(updated on 1/6/2021)

The information provided below describes, as required by the EU Regulation 2016/679 (available here: https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=uriserv:OJ.L_.2016.119.01.0001.01.ENG), the processing operations performed on the personal data of the users visiting the Brusa srl’s websites. Those websites include the following:

www.brusa.com
careers.brusa.com
www.pasticceriabrusa.com
www.ario.bio
blog.brusa.com

The information provided does not concern other online websites, pages or services that can be accessed via hyperlinks on the above websites but relate to resources outside the Brusa srl’s domain.

DATA CONTROLLER AND DATA PROTECTION OFFICER (DPO)
Visiting the websites listed above may result into processing data relating to identified or identified natural persons.
The data controller and Data Protection Officer (DPO) is Brusa srl, and its holder mr. Massimo Brusa, with registered office in Biella (Italy), Via Ferruccio Nazionale, 3 – 13900.

PLACE WHERE THE DATA IS PROCESSED
The processing operations related to the web-based services that are made available via this website are carried out at the aforementioned office of Brusa srl exclusively by technical staff in charge of said processing, or else by persons tasked with such maintenance activities as may be necessary from time to time.

CATEGORIES OF PROCESSED DATA
Browsing data
The information systems and software procedures relied upon to operate this web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols.
Such information is not collected in order to relate it to identified data subjects, however it might allow user identification per se after being processed and matched with data held by third parties.
This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI/URL (Uniform Resource Identifier/Locator) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment.
These data are necessary to use web-based services, and they are also processed in order to extract statistical information on service usage (most visited pages, visitors by time/date, geographical areas of origin, etc.) and check functioning of the services; they are erased immediately after being processed. The data might be used to establish liability in case computer crimes are committed against the website.

Data Provided Voluntarily by Users
Compiling our form in Contact page or sending e-mail messages to the addresses mentioned on this website, which is done on the basis of a freely chosen, explicit, and voluntary option, entails acquisition of the sender’s address, which is necessary in order to reply to any request, as well as of such additional personal data as is contained in the message(s).
Specific summary information notices will be shown and/or displayed on the pages that are used for providing certain services.

Cookies
No personal data concerning users is acquired by the website in this regard.
No cookies are used to transmit personal information, nor are so-called persistent cookies or user tracking systems implemented.
Use of the so-called session cookies – which are not stored permanently on the user’s computer – is exclusively limited to the transmission of session ID’s – consisting of server-generated casual numbers – as necessary to allow secure, effective navigation.
The so-called session cookies used by this website make it unnecessary to implement other computer techniques that are potentially detrimental to the confidentiality of user navigation, whilst they do not allow acquiring the user’s personal identification data.
For more info, visit our Cookie Policy.

OPTIONAL DATA PROVISION
Subject to the specifications made with regard to navigation data, users are free to provide the personal data either to be entered in the application forms submitted to Brusa srl to request delivery of information materials and other communications/informations.

PROCESSING ARRANGEMENTS
Personal data is processed with automated means for no longer than is necessary to achieve the purposes for which it has been collected.
Specific security measures are implemented to prevent the data from being lost, used unlawfully and/or inappropriately, and accessed without authorisation.

DATA SUBJECTS’ RIGHTS
Data subjects have the right to obtain from Brus srl, where appropriate, access to their personal data as well as rectification or erasure of such data or the restriction of the processing concerning them, and to object to the processing (pursuant to Articles 15 to 22 of the Regulation).
All requests should be sent to:
– via e-mail: info@brusa.com
– via mail to Brusa srl, via Ferruccio Nazionale 3 – 13900 Biella.

P3P
This privacy notice can be viewed in automatic format by means of the most recent browsers implementing the P3P (Platform for Privacy Preferences Project) standard as proposed by the World Wide Web Consortium (www.w3c.org).
All efforts will be made to ensure the highest interoperability between the functions of this site and the automatic privacy verification mechanisms that are made available by some software products applied by users.
Bearing in mind that the current development status of automatic verification mechanisms is such as not to allow ruling out errors and malfunctioning, it is hereby specified that this document as posted at https://brusa.com/privacy/ is the privacy policy of this site and will be updated as necessary.