Privacy Policy
Welcome to the website www.ranciliogroup.com of Rancilio Group S.p.A. con socio unico (with sole shareholder) (hereinafter, the “Website“).
By this Privacy Policy, Rancilio Group S.p.A. con socio unico gives users information on the processing of personal data that are automatically collected or that the user voluntarily provides when accessing and browsing the Website and using the services provided therein.
Browsing is free and does not require any registration; any provision of personal data is envisaged in the “Download Area”, “Contact Us”, “Work with Us” and “Support” sections, which include a reference to this document.
The Website may also contain hypertext links to the websites, pages or online services of third parties. By clicking on these links, the user will be able to access multimedia content that is beyond the control of Rancilio Group S.p.A. con socio unico and is not covered by the provisions of this Privacy Policy as this content is owned exclusively by said third parties. Accordingly, Rancilio Group S.p.A. con socio unico recommends users to take care when subscribing to services offered by third parties and to carefully read the data processing information provided by them, as Rancilio Group S.p.A. con socio unico is not in a position to control that information and has no liability in relation thereto.
- Data controller
The data controller is Rancilio Group S.p.A con socio unico (Tax Code and VAT no. 09784580152), with registered office in Parabiago, Viale della Repubblica no. 40, telephone no. 0331.408200, email address info@ranciliogroup.com and certified email address (PEC) ranciliogroup@legalmail.it (hereinafter, the “Company”).
- Type of personal data processed
Personal data means any information concerning the user (or data subject) and referable to said user.
More specifically, the data processing will concern:
- Personal browsing data
When accessing and browsing the Website, the Company generally collects browsing data using cookies or other tracking technologies. In their normal operation, the IT systems and software procedures used to operate this Website automatically acquire certain personal navigation data whose transmission is implicit in the use of internet communication protocols.
These are computer traffic data which, by their nature, are not collected to be immediately associated with identified users, but which could enable the user to be identified through processing operations or associations with third party data. This category includes, for example, the “IP addresses” or domain names of computers used to connect to the Website, addresses in URI (Uniform Resource Identifier) notation of requested resources, the time the request is made, the method used to send the request to the server, the file size obtained in response, the numerical code indicating the response status given by the server (successful, error, etc.) and other parameters related to the user’s operating system and computer environment.
These data are used to verify the regular operation of the Website and to enable the user to use the services provided therein, and to obtain anonymous and aggregate information about visits and to complete statistical analyses, to create profiles that permit the sending of advertising in line with user preferences and to identify anomalies and/or abuses. For more information on the technologies used for data collection, please refer to point 4) below on Cookies.
- Data voluntarily provided by the user
The Company also processes personal data which the user voluntarily provides while interfacing with Website services e.g. when requesting information, sending an application and requesting to download Company product documentation. Specifically, such Data are:
- when sending communications containing informational, commercial and promotional content, via email and newsletter, regarding the Company’s products, services and events: first name, last name, e-mail address, company, professional qualification;
- when requesting information: first name, last name, e-mail address, company, nationality, city, professional qualification, reason for contact, and any further information provided when completing the form to request information;
- when sending in an application: first name, last name, e-mail address, area of interest, and any additional information indicated in the curriculum vitae (e.g. place and date of birth, residence, nationality, telephone numbers, educational background, professional experience, personal interests and image), including information revealing racial or ethnic origin and health status;
- when downloading information on new Company products: first name, last name, nationality and e-mail address;
- when customizing the commercial offer and sending communications in line with the user’s preferences: first name, last name, interests, tastes and purchasing habits;
- when accessing the Customer Support Portal and using the services provided therein (including the registration of products and the reporting of problems during their installation): username, password, information relating to the geographical location, information relating to the product purchased (date, place and address of installation site, serial number and e-mail address of installation site), as well as additional information provided by the user in the appropriate form;
(hereinafter “Data” together).
If a user voluntarily sends e-mails to the addresses indicated on this Website, the sender’s email address and also any other personal data voluntarily included in the message will thereby be automatically acquired. Such data are used only in order to reply to the sender, and will not be disclosed or disseminated in any way.
- Purposes of the data processing, legal basis and nature of the Data provision
When consulting the Website and using its services, Data will be processed for the following purposes:
- to permit navigation on the Website, to obtain anonymous statistical data on its use, to facilitate checks of its proper operation and to ascertain liability where computer crimes are committed (hereinafter “Website Navigation“). The legal basis is contract performance (art. 6.1 b) of the Regulation), as well as the legitimate interest of the Company (art. 6.1 f) of the Regulation);
- to respond to the user’s request and provide the latter with relevant information on the products and activities carried out (hereinafter “Contacts“). The legal basis is the execution of steps at the request of the user prior to entering into a contract (art. 6.1 b) of the Regulation);
- to permit the downloading of information on the Company’s products (hereinafter “Brochures“). The legal basis is the execution of steps at the request of the user prior to entering into a contract (art. 6.1 b) of the Regulation);
- to send communications containing informational, advertising and promotional content, via e-mail and newsletter, regarding the Company’s products, services and events (hereinafter “Newsletter”). The basis is the data subject’s express consent (art. 6.1 a) of the Regulation);
- to analyse the user’s interests, purchasing and consumption habits and tastes, so that the Company can customise its product and services offering in order to send personalised communications in line with the user’s interests (hereinafter “Customer profiling“). The legal basis is the data subject’s express consent (art. 6.1 a) of the Regulation);
- to evaluate the user’s professional profile with a view to possible selection and institution of a working relationship or professional collaboration (hereinafter “Selection“). The legal basis of data processing is the execution of steps prior to entering into a contract (art. 6.1 b) of the Regulation and art. 111 bis of Legislative Decree no. 196/2003) and, with reference to any special data provided, the need to carry out the obligations and exercise specific rights of the user or the Company in the field of employment and social security and social protection law (art. 9.2 b) of the Regulation);
- to access the Customer Support Portal (hereinafter “Support”) with authentication credentials provided directly by the Company – upon request to the same – and use the services provided therein, including registering a new product, requesting the replacement of warranty parts, consulting technical manuals, viewing videos and tutorials, buying spare parts, accessing the download area and reporting any problems arisen during product installation. The legal basis is the execution of steps at the request of the user prior to entering into a contract as well as contract performance (art. 6.1 b) of the Regulation);
- to enable the Company to exercise and defend its rights in any realm, including in judicial, administrative, arbitration proceedings and/or in mediation and conciliation procedures (hereinafter “Legal Defence“). The legal basis is the Company’s legitimate interest (art. 6.1 f) of the Regulation).
With the exception of navigation data (which are automatically collected), the provision of Data is:
- required in order for the purposes indicated in para. 3) a), b), c), f), g) and h) above to be achieved. Therefore, if the user does not provide the requested Data, it will be impossible for the Company to fulfil the user’s request;
- optional in order for the purposes indicated in para. 3) d) and e) above to be achieved. Therefore, any non-provision of such Data will make it objectively impossible for the Company to proceed with the user’s request in this instance (subscription to the Company’s newsletter in order to send informative, commercial and promotional communications, and analysis of user interests, purchasing and consumption habits, tastes), but will not compromise the purposes indicated in para. 3) a), b), c), f), g) and h) above.
- Cookies
The Website uses technical, analytical and profiling cookies, including third party cookies, to facilitate normal navigation and use of the Website, to perform statistical analyses and to create profiles that enable advertising to be transmitted in accordance with the user’s expressed preferences. Further information on the nature and characteristics of the cookies on the Website is to be found in our Cookie Policy.
- Data processing procedures
Data will be processed, within the purposes indicated in para. 3) above, primarily using electronic and automated means, but also in traditional hard copy form, in compliance with applicable legal provisions on personal data processing, and suitable data security measures will be put in place for this purpose. The processing of Data will be managed by staff within the Company (for example, staff operating in the administrative, marketing, commercial and IT offices) who are specially authorised, trained and briefed to ensure the adequate security and confidentiality of said Data, as well as to avoid any risk of loss and/or destruction thereof and access thereto by unauthorised parties. Furthermore, in order to make use of certain features offered by the Website, the user is required to grant it a number of permissions. Specifically:
- Authorization to specific though not continuous localisation
To enable the user to identify where the product was installed, so as to proceed with its registration. The issuance of the above-mentioned authorization is optional; however, failure to issue it makes it impossible for the Company to identify the location where the product was installed, without prejudice to the possibility for the user to indicate it manually. Quite obviously, the above authorization is requested before collecting any User Data and may be revoked by the user at any time. The Company specifies that the procedure for checking authorizations may change depending on the device used by the user.
- Communication and dissemination of Data
Data shall not be disclosed or disseminated. Data may, within limits strictly relevant to the purposes indicated in para. 3) above, be communicated the following persons:
- persons who are legally entitled to receive them e.g. (without limitation) public authorities and judicial authorities;
- persons who, in their capacity as independent data controllers or data processors within the meaning of art. 28 of the Regulation, are involved in the processing of Data.
The updated list of data processors may be obtained from the Company, by sending an email to privacy@ranciliogroup.com.
- Data retention period
The Company retains Data for the period of time strictly required in order to achieve the purposes for which they were originally collected. Subject to the specific provisions of paras. 2) and 4) above with regard to Website Navigation, Data for the purposes of:
- “Contacts” will be retained for 1 year from the date of their collection;
- “Brochures” will be retained for 1 year from the date of their collection;
- “Support” will be retained for the entire duration of the contractual relationship, without prejudice to the user’s option to request that his/her profile be shut down at any point;
- “Newsletters” will be retained for a period of 24 (twenty-four) months from the date of their collection;
- “Customer profiling” will be retained for a period of 12 (twelve) months from the date of their collection;
- “Selection” will be retained for 1 year from the date of their collection;
- “Defence” will be retained for the entire duration of the dispute and, in any case, until the time limits for any appeal and/or for the statute of limitations of the relevant action have elapsed;
without prejudice, however, to the data subject’s entitlement to withdraw his/her consent to data processing operations that have this legal basis, to exercise the rights set out in para. 8 below, including the right to object to and oppose data processing operations, and also to fulfil specific data retention obligations provided for by law.
- Data subject’s rights
In reference to the Data, the data subject has the right to ask the Company, with the procedures indicated in the Regulation and without prejudice to the provisions and limitations as per Italian Legislative Decree no. 196/2003 (Part I – Title I – Paragraph III):
- to access Data in the cases provided for (art. 15 of the Regulation);
- to rectify inaccurate Data and to complete incomplete Data (art. 16 of the Regulation);
- to erase Data for the cited reasons (art. 17 of the Regulation), for example when they are no longer necessary for the purposes indicated above or are not processed in compliance with the Regulation;
- to restrict processing for the cited cases (art. 18 of the Regulation), such as when the exactness of the Data is disputed and their correctness needs to be verified;
- to obtain Data portability, i.e. the right to receive the Data, in the cited cases (art. 20 of the Regulation), in a commonly used structured format that is readable by an automatic device and to transmit such Data to another Data Controller;
- to object to processing in the cited cases (art. 21 of the Regulation).
Where a processing of Data is founded on consent, the user is also entitled to revoke his/her consent at any time without compromising the legality of consensual data processing operations carried out prior to the revocation. In addition, to stop receiving newsletters and communications with commercial and promotional content, the data subject can unsubscribe by clicking on the “Click to unsubscribe” link at the bottom of each communication. The user can exercise all of these rights by emailing the Company at privacy@ranciliogroup.com or by sending a registered letter to the address of the Company’s registered office.
- Complaints
If the user considers that the processing of Data infringes the Regulation’s provisions, he/she may file a complaint before the Italian Data Protection Authority in compliance with art. 77 of the Regulation.
- Transfer of the Data abroad
The Data are stored on servers located in the European Union. In the event that the Data are transferred abroad to provide given services, the Company undertakes to ensure that such transfer complies with the Regulation and is, in particular, accompanied by adequate guarantees (adequacy decisions, standard contractual clauses approved by the European Commission, etc.). More information about the transfer of Data and the guarantees provided for their protection can be requested by contacting the Company at the e-mail address privacy@ranciliogroup.com or by registered letter to be sent to the Company’s address.
Rancilio Group S.p.A. con socio unico