This Application collects some Personal Data of its Users.

This privacy policy relates to the processing of data acquired through the User’s activities on the landing page of the website www.cioccoshow.it and is valid in cases where the User proceeds to register his/her data in the “newsletter” form (hereinafter, individually referred to as “the Service” and jointly referred to as “the Services”).

1. Data Controller.

BF Servizi Srl (in this document also referred to as BFS) – via A. Maserati 18 – 40128 Bologna (Italy)

Data Controller’s e-mail address: privacy@bfservizi.it

2. Type of Data collected.

The Personal Data collected by this Application, either autonomously or through third parties, appointed, where applicable, as Data Processors (Webees Srl single-member company, BolognaFiere SpA, Diennea Srl – MagNews platform), only include common data and namely: name, surname, telephone number, company name, e-mail address, operating Cookies, it should be noted that any further data entered by the User, including special data, if not necessary for the processing purposes, will be immediately removed from the Application.

Unless otherwise specified, all Data requested by this Application are mandatory. If the User refuses to communicate them, it may be impossible for this Application to provide the Service and the Services. If this Application indicates some Data as optional, the Users are free to refrain from communicating such Data, without this having any consequence on the availability of the Service or its operation.

Users who are unsure of what Data is mandatory are encouraged to contact the Data Controller.

The possible use of Cookies – or of other tracking tools – by this Application or by the owners of third party services used by this Application, unless otherwise specified, has the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy available on the web page. The User shall be held responsible for personal or third-party Data obtained, published or shared through this Application, and guarantees to have the right to disseminate or communicate them, thus holding the Data Controller exempt from any responsibility against third parties.

3. Processing methods.

The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

Data are processed by means of computer and/or telematic tools, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, other subjects whose activity is functional to the provision of the service requested by the User may have access to the Data, namely: the employees of BFS or BolognaFiere SpA (administrative, commercial, marketing, system administrators) duly authorised by means of a nomination deed, or external subjects (such as third-party technical service providers, hosting providers, IT companies, communication agencies) appointed, if required by law, as Data Processors by the Data Controller. The updated list of Data Processors can always be requested from the Data Controller.

4. Legal basis and processing purposes.

The User’s data will be processed for the provision of services requested by the User and in particular:

  1. for the purpose of sending the newsletter pending the request of the User and BFS’ legitimate interest to inform the User of the Cioccoshow event by sending e-mails (sent directly by the Data Controller or through the platforms and computer tools “Mailchimp” and “MagNews”);
  2. for the purpose of interacting with social networks by viewing sponsored pages; the interactions and information acquired will in any case be subject to the User’s privacy and cookies settings relative to each social network;

5. Place of processing.

The Data are processed at the Data Controller’s operating offices or at the offices of the persons appointed as data processors, a list of which may be obtained by contacting the Data Controller.

6. Storage period.

The Data collected as detailed above shall be stored:

a) for the purposes referred to in the previous article letters a), c) and d) for a maximum period of 3 years, subject to revocation of consent referred to in paragraph 7 c), given the interest of maintaining an active relationship with the User; b) for the purposes mentioned in the article above letter

b) for a maximum period of 10 years starting from the issuing of the last invoice.

7. The User’s Rights.

Users may exercise certain rights with respect to the Data processed by the Data Controller.

More specifically, the User is entitled to:

  • Withdraw consent at any time. The User may withdraw consent to the processing of his/her Personal Data previously expressed, without prejudice to the legitimacy of the processing up to the time of withdrawal.
  • Object to the processing of his/her Data. The User may object to the processing of his/her Data when it is done on a legal basis other than consent. Further details on the right to object are provided in the section below.
  • Access his/her Data. The User has the right to obtain information on the Data processed by the Data Controller, on certain aspects of the processing and to receive a copy of the Data processed.
  • Verify and ask for correction. The User may verify the correctness of his/her Data and ask that they be corrected or updated.
  • Limit the processing. When certain conditions are met, the User may request the limitation of the processing of his/her Data. In this case, the Data Controller will not process the Data for any purpose other than its storage.
  • Obtain the deletion or removal of your Personal Data. When certain conditions are met, the User may request that his/her data are deleted by the Data Controller.
  • Receive his/her  Data or have it transferred to another data controller. The User has the right to receive his/her Data in a structured, commonly used and machine-readable format and, where technically feasible, to have it transferred without impediment to another data controller. This provision is applicable when the Data is processed by automated means and the processing is based on the User’s consent, a contract to which the User is a party or contractual measures related thereto.
  • Lodge a complaint. The User may lodge a complaint with the competent data protection supervisory authority or take legal action.

The rights above can be exercised by sending a written communication to the following address: privacy@bfservizi.it.

It should be noted that, the data controller will respond to the request within 30 days and, in the event of acceptance of the request, the Data Controller ensure that third parties responsible for processing data are duly notified.

If the request is accepted, the Data Controller undertakes to delete it also from any archives, allowing remote verification by the user.

8. Further data processing information.


The User’s Personal Data may be used by the Data Controller in legal proceedings or in the preparatory phases of proceedings to defend the User against misuse of this Application or related Services.
The User declares that he/she is aware that the Data Controller may be required to disclose the Data by order of public authorities.

Specific disclosures.

At the request of the User, in addition to the information contained in this privacy policy, this Application may provide the User with additional and contextual information regarding specific Services, or the collection and processing of Personal Data.

System logs and maintenance.

For operational and maintenance purposes, this Application and any third-party services used by it may collect system logs, i.e. files that record interactions and may also contain Personal Data, such as the User’s IP address.

Information not contained in this policy.

Further information in relation to the processing of Personal Data may be requested at any time from the Data Controller using the contact details.

9. Changes to this privacy policy.

The Data Controller reserves the right to make changes to this privacy policy at any time by informing Users on this page and, if possible, on this Application as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. Therefore, please consult this page regularly, referring to the date of last modification indicated at the bottom.

If the changes affect processing the legal basis of which is consent, the Data Controller will collect the User’s consent, if necessary.

We inform you that the Data Protection Officer of BF Servizi can be contacted at the e-mail address: dpobfs@lslex.com.