Privacy Policy


Art. 13, paragrafo 1, lett. a) e b) Reg. UE n. 679/2016

Data Controller

Blueit S.p.A. S. B., registered office in Via Santa Maria Valle 5, 20123 Milan (MI), C.F./P.I. 06357190963, iscrizione Registro imprese Milano Monza e Brianza e Lodi REA 1886930,
capitale sociale euro 400.000,00 i.v.

Contact data of Data Controller

Tel: 039-9718400 – Fax: 039-9718499 Email:,

Contact data of  Data Protection Officer

Blueit S.p.A. S. B., registered office in Via Santa Maria Valle 5, 20123 Milan (MI), P.I. 06357190963, as your Data Controller of your personal Data (later also “Controller”), informs you, pursuant to
artt. 12 and 13 of Regolamento UE n. 679/2016 (General Data Protection Regulation, later also “GDPR”), that your personal Data will be treated by specifically authorized subjects and limited to
the purposes and with the methods that will be specified later, with reference to the functionalities of the web portal


The Data Controller informs you that, specifically, will treat your (i)common personal Data, name and surname, e-mail, telephone number/fax, accounting, tax and banking data, and (ii)
identification and IP addresses or domain names, with the methods that will be specified later. Personal Data of Users of the Website will be treat in accordance with the provisions of the GDPR, for
the performance of the features of this Website, with particular reference to the data collection procedures for completing the form “Newsletter”.
In particular, the Personal Data provided to the Data Controller will be treated for the pursuit of the following purposes: sending newsletters, or communications relating to opportunities for participation
or participation in events, programs, courses offered directly by Blueit S.p.A. S. B. on which there is a direct or indirect participation of the same through the module “Contact Us”.

This information is effective only with reference to the web portal, but not with reference to others Web portals o Website possibly consultable through the links therein, of which
the Data Controller is in no way liable. The treatment of the Data conferred on a generic basis will be carried out, also following automatic collection during navigation, for the purpose of ascertaining and / or controlling access to the
Website and / or for the purpose of improving the functionality of the same, in order to guarantee a better browsing experience. For more information, please refer, in any case, to Informativa Cookie
(Cookie Policy) present on the Site.


Except for what specified for navigation Data, your communication to the Data Controller of your personal Data has as a basis for the lawfulness of treatment the following legal bases:
– Art. 6, par. 1, letter a) of GDPR, for the marketing and newsletter purposes;
– Art. 6, par. 1, letter b) and f) of GDPR, for the site’ s management and functionality;
– Art. 9, par. 2, letter a) of GDPR, concerning your explicit consent, for the purposes referred above.


The treatment of personal Data communicated by you is carried out by means of the operations indicated in art. 4 n. 2) of the GDPR, namely: “Collection, registration, organization, conservation,
consultation, processing, modification, selection, extraction, comparison, use, interconnection, communication, cancellation and destruction of Data”.
The Personal Data communicated by You are subjected to automated treatment for the time strictly necessary to achieve the purposes for which they were collected, with technical and organizational
methods adopted to prevent the loss of Data, illicit and / or incorrect use and unauthorized access, and such, therefore, to guarantee a level of security appropriate to the risk pursuant to art. 32 of the
GDPR, by persons specifically authorized, in compliance with the provisions of art. 29 of the GDPR, or of employees and / or collaborators of the Data Controller in their capacity as authorized subjects
and / or system administrators, who can carry out operations of consultation, use, processing, comparison and any other appropriate operation in compliance with the provisions of the law
necessary to guarantee, inter alia, the confidentiality and security of the Data as well as the accuracy, updating and relevance of the Data in accordance with the stated purposes and methods.
It should be noted, in particular, that the personal Data you provide will be treated only at the headquarters of the Data Controller. The Data will not be disseminated, and, pursuant to art. 13,
paragraph 1, lett. (e) may be treated only by authorized persons and / or by any external Data Controllers pursuant to art. 28 of the GDPR (in the case of individual professionals and / or complex
professional associations), and / or by persons operating as independent Data Controllers, whose list is available at the Data Controller’s office and is provided following a written request from you the

Interested person, and among which are explicitly listed hosting companies and / or technical personnel in charge of the management and / or maintenance of the Website, but only and exclusively
for the purposes expressly and specifically indicated above. Data Controller uses external service ‘mailchimp’ to manage process, whose specifications are


In relation to the purposes indicated above, the Data may be communicated to the following persons and / or categories of persons indicated below, or may be disclosed to companies and / or persons,
who provide services, including external ones, on behalf of the Data Controller. Among these people are indicated for greater clarity: professionals and consultants also in an
associated form; persons that the company uses for the acquisition of commercial information related to contractual or pre-contractual requirements; companies, entities, external consortia,
banks and credit institutions, non-bank financial intermediaries, insurance operators in compliance with regulatory limits; persons that carry out activities of control, revision and certification of the
activities carried out by the company, possibly also in the customers’ interests; subjects providing services for the management of the information system and telecommunications networks (including
e-mail and management of Web portals and Websites – cloud storage services – hosting); competent authorities and / or Supervisory Bodies for the fulfillment of legal obligations; accounting and tax
consulting firm; labor consultants; companies and law firms for the protection of contractual rights; subjects that carry out checks, audits and certification of the activities carried out by the Data
Controller who act as external data processors pursuant to art. 28 of the GDPR, or in complete autonomy as subjects distinct from the Data Controller.


We point out that, in compliance with the principles of lawfulness, limitation of purposes and the storage and minimization of Data, pursuant to art. 5 of the GDPR, the retention period of your
personal data is established for a period of time not exceeding the achievement of the purposes for which they are collected and traited, or for the entire duration of the fulfillment of the
aforementioned purposes, and therefore, exhausted the purposes of the processing, your Data will be deleted from any physical and IT support.


Your personal data is not subject to diffusion or to any fully automated decision-making process, including profiling.


Pursuant to art. 15-22 GDPR, the interested party may exercise the rights referred to in the aforementioned rules towards the Data Controller and in particular the right to:
1) obtain confirmation of the existence of your personal data;
2) obtain access within the terms of art. 15 GDPR, the transformation into anonymous form or blocking of data whose retention is unnecessary in relation to the purposes for which the data
were collected and processed;
3) obtain the updating, correction and / or integration of their data;
4) obtain the cancellation of personal data if the conditions provided for by the GDPR are met;
5) obtain the limitation of processing if the conditions provided for by the GDPR are met;
6) complain to a supervisory authority for processing deemed illegitimate or otherwise not compliant with the GDPR;
7) revoke the consent, where the same constitutes the legal basis of the processing, without prejudice to the lawfulness of the processing based on consent before exercising the right of
Requests related to the exercise of the above rights should be addressed to the following address: