Privacy & Cookie



 1.    Data controller
Data controller of personal data The data controller is Benicchio Ferramenta Srl (hereinafter "Benicchio" or "Holder") with registered office in Via Giovanni Battista Moroni, 169 - 24127 Bergamo - ITALY VAT no. 02314190162 e-mail info @ benicchio .it (the "Owner").

 2.   Interested Registration - Purposes and methods of processing - legal basis

Benicchio has used a registration system on its website (hereinafter the "Site") allows interested parties to access the services of the Site and, in particular, to purchase the products, inserting their authentication credentials.

The Data Controller processes the personal data of the data subjects for the following purposes:

a)    for registration on the website (hereinafter the "Site")

b)     for the management of purchase orders for goods through the Site and, in particular, the selection of products, the sending of orders and / or the relative acceptance, shipment, delivery of products;

c)      for carrying out administrative and accounting activities relating to the purchase of products through the Website, as well as to fulfill legal obligations;

d)     for sending advertising with information on products or advice on the purchase of products on the site;

e)     for sending newsletters through which the person concerned from time to time receives information on advantageous offers on products offered on the Website, special offers, promotions and news.

The legal basis of the processing for the purposes referred to in letters a), b) and c) is the execution of the sales contract of which the party is a party, while for the purposes d) e) and f) is the consent, optional and freely revocable by the interested party.

Personal data are processed using manual and electronic tools and are stored in the electronic database. The personal data contained in the aforesaid automated information system, as well as those stored in the electronic archives of the Data Controller, are treated in compliance with current legislation and the GDPR regarding security measures, in order to minimize the risk of destruction, loss, modification, unauthorized disclosure or access, in an accidental or illegal manner, or of processing not in accordance with the purposes of the collection.

 3.    Data retention times

Personal data is kept for the time necessary to achieve the purposes indicated above, as well as to fulfill legal obligations. For this reason the data of the interested parties for the purposes referred to in letters a), b) and c) will be kept for 10 years, while the data of those interested who have registered on the Website for the purposes referred to in letter d) and e) above will be retained until the express revocation of the consent. Once the storage terms indicated above have elapsed, the data will be destroyed, deleted or made anonymous, compatible with the technical cancellation and backup procedures.

 4.    Type of personal data processed

The Data Controller processes the personal data entered by the Data Subject at the time of registration (name, surname, place and date of birth, tax code / VAT number, residence, telephone contacts, profession etc.), as well as the domain name or address Access computer IPs that are saved for security reasons and deleted after a maximum of 7 (seven) days. Other data may also be saved, such as the access date, the http response code and the website from which the re-directing to the Site occurred, as well as the amount of data (bytes) that were transmitted.

 5.    Provision of data and consent to its processing

The provision of data for the purposes referred to in art. 2 lett. a), b) and c) it is strictly necessary and in case of non-release, the interested party will be unable to complete the registration on the Website or the purchase procedure of the products through the Website.

With reference to the purpose referred to in letters d), and e) of the art. 2 above, consent to the processing is optional and the interested party may freely withdraw consent to oppose at any time the sending of such communications.

 6.   Scope of data communication

Personal data are entered by the Data subject on the Site and may be brought to the attention of the Data Controller or disclosed to public and / or private subjects, physical and / or legal persons (legal, administrative and fiscal consultancy firms, authorized to request it), that is, to third parties that the Owner uses for the execution of the sales contract (eg shippers and couriers), for the maintenance of the Site (IT company) and consultants in general.

  7.   Rights of the interested parties

The interested party is always entitled to request the Data Controller to access your data, to correct or cancel it, to limit the processing in the cases provided for by art. 18 GDPR or the possibility to oppose the processing, to request the portability of data, relying on these and other rights provided by the GDPR through a simple communication to the Owner at

The interested parties have the right to revoke the consent given at any time for the purposes referred to in letters c) and d) of the art. 2.

Interested parties have the right to lodge a complaint with the competent Supervisory Authority in the Member State in which the habitually reside or work or of the State in which the alleged violation has occurred.


Saving personal data through cookies

It is not necessary to accept the use of cookies while browsing the website However, we will inform the customer that the use of the "shopping cart" and sending out any orders are only possible with the activation of cookies. In website use cookies. Cookies are text files stored on computer support that allow you to adjust some parameters and data provided to the computer system of through the browser used by the customer and allow an analysis of its habits in the use of a particular website. This allows you to save to adapt their websites to the needs of the client and also makes it easier to use (for example, by storing some requests, it is not necessary to repeat the insertion at each visit). Many of the cookies used are automatically deleted from your computer hard drive of the client at the end of each browsing session (from which the name "session cookies"). There are cookies which remain on your hard drive. Their stay is long enough (a few years) for the sake of greater convenience. Made a first visit to the site, the system will be able to recognize at each subsequent visit that the customer has already been on this site and will therefore be requested and retrieved favorite data of the Customer (cookies long-term). These cookies allow the customer to not have to re-enter your password, and fill out forms at each new access. Browsers generally restrict the use of cookies, despite these allow access to offers on this website more freely. Cookies can also be disabled.
The Customer consents to the registration of user name and password in cookies after closing the browsing session and their activation at the time of the next visit. The Customer may revoke this authorization at any time, with effects on the future, by selecting the specific parameters of your browser that allow you to exclude the activation of cookies in the following ways:

Mozilla Firefox:
1. Select "Tools" menu, then "Options"
2. Click on "Privacy"

Microsoft Internet Explorer:
1. Select "Tools" then "Internet Options"
2. Click on "Privacy" (or "Confidentiality")
3. Select the level of privacy you want using the cursor.

1. Select "Tools", then "Settings"
2. Click on "Show Advanced Settings"
3. In the "Privacy" section, click on "Content Settings."

1. Select "File," then "Preferences"
2. Click on "Privacy."

Secure transfer of personal data
The customer's personal data are transferred in encrypted form. This applies to both in provision of purchase orders for both the restricted access to the Customer's account. For this purpose, the technique is used SSL (Secure Socket Layer). Although it is not possible to guarantee absolute protection adopted for its systems security measures against loss, destruction, access, modification or disclosure of customer data from unauthorized third parties.