We hereby provide you with information regarding the processing of your personal data provided by you and/or collected via the website http://fits.mbecorporate.com/ (the “Website”); in accordance with Article 13 of the Regulation (EU) 2016/679 which contains provisions for the protection of persons with regard to the processing of personal data and for the free movement of such data (hereinafter the “GDPR”).
Personal Data collected via the Website will be processed by MBE Worldwide S.p.A., with registered office in Milan, Viale Lunigiana 35-37, 20125, in its capacity as data controller (hereinafter the “Controller” or “MBE”).
The following Personal Data provided by you (hereinafter the “Personal Data”) may be processed via the Website:
• the IP address;
• navigation data on the Website;
• information on the browser and on the device;
• information collected through cookies, pixel tags, provided by you and without disclosing your specific identity;
• demographic information and other information provided by you and without disclosing your specific identity;
• information that has been aggregated in such a way as to no longer reveal your specific identity.
Moreover, if you decide to interact with the Website the following Personal Data provided by you may be processed:
http://fits.mbecorporate.com
Name, surname, email address and country, if you send your ideas to MBE, through our form.
The Controller will process your Personal Data for the following purposes:
a. to provide you with the services you request, and as outlined below in detail:
http://fits.mbecorporate.com/
– to allow you to send your ideas related to one of the topics proposed by the current edition of MBE FITS and be kept updated about our group’s innovation process path.
The Personal Data collected may also be processed in the context of any corporate events (sale of the company or business units), due diligence or in the case of defence of a legal claim and the related preliminary activities.
The processing of Personal Data for the purposes referred to in Section 3, a., is necessary in order to perform the pre-contractual and contractual measures which apply when you interact with the services offered by the Website. It is not possible to participate or interact with the content of this website without providing approval for the use of the Personal Data for the purposes set out above.
In case of processing in the event of any potential corporate events (sale of the company or business units), due diligence or in the case of defence of a legal claim and the related preliminary activities, such processing will be carried out on the basis of legitimate interests of the Controller in the continuation of its commercial activities and for the protection of its rights.
The processing will be carried out using both digital and paper-based resources in line with guaranteeing the security and confidentiality of Personal Data, this to collect, consult, store, manage, extract and transmit the Personal Data.
Personal Data will be disclosed to authorised persons for the processing within the Controller’s team.
The Personal Data may be disclosed by the Controller solely and exclusively for the purposes indicated and where necessary, to the following categories of subjects:
(I)
agents or collaborators of the Controller who are located within the United Kingdom and the territory of the European Union;
(II)
service providers for IT and marketing activities;
(III)
MBE group companies, including MBE Worldwide S.p.A., Sistema Italia 93 S.r.l., MBE Deutschland GmbH, MBE Spain 2000 SL, MBE France Sarl, MBE Poland Sp.z.o.o., Mail Boxes Etc (UK) Ltd, U.S. Business Holdings Inc., PostNet International Franchise Corp., AlphaGraphics Inc;
(IV)
consultants for accountancy, administrative, legal, tax and financial matters;
(V)
where required, the competent judicial authorities;
(VI)
where required, public administrations and supervisory and control authorities.
Personal Data will not be publicly disclosed.
Entities belonging to the categories listed above, may act, as the case may be, as data processors (and in this case they will receive appropriate instructions from the Controller) or as autonomous data controllers. In the latter case, the Personal Data will be communicated only with the express consent of the data subjects, except where the communication is mandatory or necessary pursuant to the applicable law or for the pursuit of purposes for which the consent from the data subject is not required.
The Controller also has the right to transfer your Personal Data to third-party countries. Transfers of Data outside the European Economic Area are subject to a special regime pursuant to the GDPR, and are only made in respect of countries that ensure an adequate level of personal data protection, on the basis of an adequacy decision of the Commission or where adequate safeguards have been adopted (including the standard contractual conditions provided by the European Commission, mirrored in UK GDPR rules), provided that the data subjects have enforceable rights and effective judicial remedies.
The Controller may use “cookies” within the Websites (i.e. text files sent and stored on users hard disk to be then retransmitted during the next visit of the same Websites), or other similar tools in order to facilitate the use of services requested by the user himself, as well as the user’s collection of information, the navigation of the Websites and the choices and preferences expressed on products/services. The user may revoke the authorisation granted at any time and select use of cookies by selecting the appropriate settings through their Internet browser. For more information on how to disable cookies read our Cookies Policy.
Personal Data will be stored, in compliance with the applicable law, for a term not exceeding what is necessary to pursue the purposes for which it is processed.
The criteria for determining the storage period of the Personal Data takes into account the allowed processing period and the applicable laws on the statute of limitation of rights and legitimate interests of the data subject where they are the applicable legal basis for processing.
Subsequently, the Personal Data will be deleted, aggregated or anonymised.
At any time, you will be entitled to:
(I)
obtain confirmation from the Controller as to whether your Personal Data is being processed, and where that is the case, to access the personal information described within art. 15 of the GDPR;
(II)
ensure the correction of any inaccurate Personal Data concerning you, or, taking into account the purpose of the processing, the integration of incomplete Personal Data;
(III)
request the erasure of your Personal Data, where one of the grounds under art. 17 of the GDPR applies;
(IV)
request the restriction of processing of your Personal Data, where one of the cases under art. 18 of the GDPR applies;
(V)
object to the processing of your Personal Data on grounds relating to your particular position, where applicable;
(VI)
receipt in a structured, commonly used and machine-readable format Personal Data concerning you and provided by you, as well as to transmit those Personal Data to another controller, in the cases and within the limits referred to in art. 20 of the GDPR, where applicable.
You also have the right to withdraw your consent to the processing of your Personal Data (where given) at any time, without prejudice to the lawfulness of the processing based on your consent before its withdrawal. You will have the possibility to opt-out from marketing via email by clicking on the relevant “unsubscribe” link.
In line with the GDPR, the Controller may not charge for complying with any of the requests mentioned in this paragraph, unless they are clearly unfounded or excessive and repetitive. Should you request more than one copy of your Personal Data or in cases of excessive or unfounded requests, the Controller may: (I)
charge a reasonable expense, considering the administrative costs incurred to fulfil the request; or
(II)
refuse to fulfil the request. In these cases the Controller will inform you of the costs before fulfilling the request.
The Controller may ask for further information before fulfilling the requests if it needs to verify the identity of the person who has made them.
Without prejudice to any administrative or legal remedy, you also have the right to lodge a complaint to the relevant supervisory Authority (for UK the guidelines issued by the ICO: https://ico.org.uk/for-organisations/guide-to-data-protection/), if you believe that processing of your data is in breach of the GDPR. More information is available on the website https://www.garanteprivacy.it/en/home_en.
In any case of concern, request or complaint about the acquisition, use and retention of your Personal Data, the Controller is interested in knowing the reasons for the complaint and requests that you use the above contact methods before turning to the authorities, in order to prevent and resolve any disputes, amicably and promptly, with the greatest courtesy, professionalism and discretion.
For more information about the provisions contained in Articles from 15 to 22 of the GDPR, click on the following link: http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32016R0679&from=it.
http://eur-lex.europa.eu/legal-content/IT/TXT/PDF/?uri=CELEX:32016R0679&from=i
To exercise your rights in relation to the use of Personal Data, as per Section 3 above and/or to obtain any type of information you may need in relation to the Controller described within this privacy notice, you can send a written communication to MBE Worldwide S.p.A. (Fiscal Code and VAT number 10697630159), with registered office in Milan, Viale Lunigiana 35-37, or a fax by dialling 02 67625625 or an email to privacy@mbeglobal.com.
This privacy notice is valid as of the date indicated below. It is advisable to regularly monitor this privacy notice by visiting the Website in order to keep up to date with any future changes.
Latest update: 31.1.2022