Pursuant to and having the effects arising from Article 13 of EU Regulation No. 2016/679 of the European Parliament and Council of 27 April 2016 regarding the processing of the personal data of natural persons and the free circulation of such data, which repeals Directive 95/46/EC, and is also called the General Data Protection Regulation (hereinafter “GDPR”), we hereby inform you that the personal data voluntarily submitted by you to BolognaFiere Cosmoprof S.p.A. (hereinafter also called the “Company” or “BolognaFiere Cosmoprof”) will be processed in compliance with the current legal provisions governing the protection of personal data and in any event, in accordance with the confidentiality principles followed by the Company in its operations.
1. Categories of processed data
BolognaFiere Cosmoprof shall process the following category of data submitted by you:
- Personal data (such as: first name, family name, age, gender), home or professional address and contact details (telephone number, and email address);
- Data regarding your professional position;
- IP address.
2. Purposes of data processing
The personal data made available to BolognaFiere Cosmoprof S.p.A. may be used for the following purposes:
a) in order to conduct statistical surveys and market research;
b) in order to send information and promotional communications, also of a commercial nature, as well as advertising material regarding the trade shows, events, offers of goods and services to be delivered by means of the postal service, Internet, telephone, e-mail, MMS, SMS, from within or outside Italy (including non-European Community member states) by the Company or by natural or legal persons collaborating with the Company’s commercial activities, telesales companies, parent companies, subsidiaries and/or associate companies of BolognaFiere Group.
3. Processing methods
Personal data will be processed using the appropriate hard-copy, computer or IT-enabled tools strictly for the purposes described above and, in any event, in a manner such as to ensure the security and confidentiality of any data.
4. Submission of personal data and the consequences of refusal to provide same
Provision of personal data for the purposes indicated in Article 2 above is optional. However, any refusal to submit and/or the provision of incorrect and/or incomplete data could make it impossible to contact you and/or send you communications, disclosures and promotional information, also of a commercial nature, along with advertising material also related to trade show and events and offers of goods and services on the part of the Company or natural or legal persons collaborating with the commercial activities of the Company.
5. Personal data recipients or categories of recipients
The following persons within the Company may become cognisant of your personal data: Company shareholders, members of the Board of Directors or other administrative bodies, members of the Statutory Board of Auditors, Company personnel, the Data Protection Officer, and in any event, external the Data Protection Officers, and those persons serving as Data Processors or handlers of personal data appointed by the Company in the exercise of their functions.
Personal data may be communicated to qualified persons who provide the Company with services necessary to meet the purposes described in Article 2 above, such as, by way of example but not limited to these, parent companies, subsidiaries, associate and/or related companies, suppliers, contractors, sub-contractors, banking and/or insurance companies or other persons and/or bodies providing the Company with services, including ancillary services, linked to the establishment and/or performance of contractual obligations with the Company, (such as, by way of example but not limited to these, banks and/or persons charged with receiving or paying monies, undertakings and insurance companies), and/or all those persons or entities which, on the Company’s behalf or independently, provide the following services to the Company:
(i) managing and/or updating Internet website and computer and/or IT-enabled tools used by the Company;
(ii) conducting statistical surveys and market research;
(iii) organizing and managing events and meetings, including promotional initiatives;
(iv) sending information and promotional communications, also of a commercial nature, and/or advertising material and/or the offer of goods and services as indicated under Article 2 above;
(v) providing legal, tax, social security, accounting, organizational and commercial consultancy;
(vi) conducting auditing activities.
Your personal data may be transferred outside Italy in compliance with statutory norms currently in force, including to non-European Union countries where the Company has business interests.
The transfer of personal data to non-EU countries shall be subject to European Commission Adequacy Decisions and shall also be carried out in a manner such as to provide the appropriate guarantees pursuant to Articles 46 or 47 or 49 of the GDPR.
In any event, your personal data shall not be disseminated.
6. Period of the processing
Your personal data shall be processed only for the time necessary to achieve the purposes of the processing operation, and in any event, for a period of no longer than 10 (ten) years.
7. Rights of the data subject
We hereby confirm that you are entitled at any time to exercise the rights regarding your personal data within the limits and in accordance with the conditions indicated in Articles 7 and 15-22 of the GDPR.
Should you wish to exercise any of the rights listed below, please contact the Data Controller by sending an e-mail to: PRIVACY@COSMOPROF.IT. Your request will be answered no later than 30 (thirty) days following receipt by us.
More specifically, data subjects have the right to:
withdraw the consent previously given, without, however, said withdrawal in any way calling into question the lawfulness of any consent-based processing carried out prior to withdrawal of consent;
request the Data Controller to access, rectify or erase (the so-called “right to be forgotten”) personal data, or to restrict processing of personal data regarding them, or to object to processing;
obtain the portability of their data;
lodge a complaint with the Personal Data Protection Supervisory Authority in the event they believe their rights have been infringed.
8. Data Controller, Data Processor and Data Protection Officer
The Personal Data Controller is BolognaFiere Cosmoprof S.p.A., in the person of its pro tempore President, with headquarters in Bologna, Italy, Via Maserati No. 16.
The updated list of Data Processors is available at the Data Controller’s headquarters, or may be requested by email at: firstname.lastname@example.org.
The Data Protection Officer may be contacted at the following email address: email@example.com.