PERSONAL DATA AND PRIVACY POLICY
Version of January 24, 2024
BUONGIORNO undertakes, within the framework of its activities and in accordance with current regulations, to protect, in particular, the private lives of its prospects and clients (the “User(s)”), by ensuring the protection, confidentiality and security of the Personal Data collected.
We strive to be transparent about how we collect and process your Personal Data as well as your rights in relation to the processing of this Personal Data. This policy on our practices regarding the processing of personal data (the “Privacy Policy”) describes in a clear, simple and precise manner how we treat the Personal Data that we collect or receive when you visit and use our service.
BUONGIORNO reserves the right, at its sole discretion, to modify this Privacy Policy at any time, in accordance with the applicable regulations on the protection of personal data. Consequently, the User is invited to regularly consult this Privacy Policy in order to be informed of the latest modifications.
I. Scope of this Privacy Policy
This Privacy Policy affects the management of Personal Data that we collect when you use or access our services. This Privacy Policy does not apply to the practices of third parties that we do not own and cannot control or manage, including, but not limited to, any third party websites, services, applications or businesses (“Third Party Services »). Although we try to work only with Third Party Services that share our respect for your privacy, we are not responsible for their content or privacy policies. We recommend that you carefully read the privacy policies of any Third Party Services you access.
II. How do we obtain your personal data ?
We collect your Personal Data on different occasions:
- Each time you contact BUONGIORNO , for example, via customer service, to request information about our services;
- When you purchase or subscribe to one of our services;
- During your relationship with BUONGIORNO , whether you are a prospective or active/current customer. In particular during the execution of contracts or legal obligations such as tax, audit, anti-fraud, etc.;
- When, with your authorization, Third Party Services provide us with the personal data in their possession;
- When managing the commercial relationship, particularly when processing complaints, or when carrying out satisfaction surveys; etc.
We would be grateful if you could help us keep your contact details up to date by notifying us of any changes to your contact details or preferences.
III. How do we collect and use your Personal Data and for how long ?
The type of information we collect about you varies depending on the nature of the products and services we provide to you. We only use Personal Data for the purposes for which we inform you it was collected, for other legitimate purposes permitted by data protection law, and we only retain it for as long as necessary for these uses or as required by law.
Through the various services and contact channels described in this Privacy Policy, the following types of personal data concerning you may be collected under the conditions defined in this article III of the Privacy Policy (“Personal Data”):
A. Navigation on websites and use of services :
We collect information about how Users navigate or use our services, including those who have an account. This type of information is collected in our logs whenever you interact with the Services.
We may collect information about the web browser (browser type and version, device type, operating system and version, set language) from which you access the Internet, Internet protocol addresses of the computer or Internet service provider you use, your personal data that you communicate when using certain services (for example: your photo, messages exchanged with other Users), as well as statistical data anonymous on the site. This information is collected for the purpose of improving the website, for security or legal reasons and is therefore based on the legal basis of legitimate interest.
We keep this personal data for 13 months.
B. Communications by email or SMS :
Occasionally, in connection with your use of our Services, we may send you emails and other communications. Administrative communications related to your personal user area (“Account”) (for example, to recover or reset the Account password) are considered part of the services and your Account, so you may not be able to refuse their receipt.
Please note that we will never send you an email asking for your password or other account information. If you receive it, please send it back to us.
We will keep this personal data for the legal limitation period.
C. Promotions and advertising
BUONGIORNO may share browsing information on its services with advertising agencies to present you with more specific offers. Likewise, BUONGIORNO may use your Personal Data to develop individual customer profiles through statistical procedures. Following the profiling process, you may receive personalized communications based on your interests. To this end, we use « cookies » in several places; we invite you to consult the cookies page on our service for more information.
We will retain this personal data for 13 months from the date we last obtained your consent.
We may also set up advertising campaigns by email or SMS to inform you of certain offers.
We will retain this personal data for 3 years from the date we last obtained your permission to send you marketing communications or from the date you last interacted with one of our communications.
Processing linked to promotions and advertising is only carried out when you have consented to it.
D. Act of purchase and provision of the service:
If you make a purchase on one of our services, we keep your Personal Data for the proper management of your subscription and access to the service, to fight against fraud, technical assistance, as well as complaints.
We keep the Personal Data collected as part of the execution of the contract, linked to the subscription of the service, for the purpose of managing any contractual obligation that we have with you.
We keep the Personal Data collected for this purpose for the entire duration of the contract and for the applicable legal limitation period, in order to be able to respond to possible subsequent requests or complaints.
E.Customer Care Information
Our Services website contains various names, company email addresses and telephone numbers that you can use to request information about the Website, our Services and the Company in general.
When you email us or contact us by phone, we may store the requests and their content, including any personally identifiable information you may have provided. Any personally identifiable information you submit through an inquiry is collected only with your knowledge and active participation.
To process certain complaints, we may ask you for certain items such as your telephone bill, identity document and/or bank details (only in the case of reimbursement by transfer).
The personal data contained in your interactions with our customer service is kept for 5 years except for the telephone bill, identity document or bank details which are deleted 3 months after the end of processing your complaint.
F. Special categories of personal data and minors :
Special categories of personal data are data that reveal racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, genetic personal data and biometric personal data for the purposes of identifyinga physical person. We may only process personal data concerning the sex life or sexual orientation of an individual in the context of certain services requiring this information.
Other special categories of personal data are not processed by BUONGIORNO, and in the event that their processing becomes necessary, BUONGIORNO undertakes to process them under the conditions provided for by the regulations relating to the protection of personal data.
It may happen that the data subject chooses to provide BUONGIORNO with some of this information, such as racial origin, sexual orientation or religious beliefs, in which case the choice to provide this information constitutes consent to its processing.
Minor. The services offered by BUONGIORNO are not intended for minor children. The person concerned acknowledges to being 15 years or older to subscribe to or use the services of BUONGIORNO. It is up to parents and any person exercising parental authority to decide whether their minor child is authorized to use the services.
G. Compliance with legal and regulatory obligations – to comply with our legal obligations to satisfy information requirements issued by judicial authorities, regulatory and supervisory authorities, state security bodies and tax authorities
All those responsible for processing Personal Data are subject to the laws of the countries in which they operate and are required to respect them. These obligations include the communication, in certain circumstances, of certain Personal Data to judicial authorities, regulatory or supervisory bodies, and State security forces and bodies. This processing of Personal Data is based on the existence for BUONGIORNO of a legal obligation to collaborate with such organizations.
Certain Personal Data must be kept for the periods required by the specific applicable regulations (tax, commercial, anti-money laundering, etc.).
IV. How do we protect your Personal Data ?
To ensure the protection and maintain the security, integrity and availability of your Personal Data, we use various security measures. Although it is not possible to guarantee absolute protection against intrusions when transmitting Personal Data over the Internet or from a website, we, as well as our subcontractors and business partners, make every effort to maintain physical, electronic and procedural safeguards to ensure a level of protection of your Personal Data consistent with applicable legal requirements.
The measures used are as follows:
- limit access to your Personal Data only to people who must have knowledge of it given the tasks they perform;
- as a general rule, transfer the Personal Data collected in encrypted format;
- store the most sensitive personal data (such as passwords) only in an encrypted format;
- install perimeter protection systems for IT infrastructures (“firewalls”) to prevent unauthorized access, for example by “hackers”;
- regularly monitor access to IT systems to detect and stop any misuse of Personal Data.
Where we have provided you (or you have chosen) a password which allows you to access certain parts of our websites or any other portal, application or service under our control, you are responsible for keeping it secret, you must not share your password with anyone.
V. Who may we share your Personal Data with and how do we obtain it?
The Personal Data collected, as well as those which will be collected subsequently, are intended for BUONGIORNO in its capacity as data controller.
Certain Personal Data may be transmitted to third parties to meet legal, regulatory or contractual obligations or to legally authorized authorities.
BUONGIORNO may work with suppliers to provide our services to which you have subscribed. We, as well as our subcontractors and business partners, make every effort to maintain the physical, electronic and procedural safeguards necessary to ensure the protection of your Personal Data in accordance with applicable data protection requirements. All your Personal Data is stored on secure servers (or secure physical copies) owned by us or our subcontractors or business partners, and to access and use it, our security criteria and policies (or other equivalents of our subcontractors or partners) apply.
On the other hand, BUONGIORNO belongs to a multinational group, it is therefore possible that our employees, agents and/or subcontractors access your Personal Data, in order to meet one of the purposes set out in article III of this document. Some may be located outside the European Economic Area (EEA). Certain non-EEA countries, such as Canada, the United Kingdom and Switzerland, have been declared by the European Commission as territories offering a level of protection equivalent to that of EU data protection laws. If you wish to request a copy of the specific guarantees that we apply for the export of your Personal Data, please contact our department responsible for the protection of Personal Data, whose contact details appear in Article VII of this Privacy Policy.
We will not sell or lease any of your Personal Data to third parties for marketing purposes.
We will share your Personal Data with third parties only as described in this Privacy Policy.
We will not share your Personal Data with third parties for marketing purposes without obtaining your prior authorization;
VI. Legal bases for processing personal data.
The use of your Personal Data under the conditions described in this Privacy Policy is authorized by European and national data protection regulations in accordance with the following legal bases:
- You have expressed your consent (a consent form has been presented to you to authorize the processing of your Personal Data for certain purposes; you can revoke the consent given at any time);
- The processing of your Personal Data is necessary for the management and maintenance of a contract signed with you;
- The processing of your Personal Data is necessary to comply with our legal obligations;
- We use your Personal Data to achieve a legitimate interest and our reasons for doing so outweigh any possible damage to your rights to the protection of your Personal Data;
Certain purposes may be authorized by other legal bases; in such cases, we will endeavor to identify the legal basis in question and will inform you as soon as possible as soon as we become aware of its existence.
VII. How to contact us, what are your rights to the protection of your Personal Data and your right to lodge a complaint with the data protection authority.
If you have any questions regarding our use of your Personal Data, the first thing you should do is contact our department responsible for the protection of Personal Data at the following email address “dpo@buongiorno.com”.
In order for our department responsible for the protection of Personal Data to respond to your request, you must provide: last name, first name, email and telephone number
In addition, in accordance with the regulations regarding the processing of personal data, you have the rights listed below:
- Right to information;
- Right of access, rectification and right to erasure;
- Right to portability of Personal Data;
- Right to limit and oppose the processing of Personal Data;
- Right to revoke consent, in cases where the processing of Personal Data is subject to consent, as well as for any direct marketing communication;
- Right to object to any processing of your Personal Data – including profiling – which has a legitimate interest as a legal basis, unless our reasons for carrying out such processing outweigh any possible prejudice to your rights regarding the protection of Personal Data;
- Right to determine the fate of Personal Data after death.
If you exercise any of these rights, we will verify that you are actually authorized to do so and we will respond to you within one month or within the maximum period provided for by national regulations, whichever is shorter.
If you are unhappy with how we use your information or our response to the exercise of any of these rights, you can lodge a complaint with the relevant authorities.