This Privacy Policy is provided pursuant to Article 13 of the European Regulation no. 679/2016 and applies exclusively to all Data collected through the website https://www.blulng.it/. This Privacy Policy is subject to updates that will be published promptly on the website. This Privacy Policy, together with the Cookie Policy, establishes the basis on which the User’s personal data will be processed.
Data Controller
The Data Controller of the data collected by this website is BLU MOBILITY S.R.L. located at Via Silvestro Lega 29, 10155 Turin, Italy, VAT number 10749340013, email: info@blulng.it.
Methods of Processing Personal Data
The Personal Data provided or acquired will be subject to processing based on the principles of fairness, lawfulness, transparency, and protection of confidentiality in compliance with the current regulations. The Data Controller processes Users’ Personal Data by adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of the Personal Data. Processing is carried out through IT and/or telematic tools, with organizational methods and logics strictly related to the purposes indicated.
Purpose of Processing Personal Data and Legal Basis
Personal Data may be collected independently by the Data Controller or through third parties. In this case, the IT systems and software procedures used to operate this website acquire some technical-informatics Personal Data of the Users (e.g., IP address, type of browser used, operating system, domain name, and addresses of websites from which access or exit is made, etc.), the transmission of which is inherent to the normal functioning of the internet. These Data may be processed solely to obtain anonymous statistical information on the use of the site and/or to check its correct functioning and will be deleted immediately after processing.
The Data that the User chooses to provide voluntarily are collected to allow the website to provide its services, as well as for the following purposes:
a) to fulfill obligations arising from the contract concluded between the User and the Data Controller for the sale of Services available on the website and to provide the information requested by the User. This processing is mandatory for the execution of the contract to which the User is a party, for the execution of pre-contractual measures, or to comply with a legal obligation to which the Data Controller is subject;
b) for the purchase procedure in which to enter personal Data and fiscal billing profiles or similar. In this case, the Data are processed to execute the concluded Contract, to contact the User in relation to the Contract, and for its management, to handle requests for legal warranties, assistance, withdrawal requests, management, and termination of the Contract itself. This processing is mandatory for the execution of the contract to which the User is a party;
c) to fulfill any type of obligation envisaged and provided for by current laws, regulations, related norms, and commercial practices, particularly in tax/fiscal matters. This processing is mandatory to comply with a legal obligation to which the Data Controller is subject;
d) for other purposes accessory or related to those mentioned above and still falling within the scope of the activities of the website;
e) to respond to specific requests made to the Data Controller by the User for information related to the Services of the same Data Controller, via email messages or by filling out the contact form and other communication tools such as phone or WhatsApp instant messaging. This processing is optional and based on the User’s consent; however, failure to provide one or more Data will result in the impossibility of responding to the request for information and using the services offered by the Data Controller;
f) for the sending of promotional and commercial information and offers also through the newsletter service. This processing is based on the freely expressed consent of the User;
g) for soft spam purposes to allow the Data Controller to send promotional communications by email to the User concerning Products and/or Services purchased without the need for the User’s express and prior consent, as provided for by Article 130, paragraph 4, of the Privacy Code, provided that the User does not object; This processing is based on Article 130, paragraph 4, of the Privacy Code as amended by Legislative Decree No. 101 of 2018;
h) to carry out statistical analyses on aggregated and anonymous data to analyze User behavior to improve the products and services provided by the Data Controller and meet the User’s expectations;
i) for profiling activities for marketing purposes. This Processing is based on the freely expressed consent of the User.
Category of Personal Data Processed
Among the Personal Data processed by this website, either independently or through third parties, there are: Cookies, Usage Data, Email, and Name. Personal Data may be collected independently by the Data Controller or through third parties. Personal Data may be provided voluntarily by the User when using the website, by filling out the contact form, during purchase procedures, and similar and analogous operations, when communicating with the Data Controller via email, phone/WhatsApp. Among these data, there could be indications of information useful for purchasing. The optional, explicit, and voluntary sending of emails through the Contact Form or using the addresses indicated on this website entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other Personal Data included in the email. The User’s consent to provide Data is necessary to be included in the Data Controller’s databases and for the establishment and proper conduct of what is offered by the same to its Users, as well as to third parties for the fulfillment of the individual requested activity. Failure to provide such data prevents registration in the Data Controller’s databases, the completion of any contracts, and the execution of the same and any other related activity.
Data Communication
In addition to the Data Controller, in some cases, access to Data may be granted to:
a) categories of employees specifically trained and involved in the organization of the website (administrative, commercial, marketing personnel, legal, system administrators);
b) external subjects (such as third-party technical service providers, hosting providers, IT companies, communication agencies) also appointed as Data Processors by the Data Controller pursuant to Article 28 GDPR. The updated list of Data Processors, if appointed, can always be requested from the Data Controller;
c) public or private entities that may access the Data in compliance with legal obligations;
d) subjects performing accessory and instrumental tasks concerning the activity of the Data Controller;
Data Retention Period
As expressly provided for by Article 5, paragraph 1, letter e) of the GDPR, Data are kept for the time necessary for the processing in relation to the service requested by the User, or required by the purposes described in this document, and in particular:
– Data collected for contractual obligations will be kept for the time necessary to fulfill the above-mentioned purposes and as provided by law;
– Data collected for fiscal/administrative obligations or for contractual obligations will be kept for the time necessary to fulfill the above-mentioned purposes and as provided by law;
– Data collected for purposes attributable to the legitimate interest of the Data Controller will be kept until such interest is satisfied; The User can obtain further information regarding the legitimate interest pursued by the Data Controller by contacting the Data Controller.
– Data collected based on User consent may be kept until such consent is revoked;
Data may be retained by the Data Controller for a longer period in compliance with legal obligations or upon order of an authority.
At the end of the retention period, Personal Data will be deleted and, therefore, it will no longer be possible to exercise the rights of access, deletion, rectification, and data portability.
Account Deletion and Data Retention
Since the app is reserved for users within our client network and personal data is closely tied to the provision of services, the complete deletion of some data may not be possible. However, users have the right to request the deletion of their account, along with the sensitive data associated with it (email and phone number) permanently. This operation can be performed within the mobile app via the “Delete Account” button located in the “Your Account” section (accessible from the side menu). The deletion will occur immediately and irreversibly. Some data will be retained in an anonymous form for purposes such as service management, legal compliance, or fulfilling contractual and regulatory obligations. Such data will be processed exclusively for these purposes, for a limited period, and in compliance with applicable regulations.
Cookies
This website uses cookies. Cookies are small text files that can be used by websites to make the user experience more efficient and to personalize content and ads, provide social network features, and analyze traffic. Cookie Policy
Place of Data Processing and Data Transfer Abroad
Data are processed at the operational headquarters of the Data Controller. For further information, you can contact the Data Controller. Data may be processed by natural persons and/or legal entities operating on behalf of the Data Controller under specific contractual obligations and located in EU or non-EU countries. If Data are transferred outside the EEA, the Data Controller will adopt all appropriate contractual measures to ensure adequate Data protection.
Tools Used for Processing Personal Data
CONTACT FORM
By filling in the contact form with their Data, the User consents to their use to respond to requests for information or any other purpose indicated in the form header. Personal Data collected via the contact form: Email, First Name, and Last Name.
Contact Form 7 (Rock Lobster LLC)
is a form creation and management service that allows this website to integrate such contents into its pages. Personal Data collected: Email and Name. Various types of Data as specified by the privacy policy of the service. Place of processing: Japan – Privacy Policy
OTHER CONTACT METHODS
WhatsApp (WhatsApp Ireland Limited)
WhatsApp is an instant messaging service provided by WhatsApp Ireland Limited. Personal Data collected: phone number, email, usage data, cookies. Place of processing: Ireland – Privacy Policy
EMAIL ADDRESS MANAGEMENT
These services allow the management of a database of email, phone contacts, or any other type of contacts used to communicate with the User. These services may also allow collecting data regarding the date and time of message views by the User, as well as User interaction with them, such as click information on links included in messages.
Newsletter
By registering for the newsletter, the User’s email address is automatically added to a list of contacts to which email messages containing information, including commercial and promotional nature, related to this website may be transmitted. The User’s email address may also be added to this list as a result of registration to this Site or after making a purchase. The User may choose to unsubscribe from the newsletter at any time by clicking a specific button found within the emails. After clicking the unsubscribe button, the User’s Data will be immediately deleted from the “email marketing” software. Personal Data collected: email and Name. This website uses the newsletter service provided by:
Mailchimp (The Rocket Science Group)
Mailchimp is a service that organizes and analyzes newsletter distribution. If a User does not want their Data to be managed by Mailchimp, they will need to unsubscribe from the newsletter. For this purpose, a link is provided in every newsletter sent. Personal Data collected: email and name. Place of processing: USA – Privacy Policy
SECURITY MEASURES ADOPTED
This website, to make the moment Personal Data are entered secure, has an SSL certificate and uses the HTTPS protocol. By using this protocol, transactions and data transmitted on websites take place with maximum security, and the content of the communication is not read or manipulated in any way by third parties.
reCAPTCHA
This website uses reCAPTCHA which is a service subject to Google’s privacy policy and terms of use.
STATISTICS
The statistical services allow the Data Controller to monitor and analyze traffic data and are used to track User behavior. This website uses the following services:
1. Google Analytics (Google Ireland Limited)
Google Analytics is an analysis service provided by Google Ireland Limited. Google uses the Personal Data collected to track and examine the use of this website, compile reports, and share them with other services developed by Google. Google may use Personal Data to contextualize and personalize ads from its advertising network. Google may also transfer this information to third parties where required by law or where such third parties process the information on behalf of Google. This site has activated the IP address anonymization function. The IP address transmitted by the browser for purposes related to Google Analytics will not be incorporated into other data held by Google.
At the following link https://tools.google.com/dlpage/gaoptout?hl=it, Google provides the browser add-on for the deactivation of Google Analytics. Personal Data collected: Cookies and usage data. Place of processing: Ireland – Privacy Policy
2. Facebook Conversion Tracking Pixel (Facebook Ireland Ltd.)
Facebook conversion tracking (Facebook Pixel) is a statistics service provided by Facebook. The Facebook Pixel tracks conversions that can be attributed to Facebook ads. Personal Data collected: Cookies; usage data. Place of processing: Ireland – Privacy Policy.
INTERACTION WITH SOCIAL NETWORKS
These services allow interaction with social networks directly from the pages of this website. The interactions and information acquired by this website are subject to the User’s privacy settings for each social network. If a service for interaction with social networks is installed, it is possible that even if Users do not use the service, it collects traffic data relating to the pages on which it is installed.
1. Facebook (Facebook Ireland Ltd.)
Facebook buttons are services for interaction with the Facebook social network, provided by Facebook Ireland Ltd. Personal Data collected: Cookies and usage data. Place of processing: Ireland – Privacy Policy
2. Instagram (Facebook Ireland Ltd.)
Instagram buttons are services for interaction with the Instagram social network, provided by Facebook. Personal Data collected: Cookies and usage data. Place of processing: Ireland – Privacy Policy
3. LinkedIn (LinkedIn Ireland Unlimited Company)
LinkedIn buttons are services for interaction with the LinkedIn social network, provided by LinkedIn Corporation. Personal Data collected: Cookies and usage data. Place of processing: Ireland – Privacy Policy
REMARKETING AND RETARGETING
These services allow this website to communicate, optimize, and serve advertisements based on the User’s past use of this website. This activity is carried out through tracking of Usage Data and the use of Cookies. This website uses the following services:
Facebook Remarketing (Facebook Ireland Ltd)
Facebook Remarketing is a Remarketing and Behavioral Targeting service provided by Facebook, linking the activity of this website with the Facebook advertising network. This website uses the Facebook Pixel tool to measure conversions. Thanks to Facebook Pixel, actions taken by people on the website can be understood. The collected Data can be used to:
– ensure that ads are shown to the right people;
– create audiences to target ads;
– exploit additional advertising tools on the platform where advertising is conducted.
The information collected is anonymous to the operators of this website and cannot be used to identify an individual user. However, the information is saved and analyzed by Facebook, which may link the action to a single profile and use this information for internal Facebook advertising purposes, as outlined in Facebook’s privacy policy. This will allow Facebook to display ads both on Facebook and on third-party sites. The website owner has no control over how this data is used. For more information on how users can protect their privacy, please refer to Facebook’s Privacy Policy.
CONTENT ON EXTERNAL PLATFORMS
These services allow viewing content hosted on external platforms directly from the pages of this website and interacting with them.
If a service of this type is installed, it is possible that, even if Users do not use the service, it collects traffic data relating to the pages on which it is installed.
This website uses
1. Google Maps
Google Maps is a map display service managed by Google that allows this website to integrate such contents into its pages. Personal Data collected: Cookies and usage data. Place of processing: Ireland – Privacy Policy
2. Youtube (Google Ireland Limited)
YouTube is a content video display service managed by Google that allows this website to integrate such contents into its pages. Personal Data collected: Cookies and usage data. Place of processing: Ireland –Privacy Policy
3. Google Fonts
Google Fonts is a font style display service provided by Google Ireland Limited that allows this website to integrate such contents into its pages. Personal Data collected: Usage Data; various types of Data as specified by the privacy policy of the service. Place of processing: Ireland – Privacy Policy
Exercise of Rights by Data Subjects
The Data Subject has the right to exercise the rights provided for in Articles 7, 15-22 of EU Regulation 679/2016. In particular, they have the right to withdraw their consent at any time and, upon simple request to the Data Controller, may request access to their Personal Data, receive the Personal Data provided to the Data Controller, and, where possible, transmit them to another Data Controller without hindrance (so-called portability), obtain the updating, limitation of processing, rectification of Data, and deletion of those processed in violation of the current regulations. They have the right, for legitimate reasons, to object to the processing of Personal Data concerning them and to the processing for the purpose of sending advertising material, direct sales, and for carrying out market research. They also have the right to lodge a complaint with the Data Protection Authority as a supervisory authority on the protection of personal data. The data subject may exercise their rights by contacting the Data Controller via email at: info@blulng.it.
Changes to this Privacy Policy
The Data Controller reserves the right to make changes to this Privacy Policy at any time by giving publicity to Users on this page. Please, therefore, consult this page often, taking as a reference the date of the last modification indicated at the bottom. If the changes made to this Privacy Policy are not accepted, the User is required to cease using this website and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to the Personal Data collected up to that point. The Data Controller is not responsible for updating all the links displayed in this Privacy Policy, therefore, whenever a link is not functioning and/or updated, Users acknowledge and accept that they must always refer to the document and/or section of the websites referred to by that link.
Privacy Policy updated in May 2021