Privacy Policy

What is this Privacy Policy for?

This privacy policy is for this website (www.bluegreenstrategy.com and www.bluegreenstrategy.it) and served by Bluegreen Strategy srl and governs the privacy of its users who choose to use it. The policy sets out the different areas where user privacy is concerned and outlines the obligations & requirements of the users, the website and website owners. Furthermore the way this website processes, stores and protects user data and information will also be detailed within this policy.

The Website

This website and its owners take a proactive approach to user privacy and ensure the necessary steps are taken to protect the privacy of its users throughout their visiting experience. This website complies to all Italian and European Union regulations and requirements for user privacy.

Compliance with Art.13 of EU Regulation 679/2016 (“GDPR”)

Bluegreen Strategy Srl (short “Bluegreen”) protects the confidentiality of personal data and guarantees to them the necessary protection from any event that could put them at risk of violation. As required by the European Union Regulation no. 679/2016 (“GDPR”), and in particular to the art. 13, below we provide the User with the information required by law concerning the processing of their personal data.

Who we are and what data we process (article 13, paragraph 1 letter a, article 15, letter b GDPR)

Bluegreen Strategy Srl, in the person of its legal representative, with office in Casalecchio di Reno (BO), Via Isonzo n. 59/2, operates as Data Controller and can be contacted at info@bluegreenstrategy.com and collects and / or receives information concerning the interested party, such as: name, surname, physical address, nationality, province and municipality of residence, landline and / or mobile phone, fax, tax identification number, social security number, e-mail address.

Bluegreen does not require the User to provide “particular” data, that is, according to the provisions of the GDPR (Article 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical convictions, or union membership, as well as genetic data, data biometrics designed to uniquely identify a natural person, data relating to a person’s health or sexual life or sexual orientation. In the event that the service requested to Bluegreen requires the processing of such data, the interested party will receive prior notice and will be required to give appropriate consent.

For what purposes we need the data of the interested party (Article 13, paragraph 1 of the GDPR)

The data are used by the Data Controller to follow up the contact request and the contract for the supply of the selected Service and / or the purchased Product, manage and execute the contact requests sent by the User, provide assistance, comply with legal and regulatory obligations. Under no circumstances does Bluegreen resell the personal data of the interested party to third parties nor use them for undeclared purposes. In particular the data of the interested party will be processed for:
a) registration and contact requests and / or information material
The processing of personal data of the interested party takes place to carry out the preliminary activities and consequent to the registration request, to the management of requests for information and to contact and / or sending information material, as well as for the fulfillment of any other obligation arising. The legal basis of these treatments is the fulfillment of the services inherent to the request for registration, information and contact and / or sending of informative material and compliance with legal obligations.
b) management of the contractual relationship: The processing of personal data of the interested party takes place to carry out preliminary activities and consequent to the purchase of a Service and / or a Product, the management of the related order, the provision of the Service itself and / or production and / or the shipment of the purchased Product, the related invoicing and management of the payment, the handling of complaints and / or reports to the assistance service and the provision of the assistance itself, the prevention of fraud and the fulfillment of any other obligation arising from the contract. The legal basis of these treatments is the fulfillment of the services inherent in the contractual relationship and compliance with legal obligations.
c) promotional activities on Services / Products similar to those purchased by the Interested Party: The data controller, even without your explicit consent, may use the contact details provided by the Interested Party, for the purpose of direct sale of their Services / Products, limited to the case in which the Services / Products are similar to those object of the sale, unless the interested party explicitly objects.

Communication to third parties and categories of recipients (Article 13, 1st paragraph GDPR)

The personal data will be communicated mainly to third parties and / or recipients whose activity is necessary for the performance of the activities related to the relationship established and to meet certain legal obligations, such as:

  • Companies controlled by Bluegreen Strategy srl, for the purpose of delivering the contracted services.
  • Third-party suppliers of Bluegreen, for the provision of services related to the requested service.
  • Credit and digital payment institutions, banking / postal institutions for management of payments and refunds related to the contractual performance.
  • External professionals / consultants and consulting firms, for fulfillment of legal obligations, exercise of rights, protection of contractual rights, recovery of credit.
  • Financial administration, public bodies, judicial authorities, supervisory authorities for compliance with legal obligations, defense of rights and for lists and registers held by public authorities or similar bodies on the basis of specific legislation, in relation to the contractual performance.
  • Formally delegated subjects or having a recognized legal title (legal representatives, curators, tutors, etc.).

 

What happens if the Data Subject does not provide his data identified as necessary for the execution of the requested service? (Article 13, paragraph 2, letter and GDPR)

The collection and processing of personal data is necessary to follow up the requested services as well as the provision of the Service and / or the supply of the requested Product. If the Data Subject does not provide the personal data expressly provided for as necessary in the order form or the registration form, the Data Controller will not be able to process the processing of the requested services and / or the contract and the Services / Products connected to it, or to the obligations that depend on them.

How we process the data of the interested party (Article 32 GDPR)

The Data Controller provides for the use of adequate security measures to preserve the confidentiality, integrity and availability of the personal data of the interested party and imposes similar security measures on third parties and on the Managers.

Where we process the data of the interested party

The personal data of the interested party are stored in paper, computer and electronic archives located in countries where the GDPR (EU countries) is applied.

How long are the data of the interested party stored? (Article 13, paragraph 2, letter to GDPR)

Unless he expressly expresses his will to remove them, the personal data of the interested party will be kept until they are necessary with respect to the legitimate purposes for which they were collected. In particular, they will be kept for the entire duration of their registration and in any case no longer than a maximum period of 12 (twelve) months of inactivity, or if, within this period, no Services and / or purchased Products are associated the registry itself. In the case of data provided to the Owner for the purposes of commercial promotion for services other than those already acquired by the Data Subject, for which he initially consented, these will be retained for 24 months, subject to revocation of the consent given. In the case of data provided to the Owner for the purposes of profiling, these will be retained for 12 months, unless revocation of consent given. Furthermore, personal data will in any case be kept for the fulfillment of the obligations (eg fiscal and accounting) that remain even after the termination of the contract (Article 2220 of the Italian Civil Code); for these purposes the Data Controller will retain only the data necessary for the relative prosecution. Except in cases where the rights deriving from the contract and / or registration, in which case the personal data of the interested party, exclusively those necessary for such purposes, will be processed for the time necessary to their pursuit.

What are the rights of the interested party? (Articles 15 – 20 GDPR)

The interested party has the right to obtain from the data controller the following:
a) confirmation of whether or not personal data processing is being processed and, in this case, to obtain access to personal data and the following information: 1. the purposes of the processing; 2. the categories of personal data in question; 3. the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if recipients of third countries or international organizations; 4. when possible, the retention period of the personal data provided or, if not possible, the criteria used to determine this period; 5. the existence of the right of the data subject to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him or to oppose their treatment; 6. the right to lodge a complaint with a supervisory authority; 7. if the data are not collected from the data subject, all information available on their origin; 8. the existence of an automated decision-making process, including profiling, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of this treatment for the data subject. 9. the adequate guarantees provided by the third country (non-EU) or an international organization to protect any data transferred.
b) the right to obtain a copy of the personal data being processed, provided that this right does not affect the rights and freedoms of others; In case of further copies requested by the interested party, the data controller may charge a reasonable fee contribution based on administrative costs.
c) the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay.
d) the right to obtain from the data controller the cancellation of personal data concerning him without undue delay, if the reasons provided for by the GDPR in art. 17, among which, for example, in the case in which they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and the conditions provided for by law still exist; and in any case if the treatment is not justified by another equally legitimate reason.
e) the right to obtain from the data controller the limitation of processing, in the cases provided for by art. 18 of the GDPR, for example where you have challenged its accuracy, for the period necessary for the Data Controller to verify its accuracy. The interested party must be informed, in reasonable time, also of when the suspension period has been completed or the cause of the limitation of the treatment has ceased, and therefore the limitation itself revoked.
f) the right to obtain communication from the holder of the recipients to whom the requests for any corrections or cancellations or limitations of the processing have been transmitted, unless this proves impossible or involves a disproportionate effort.
g) the right to receive personal data concerning him in a structured, commonly used and automatically readable format, and the right to transmit such data to another data controller without impediments by the data controller who provided them , in the cases provided for by art. 20 of the GDPR, and the right to obtain direct transmission of personal data from one controller to another, if technically feasible.

How and when can the data subject oppose the processing of personal data? (Article 21 GDPR)

For reasons relating to the particular situation of the interested party, the same may oppose at any time the processing of their personal data if it is based on legitimate interest or if it takes place for business promotion, sending the request to the owner at info@bluegreenstrategy.com. The interested party has the right to cancel his / her personal data if there is no legitimate overriding reason for the Data Controller than the one giving rise to the request, and in any case in case the Data Subject opposes the processing for commercial promotion activities.

To whom can the interested party submit a complaint? (Article 15 GDPR)

Without prejudice to any other action in administrative or judicial, the interested party may lodge a complaint with the competent supervisory authority on the Italian territory (Authority for the protection of personal data) or the one carrying out its duties and exercising its powers in the Member State where the GDPR violation took place. Each update of these provision will be promptly communicated and by means of reasonable means and will also be communicated if the Data Controller processes the data of the Data Subject for further purposes than those referred to in this Notice before proceeding and following the manifestation of the relative consent of the Interested Party if necessary.

Use of Cookies

This website uses cookies to better the users experience while visiting the website. Where applicable this website uses a cookie control system allowing the user on their first visit to the website to allow or disallow the use of cookies on their computer / device. This complies with recent legislation requirements for websites to obtain explicit consent from users before leaving behind or reading files such as cookies on a users computer / device.
Cookies are small files saved to the users computers hard drive that track, save and store information about the users interactions and usage of the website. This allows the website, through it’s server to provide the users with a tailored experience within this website. 
Users are advised that if they wish to deny the use and saving of cookies from this website on to their computers hard drive they should take necessary steps within their web browsers security settings to block all cookies from this website and it’s external serving vendors.
This website uses tracking software to monitor it’s visitors to better understand how they use it. This software is provided by Google Analytics which uses cookies to track visitor usage. The software will save a cookie to your computers hard drive in order to track and monitor your engagement and usage of the website but will not store, save or collect personal information. You can read Google’s privacy policy here for further information http://www.google.com/privacy.html.
Other cookies may be stored to your computers hard drive by external vendors when this website uses referral programs, sponsored links or adverts. Such cookies are used for conversion and referral tracking and typically expire after 30 days, though some may take longer. No personal information is stored, saved or collected.

Log Files

We use IP addresses to analyse trends, administer the site, track user’s movement, and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information. Additionally, for systems administration, detecting usage patterns and troubleshooting purposes, our web servers automatically log standard access information including browser type, access times/open mail, URL requested, and referral URL. This information is not shared with third parties and is used only within this Company on a need-to-know basis. Any individually identifiable information related to this data will never be used in any way different to that stated above without your explicit permission.

Contact & Communication

Users contacting this website and/or its owners do so at their own discretion and provide any such personal details requested at their own risk. Your personal information is kept private and stored securely until a time it is no longer required or has no use. Every effort has been made to ensure a safe and secure form to email submission process but advise users using such form to email processes that they do so at their own risk.
This website and its owners use any information submitted to provide you with further information about the products / services they offer or to assist you in answering any questions or queries you may have submitted. This includes using your details to subscribe you to any email newsletter or messaging program the website operates but only if this was made clear to you and your express permission was granted when submitting any form to email process. Or whereby you the consumer have previously purchased from or enquired about purchasing from the company a product or service that the email program relates to. This is by no means an entire list of your user rights in regard to receiving email marketing material. Your details are not passed on to any third parties.

External Links

Although this website only looks to include quality, safe and relevant external links users should always adopt a policy of caution before clicking any external web links mentioned throughout this website.
The owners of this website cannot guarantee or verify the contents of any externally linked website despite their best efforts. Users should therefore note they click on external links at their own risk and this website and it’s owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Adverts and Sponsored Links

This website may contain sponsored links and adverts. These will typically be served through our advertising partners, to whom may have detailed privacy policies relating directly to the adverts they serve.
Clicking on any such adverts will send you to the advertisers website through a referral program which may use cookies and will tracks the number of referrals sent from this website. This may include the use of cookies which may in turn be saved on your computers hard drive. Users should therefore note they click on sponsored external links at their own risk and this website and it’s owners cannot be held liable for any damages or implications caused by visiting any external links mentioned.

Social Media Platforms

Communication, engagement and actions taken through external social media platforms that this website and it’s owners participate on are custom to the terms and conditions as well as the privacy policies held with each social media platform respectively.
Users are advised to use social media platforms wisely and communicate / engage upon them with due care and caution in regard to their own privacy and personal details. This website nor its owners will ever ask for personal or sensitive information through social media platforms and encourage users wishing to discuss sensitive details to contact them through primary communication channels such as by telephone or email.
This website may use social sharing buttons which help share web content directly from web pages to the social media platform in question. Users are advised before using such social sharing buttons that they do so at their own discretion and note that the social media platform may track and save your request to share a web page respectively through your social media platform account.

Shortened Links in Social Media

This website and its owners through their social media platform accounts may share web links to relevant web pages. By default some social media platforms shorten lengthy urls [web addresses] (this is an example: http://bit.ly/zyVUBo).
Users are advised to take caution and good judgement before clicking any shortened urls published on social media platforms by this website and it’s owners. Despite the best efforts to ensure only genuine urls are published many social media platforms are prone to spam and hacking and therefore this website and it’s owners cannot be held liable for any damages or implications caused by visiting any shortened links.

Changes

Any changes to our privacy policy will be posted on our web site 30 days prior to these changes taking place. You are therefore advised to re-read this statement on a regular basis.

Resources & Further Information

The EU General Data Protection Regulation
Twitter Privacy Policy
Facebook Privacy Policy
Google Privacy Policy
Linkedin Privacy Policy
Mailchimp Privacy Policy

Bluegreen Strategy srl, Via Isonzo 59/2 40033 Casalecchio di Reno – Italy

End of Privacy Policy