BUSINESS PERFORMANCE INSTITUTE S.R.L. (“B.P.I.”), owner of this application (“App“), intends to inform those who use the App through cell phone or tablet, as employees/collaborators (the “Users“) of the clients of BPI who have purchased the service “Heroic Leadership Program” (the “Service“), about the purposes and methods of collection of personal data entered by the Users or however referred to them and this in compliance with Art. 13 of the EU Regulation 2016/679 (“GDPR“)
The data acquired through the use of the App are the following (the “Personal Data“):
- Surname (not indicated in the application but used in the coding file for the processing carried out by the data controller)
- Reference company (indicated in a pseudonymized manner, represented by code within the application)
- Identification codes (username and password)
- Self-assessment data entered by the user
- Objectives set by the user
- User annotation
Controller. The data controller is the company BUSINESS PERFORMANCE INSTITUTE S.R.L., with registered office in Turin, corso Matteotti 12.
Purposes and legal basis of data processing. The processing of the User’s Personal Data has the exclusive purpose of carrying out the functions for which this App has been developed, that is, to allow each User to carry out a self-assessment of the daily work energy levels achieved on the basis of the objectives that each User sets daily to accomplish, as well as to monitor progress of work energy levels achieved.
This processing does not require consent from the User, as what makes it lawful is the execution of a contractual obligation of the Data Controller towards the customer who purchased the Service, and this in accordance with Article 6.1, letter b) of the GDPR.
Therefore, Personal Data will not be used for additional purposes, including tracking or direct marketing purposes.
Modality of data processing. Personal Data will be processed in paper and electronic form, in compliance with the above-mentioned law, using security measures to ensure their confidentiality and to avoid loss, destruction, modification, unauthorized access or unauthorized disclosure of Personal Data. More specifically, since the App will be hosted on servers of third-party providers of BPI, in cloud mode, the User’s Personal Data will be pseudonymized, so that the information entered by the User cannot allow the identification of the User.
Moreover, in the execution of the services object of the Service, the Personal Data of self-assessment with respect to the objectives and eventual notes inserted by the User will be known only by BPI employees and collaborators who will be involved in the Service for the one-to-one and group coaching activities with the User and will not be made accessible to the clients of which the User is an employee or collaborator, if not in aggregate form and, therefore, totally anonymous.
The Personal Data will be deleted once the purpose of their collection has been fulfilled and, therefore, after the termination of the contract with the client and, in any case, at the latest within the term of 2 (two) years from such termination if a further period will be agreed upon with the client in which the User can continue to use the App to consult the previous data.
Subjects involved in the data processing. The Personal Data are processed by the Data Controller, through its partners and through its employees and collaborators formally authorized to the processing who are properly trained and made aware of the constraints imposed by the legislation on the processing of personal data.
Personal Data will not be disclosed in any way, but may be known by the following categories of recipients for the performance of the App’s functionalities, or in any case for reasons related to the use of the App by Users, regardless of whether or not such recipients are appointed as data processors:
a) companies in charge of the management of the App and its functionalities through their data centers;
b) company in charge of the development and maintenance of the App;
c) other Users belonging to the same edition of the program;
d) law firms of our trust for the possible protection of our rights;
e) judicial bodies, arbitration boards, mediation bodies and their mediators, consultants of the parties or ex officio, in case of dispute.
Personal Data provided by the User resides on a platform located within the European Union and outside the EU, and is processed with adequate safeguards based on appropriate standard contractual clauses, pursuant to Article 46 of the GDPR.
Compulsory and non- compulsory data conferment. The provision of Personal Data by the User is compulsory when necessary to allow the functionality of the App, so the failure to provide this data will not allow the proper provision of the Service and optional for what concerns the inclusion in the “free fields”.
Data Subject’s Rights. At any time, the User may exercise the right of access to Personal Data (to know the purpose of the processing, the categories of personal data processed, the recipients or categories of recipients to whom the data are communicated, whether the data have been transferred outside the EU, the period of data retention), the right to request their rectification the cancellation – in the cases provided for – the limitation of the processing or to oppose their processing, the right to request the portability of the data, as well as the right not to be subjected to an automated decision-making process, by addressing the request to the Data Controller, at the above-mentioned address of the registered office, or to the e-mail address firstname.lastname@example.org. For a more thorough description of the rights pertaining to each data subject, please consult the following page of the website of the Guarantor for the protection of personal data: www.garanteprivacy.it/home/diritti.
Right to lodge a complaint. You also have the right to lodge a complaint with the Guarantor for the protection of personal data, if you believe that the processing of your personal data has been carried out in violation of your rights.
For the purposes of personal data legislation, cookies are broadly classified into two macro-categories: technical cookies (including analytical cookies) and profiling cookies.
Technical cookies are used to ensure the normal navigation and use of the website and are necessary for the proper functioning of the site itself; in other cases they are not essential to its functioning, but are used to improve the quality and experience of navigation, such as those that, based on the user’s request, record the user’s choices or keep track of the data provided by the user when filling out online forms on certain pages, to provide personalised navigation within the site. The use of these cookies does not require the user’s consent, as they are functional to navigation and the choices made by the user, but it is sufficient to provide information on their presence, as provided for by Article 122 of Legislative Decree No. 196 of 30/6/2003.
Analytical cookies can be assimilated to technical cookies, i.e. those that generally collect statistical information on how the user uses the website, the number of visitors to the website, which pages are visited most often, and the time spent on the website, on the condition, however, that the owner of the visited website or the third party placing such cookies is prevented from directly identifying the user through their use.
Profiling cookies, on the other hand, are used in order to send advertising messages in line with the preferences expressed by the user himself/herself in the context of the use of the functions and navigation on the web and/or for the purpose of analysing and monitoring the behaviour of visitors to websites. These cookies, whether first- or third-party, require the user’s prior consent, pursuant to the forementioned art. 122.
The above being stated, in compliance with the provision of the Guarantor for the protection of personal data of 8/5/2014 and the Guidelines of the same Authority issued with the provision of 10/6/2021, the company BPI Srl, with registered office in Turin, Corso Giacomo Matteotti 12, informs you, as the owner of the processing of personal data, that the site www.bpi.eu.com, uses both technical and analytical cookies, its own and third-party cookies.
The technical cookies on this website are:
Google Analytics code has been integrated into this site to anonymise the IP address of the user browsing the site.
However, by completely disabling cookies in your browser, you may no longer be able to use all of the interactive features of this site.
Users may at any time exercise their right to access their personal data, to request their rectification, cancellation – in the cases provided for – the limitation of their processing or to oppose their processing, as well as the right to request the portability of their data, by addressing their request to the Data Controller, at the above-mentioned address of the registered office or at the e-mail address email@example.com.
If you believe that the processing of your personal data (IP address, user name or unique identifier) by means of cookies is carried out in breach of the relevant legislation, you are entitled to lodge a complaint with the Data Protection Authority.