PRIVACY POLICY

INFORMATION PURSUANT TO ART. 13 OF LEGISLATIVE DECREE 196/2003
(Personal Data Protection Code)

General Introduction
This Privacy Policy is intended to describe the methods of managing this website owned by Bramardi, with reference to the processing of the personal data of users/visitors who consult it.
This notice is provided only for this website, on which it is published, and not for any other websites that may be consulted by the user via links.
This information also aims to make site users aware of the purposes and methods of processing personal data by Bramardi in the event they provide such data.
Users are required to carefully read this notice before submitting any kind of personal information and/or compiling any electronic form that may be present on the Site.

Preamble
Legislative Decree 196/2003 (Personal Data Protection Code), art. 4, governs the processing of personal data. “Processing” refers to any operation or series of operations, even if performed without the use of electronic instruments, concerning the collection, recording, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, dissemination, deletion, and destruction of data, even if not recorded in a database; and “personal data” refers to any information relating to a natural person, legal entity, entity, or association, identified or identifiable, even indirectly, by reference to any other information, including a personal identification number.
This policy is also inspired by Recommendation No. 2/2001 that the European data protection authorities, grouped by Article 29 of Directive 95/46/EC, adopted on May 17, 2001, to identify minimum requirements for online personal data collection, and, in particular, the methods, times and nature of the information that data controllers must provide to users when they connect to web pages, regardless of the purposes of the connection.
Generally, the law provides that the data subject’s consent is required for such processing.
In addition, the law stipulates that certain information must be provided to the data subject, which is included in this notice.

TYPES OF DATA PROCESSED
It should be noted that no personal data of users is acquired by the site for these purposes.
The site is accessible to users without requiring the input of their personal data.

Navigation Data
The computer systems and software procedures that allow the functioning of this website acquire, during normal operation, certain personal data that are transmitted implicitly in the use of Internet communication protocols. These are data relating to telematic traffic, which by their nature are not collected to be associated with identified data subjects, but which, by their very nature, could, through processing and association with data held by third parties, allow users/visitors to be identified. This category includes “IP addresses” or domain names of computers used by users connecting to the site, the URI (Uniform Resource Identifier) addresses of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the server’s response (success, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are used, where necessary, solely for the purpose of obtaining anonymous statistical information about the use of the site and to check its correct functioning and are deleted immediately after processing. Such data are retained by the Owner of the site for the strictly necessary period and, in any case, in accordance with current legislative provisions.

Data Provided Voluntarily by the User
Should customers wish to register in any database on the site, if present, to access the services provided, they must complete a “form” in which they will give their explicit consent to the processing of their data. Users are free to provide their personal data, but failure to do so may make it impossible to obtain the requested service.
The optional, explicit and voluntary sending of emails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message.
Personal data provided by users requesting information material (e.g. newsletters, etc.) are used solely to perform the service or provision requested and are not disseminated. The provision of users’ personal data is optional, although functional to the provision of certain services; in these cases, therefore, failure to provide such data may compromise or make it impossible to provide the service. Data may also be used to ascertain responsibility in case of possible computer crimes against the Site.

Minors: The website is not knowingly used to request data from minors under 18 years of age.

A – Purposes of Data Processing
Preamble. Article 28 (Data Controller) of Legislative Decree 196/2003 states: “When processing is carried out by a legal person, a public administration, or any other entity, association, or organization, the data controller is the entity as a whole or the unit or peripheral organization that exercises completely autonomous decision-making power regarding the purposes and methods of data processing, including security concerns.”
Given the above, Bramardi, Owner of the Site, informs you that the personal data in its possession, collected directly from the data subject, even verbally in the past, or from third parties, or which will be requested or have already been freely provided by the data subject also via e-mail or by third parties, can be processed, including by third-party companies appointed as Processors, for:

1. Accounting, administrative, tax, and related purposes, in fulfillment of obligations provided by laws, regulations and EU legislation, or by orders given by Authorities entitled by law and supervisory bodies.
   The provision of personal data necessary for these purposes is mandatory, and related processing does not require the consent of the data subjects. Refusal to provide them will make it impossible to establish relationships with the Site Owner.
2. Purposes strictly related and instrumental to the management of contractual relationships with customers, existing or under negotiation (e.g.: obtaining preliminary information for the conclusion of a contract, carrying out operations based on obligations arising from the contract concluded with customers, verification and evaluation of results and progress of relationships, as well as associated risks, etc.).
   Providing personal data for these purposes is not mandatory, but refusal may, depending on the relationship between the data and the requested service, make it impossible for the Site Owner to provide the service.

If such data are provided, their processing does not require the data subject’s consent.

B – Methods of Data Processing

1. Tools and Logic
   In relation to the purposes mentioned above, data processing is carried out through manual, computer, and telematic tools with logics strictly related to the purposes themselves, and in any way so as to guarantee the security and confidentiality of the data, with your commitment to promptly notify us of any corrections, modifications, and updates.
   Such processing may be carried out on behalf of the Data Controller, for the purposes and in the manner described above and in compliance with criteria suitable for guaranteeing security and confidentiality, by companies, firms, organizations, and external collaborators appointed as Processors, and only for processing carried out by them.
2. Duration
   Data will be processed for the entire duration of contractual and non-contractual relations established. Thereafter, only for the fulfillment of legal obligations and possible commercial purposes.
3. Sensitive Data
   None of your personal data held by the Data Controller can be categorized as “sensitive data” or “judicial data” as defined in letters d) and e) of Article 4 of Legislative Decree 196/2003. If you were to send such data, in the absence of your explicit written consent, we will immediately delete them.

C – Categories of Subjects to whom the data may be communicated and who may become aware of them as Processors or Persons in Charge, as well as the scope of data dissemination.

Preamble: personal data are not disseminated in any way, including consultation.

1. The Data Controller may communicate, without the need for the data subject’s consent, the personal data in its possession to those entities to whom such communication must be made in fulfillment of an obligation provided by law, regulation or Community legislation;
2. The Data Controller may also communicate, with the consent of the data subject, the personal data in its possession to companies, firms, organizations, and external collaborators that carry out processing on its behalf for the purposes listed under point 2 of section A.
   The identification of parties to whom data may be communicated can be obtained upon your simple request to the Data Controller as identified under point E.
3. The following individuals may become aware of the data as Data Processors mentioned in points B 1) and C 2), and as Persons in Charge, in relation to the data necessary for carrying out assigned tasks, the physical persons belonging to the following categories:
   employees of the Site Owner, project workers, temporary workers, interns, consultants, detached external workers, employees of the external companies appointed as processors, and partner workers.

D – Rights of the Data Subject
Art. 7 of Legislative Decree 196/2003 grants data subjects the exercise of specific rights regarding the processing of personal data.
Below is the full text of Article 7:

1. The data subject has the right to obtain confirmation of the existence or not of personal data concerning them, even if not yet registered, and their communication in an intelligible form.
2. The data subject has the right to be informed of:
   a) the origin of the personal data;
   b) the purposes and methods of the processing;
   c) the logic applied in the case of processing carried out with the aid of electronic instruments;
   d) the identification details of the data controller, data processors and the designated representative pursuant to Article 5, paragraph 2;
   e) the entities or categories of entities to whom the personal data may be communicated or who may become aware of them as designated representative within the State, data processors, or persons in charge.
3. The data subject has the right to obtain:
   a) the updating, rectification or, when interested, the integration of data;
   b) the deletion, transformation into anonymous form or blocking of data processed in violation of the law, including those for which storage is not required in relation to the purposes for which the data were collected or subsequently processed;
   c) certification that the operations referred to in letters a) and b) have been notified, also as regards their content, to those to whom the data have been communicated or disclosed, except where this is impossible or would involve a manifestly disproportionate use of means compared to the protected right.
4. The data subject has the right to object, in whole or in part:
   a) for legitimate reasons, to the processing of personal data concerning them, even if relevant to the purpose of collection;
   b) to the processing of personal data concerning them for the purpose of sending advertising or direct selling materials or carrying out market research or commercial communications.

Place of data processing
Data processing takes place at Bramardi, registered office at Via Nazionale, 76/E - 12010 S. Defendente di Cervasca (CN)
To contact us, the data subject can write to the above address.

E – Data Controller and Data Processor
The Data Controller is Bramardi with its registered office at Via Nazionale, 76/E - 12010 S. Defendente di Cervasca (CN)
The Data Processor is Mr. Franco Beccaria.

Last updated: May 29, 2015

The Site Owner
Bramardi
REGISTERED OFFICE: Via Nazionale, 76/E - 12010 S. Defendente di Cervasca (CN)
TAX CODE/VAT NO. 03145790048 –
PHONE: +390171 85021 – E-MAIL: info@bramardicioccolato.it

EXTENDED COOKIE INFORMATION

Ref.: Identification of simplified procedures for the information and acquisition of consent for the use of cookies. Provision No. 229 of 8/5/2014 – Published in the Official Gazette 126 of 3/6/2014

This site uses cookies, including those from third parties, to provide services in line with the user's preferences and in some cases to send advertising messages. By closing the brief cookie information banner on the site, scrolling through the pages, clicking on any link, or continuing browsing in any way, you consent to the use of cookies. If you want to know more or deny consent for all or some cookies, please read the following information in its entirety.

Cookies are small strings of text that websites visited by the user send to their terminal (usually the browser), where they are stored to be retransmitted to the same sites upon the next visit by the same user. While navigating a site, the user may also receive cookies from different sites or web servers (so-called "third parties"), where certain elements may reside (such as images, maps, sounds, specific links to pages of other domains) present on the site being visited.
Cookies, often present in large numbers and sometimes with wide persistence in users' browsers, are used for different purposes: performing computer authentication, session monitoring, storing information on specific configurations concerning users accessing the server, etc.
To properly regulate such devices, it is necessary to distinguish them, since there are no technical characteristics that differentiate them one from another, based on the purposes pursued by those who use them. In this sense, the legislator, by implementing the provisions of Directive 2009/136/EC, has established the obligation to obtain the prior and informed consent of users for the installation of cookies used for purposes other than purely technical ones (see Art. 1, paragraph 5, letter a), Legislative Decree 28 May 2012, No. 69, which amended Art. 122 of the Code).
For the purposes of this provision, two macro-categories are therefore identified: "technical" cookies and "profiling" cookies.

a. Technical cookies
Technical cookies are those used solely for "carrying out the transmission of a communication over an electronic communications network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide that service" (see Art. 122, paragraph 1, of the Code).
They are not used for any further purposes and are normally installed directly by the owner or operator of the website. They can be divided into navigation or session cookies, which guarantee normal navigation and use of the website (allowing, for example, purchases or authentication to access reserved areas); analytics cookies, assimilated to technical cookies when used directly by the site operator to collect aggregated information on the number of users and how they visit the site; and functionality cookies, which allow the user to browse according to a series of selected criteria (for example, language, products selected for purchase) in order to improve the service rendered.
The installation of such cookies does not require the prior consent of users, although it remains mandatory to provide the information as per Art. 13 of the Code, which the site manager, if they use only such devices, can provide in the manner they deem most appropriate.

b. Profiling cookies
Profiling cookies are aimed at creating user profiles and are used to send advertising messages in line with the preferences expressed by the user while surfing the internet. Given the particularly invasive nature that such devices can have in the private sphere of users, European and Italian legislation requires that users be adequately informed about their use and thus express their valid consent.
These are referred to in Art. 122 of the Code, which provides that "storing information in the terminal device of a contractor or user or accessing information already stored is permitted only if the contractor or user has given their consent after having been informed with the simplified methods set out in Article 13, paragraph 3" (Art. 122, paragraph 1, of the Code).

Involved parties: Publishers and “third parties”
Another element to consider, for the correct definition of the subject matter, is the subjective one. That is, account must be taken of the different entity that installs cookies on the user's terminal, depending on whether it is the same manager of the site that the user is visiting (who can be concisely referred to as "publisher") or a different site that installs cookies via the first (so-called "third parties").
Based on what emerged from the public consultation, it is considered necessary that the distinction between the two subjects mentioned above be duly considered also in order to correctly identify their respective roles and responsibilities in relation to providing the information and acquiring online users’ consent.
There are numerous reasons why it is not possible to require the publisher to provide the information and acquire consent for cookies installed on their website also for those installed by "third parties." The publisher therefore declines any and all responsibility for any requests and/or provision of personal data to third-party sites.

How to disable cookies through browser configuration
The user can decide whether or not to accept cookies. To this end, they can use the settings of their Internet browser. Most browsers allow the management (viewing, enabling, disabling, and deleting) of cookies through their settings.
Given the complexity and variety of browsing systems and devices in use, the following instructions are provided by way of example and not exhaustively:

Chrome
a. Open the Chrome Browser
b. Click on the Chrome menu settings located on the browser toolbar next to the address bar for navigation
c. Select Settings
d. Click on Show Advanced Settings
e. In the “Privacy” section, click on the “Content settings” button
f. In the “Cookies” section you can change the following cookie settings:
  – Allow local data to be set
  – Change local data only until you close the browser
  – Prevent sites from setting cookies
  – Block third-party cookies and site data
  – Manage exceptions for certain websites
  – Remove one or all cookies
For more information, visit the dedicated page.

Mozilla Firefox
a. Open the Mozilla Firefox Browser
b. Click on the Firefox menu settings located on the browser toolbar next to the address bar for navigation
c. Select Options
d. Select the Privacy panel
e. Click on Show Advanced Settings
f. In the “Privacy” section, click the “Content settings” button
g. In the “Tracking” section you can change the following cookie settings:
  – Tell sites that you do not want to be tracked
  – Tell sites you are willing to be tracked
  – Do not tell sites your tracking preferences
h. From the “History” section you can:
  – By enabling “Use custom settings for history”, choose to accept third-party cookies (always, from most visited sites, or never) and store them for a specific period (until they expire, when Firefox is closed, or to ask each time)
  – Remove individual stored cookies
For more information, visit the dedicated page.

Internet Explorer
a. Open the Internet Explorer Browser
b. Click on the Tools button and choose Internet Options
c. Click on the Privacy tab and in the Settings section change the slider according to the desired action for cookies:
  – Block all cookies
  – Allow all cookies
  – Select the sites from which to receive cookies: move the slider to an intermediate position so as not to block or allow all cookies, then click on Sites, in the Website Address box enter a website and then click Block or Allow
For more information, visit the dedicated page.

Safari
a. Open the Safari Browser
b. Click on Safari, select Preferences and press Privacy
c. In the Block Cookies section specify how Safari should accept cookies from websites.
d. To see which sites have stored cookies click on Details

Safari iOS
a. Open the Safari iOS Browser
b. Tap on Settings, then Safari
c. Tap Block Cookies and choose among the available options: “Never”, “From third parties and advertisers” or “Always”
d. To delete all cookies stored by Safari, tap Settings, then Safari, then Clear Cookies and Data
For more information, visit the dedicated page.

Opera
a. Open the Opera Browser
b. Click on Preferences then on Advanced and finally on Cookies
c. Select one of the following options:
  – Accept all cookies
  – Accept cookies only from the site you visit: third-party cookies and those sent from a domain different from the one you are visiting will be rejected
  – Never accept cookies: all cookies will never be saved
For more information, visit the dedicated page.

The above-mentioned links may be subject to changes over time not due to the site. The same information is, however, easily available using a search engine.
If your browser is not listed, refer to the information on cookies provided by the browser itself. If you use a mobile phone, refer to its manual for more information.
After disabling cookies through browser settings, remember to always delete those already present before deactivation, using the same settings.

How to disable third-party service cookies
This site may use third-party cookies in certain sections. The main ones include:

The above-mentioned links may be subject to changes over time not due to the site. The same information is, however, easily available using a search engine.

Further Information
For further information or specific requests, write an email BY CLICKING HERE