Left Banner

  • Viskoil, Accelera Ora Puoi!" translates to "Viskoil, Accelerate Now You Can!" in English

Privacy and Cookie Policy

INFORMATION ON THE PROCESSING OF PERSONAL DATA

Pursuant to Articles 13 and 14 of EU Regulation 679/2016 (GDPR), and Spanish legislation (Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights), the following information is provided regarding the processing of personal data of users who consult the pages of the website www.viskoil.com (hereinafter: 'Website') or who use the services made available on it.

L'informativa è resa esclusivamente per il Sito e non anche per gli altri siti web eventualmente consultati dall'utente tramite i link presenti all'interno del Sito.

 

Data Controller

The Data Controller for the personal data of users of the website is Lubricantes Bueno SL, located at CL Severo Ochoa nr 2 - Ind. Sesrovies - Sant Esteve Sesrovires - 08635 Barcelona (Spain) VAT number B67038307, owner of the website www.viskoil.com, email: mariavictoria@lubricantesbueno.es.

No Data Protection Officer (DPO) has been appointed, as the conditions specified in Article 37, paragraph 1, GDPR, are not met.

Types of Data Processed

Identifying and Contact Information

In accordance with the new European regulations introduced by Regulation EU 679/2016 and Spanish legislation (Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights), accessing the Website and, if applicable, registering for reserved areas or services may involve the processing of data capable of directly or indirectly identifying an individual, such as: name, surname, email address, telephone number, IP address.

It is the user's responsibility to verify that they have permission to enter personal data of third parties or content protected by national and international regulations.

The Website does not require the Data Subject to provide "special" data, i.e., according to what is provided by the GDPR (art. 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or union membership, as well as genetic data, biometric data, data concerning health or sex life, or sexual orientation of the individual. If the requested service requires the processing of such data, the Data Subject will receive a specific notice in advance and will be asked to give explicit consent.

  1. Banking Data

    When purchasing services or products reserved for members, banking data will also be processed, such as: credit card or bank account number provided for payment, cardholder and bank account owner.

    Navigation Data

    Navigation data are automatically acquired by the systems and programs responsible for the operation of the Website and are necessary for the use of web services (e.g., IP addresses, browser used, domain names of the systems used by users to connect to the web portal, Uniform Resource Identifier (URI) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.), and other parameters relating to the operating system and the user's computer environment).

    These data are also acquired in the absence of registration on the Website or request for information.

    Navigation data are used exclusively in an aggregated manner to compile anonymous statistics on the consultation of the Website and to monitor its correct functioning, and do not allow the identification of the interested users, being also deleted immediately after processing anonymously.

    However, they can be used to ascertain responsibility in the event of computer crimes committed against the website.

    III. Data Collected Through Analytical Cookies

    The website also collects data relating to the user through the use of cookies.

    For more information on the data processed through cookies, the types of active cookies, and how to disable them, please refer to the cookie policy (viskoil.com/informativa-cookie).

    Purposes and Legal Bases of Processing

    The personal data are processed by the Data Controller for the correct and complete execution of the following purposes and related legal bases:



Purpose of the Processing

To obtain statistical information on the use of the web portal and to monitor its correct functioning.

Creation of a personal user account.

Sending communications and newsletters, both in paper and electronic format, to the email address provided by the user, also for marketing purposes.

Compliance with any other legal obligations not included in the preceding purposes or legitimate interests of the data controller.

The legal bases for processing include

Il consenso espresso dell’interessato per il trattamento dei dati personali (art. 6, par. 1, lett. a), GDPR).
L’esecuzione del contratto di cui l'interessato è parte o di misure precontrattuali adottate su richiesta dell’interessato (art. 6, par. 1, lett. b), GDPR).
Il consenso espresso dell’interessato per il trattamento dei dati personali (art. 6, par. 1, lett. a), GDPR).

The express consent of the data subject for the processing of identifying and contact data (Article 6, paragraph 1, letter a), GDPR). Failure to provide the data subject's consent will not result in the inability to obtain the execution of the services offered by the Controller. The sending of newsletters involves marketing activities, for which explicit and separate consent from the user is required.

Compliance with a legal obligation to which the Controller is subject (Article 6, paragraph 1, letter c), GDPR), for the protection of vital interests of the data subject or another natural person (e.g., reporting violations to law enforcement) (Article 6, paragraph 1, letter d), GDPR), or the processing is necessary for the legitimate interests pursued by the controller or by a third party (Article 6, paragraph 1, letter f), GDPR). 

Methods, Transfer, and Duration of Processing

Personal data is processed using computerized tools and in compliance with Regulation (EU) No. 679/2016 and Spanish legislation (Organic Law 3/2018, of December 5, on the Protection of Personal Data and guarantee of digital rights).

The retention of processed data will last for the time necessary for the purposes described in this notice and, therefore, for the minimum necessary time or until an explicit request from the data subject, and in any case, in compliance with the time limits imposed by law. Data processed for marketing purposes will be retained for a maximum period of two years.

The Controller undertakes to adopt all appropriate security measures to prevent the loss and alteration of personal data, as well as any unlawful and unauthorized use thereof.

Data may be processed by persons authorized by the Controller, including any Data Processors (Article 28 GDPR), who perform their respective processing activities as independent Controllers, such as lawyers, accountants, or service providers.

Data may also be processed by persons acting under the authority of the Controller or the Data Processor, duly instructed in accordance with Article 29 GDPR (so-called data processors or authorized processors).

In other cases, collected personal data will not be disclosed to third parties, except with the explicit consent of the data subject or in case of compliance with legal obligations, regulations, or orders of control authorities, or when it is essential to protect the rights of third parties (e.g., reporting violations to law enforcement).

However, processed data will not be disclosed to undetermined recipients.

The security of collected information cannot be guaranteed against potential hacker attacks and, in general, against violations of security measures implemented for data protection. In the event of attacks or violations, they will be communicated to the data subjects and competent authorities in accordance with legal requirements.

Personal data will be processed and stored exclusively for the purposes indicated above, to keep and archive them securely on remote servers managed by leading providers in the sector that ensure compliance with high standards of protection in personal data processing matters. The data are stored on remote servers of Amazon (www.amazon.com), which hosts the Website managed by the Controller on a remote server located in Europe.

Any transfers of data outside the EU will only take place in the case of an adequacy decision issued by the European Commission in accordance with Article 45 of the GDPR, or in the case of a transfer subject to adequate safeguards under Article 46 of the GDPR, or based on binding corporate rules approved through the specific procedure referred to in Article 47 of the GDPR.

Finally, personal data may be transferred outside the European Union to the company Brevo, which provides email management services to the Controller. The company adheres to and has certified its compliance with the Privacy Shield.

Right to Restriction of Processing: Obtain the restriction of processing if one of the hypotheses provided for in Article 18 of the GDPR applies.

Right to Withdraw Consent: Withdraw consent to the processing of personal data for the specified purposes at any time, where the processing is based on this legal basis (Article 7, paragraph 3, of the GDPR).

Right to Data Portability: Obtain the release of personal data undergoing processing in a format compatible with standard computer applications, to allow their transfer to other platforms chosen by the data subject, without hindrance to the direct transmission of processed data to another data controller, where such direct transmission is technically feasible (the right to data portability pursuant to Article 20 of the GDPR).

Right to Object: Object to processing under Articles 21 of the GDPR.

Requests regarding the exercise of these rights should be addressed to the Controller at the email address mariavictoria@lubricantesbueno.es. In the event of no or partial response from the Controller to the aforementioned requests, the data subject shall have the right to lodge a complaint with the Guarantor for the protection of personal data (https://www.garanteprivacy.it/diritti/come-agire-per-tutelare-i-tuoi-datipersonali/reclamo) or to resort to judicial remedies in accordance with the terms and conditions provided for by the GDPR.

Updates to the Information

This information may be subject to updates following changes in the regulatory framework concerning the processing of personal data, or in the event of changes in the legal services offered. Any changes will be promptly communicated, and acceptance of such changes is required to continue to benefit from the agreed professional services