Privacy Policy

Articles. 13-14 of EU Reg. 2016/679

The disclosure is a general obligation that must be fulfilled before or at the latest at the time of initiating the direct collection of personal data. In the case of personal data not collected directly from the person concerned, the information must be provided within a reasonable time, or at the time of communication (not registration) of the data (to third parties or to the person concerned).
The information is provided only for the website and not for other websites that may be consulted by the user through links from this one.
Pursuant to the General Regulation for the Protection of Personal Data of Natural Persons (GDPR – Reg.(EU)2016/679), the undersigned organization, data controller, informs of the following:

The personal data held by the undersigned organization are collected directly from the data subjects.

The computer systems and software procedures used to operate the website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties, but by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc..) and other parameters regarding the operating system and computer environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Profiling data regarding the habits or consumption choices of the person concerned are not directly acquired. However, it is possible that through links or by incorporating elements of third parties, such information may be acquired by autonomous or separate subjects. See in this regard the section on Third Party Cookies.
Like others, this website saves cookies on the browser used by the user concerned to transmit information of a personal nature and to enhance the experience. In fact, cookies are small text strings that the sites visited by the user send to his terminal (usually to the browser), where they are stored, sometimes with characteristics of wide temporal persistence, to be then retransmitted to the same sites at the next visit.

As explained below, it is possible to choose whether and which cookies to accept, bearing in mind that refusing their use may affect the ability to carry out certain transactions on the site or the accuracy and suitability of certain customizable content offered or the ability to recognize the user from one visit to the next. If you do not make any choice in this regard, the default settings will be applied and all cookies will be activated: however, at any time, you can communicate or change your decisions in this regard.


In particular, we use the so-called session cookies, which are not permanently stored on the user’s computer and disappear when the browser is closed and whose use is strictly limited to transmitting session identifiers (consisting of random numbers generated by the server) necessary to enable the safe and efficient exploration of the site and avoid the use of other techniques potentially prejudicial to the privacy of the users and do not allow the acquisition of personal identification data. Then we use analytics cookies that help to understand how visitors interact with the contents of the site, collecting information (geographical and web origin, technology used, language, pages entered, visited, exited, dwell time, etc..) and generating statistics on the use of the website without personal identification of individual visitors. All these are to be considered technical cookies for which, since it is not necessary to give consent, the opt-out mechanism applies. Technical cookies are not communicated to third parties as they are necessary or useful for the functioning of the site; therefore they are treated only by subjects qualified as persons in charge, responsible for the treatment or system administrators.
Finally, the site incorporates cookies and other elements (tags, pixels, and cc.) of third parties (autonomous and on which the owner has no responsibility) who also perform profiling activities and for which please see the link

The optional, explicit and voluntary sending of electronic mail to the addresses indicated on the site involves the subsequent acquisition of the sender’s address, necessary to respond to requests, and any other personal data included in the email. Even the explicit and voluntary sending of the forms that can be filled out on the site containing data of the interested party involves the processing in order to follow up pre-contractual obligations or the execution of the services provided with the sending of the forms. Such information in the forms may concern personal data, contact details, telephone numbers, email addresses of interested parties and third parties identified and identifiable cause with the user of the site. However, specific summary information will be progressively reported or displayed in the pages of the site prepared for particular services on request.

Personal data are processed (ref. art.6(b) of the GDPR):
(a) to allow navigation on the site and
b) possibly to perform the service or provision requested as part of the normal activity carried out by the writer organization.
In addition, all personal data may be processed:
(c) for purposes related to obligations under laws, as well as provisions issued by authorities empowered to do so by law (ref. Articles 6(c) and 9(b,g,h) of the GDPR);
d) for the establishment, exercise or defence of a right in or out of court (legitimate interest) of the undersigned organization (ref. Articles 6(f) and 9(f) of the GDPR);

The conferment of data collected from the interested party is optional but essential for the processing of the same for the purposes of letters a) and b). In the event that the interested parties do not communicate their indispensable data and do not allow the processing, it will not be possible to proceed with the completion and implementation of the proposed services and follow up on the contractual obligations undertaken, with consequent prejudice to the correct fulfilment of regulatory obligations, such as accounting, tax and administrative obligations, etc..

Apart from what has been specified for navigation data, the user is free to provide personal data for cookies and specific requests through forms e.g. on products and/or services. Failure to provide such data may make it impossible to obtain what has been requested. For all non-essential data, the conferment is optional. In the absence of consent or incomplete or incorrect conferment of certain data, the fulfilments requested could be so incomplete as to cause prejudice or in terms of sanctions or loss of benefits, both for the impossibility of guaranteeing the congruity of the processing itself to the obligations for which it is carried out, and for the possible lack of correspondence of the results of the processing itself to the obligations imposed by the law to which it is addressed, intending to exonerate the writing organization from any and all responsibility for any sanctions or afflictive measures.

I trattamenti connessi ai servizi web del sito sono trattati con strumenti automatizzati per il tempo strettamente necessario a conseguire gli scopi per cui sono stati raccolti; hanno luogo presso il server in Italia o UE e sono curati solo da personale tecnico incaricato del trattamento, oppure da eventuali incaricati di operazioni di manutenzione e amministrazione. Specifiche misure di sicurezza sono osservate per prevenire la perdita dei dati, usi illeciti o non corretti ed accessi non autorizzati e la perdita di riservatezza. La struttura è dotata di dispositivi anti-intrusione, firewall, log e disaster recovery. Sono utilizzati meccanismi specifici di cifratura e segregazione dei dati e di autenticazione ed autorizzazione degli utenti.

The processing operations connected to the web services of the site are processed by automated tools for the time strictly necessary to achieve the purposes for which they were collected; they take place at the server in Italy or EU and are only handled by technical personnel in charge of processing, or by any persons in charge of maintenance and administration operations. Specific security measures are observed to prevent the loss of data, illicit or incorrect use and unauthorized access and loss of confidentiality. The structure is equipped with anti-intrusion devices, firewall, log and disaster recovery. Specific mechanisms are used for encryption and segregation of data and authentication and authorization of users.

Data processing means the collection, recording, organization, storage, processing, modification, deletion and destruction or the combination of two or more of these operations. In relation to the aforementioned purposes, the processing of personal data is done through manual, computer and telematic tools, with logic strictly related to the purposes and, however, so as to ensure the security and confidentiality personal data will therefore be treated in accordance with the methods indicated in art. 5 Reg. to EU 2016/679, which provides, among other things, that the data are processed lawfully and fairly, collected and recorded for specific, explicit and legitimate purposes, accurate, and if necessary updated, relevant, complete and not excessive in relation to the purposes of treatment, respecting the fundamental rights and freedoms, and the dignity of the person concerned with particular reference to confidentiality and personal identity, through measures of protection and security. The undersigned organization has prepared and will further refine the security system of access and storage of data.
An automated decision-making process (e.g. profiling) is not carried out.

The treatment will take place mainly in Italy and EU, but could also take place in non-EU and non-EEA countries if deemed functional to the efficient fulfillment of the purposes pursued in compliance with the guarantees in favor of the interested parties. Finally, the treatment that takes place in non-EU and non-EEA countries when, at the request of the interested party, the connections to the site come from these countries, is outside the responsibility of the Owner.

Personal data will be kept, in general, as long as the purposes of the treatment persist according to the category of the treated data.
The data (only the indispensable ones) are communicated
– to persons in charge and responsible for the treatment, both internal to the organization of the writer, as well as external, who perform specific tasks and operations (site administration, analysis of navigation data, traffic data, management of emails and forms sent voluntarily by the user, etc.).
– in the cases and subjects provided for by law

The data will not be disclosed unless otherwise provided by law or after anonymization. Without prejudice to that specified for cookies and third party elements, without the prior general consent of the person concerned to communications to third parties, it will be possible to implement only the services that do not provide for such communications. In case of necessity, specific and punctual consents will be requested and the subjects who will receive the data will use them as autonomous holders.

In some cases (not object of the ordinary management of this site) the Authority can request news and information, in order to control the treatment of personal data. In these cases the answer is obligatory under penalty of administrative sanction.

At any time you will be able to: exercise your rights (access, rectification, cancellation, limitation, portability, opposition, absence of automated decision-making processes) when provided against the data controller, pursuant to Articles 15 to 22 of the GDPR; lodge a complaint with the Guarantor (; if the processing is based on consent, revoke such consent given, bearing in mind that the revocation of consent does not affect the lawfulness of processing based on consent before revocation.

Almost all browsers offer the possibility of managing and not enabling cookies, in order to respect the preferences of users. In some browsers it is possible to set rules to manage cookies on a site-by-site basis, which gives you more control over your privacy; another feature available on some browsers is the incognito mode, so that all cookies created in this mode are deleted after closing.

Please see the following instructions for cookie management in the relevant browsers:
– Chrome:
– Firefox:
– Internet Explorer 11:
– Edge:
– Safari:
For settings in browsers other than those listed, reference should be made to the help documentation drawn up by the producer of the browser itself.

The data controller is Guarniturificio Brunero srl, in the person of its legal representative pro tempore.
The registered office is in via IV Novembre, 2/bis – 10044 Pianezza (TO)
Contact details are: telephone 0119941666; fax 0119945000; e-mail
The complete list of the persons in charge of the treatment is available on request.