PRIVACY INFORMATION NOTICE ACCORDING TO ART. 13 (EU) REGULATION 2016/679

In compliance with art. 13 of Regulation (EU) 2016/679 (hereinafter “Regulation” or “GDPR”) and Section 89 (3) of Act No. 127/2005 Coll., on electronic communications, this information notice describes the means and purposes of processing of personal data of users who navigate in this website (hereinafter “Website”).

The information here provided do not concern other websites, pages or online services which could be accessed through links on this website.

DATA CONTROLLER

The Controller of personal data is BENEGAS SRL a Socio Unico with its registered offices located in Viale Monte Nero 55– 20135 MILANO – Sede Legale Via G. Leopardi 2 – 20123 MILANO – CF e PI 08757800969 (hereinafter referred to as the “Company” o “Data Controller”).

TYPOLOGY OF DATA PROCESSED AND PURPOSES OF PROCESSING

Navigation Data

IT systems and the software installed for the functioning of this Website collect, in the course of their normal use, some personal data which transmission is implicit in the usage of internet communication protocols.

In this category of data are comprised the IP addresses, domain name system, Uniform Resource Identifier/Locator of the requested resources, the hour of the request, the method used to submit the request to the server, the size of file obtained as reply, the numbering code which indicates the status of the reply given by the server (success, error, ect.) and other information relating to the operating system and the IT environment of the user.

Such data are processed to ensure the navigation on the Website and the usage of services possibly provided through the Website.

The same data is processed also in view to obtaining statistical information regarding the usage of the services (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance the use of the services.

Data provided by the user

The optional and voluntary sending of messages to the contact addresses of the Company and the filling of forms and their subsequent submission entail the processing of contact data of the sender and all data contained in the message, which are essential in order for the Controller to reply.

Cookies and other tracking systems

The Website uses cookies to enhance the user navigation experience.

In order to obtain additional information regarding the types of cookies that are used and how to disable them, please read the dedicated section Cookie Policy.

LEGAL BASIS OF THE PROCESSING

Navigation data collected through the Website is processed by the Controller according to art. 6 paragraph 1 letter b) of the Regulation EU 2016/679, to enable the navigation on the Website and according to art. 6 paragraph 6, letter f) on the basis of the legitimate interest of the Controller to obtain statistical information regarding the use of the Website (most visited pages, number of visitors for time slot or day slot, geographical area of the request ect.) and enhance user experience. Data provided on a voluntary basis by sending messages to the contact addresses of the company will be processed by the Company according to art. 6 paragraph 1, letter b) of the Regulation UE 2016/679 to reply to the request of the user.

RECIPIENTS OR CATEGORIES OF RECIPIENTS OF PERSONAL DATA

Personal Data will be processed by the individuals expressly authorized by the Controller, who pertain to the business units such as IT, Marketing and any other company unit which acts on the basis of the Controller’s instructions regarding purposes and means of processing.

Finally, if necessary for the mentioned purposes, personal data could be communicated to and/or shared with third parties such as providers of goods and services, including ICT services, hosting providers, IT companies and commercial partners (on the legal basis of our legitimate interest in carrying out our business activities), as well as public authorities (being the compliance with the law the legal basis for this communication).

TRANSFER OF PERSONAL DATA TOWARDS THIRD COUNTRIES OR INTERNATIONAL ORGANISATIONS

The Controller does not intend to transfer personal data towards international organizations and/or countries not members of the European Union where an adequate level of protection is not ensured, according to the European laws; if a transfer is made, it shall be made for the implementation of pre-contractual measures taken at your request, or as long as the transfer is necessary to ascertain, exercise or defend a right before judiciary authorities or if you have explicitly provided your consent to the transfer.

In case of possible further transfers of your personal data, the Controller will carry out such transfers only:

towards Third Countries, one or more specific sectors within a Third Country (as in the case of the EU-US Privacy Shield) or international organizations for which the European Commission deems that an adequate level of protection of Personal Data is in place; or

if the recipient of the data obtained an appropriate certification or adhered to a specific code of conduct ensuring that the processing of Personal Data is carried out with safeguards which are appropriate and equal to those provided under EU law; or

if the Company implemented appropriate safeguards to protect your Personal Data, by concluding contracts including the so-called Model Clauses, as prepared by the European Commission or prepared by the national Data Protection Authority and approved by the European Commission.

Further information about the safeguards adopted by the Company for such transfers, and a copy of such safeguards are available at eloisa@benegasmanagement.com.

DATA RETENTION PERIOD

The Controller will process personal data collected to allow navigation on the website until the end of the connection session, and for the time necessary to comply with the legal obligation and/or to defend or exercise a right in court. Personal data provided on a voluntary basis by the user through sending messages to the contract addresses of the company shall be retained by the Controller for the time strictly necessary to reply to such messages and for the additional time to comply with legal obligations and/or to defend a right in court.

NATURE OF THE COMMUNICATION OF PERSONAL DATA AND CONSEQUENCES OF THE FAILURE TO COMMUNICATE DATA

Communication of personal data provided by the user on a voluntary basis through messages to contact addresses of the Company is an essential requirement to allow the Controller to reply to the user’s requests. If data is not provided, the Controller could not be in the position to reply to the user. With reference to the consequences of the withdrawal of consent or removal of cookies, please see our cookie policy.

RIGHTS OF THE USERS

The Controller makes sure that the user can exercise at any time his rights provided by the Regulation (UE) 2016/679 by writing to the address eloisa@benegasmanagement.com.

More in detail, the user has the right, at any time, to:

Know if the Controller stores/processes personal data relating to him, and if so have access to them and obtain a copy of such data (right of access, article 15 of GDPR);

Obtain the rectification of data, if they are incorrect, or supplement them (right of rectification, article 16 of GDPR);

Obtain the erasure of such data under the conditions set forth by the GDPR (right of erasure, article 17 of the GDPR);

Request to the Controller to restrict the processing only to certain categories of personal data, if any of the conditions set forth by the GDPR is met (right of restriction of the processing, article 18 of the GDPR);

Request and receive personal data concerning him in a structured format, or to have such data transmitted to another controller (right to data portability, article 20 of the GDPR);

Object at any time to the processing of personal data (right to object, article 21 of the GDPR).

Notwithstanding any other administrative and judicial right of action, after having contacted the Controller, the user has the right to lodge a complaint to the competent administrative authority if (s)he considers that the processing of personal data regarding him/her is in contrast with the provisions of the Regulation (UE) 2016/679 as provided by art. 6 letter f. The Italian Data Protection Authority can be contacted at garante@gpdp.it or through the website http://www.gpdp.it.

Last revised: May 25, 2018

Cookies

This website uses cookies and third party cookies to ensure a good user experience. For additional information on the cookies used by this website, we invite you to read the website cookie policy.

By continuing navigation accessing to any other area of the website (for example by clicking on an image or a link), you acknowledge having read the policy and consent to the use of the cookies.

Accept & Close

WHAT ARE COOKIES AND WHAT THEIR PURPOSE

Cookies are small text files that websites visited by the user send to his terminal, where they are stored before being re-transmitted to the same website at the next visit of the same user.

During the navigation on a given website, the user may also receive cookies on their own terminal that are sent from different websites (“third party”).

Cookies can be used for different purposes such as, for example, execution of computer authentication, monitoring of sessions, storage of information on specific configurations concerning users accessing the server, storing preferences, etc.

Cookies can be divided into two macro-categories: the so called “technical cookies” and the “profiling cookies”.

Technical cookies are cookies that are strictly necessary for the functioning of the Website and for the provision of services rendered through it. These cookies are not used for other additional purposes and are normally installed directly by the owner of the website. Without recourse to them, some features of websites could be precluded or navigation on such sites could be more difficult.

Profiling cookies are cookies aimed at creating profiles related to the user in order to send advertising messages in line with the preferences expressed by the user during his navigation on the net.

WHAT COOKIES ARE USED IN THIS WEBSITE

This website uses technical session cookies (non-persistent) strictly limited to what is necessary for the safe and efficient browsing of the website user.

More in detail, this website uses the following cookies:

1st party technical Cookies

Name of the cookie

Purpose

Retentation period

What happens if the user does not accept or removes the cookie

womenFavs

Track “favourite” female models being chosen by the user

Limited to browser session duration

It will not be possible for the user save female models to his favourites list

menFavs

Track “favourite” male models being chosen by the user

Limited to browser session duration

It will not be possible for the user save male models to his favourites list

JSESSIONID

Track on which application server the user connection has been established

Limited to browser session duration

It will not be possible establish on which application server the connection has been established

Third party cookies

Name of the cookie

Purpose

Retention period

What happens if the user does not accept or removes the cookie

AWSELB (Amazon Web Services)

Tracking the Load Balancer server where the connection is established

1 hour

It is not possible to determine on which load balancer server the connection has been established.

_ga (Google Analytics)

Unique and anonymous user identifier on the website, to track for each request if it comes from a new user or a visitor that visits again the website.

2 years

It is not possible to establish if the user has visited the website in the past.

_gid (Google Analytics)

Unique and anonymous page identifier

limited to session

It is not possible to determine the user path on the website.

The user can acquire information on the processing performed by Google Analytics and express their preferences on their use by accessing the privacy policy of the service through the following link:

Google

https://policies.google.com/privacy

Amazon Web Services

https://aws.amazon.com/privacy/

Disabling and deleting cookies (opt-out)

Most browsers accept cookies automatically, but you can change your browser setting to decline cookies if you prefer.

If the user chooses to refuse cookies, he or she may not be able to fully enjoy the functionality of the Website and the services available there. Here are the links to access instructions on how to block or allow cookies through the main internet browsers:

Safari

https://support.apple.com/en-gb/guide/safari/sfri11471/mac

Google Chrome

https://policies.google.com/technologies/managing

Mozilla Firefox

https://support.mozilla.org/products/firefox/protect-your-privacy/cookies

Internet Explorer

http://windows.microsoft.com/internet-explorer/delete-manage-cookies

Edge

https://privacy.microsoft.com/en-us/windows-10-microsoft-edge-and-privacy

Opera

https://help.opera.com/en/latest/security-and-privacy/