VERSION 1.0 – DRAFTED PURSUANT TO GDPR 2016/679 EXTRACT. THE FULL TEXT MAY BE REQUESTED USING THE CONTACT INFORMATION CONTAINED IN THIS DOCUMENT.

The purpose of these Legal Notes and Privacy Policy is to guarantee that Users can transparently verify the data processing activities on the web, highlighting the importance of having chosen an entity that prioritizes the protection of User rights and adheres to the proper observance of legal provisions. It is specified that the text below complies with the recent regulations of GDPR 2016/679. BROS MANIFATTURE S.r.l., as the Data Controller for company data and owner of the domain and website, provides users connecting to www.pianegonda.com with the rules for the correct and authorized use of photos, images, text, and any other document published here. These Legal Notes are divided into different sections identifying the current regulatory areas defined by this company.

Furthermore, in this context, the term Company Data refers to:

– any type of information that is processed, acquired, known, elaborated, communicated, and extracted from the pages of the www.pianegonda.com website;
– it does not include information from links to other websites.

It is important to emphasize that the following description may be subject to revision and integration by this company whenever necessary; in this regard, and for transparency towards the user, the corresponding version number (currently version 1.0) is indicated on the initial cover.
The user's browsing rights are also described within the Legal Notes text.

PROTECTION OF TRADEMARK AND INTELLECTUAL PROPERTY RIGHTS

BROS MANIFATTURE S.r.l. represents not only the name of the Controller but also its trademark. Legal protection is extended here to the domain based on the recognition received from the legislator with the new Industrial Property Code (Legislative Decree 30/2005). Indeed, the new legislative discipline allows for the defense of domain names against acts of counterfeiting and usurpation carried out by third parties, providing for both ordinary judgments and precautionary protection. In particular, Article 133 of the Industrial Property Code allows the judicial authority to order the prohibition of the use of an unlawfully registered domain, or its provisional transfer, if necessary, subject to the provision of suitable security by the beneficiary of the measure. In light of the above, the site and its contents are the exclusive property of the owning company, which reserves the right to grant third parties any right of use. Any activity of copying, downloading, or reproducing, in whole or in part, the content published on this website is prohibited unless the possibility of carrying out one of the aforementioned operations is expressly indicated. The user is, therefore, only authorized to view the site and to perform all those temporary reproduction acts, without independent economic relevance, that are considered transient or accessory, an integral and essential part of the viewing of www.pianegonda.com and its contents, and all other browsing operations that are performed only for legitimate use. Copyright protections are exclusively valid for this website.

Regarding the regulation of links, it should be noted that there are currently no links to other websites within www.pianegonda.com. Should external links exist in the future, BROS MANIFATTURE S.r.l. does not control or monitor such websites and their content and therefore cannot be held responsible for the content of these sites and the rules adopted by them, including with regard to privacy and the processing of personal data during browsing operations. The undersigned considers "surface linking," i.e., the classic link that transfers the visitor to the homepage of another site, to be legitimate; however, "deep linking" and "framing" are not authorized, as they are potential subjects of responsibility for copyright infringement and unfair competition, respectively.

– TRANSPARENCY AND COMPLETENESS OF INFORMATION
BROS MANIFATTURE S.r.l. guarantees transparent, complete, and accurate communication with all those with whom it interacts. The information complies with the clarity and truthfulness standards dictated by the discipline of transparency towards the Customer and in full respect of the principles contained in consumer protection. The site is currently available in Italian.

– CONFIDENTIALITY OF INFORMATION
BROS MANIFATTURE S.r.l. places great importance on data confidentiality and security through the development of specific internal control programs and well-defined policies. Security measures are implemented for both paper and electronic management.

PRIVACY POLICY

This page describes how the site manages the processing of personal data of users who consult it. This information is provided only for the www.pianegonda.com site and not for other websites that may be consulted by the user via links.

DATA CONTROLLER

For the purposes of the principles of transparency and fairness enshrined in the Privacy Code, the data processing ownership belongs directly to BROS MANIFATTURE S.r.l., whose complete data are reported on the homepage. The domain is owned by the same owner to whom it is regularly registered. Bros Manifatture srl Via Guido Rossa, 1 63025 Montegiorgio (FM) Bros Usa Corporation 169 East Flager Street, Suite 1022Miami, FL 33131 Bros Manifatture Asia Limited Suite 2301, 23rd Floor, Chinachem Hollywood Centre, 1-13 Hollywood Road Central, Hong Kong S.A.R. The email address for communications is: privacy@brosmanifatture.it

DATA PROTECTION OFFICER

Pursuant to Article 28 of GDPR 2016/679, the contact for any information and requests to be sent to the Data Processor is provided:

resp.trattamento@brosmanifatture.it

Furthermore, the complete and updated list of Data Processors can be requested by writing to the address provided on this website.

INTERNATIONAL TRANSFERS OF PERSONAL DATA

If the client has chosen to register in the Bros Group customer database, the Bros Group collects the client's personal data in their country, for example, data relating to their visits to our stores, to then transfer and store them, in accordance with current legislation, in another country where our group companies' servers are located. The data will be transferred for the purposes described in this Policy (e.g., to provide the requested services or to offer personalized services in all our stores worldwide). The privacy and personal data protection laws in these countries may not be equivalent to those in the client's country of residence. The Bros Group companies will take measures to ensure that client data is processed securely, in compliance with the principles of fairness, necessity, and proportionality, and in accordance with this Policy, regardless of the country to which they may be transferred.
Where permitted in the client's country, by using the aforementioned Websites or providing us with data for the purposes of this Policy, the client fully understands and clearly accepts the transfer of personal data abroad within the context of the normal business operations of the Group companies, including the collection, storage, and processing of such data in the United States of America and Asia. These policies represent the rules of conduct relating to the processing of personal data for all Bros Group companies and therefore govern and allow the transfer of data between the same companies residing in different geographical areas, in compliance with the guarantees established by privacy legislation (Binding Corporate Rules principle).

LOCATION AND METHODS OF DATA PROCESSING

In this context, the term "processing methods" describes the technical and organizational methodologies implemented by BROS MANIFATTURE S.R.L. to ensure appropriate and secure data management and storage. Data is processed electronically and on paper and is accessible to authorized personnel; no dissemination is carried out.
Electronic storage takes place on the server located at the registered office at Via Guido Rossa no. 1 – 63833 Montegiorgio (FM) and on the server units of the provider where the domain is hosted; while in the case of paper management, storage takes place in the archive located at our office. For the sake of transparency, it should be noted that the domain is hosted by an external provider responsible for its operation and security and that, in case of violations, it is subject to the responsibilities dictated by the specific regulations of the sector. The provider is located in an EU country. The processing connected to the pianegonda.com web services is carried out by the data controller and by any third-party companies as data processors pursuant to Article 28 of GDPR 2016/679.

TYPES OF DATA

This section specifies what data Bros Manifatture S.r.l. may collect during simple navigation on the Websites, without logging in as a registered user, and how it is processed.

– Navigation data
The computer systems and software procedures used to operate this website acquire, during their normal operation, certain personal data whose transmission is implicit in the use of internet communication protocols. This category includes IP addresses or domain names of the computers used by users who connect to the site, URI (Uniform Resource Identifier) addresses of the requested resources, the numerical code indicating the status of the response given by the server (e.g., success, error), and other parameters relating to the operating system and the user's computer environment. Such data could be used to ascertain responsibility in the event of hypothetical cybercrimes against the site.

– Data provided voluntarily by the user
The optional, explicit and voluntary sending of electronic mail to the addresses indicated on this site involves the subsequent acquisition of the sender's address, necessary to respond to requests, as well as any other personal data included in the message. The processing operations of this data are exclusively linked to the purpose of responding to the information highlighted by users. It is specified that, as regards their retention, the data are kept only for the time necessary to fulfill the same purpose and are subsequently deleted. The information provided is acquired and managed exclusively by this firm in compliance with the principles of data integrity and confidentiality.

It is specified that among the Personal Data collected by this Application, independently or through third parties, are: – First name and last name – Phone number – Email address – Address – City – Province – Country – Company Name – Profession – Website – Cookie – Usage data – IP address – Location.
Unless otherwise specified, all Data requested by these sites are mandatory to allow the Data Controller to respond to your requests; therefore, if the User refuses to communicate them, it may be impossible to provide the service.

RETENTION PERIOD

Data is processed and stored for the time required by the purposes for which it was collected. Therefore:

– Personal Data collected for purposes related to the activities carried out by us and for which the User has freely expressed interest will be retained until the performance of the requested services is completed;

– Personal Data collected for purposes attributable to the legitimate interest of the Data Controller will be retained until such interest is satisfied. The User can obtain further information regarding the legitimate interest pursued by the Data Controller in the relevant sections of this document or by contacting the Data Controller.

When processing is based on the User's consent, the Data Controller may retain Personal Data for a longer period until such consent is revoked. Furthermore, the Data Controller may be obliged to retain Personal Data for a longer period in compliance with a legal obligation or an order from an authority.
At the end of the retention period, Personal Data will be deleted. Therefore, upon expiration of this period, the right to access, erasure, rectification, and the right to data portability can no longer be exercised.
The only data that, at the end of the relationship or in case of a deletion request, must be kept for 10 years are the data contained in sales invoices for purposes derived from tax regulations, along with the data contained in commercial communications (both via email, certified email, and paper mail) to comply with the provisions of the Civil Code (Article 2214) regarding commercial communication (time defined as 10 years).

COOKIES

In accordance with the provision of the Privacy Guarantor Authority of 14/06/2014, it is stated that this site uses technical cookies, i.e., navigation cookies, analytics cookies, and functionality cookies. No personal data of users is acquired by the site in this regard. No cookies are used for the transmission of personal information, nor are so-called persistent cookies of any kind used, i.e., systems for tracking users. The use of session cookies (which are not permanently stored on the user's computer and disappear when the browser is closed) is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site. The setting of cookies is entrusted to the Web Master appointed by the company and the domain www.pianegonda.com resides on the server farm of an external provider (ITALY).

More information regarding the cookies present on this site is available on the following page: www.pianegonda.com/cookie-policy

OPTIONALITY OF DATA PROVISION

Apart from what is specified for navigation data, the user is free to provide personal data by writing in the appropriate form in the "CONTACTS" section of the site for information requests or other communications. For completeness, it should be remembered that in some cases, not subject to the ordinary management of this site, the Authority may request news and information pursuant to GDPR 2016/679, for the purpose of checking the processing of personal data; in these cases, the answer is mandatory under penalty of administrative sanction.

RIGHT TO BE FORGOTTEN

The Data Controller respects the User's right to be forgotten, which is the right to obtain the deletion from search engine indexes of information that, due to its content and the time elapsed since navigation, has no public relevance. However, if the request for deletion of data from search engine indexes has been granted, anyone can appeal the decision to the judicial authority to guarantee the public interest in information.

RIGHTS OF THE DATA SUBJECTS

Each individual has the right at any time to obtain confirmation of the existence or non-existence of data concerning them and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (Art. 7 GDPR 2016/679); it is also the right of each user to revoke any consent previously granted for informational or marketing purposes. Pursuant to the same article, one has the right to request the erasure, anonymization, or blocking of data processed in violation of the law, as well as to object, for legitimate reasons, to their processing. Furthermore, Users have the right to request the restriction of data use and the right to data portability to another Controller.
Requests should be sent via email to: privacy@brosmanifatture.it

The Data Controller protects the User's digital identity through the implementation of precise policies. The User is required to provide, in the appropriate form on the site, only the information strictly necessary for the purposes for which it is provided.

The Data Controller and each designated person implement the security measures deemed most appropriate to ensure the security of data processing and storage activities.

Social Network Privacy Policy

VER.1/2021 – DRAFTED PURSUANT TO GDPR 2016/679 EXCERPT. THE DETAILED TEXT MAY BE REQUESTED FROM THE REFERENCES CONTAINED IN THIS DOCUMENT

The purpose of this Privacy Policy is to ensure that Users can fully and transparently verify the processing activities of their data on the social profiles of our Company BROS MANIFATTURE S.R.L. In particular, BROS MANIFATTURE S.R.L., as Data Controller, respects and protects the privacy of its users and is committed to transparency regarding the processing of personal data. This policy aims to illustrate how BROS MANIFATTURE S.R.L., as Data Controller, processes personal data using various social platforms, such as Facebook, Instagram, and YouTube. This policy may be subject to changes, so we invite users to consult it to view the most updated version.

USER DATA

In this context, the term User data refers to all information freely provided by the user in the appropriate forms on the social pages of our Company BROS MANIFATTURE S.R.L.

Personal Data subject to processing may include, but is not limited to:

– Information such as name, surname, email, age, gender, country, professional qualification, current or previous employer, educational background, profile picture, interests, friends list and/or followers, and other publicly available information, provided that the user has published all this information on their social profile.

– Further information that the user will provide by posting on the Social Page of our Company BROS MANIFATTURE S.R.L., comments and/or "Likes" on our posts, our images, or through sending direct messages.

If the user decides to subscribe to a newsletter, on related products or services, or if they request to be contacted for information, they may provide us with their personal data such as name, surname, email address, phone number. Furthermore, we inform users that the different social platforms also collect personal data through the use of cookies and similar technologies, including cookies collected through social networks such as [Facebook, Instagram, and YouTube], etc. In some cases, for example, in relation to our Facebook page, it acts as a "Co-controller" together with Facebook for the processing of personal data. Therefore, we advise users to read the privacy policy of the Facebook Social Network to understand how Facebook processes personal data. The user can find the various privacy policies on the processing of personal data of the different social platforms Facebook, Instagram, and YouTube.

POLICY FOR USERS

Users who connect to the social pages of our Company BROS MANIFATTURE S.R.L. are required to observe the policies described below.
– The user must pay particular attention to the possibility of including, in their contributions, data that may reveal, even indirectly, the identity of third parties. In such a case, they declare to have personally requested the consent of the third parties for dissemination;
– The user must be aware that the content of their messages and/or posts can be seen by the entire community. Therefore, BROS MANIFATTURE S.R.L. reserves the right to remove, even without prior notice, all posts deemed inappropriate and not compliant with this policy or current legislation;
– The user must be polite and courteous in their interactions. The use of inappropriate language, detrimental to the image of our studio, discriminatory on the basis of sexual orientation, personal and social conditions, race, language, nationality is prohibited;
– The user must refrain from committing copyright infringements, violations of people's privacy, or unauthorized use of registered trademarks;

Users are prohibited from advertising other brands or logos on our pages and from posting SPAM content that could harm other fans (viruses, malicious software, etc.) or legitimate owners.

WEBSITE

The social pages of BROS MANIFATTURE S.R.L. [Facebook, Instagram, and YouTube] may contain links to sites always owned by the Data Controller or to sites owned by third parties. This Privacy Policy does not apply to third-party sites, so if the user wishes information on their data collection methods and distribution policies, we suggest contacting them directly.

TRANSFER OF DATA ABROAD

Your personal data will not be transferred by us outside the European Union or to countries that do not guarantee an adequate level of data protection.

RIGHTS OF DATA SUBJECTS

Each data subject has the right at any time to obtain confirmation of the existence or non-existence of data concerning them and to know its content and origin, verify its accuracy or request its integration or updating, or rectification (Art. 7 GDPR 2016/679); it is also the right of each user to withdraw any consent previously granted for informational or marketing purposes. Pursuant to the same article, one has the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose, in any case, for legitimate reasons, their processing.

Requests should be sent via email to: privacy@brosmanifatture.it

The user has the right to file a complaint with the Garante per la Protezione dei dati (Italian Data Protection Authority).

DATA RETENTION

Regarding the retention of data on social pages, the Controller is required to follow the policies established by the Service Provider.