Terms and conditions of personal data treatment

This page describes how this site manages the processing of personal data of users who consult their pages. This report is made in accordance with current legislation concerning personal data for users who interact with the services of this site in the framework of the 2016/679 EU Regulation. The information provided is only for this site and not for other websites which may be consulted by the user through our links.

The “owner” of the personal data treatment.

Following consultation of the site, data relating to identified or identifiable persons may be processed. The “owner” of this treatment is Brilliantrees S.r.l. based in Via Mattei, 21 – 28100 – Novara, Italy.

Data Controller.

When you visit our website,information referring to persons identified or identifiable may be used. The data controller is Brilliantrees S.r.l. with headquarters in Via Mattei 21,28100 Novara,Italy.

Location of data processing.

Any processing connected to the web services is handled only by technical staff of the Office in charge of processing, or by persons in charge of occasional maintenance operations. No data deriving from the web service is communicated or disseminated.

Purpose of the processing and legal basis of the processing.

The personal data provided by users who request,or intend to use, services or products offered through the site, as well as receive further specific content, are used only to respond to requests, or perform the service or provision requested, and are disclosed to third parties only in the case where this is necessary for a specific purpose. The legal basis of these treatments is the need to give feedback regarding the requests of the interested parties or to carry out activities foreseen by the agreements defined with the interested parties.
With the express consent of the user, the data may be used for commercial communication activities related to offers of products or other services belonging to the owner. The legal basis of this treatment is the freely expressed consent given by the interested party.
Apart from these hypotheses, users’ browsing data is kept for the time strictly necessary for the management of processing activities within the limits established by law.

Types of data processed.

Navigation data.

The computer systems and software procedures used to operate the site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which, by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of the computers used by users connecting to the site, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment. These data are used for the sole purpose of obtaining anonymous statistical information concerning the use of the site and to check its correct functioning, and are deleted after processing. The data could be used to ascertain responsibility in case of hypothetical computer crimes against the site.

Data provided voluntarily by the user.

The optional, explicit and voluntary sending of emails to the addresses indicated on the site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data included in the message. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request.


Cookies means a textual element that is inserted into the hard disk of a computer only after authorization. Cookies have the function of streamlining the analysis of web traffic or indicating when a specific site is visited and allowing web applications to send information to individual users. No personal data of users is acquired by the site in this regard. We do not use cookies to transmit information of a personal nature, nor are c.d. persistent cookies of any kind used, or systems for tracking users. The use of c.d. session cookies is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow the safe and efficient exploration of the site. The c.d. session cookies used on the site avoid the use of other technologies that could compromise the privacy of users’ browsing and do not allow the acquisition of personal identification data.

Optional provision of data.

Apart from the information specified for navigation data, the user is free to provide personal data to thus request services offered by the Owner. Failure to provide such data may make it impossible to obtain what has been requested.

Processing methods and data retention times.

Personal data is processed with automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.
The data is kept for the time strictly necessary for pursuing the purposes indicated in this statement and will be deleted at the end of this period, unless it must be kept for legal obligations or to assert a right in court.

Rights of the interested parties.

Within the limits, and under the conditions established by law, the owner is obliged to respond to the requests of the interested party regarding personal data concerning him / her.

In particular, based on the current legislation:

1. The data subject has the right to obtain from the data controller confirmation that the processing of personal data concerning him or her is in progress and, in this case, to obtain access to personal data and the following information:

  • the purposes of the processing;
  • the categories of personal data in question;
  • the recipients, or categories of recipients, to whom the personal data has been, or will be, communicated, in particular if these are recipients of third countries or international organizations;
  • whenever possible, the retention period of the personal data provided or, if this is not possible, the criteria used to determine this period;
  • the existence of the right of the data subject to request the data controller to rectify or delete personal data or limit the processing of personal data concerning him/her or oppose its treatment;
  • the right to lodge a complaint with a supervisory authority;
    if the data is not collected from the data subject, all information available on its origin;
  • the existence of an automated decision-making process, including profiling.

2. The data subject has the right to obtain from the data controller the correction of inaccurate personal data concerning himself/herself without undue delay. Taking into account the purposes of the processing, the data subject also has the right to obtain the integration of incomplete personal data by providing an additional declaration.
3. The data subject has the right to obtain from the data controller the deletion of personal data concerning himself/herself without undue delay and the data controller is obliged to cancel the personal data without undue delay within the limits and in the cases provided for by the current legislation. The data controller communicates to each of the recipients to whom personal data has been transmitted the eventual corrections. cancellations or limitations of the processing within the limits, and in the forms provided for, by the current regulations.
4. The interested party has the right to obtain from the data controller the limitation of the treatment.
5. The data subject has the right to receive personal data concerning himself / herself provided to a data controller in a structured, commonly used and readable form by automatic device and has the right to transmit such data to another data controller without impediments on the part of the data controller to whom he initially provided it.
To exercise the rights listed above, the interested party must submit a request using the following contact points through which the Data Protection Officer can also be contacted:

  • for written communications to the Data Controller’s address: Brilliantrees S.r.l. with headquarters in Via Mattei, 21 – 28100 – Novara
  • using the email address: indicating in the object the following: ” THE EXERCISE OF THE RIGHTS IN THE FIELD OF PERSONAL DATA”.

The present version of the information on the processing of personal data was updated on May 7, 2018.