or programmed directly by Bieffe Co, and managed and/or programmed by third parties;
  • Temporary processing in anonymous form.

All processing is carried out in compliance with the procedures set out in articles 6 and 32 of the GDPR, through the adoption of appropriate technical and organisational measures to guarantee a level of security suitable for the risk inherent to the processing.

Disclosure. Your personal data will be processed exclusively by Bieffe Co personnel expressly authorised by the Data Controller (programmers, analysts and administration office staff).

The Data Processors specifically appointed by Bieffe Co include:

  • Google Ireland Limited (“Google”) with registered office in Gordon House, Barrow Street, Dublin 4, Ireland;

Your Data may be transferred, in fulfilment of the aforementioned purposes, to Recipients located in third Countries (therefore outside the European Economic Area). Bieffe Co Srl declares that the electronic and/or paper processing of your personal data by the aforementioned Recipients is performed in compliance with the applicable legislation. In fact, the transfer of personal data to a third Country or an international organisation takes place following an adequacy decision taken by the European Commission, or on the basis of duly adopted model contractual clauses.

Retention period. Your personal Data shall be retained by the Data Controller exclusively for the time necessary for the purposes for which the personal Data are processed.

Cookie management. Cookies are not used for user profiling.

Instead, session cookies (not persistent) are used in a manner strictly limited to what is necessary for safe and efficient site navigation. The user controls the storage of session cookies in terminals or browsers; in any case, storage times shall not exceed seven days, as is the case for other browsing data.

For more information on the collection and use of cookies on this website, please see the Cookie Policy of Bieffe Co Srl (

Should you have any doubts or concerns about the use of cookies, you may take action to prevent them from being set and read, for example by changing the privacy settings within your browser in order to block certain types of cookies.

Should you prefer to act independently through your browser preferences and since browsers – and often different versions of the same browser – differ, even significantly, you can find detailed information on the required procedure in your browser guide. For an overview of the most common browsers’ action modes, please visit

Should you so wish, advertising companies also allow you to opt out of receiving targeted ads. This does not prevent the setting of cookies, but it stops the use and collection of some data by these companies.

For more information and withdrawal, please visit

Data Controller. The Controller of the personal data, pursuant to Regulation (EU) 679/2016, is Bieffe Co Srl (via Giacomo Leopardi 2, 20123, Milan (MI), VAT number 01355360056, tel. 0141 821010, e-mail info@bieffeco. it) in the person of its legal representative pro tempore.

Rights of the data subject. You have the right to obtain from the Data Controller the erasure (right to be forgotten), restriction, updating, correction, portability, objection to the processing of personal data concerning you, and in general you can exercise all the rights set forth by articles 15, 16, 17, 18, 19, 20, 21, 22 of the GDPR, as indicated below:

  1. The data subject shall have the right to obtain confirmation about the existence of personal data concerning him/her, even if not yet registered, their communication in an intelligible form and the possibility of lodging a complaint with the Supervisory Authority.
  2. The data subject has the right to obtain the indication:
  3. of the origin of the personal data;
  4. of the purposes and methods of processing;
  5. of the logic applied in the case of processing carried out with the aid of electronic tools;
  6. of the identification details concerning the data controller, data processors and the representative designated pursuant to article 5, paragraph 2;
  7. of the subjects or categories of subjects to whom the personal data may be disclosed or who may become aware of them in their capacity of representative designated in the State, processors or persons appointed.
  8. The data subject has the right to obtain:
  9. updating, rectification or, when there is an interest, the completion of data;
  10. the erasure, anonymization or blocking of data processed in breach of the law, including those for which storage is not necessary in relation to the purposes for which the data were collected or subsequently processed;
  11. the certification that the operations referred to in letters a) and b) have been brought to the attention, even with regard to their content, of those to whom the data have been disclosed or disseminated, except in the case where such fulfilment proves impossible or involves a manifestly disproportionate use of resources with respect to the protected right;
  12. data portability.
  13. The data subject has the right to object, in whole or in part:
  14. for legitimate reasons to the processing of personal data concerning him/her, even if pertinent to the purpose of the collection;
  15. to the processing of personal data concerning him/her for the purpose of sending advertising materials or for direct sales or for carrying out market surveys or commercial communication.

The data subject may exercise the foregoing rights by sending a signed request form with an attached copy of his/her identity card, passport or other identity document to the e-mail address

Furthermore, as a data subject, if you believe that the processing of your personal data breaches the applicable data protection legislation, you have the right to lodge a complaint with a supervisory authority (in particular that of the EU Member State of your place of habitual residence, place of work or of the place where the alleged breach occurred). Complaints to the Italian Authority are submitted by contacting the Data Protection Officer at the Authority (Personal Data Protection Authority – Head of Personal Data Protection, Piazza Venezia, 11, IT-00187, Rome, email: rpd@gpdp. it). For more information, please visit