STATEMENT ON THE PROCESSING OF PERSONAL DATA

In accordance with Articles 13/14 of Regulation No. 679/2016 UE
This Privacy Policy is a statement on the processing of personal data, made in accordance with Articles 13 and 14 of EU Regulation No. 679/2016 (hereinafter "the Regulation") to all users who interact with this firm/company (or through its website) and use the service provided by
Bidok, with headquarters in Via Belvedere 11a 6952 Canobbio (CH), the controller of the data (the "Data Controller" or the "Company").

1. DEFINITIONS
n accordance with Article 4, paragraph 1 of the Regulation, personal data shall mean "any information relating to an identified or identifiable natural person ("data subject"); an identifiable person is a natural person who can be identified, directly or indirectly, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more characteristic elements of his or her physical, physiological, genetic, psychic, economic, cultural or social identity.

"Processing" shall mean any operation or set of operations performed with or without the aid of automated processes and applied to personal data or sets of personal data, such as collection, recording, organisation, storage, adaptation, modification, retrieval, consultation, use, communication by transmission, dissemination or any other form of making available, comparison, interconnection, restriction, erasure, or destruction.

"Data controller" shall mean a natural or legal person, public authority, service or other body which, individually or jointly with others, determines the purposes and means of such processing.

"Data processor" shall mean the natural or legal person, public authority, service or other body which processes personal data on behalf of the data controller.

"Recipient" shall mean the natural or legal person, public authority, service or other body receiving a communication of personal data, whether or not a third party.

"Third party" shall mean any natural or legal person, public authority, service or other body, other than one of the entities described above, or person authorised to process personal data under the direct authority of the data controller or processor.

"Consent" shall mean an unequivocal positive act by which the data subject expresses his or her free, specific, informed and unequivocal intention to accept the processing of personal data concerning him or her.

2. DATA CONTROLLER
Bidok.com does not control or monitor these websites and their contents. Bidok.com cannot be held responsible for the contents of these sites and the rules adopted by them also with regard to your privacy and the processing of Personal Data during your browsing operations. Therefore, please pay attention when you connect to these websites through the links on our website and carefully read their conditions of use and privacy regulations. The privacy of www.bidok.com does not apply to third party websites nor is Bidok.com in any way responsible for the privacy policy applied by said websites. www. bidok.com provides links to these websites only to facilitate the user in searching and browsing and to facilitate hypertext links on the Internet to other websites. The activation of the links does not imply any recommendation or signaling by Bidok.com for accessing and browsing these websites, nor any guarantee regarding their content, services or goods supplied by them and sold to Internet users.

2. DATA CONTROLLER
BIDOK SAGL CHE-339.137.628 via Belvedere 11a 6952 Canobbio (CH)

3. DATA, PURPOSES AND LEGAL BASES OF PROCESSING
The data of the user (hereinafter also referred to as the data subject) will be processed solely to fulfil the Company's obligations under the Terms and Conditions of Service, as well as to perform any other activity necessary and related to the provision of the service itself and its effective management and, therefore, may be processed in accordance with the law even without the consent of the data subject. Consent to processing for these purposes is optional; however, in case of lack of consent, the user will not be able to use the Service. Specifically, the purposes of the processing are as follows:

  • to provide the contractually agreed services;
  •    
  • to manage communications regarding the existing contractual relationship with the user and provide for all administrative, accounting and tax obligations;
  •      
  • to prevent and identify possible fraudulent behaviour;
  •      
  • to provide any technical support or customer assistance that is necessary;
  •      
  • to provide information in the event of specific requests by the competent authorities;
  •      
  • to handle any possible complaint or litigation;
  •  

The following schedule summarises the purposes for which Your Data will be processed, as well as the mandatory or voluntary nature of the provision of the same, the consequences of Your refusal to communicate them and the legal basis for the processing in question.

  • Data type: User/customer phone number
  • Purpose of processing: Provision of the service and administrative management of the user/customer
  • Voluntary or obligatory nature of data provision: Voluntary
  • Consequences of refusal to provide data: Inability to provide the requested service
  • Condition of legality of the treatment: Execution of the contract to which the user/customer is a party
  • Data type: Email address; personal data; any other data voluntarily provided by the user/customer
  • Purpose of processing: Customer Care activities
  • Voluntary or obligatory nature of data provision: Voluntary
  • Consequences of refusal to provide data: Inability to provide the requested service
  • Condition of legality of the treatment: Execution of the contract to which the user/customer is a party
  • Data type: Navigation data
  • Purpose of processing: To monitor the correct functioning of the site and possibly obtain anonymous statistical information about the use of the same. They could be used to ascertain responsibility in case of hypothetical computer crimes against the site or more generally against the Company
  • Voluntary or obligatory nature of data provision: Transmission is implicit in the use of Internet communication protocols
  • Consequences of refusal to provide data: Inability to provide the requested service
  • Condition of legality of the treatment: Execution of the contract to which the user/customer is a party

Cookies
This website uses Google Analytics, a web analysis service provided by Google, Inc. ("Google").

Google Analytics uses "cookies", which are text files that are stored on Your computer to help the website analyse how users use the site.

Information generated by the cookie about Your use of the website (including Your IP address) will be transmitted to and stored on Google's servers in the United States. Google will use this information to track and review Your use of the website, compile website activity reports for website operators, and provide other services related to website activity and Internet usage. Google may also transfer this information to third parties where this is required by law or where those third parties process that information on behalf of Google. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser but this may prevent you from using all of the functionality of this website. By using this website, You consent to the processing of Your data by Google in the manner and for the purposes set out above.

No other use is made of cookies for the transmission of information of a personal nature, nor are so-called persistent cookies of any kind used, i.e. systems for tracking users.

The use of so-called session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site.

The so-called session cookies used on this site avoid the use of other computer techniques potentially detrimental to the confidentiality of users' browsing and do not allow the acquisition of personal data identifying the user.

Browsers are often set to automatically accept cookies. Users can change the default configuration to disable or delete cookies (from time to time or once and for all), with the consequence, however, that the optimal use of some areas of the website may be precluded.

It is also possible to check which modes and types of cookies are stored on your browser by changing the cookie settings on your browser.

4. PROCESSING METHODS
Users' personal data will be processed by computer and paper means, for the time strictly necessary to achieve the purposes for which they have been collected. In this regard, when carrying out the processing operations, the Data Controller observes specific security measures in order to prevent the loss of data and any unlawful or incorrect use, as well as unauthorised access.

The data processed are not included in the data specified in Article 9, EU Regulation No. 679/2016, namely those revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, or which can be qualified as genetic, biometric or intended to uniquely identify a natural person, or which are related to a person's health or sexual life.

The personal data will be processed by the Data Controller in full compliance with the principles of purpose, necessity, proportionality and non-excessiveness set out in the Regulation to protect the privacy of users and other applicable regulations and also found in specific measures of the Guarantor Authority for the Protection of Personal Data (the "Data Protection Authority") and in accordance with the service rendered.

The updated list of our data processors is available upon request at BIDOK SAGL via Belvedere 11a 6952 Canobbio (CH).

5. CATEGORIES OF THIRD PARTIES TO WHOM THE DATA MAY BE COMMUNICATED
Access and processing of data may only be carried out by employees of the firm/company who are authorised to correctly manage such information as authorised persons under the direct authority of the Data Controller. Where processing is to be carried out on behalf of the data controller, the latter shall appoint a data processor who provides sufficient guarantees to implement adequate technical and organisational measures so that the processing is carried out in compliance with the Regulation and to protect the rights of the data subject. Your data may also be disclosed to third parties in the event of liquidation, merger, acquisition, joint venture or any other transaction involving the Data Controller. Users' personal data may be communicated to third parties on Romanian territory or on the territory of another Member State of the European Union or a third country with adequate organisational and technical measures to ensure the same level of protection of personal data established by the European Privacy Regulation, which carry out activities ancillary and instrumental to the provision of services, in compliance with Chapter V of the Regulation, Articles 44 et seq. For the purposes of the execution of this contract a person responsible for the processing of personal data acquired is designated, identifiable from the data processor records kept at the headquarters of the data controller in accordance with Articles 3 and 5 of the Statement and Article 28 GDPR.

6. RIGHTS OF THE DATA SUBJECT. LAWFULNESS OF PROCESSING AND TRANSPARENCY.
The processing of your personal data will take place in a manner defined as lawful, in accordance with Article 6 of the Regulation, as acquired with the consent of the data subject, and as necessary for the performance of a contract or the performance of pre-contractual measures taken at the request of the data subject.

The following Articles of EU Regulation 679/2016 recognise the right to revoke the consent given (Article 7 paragraph 3); the right to receive information (Articles 13 and 14); the right of access to the collected data (Article 15); the right to rectification of the collected data (Article 16); the right to deletion of the collected data (Article 17); the right to restriction of processing of the collected data (Article 18); the right to portability of the collected data (Article 20); and the right of objection to the processing of the collected data (Article 21).

Any request relating to the rights to one of the procedures listed above may be made by sending a communication to our dedicated email address listed in paragraph 7, Contacts. Each request will be handled without delay or at the latest within one month of receipt of the request, in accordance with Article 12 of the Regulations. This period may be extended to two months if necessary, taking into account the complexity and number of requests made. Any such extension will be communicated to the data subject, in any case within one month of the request. This is without prejudice to the possibility for the interested party to lodge a complaint with the Supervisory Authority, in the event of a violation of one or more provisions of EU Regulation No. 679/2016 expressly mentioned in this privacy policy.

The data are kept by the data controller for the period strictly necessary to carry out the activities required for the performance of the contractual relationship; the data processed for the performance of the contract will be kept for the entire duration of the contract and for a period of 10 years and six months after the conclusion of the contract, to allow the Data Controller to defend its rights.

7. CONTACTS
Requests from the user can be addressed to BIDOK SAGL via Belvedere 11a 6952 Canobbio (CH), or by writing to the email address privacy@bidok.com