Website privacy and cookie policy: and any subfolders and / or subdomains if active.

Information on the processing of personal data according to EU Regulation no. 2016/679 (GDPR).
The information is not to be considered valid for other websites that may be consulted through links on the Internet sites in the domain of the owner, who is not to be considered in any way responsible for the websites of third parties.
Baruffaldi Fratelli S.r.l. with registered office in via Risogimento, 84 in Premana (LC) Zip code: 23834 (hereinafter, "Owner"), as data controller, informs you pursuant to art. 13 Legislative Decree 30.06.2003 n. 196 (hereinafter, "Privacy Code") and art. 13 EU Regulation no. 2016/679 (hereinafter, "GDPR") that your data will be processed in the manner and for the following purposes:

1. Object of the treatment
The Data Controller processes personal, identifying and non-sensitive data (by way of example but not limited to: name, surname, company name, address, telephone, e-mail - hereinafter, "personal data" or even "data") communicated by you when registering on this website (hereinafter, the "Site"), participating in an opinion and satisfaction survey, completing the registration form via the Site and making online requests.

2. Purpose of the treatment
Your personal data are processed for the following Service Purposes:
• manage and maintain the Site or allow you access to dedicated areas;
• allow you to use any Services requested by you;
• respond to online contact chats;
• grant you access to programs and services;
• offer assistance and consultancy even remotely;
• process a contact request;
• for administrative-accounting activities in general;
• fulfill the appropriate requirements by law, by a regulation, by community legislation or by an order of the Authority or upon requests from the Italian or foreign government or the Italian Chamber of Commerce;
• prevent or discover fraudulent activities or abuses harmful to the Site;
• exercise the rights of the owner, for example the right to exercise a right in court.

3. Methods of processing and data retention period
The processing of personal data is carried out by means of the operations indicated in art. 4 of the Privacy Code and art. 4 n. 2) GDPR and more precisely: collection, registration, organization, storage, consultation, processing, modification, selection, extraction, comparison, use, interconnection, blocking, communication, cancellation and destruction of data. Your personal data are subjected to both paper and electronic and / or automated processing, through the use of a website hosted on the server of the data controller or on sites of external companies that allow the data controller to offer his services (such as for example, to offer online chat assistance or to deposit files for the customer, use his email address and name for the download). The Data Controller will process personal data for the time necessary to fulfill the aforementioned purposes and in any case for no more than 10 years from the termination of the relationship for the purposes of the service and for no more than 2 years from the collection of data for the other purposes. In compliance with the provisions of art. 5 paragraph 1 letter. e) of EU Reg. 2016/679, the personal data collected will in any case be stored in a form that allows identification of the data subjects for a period of time not exceeding the achievement of the purposes for which the personal data are processed.

4. Safety

The Owner has adopted a wide variety of security measures to protect your data against the risk of loss, abuse or alteration. In particular: it has adopted the measures referred to in Articles 32-34 of the Privacy Code and art. 32 GDPR. If necessary for more secure communications, the data encryption technology established by the AES Standards (BCrypt) and the protected data transmission protocols known as HL7 and HTTPS.

5. Access to data
Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B):
To employees and collaborators of the Data Controller, in their capacity as persons in charge and / or internal managers of the processing and / or system administrators;
A third-party company or other subjects (website provider, cloud provider, e-payment service provider, suppliers, hardware and software service technicians, shippers and carriers, credit institutions, professional firms, etc.) who carry out outsourced activities on behalf of the Data Controller, in their capacity as data processors.

6. Data communication
Without your express consent (pursuant to art. 24 letter A), b), d) Privacy Code and art. 6 lett. b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to Supervisory Bodies and Judicial Authorities, as well as to all other subjects to whom communication is mandatory by law. However, it ensures that your personal data will never be made public on the owner's website.

7. Data transfer
The management and storage of personal data will take place in Europe, on servers located in Italy by the Data Controller and / or third-party companies, including abroad, appointed and duly appointed as Data Processors for the use of the requested services. The personal data provided may be transferred abroad, within the limits and under the conditions set out in articles 44 and ss. of EU Regulation 2016/679, in order to comply with a purpose related to the transfer itself.

8. Nature of the provision of data and consequences of refusing to respond
The provision of data for the purposes referred to in art. 2.A) is mandatory. In their absence, we will not be able to guarantee you neither the registration on the Site nor the Services of the art. 2.A).
You can therefore decide not to provide any data or to subsequently deny the possibility of processing data already provided. In any case, you will continue to be entitled to the Services referred to in art. 2.A).

9. Rights of the interested party
In your capacity as interested parties, you have the rights referred to in art. 7 of the Privacy Code and art. 15 GDPR and precisely the rights of:
I) obtain confirmation of the existence or not of personal data concerning you, even if not yet registered, and their communication in an intelligible form;
II) obtain the indication: a) of the origin of the personal data; b) the purposes and methods of the processing; c) of the logic applied in case of treatment carried out with the aid of electronic instruments; d) the identity of the owner, manager and the representative appointed pursuant to art. 5, paragraph 2 of the Privacy Code and art. 3, paragraph 1, GDPR; e) the subjects or categories of subjects to whom the personal data may be communicated or who can learn about them as appointed representative in the State, managers or agents;
III) obtain: a) expand, rectify or, when interested, integrate the data; b) the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, including data which need not be kept for the purposes for which the data were collected or subsequently processed; c) the attestation that the operations referred to in letters a) and b) have been brought to the knowledge, also as regards their content, of those to whom the data have been communicated or disseminated, except in the case in which this fulfillment is proves impossible or involves the use of means that are manifestly disproportionate to the protected right;
IV) object, in whole or in part: a) for legitimate reasons to the processing of personal data concerning, even if pertinent to the purpose of the collection; b) to the processing of personal data concerning you for the purpose of sending advertising or direct sales material or for carrying out market research or commercial communication, through the use of automated call systems without an operator via e- mail and / or through traditional marketing methods by telephone and / or paper mail. It should be noted that the right of opposition of the interested party, set out in point b) above, for direct marketing purposes through automated methods extends to traditional ones and that in any case the possibility remains for the interested party to exercise the right of opposition even only partly.
Where applicable, you also have the rights referred to in Articles. 16-21 GDPR, as well as the right to complain to the Guarantor Authority.

10. How to exercise the rights
You can exercise your rights at any time by sending:
A registered letter with return receipt to the place of business, with the address stated in the incipit;
An e-mail to the address

11. Minors
This Site and the Controller's Services are not intended for minors under the age of 18 and the Controller does not intentionally collect personal information relating to minors. In the event that information on minors were unintentionally registered, the Data Controller will delete them in a timely manner, at the request of the users.

12. Owner, manager and appointees
The Data Controller / Data Processor (pursuant to articles 4, 24, 28 of EU Reg. 2016/679) is Baruffaldi Fratelli Srl in the person of the administrator and / or legal representative of the aforementioned company, with registered office as indicated above.
The updated list of data processors and persons in charge of processing is kept at the headquarters of the Data Controller.

13. Changes to this Notice
This information may be subject to changes. It is therefore advisable to check this information regularly and refer to the most updated version.


Confidentiality agreement for all information provided by our customers and site users.
The data controller hereby declares to be aware that following the employment relationship with customers and / or consultancy, even free of charge, with users of the site who contact the owner by email or chat or other communication channels, he / she may gain knowledge of data, information and news in general, of a confidential nature and undertakes to maintain the strictest confidentiality on what has been received, as well as on any other news, confidentiality and / or information, in the broadest meaning of the term, learned about and / or by the customer or user of the site.

Graphics, layout, texts, videos and code of this site cannot be replicated, even partially, on other websites, mailing lists, newsletters, paper magazines and cd roms, without the prior authorization of the data controller, regardless of profit. .

The authorization, also to make links to our site, must be requested in writing via e-mail and is considered accepted only with the precise consent of the data controller, always in writing. Silence does not give rise to any authorization. The brands mentioned and the programs on the site are exclusive to their respective owners in compliance with the declared licenses.


What are cookies
Cookies are small text files that the sites visited by users send to their terminals, where they are stored to be retransmitted to the same sites on subsequent visits. Cookies are used for different purposes, have different characteristics, and can be used both by the owner of the site you are visiting and by third parties. Below you will find all the information on the cookies installed through this site, and the necessary information on how to manage your preferences regarding them.
The cookies used by this site are of three types: technical ones that do not require consent, non-technical ones that require the browser's consent and those managed by third parties.
Technical cookies that do not require consent
This website uses technical cookies necessary for the functioning of the site and the provision of the service as well as technical cookies relating to the activities of saving preferences and optimizing the site. Specifically, technical cookies are used that are necessary for the functioning of javascript, technical session cookies that play the site to connect the user's actions during a browser session (eg. The passage from one page to another) allowing a more rapid navigation as well as technical cookies that memorize the user's preference and prevent the banner from being repeated on subsequent visits. All technical cookies do not require consent, therefore they are installed automatically following access to the site.
Cookies for which consent is required
All cookies other than the technical ones indicated above are installed or activated only following the consent expressed by the user the first time they visit the site. Consent can be expressed in a general way, interacting with the brief information banner present on the site approval page, according to the methods indicated in the banner of the story (by clicking on the OK button or on the X button; or by continuing to browse, even with the scroll or through a link); or it can be provided or denied selectively, according to the methods indicated below. This consent is tracked on the occasion of subsequent visits. However, the user always has the possibility to revoke the consent already expressed in whole or in part.

Cookies managed by third parties
Through this site cookies managed by third parties are also installed. You will find below some indications, and a link to the privacy policy and the consent form for each of them. For all you can also express your consent by continuing to browse or by closing this window. You will find below the name of the third parties that manage them, and for each of them the link to the page where you can receive information on the processing and express your consent.

Social network cookies are used for sharing content on social networks
YOU TUBE: Google
FACEBOOK/INSTAGRAM: Facebook (Meta Group)
TWITTER: Twitter
Statistical cookies: third-party statistics cookies (Google Analytics) are used to manage statistics anonymously, without tracking the User's IP (user data not profiled at the IP level), with data sharing with the Third Party.

Access to Third Party Information:
Privacy Policy: Google privacy policy.
Cookie Policy: Google policy.
For deactivation: info on deactivation.
Other technologies (ex. Plugin, widget, local storage, etc.)

Interaction with external social networks and platforms
Widget: is a graphical user interface component of a program, which has the purpose of using the interaction with the program itself. The widgets used are those of social networks, which allow users to easily open the social networks of the browser in a separate window.
These services allow interaction with social networks or other external platforms directly from the pages of a site. The interactions and any information acquired by the site are subject to the privacy settings of the third party who created the aforementioned technologies. To receive detailed information about the personal data processed when you use these technologies, we invite you to visit the websites of the third party managers of the aforementioned technologies. You will find below the references of these third parties, and next to each of them you will find the link to the page where you can receive information on the processing and, where required by law, express or deny your consent:
Widget social Facebook/Instagram Facebook/Instagram (Meta Group) widget policy.
Widget social Twitter Twitter widget policy.
Widget social Youtube (Google) Google widget policy.
Widget social Linkedin (Linkedin) Linkedin widget policy.

Remember that you can manage your cookie preferences also through the browser
If you do not know the type and version of the browser you are using, click on "Help" in the browser window at the top to access all the necessary information.
If, on the other hand, you know your browser, click on the one you are using to access the cookie management page.
Internet Explorer/Edge Microsoft.
Google Chrome Google.
Mozilla Firefox Mozilla.
Safari Apple.