Privacy Policy & Cookie Policy – BitBang S.r.l
BitBang S.r.l., with registered offices in Bologna, Via Enrico Mattei no. 102, VAT number 02329121202 (hereinafter, “BitBang” or “Data Controller”), is committed to protecting the online privacy of the users of the www.bitbang.com website (hereinafter, “Website”). As such, this document (hereinafter, “Privacy Policy”) has been written according to Article 13 of EU Regulation 2016/679 (hereinafter, the “Regulation” or “GDPR”), in order to allow you to understand our policy regarding your privacy, and how your personal data will be handled when using our Website. This Privacy Policy contains important information regarding the protection of your personal data so that you are able to consent to the processing of your personal data in an explicit and informed manner, where appropriate.
The information and data which you may provide, or which may otherwise be collected through the Website, in the context of your use of BitBang’s services (hereinafter, the “Services“), as better defined in Section 3, will be used in compliance with the principles of lawfulness, fairness, transparency, purpose limitation, storage limitation, data minimization, accuracy, integrity and confidentiality.
TABLE OF CONTENTS
- Data Controller and Data Protection Officer
- Personal Data processed
a. Personal Data provided voluntarily by the data subject
b. Applications. Special Categories of Personal Data
c. Third party Personal Data provided voluntarily by the user of the Website
d. Browsing data
e. Cookies - Purpose of the processing
- Legal bases and mandatory / discretionary nature of the conferment
- Recipients of Personal Data
- Transfers of Personal Data
- Retention of Personal Data
- Data subjects’ rights. Contact details of the Data Controller
- Amendments
1. Data Controller and Data Protection Officer
BitBang, as identified at the beginning of this Privacy Policy, is the Data Controller regarding all personal data processed through the Website.
It is possible to contact BitBang’s Data Protection Officer (“DPO”) at any time by writing to: dpo@bitbang.com.
2. Personal Data processed
As you use the Website, we inform you that the Data Controller may collect and process your personal data, which may consist of – also depending on your decisions regarding use of the Services – an identifier such as your name, an identification number, an online identifier (“Personal Data“).
Your Personal Data may be collected either because you voluntarily provided it (for example, when filling out an online form) or simply by analysing your behaviour on the Website.
Personal Data which may be processed through the Website are as follows:
a. Personal Data provided voluntarily by the data subject
In some sections of the Website (for example, in the “Work with us” section), you may be asked to enter information such as your name, surname, telephone number, email address, etc.
b. Applications. Special Categories of Personal Data
By sending your CV through the “Careers” section of the Website, you authorise the Data Controller to process your Personal Data. BitBang asks you to not disclose Personal Data which may fall under the category of Personal Data referred to in Article 9 of the Regulation (“[…] data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and […] genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation”), unless such disclosure is strictly necessary. Otherwise, should you decide to provide it, such Personal Data shall be processed only if and to the extent that it is effectively and strictly necessary for BitBang to do so as provided for in the general applicable authorization of the Italian Data Protection Authority – Garante per la protezione dei dati personali for the protection of personal data. In such cases, BitBang may ask for your specific consent; if the processing of such special categories is not necessary for the purpose of evaluating your application and establishing the employment relationship and such data are included in your application, BitBang shall refrain from processing them.
c. Third party Personal Data provided voluntarily by the user of the Website
As mentioned above, in some forms present on the Website you may insert free text messages or information, visible to the Data Controller, which could contain the Personal Data of third parties. In any situation where you decide to share Personal Data related to other persons through the Website, you will be considered as an independent data controller regarding that Personal Data and must assume all inherent legal obligations and responsibilities. To this end, you must fully indemnify BitBang against any complaints, claims or demands for compensation for damages which may arise from the processing of such Personal Data, initiated by the third parties whose Personal Data have been processed through the use of the Website in violation of the applicable rules on personal data protection. In any case, if you provide or in any other way process the Personal Data of third parties while using the Website, you henceforth guarantee – assuming all related responsibilities – that this specific processing is grounded on an appropriate legal basis in accordance with Article 6 of the GDPR, which legitimizes the processing of the information in question.
d. Browsing Data
The Website’s operation, as is standard with any website on the Internet, involves the use of computer systems and software procedures, which collect information about the Website’s users as part of their routine operation. While BitBang does not collect this information in order to link it to specific users, it is still possible to identify those users either directly via that information, or by using other information collected – as such, this information is also considered Personal Data.
This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests made, the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on. These data are used exclusively to compile anonymous, statistical information on the use of the Website, as well as to ensure its correct operation and identify any anomalies and/or abuses of the Website – this data is deleted immediately after processing. Such data could be used to ascertain responsibility in the event of computer crimes carried out against the Website or against third parties.
e. Cookies
Definitions, characteristics and application of the regulation
Cookies are small text files that websites visited by the user send and record on the computer or mobile device of the same. They are then transmitted back to the relative sites during the next visit. Thanks to cookies the site remembers the actions and preferences of the user (such as, for example, login data, default language, font sizes, additional display settings, etc.) so that the user does not need to specify them again when they re-visit the site and browses its pages. Cookies are therefore used to perform computer authentication, session monitoring and to store information about the activities of users who access a website and may also contain a unique identifier that allows for the monitoring of user experiences on the site for statistical or advertising purposes.
During the navigation of a site, the user may also receive cookies on their computer or mobile device from sites or web servers other than the one they are visiting (so-called “third party” cookies). Some operations cannot be performed without the use of cookies, which in some cases are technically necessary for the operation of the Website.
There are various types of cookies and depending on their features and functions, they may remain on the computer or mobile device of the user for different periods of time: so-called session cookies, which are automatically deleted when you close your browser; so-called persistent cookies, which remain on the user’s device until a pre-established date.
According to applicable legislation, your prior explicit consent for the use of cookies is not always required. In particular, such consent is not required for “technical cookies”, for example, those used for the sole purpose of transmitting a communication over an electronic communications network, or as strictly necessary to provide you with a service that has been explicitly requested by the user. In other words, technical cookies are indispensable for the operation of the site or to perform tasks requested by the user.
Types of cookies used by the Website
The Website uses first party cookies:
- Technical cookies – session or navigation – are strictly necessary for the operation of the Website or to allow users to make use of the content and services they have requested.
- Analytics cookies allow for an understanding of how the Website is used. These cookies do not collect information about the identity of the user or any Personal Data. The data is processed in an aggregate and anonymous form.
- Functional cookies are used to activate specific functionalities of the Website and a number of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.
BitBang also uses third-party cookies – i.e., cookies from websites / web servers other than the Website, and which are used for specific purposes of the third parties owning those websites / webservers. These third parties will typically be considered independent data controllers regarding their cookies, and therefore you must refer to their privacy policies, information notices or other materials to obtain more information on them, as specified below:
- Google: https://www.google.com/policies/privacy/partners/ https://tools.google.com/dlpage/gaoptout
- Adobe: http://www.adobe.com/privacy/analytics.html http://www.adobe.com/privacy/opt-out.html
- Decibel: https://www.decibelinsight.com/privacy-policy/ https://www.decibelinsight.com/OptOut/
- Marketo: https://experienceleague.adobe.com/docs/marketo/using/product-docs/administration/settings/understanding-privacy-settings.html?lang=en
Cookies sent via the Website
In detail, the cookies sent via the Website are specified below:
Type of cookie | Technical name of cookie | Persistence Time | Domain | Purpose | How to disable cookies |
Analitycs | gvsC | Session | bitbang.com | First page identifier of visit captured with Adobe Analytics | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | s_fid | 2 years | bitbang.com | This cookie is used to identify a unique visitor if the standard s_vi cookie is not available due to restrictions on third-party cookies. It is not used for implementations that use first-party cookies | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | s_cc | Session | bitbang.com | Flag identifying the presence or absence of cookie acquired with Adobe AnalyticsFlag identifying the presence or absence of cookie acquired with Adobe Analytics | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | pa_privacy | 13 months | bitbang.com | Persistence privacy mode | https://docs.piano.io/track/piano-cookie-descriptions/ |
Analitycs | _ga | 2 years | bitbang.com | Technical tracking information captured with Google Analytics | https://chromewebstore.google.com/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=en |
Analitycs | _pcid | 13 months | bitbang.com | This cookie contains the browserId (BID) used in Piano products for reporting and tracking purposes. | https://docs.piano.io/track/piano-cookie-descriptions/ |
Analitycs | AMCVS_65523F145B1532F80A495C49@AdobeOrg | 2 months | bitbang.com | The AMCVS cookie serves as a flag indicating that the session has been initialized. It always has a value of 1 and is terminated when the session ends. | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | _cls_v | 13 months | bitbang.com | The cookie is used to assign the visitor a unique anonymous ID | https://www.glassbox.com/cookie-policy/ |
Analitycs | _cls_s | Session | bitbang.com | The cookie is used to identify the current browsing session | https://www.glassbox.com/cookie-policy/ |
Analitycs | ajs_anonymous_id | 1 year | bitbang.com | This cookie is used to count how many times a website has been visited by different visitors; this is done by assigning the visitor an ID so that it is not recorded twice. | https://pages.twilio.com/CPNI-Data-Preference-Center.htmlhttps://pages.twilio.com/CPNI-Data-Preference-Center.html |
Analitycs | cls_e | Session | bitbang.com | ||
Analitycs | AMCV_65523F145B1532F80A495C49@AdobeOrg | 2 years | bitbang.com | Anonymous unique visitor identifier captured with Adobe Analytics | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | amp_5fb911 | 1 year | bitbang.com | The cookie is used to keep track of some metadata for the SDK: deviceId: A randomly generated string userId: When the user logs in, if the instrumentation sends this value to Amplitude, it is stored in the cookie. The user can choose to disable browsing cookies from the browser settings therefore Amplitude will assign a new device id to the user for each new visit optOut: to opt out of tracking completely, which means that no events and no records of their browsing history will be stored in Amplitude, the Amplitude SDK provides an optOut as a way to satisfy this request. To opt out of tracking programmatically, the SDK provides the method amplitude.setOptOut(true). sessionId: A randomly generated string for each session lastEventTime: Time of the last event, used to determine when to expire and create a new session Id. eventId: An ascending sequence of identifiers used to distinguish events. identifyId: A growing sequence of identifiers used to distinguish identify calls. sequenceNumber: A sequence number used to sort events and correctly identify and sequence them. | https://www.docs.developers.amplitude.com/guides/cookies-consent-mgmt-guide/#managing-cookie-consent |
Analitycs | s_sq | Session | bitbang.com | Contains information about previously clicked links captured with Adobe Analytics | https://www.adobe.com/privacy/experience-cloud.html |
Analitycs | _ga_STD5P8SV0E | 2 years | bitbang.com | Used to maintain session state. | https://chromewebstore.google.com/detail/google-analytics-opt-out/fllaojicojecljbmefodhfapmkghcbnh?hl=en |
Analitycs | _cs_id | 13 months | bitbang.com | Stores the user’s technical data | https://contentsquare.com/legal/user-privacy-policy/ |
Analitycs | _cs_s | 30 minuts | bitbang.com | To store and count page views. | https://docs.contentsquare.com/en/web/personal-data-handling/ |
Functional | CONSENTMGR | 1 year | bitbang.com | The “CONSENTMGR” cookie stores key/value pairs related to consent and preference requests on the website. It helps manage and store user choices and preferences regarding consent and preference requests. | https://tealium.com/preferences-2/ |
Functional | _cs_c | 13 months | bitbang.com | To store cookie consent preferences | https://docs.contentsquare.com/en/web/personal-data-handling/ |
Functional | _pctx | 13 months | bitbang.com | This cookie is needed to synchronize different Plan product scripts containing common data points. It contains data from different products, for example Composer Insights or Ad Revenue Insights, but only IF you have implemented one of these products. | https://docs.piano.io/track/piano-cookie-descriptions/ |
Functional | wordpress_test_cookie | Session | bitbang.com | Test whether your browser accepts cookies | |
Tecnici | wp-wpml_current_language | 24 hours | bitbang.com | Stores the current language | This cookie keeps a record of your choice about consenting to the use of cookies, which is why you cannot disable it. |
Technical | utag_main | 1 year | bitbang.com | Storage on tag delivery regarding the privacy choice expressed by the user | This cookie keeps a record of your choice about consenting to the use of cookies, which is why you cannot disable it. |
Marketing | _mkto_trk | 2 years | bitbang.com | This cookie may contain information (such as a unique user ID) that is used to track your use of our site. Cookies placed by Marketo can only be read by Marketo | Visitors can completely opt out of Munchkin’s tracking by adding the querystring parameter “marketo_opt_out=true” to their browser URL. When Munchkin’s JavaScript detects this setting, it will try to set a new cookie “mkto_opt_out” with value true. All other Marketo tracking cookies will be deleted, no new cookies will be set, and Munchkin will not make any HTTP requests when this setting is detected. |
Cookie settings
You may authorise, block or delete (in whole or in part) cookies through the specific functions of their navigation program (so-called browser) and via the provided by BitBang by clicking on “Cookie preferences” at the bottom of the Website. However, if you block or disable all or some of the technical cookies, the Website or certain Services of the Website may not be consulted or certain services or features of the Website may not be available or may not work properly and/or the user may be forced to change or manually enter some information or preferences each time he/she visits the Website.
The choices you make with reference to Website cookies will be recorded in a special cookie. However, this cookie may not function correctly in some situations. In such cases, we suggest that you delete any unwanted cookies and manage them through your browser settings.
The user’s cookie preferences will be reset if different browsers are used to access the Website.
How to display and modify cookies through your browser
For more information on how to set cookie preferences through your browser, it is possible to consult the following instructions:
You may also manage your choice related to third party cookies by using online platforms such as AdChoices.
ATTENTION: by disabling technical and / or functional cookies, the Website may not be available for consultation or some services or certain functions of the Website may not be available or may not work properly and you may be forced to modify or manually enter some information or preferences each time you visit the Website.
3. Purpose of the processing
The purposes of the processing of your Personal Data collected through the Website are the following:
a. To provide the Services you request, such as to download materials shared on the Website, request a demo, sign up to events, request a document, subscribe to BitBang’s newsletter, respond to a request sent to addresses you may find on the Website (“Provision of the Service”).
b. To analyse CVs and to contact the candidates who submit their applications through the “Work with us” section of the Website (“Recruitment”). The Data Controller also intends to retain your CV in order to improve its personnel selection processes, to ensure its organizational efficiency and the optimization of the activities of BitBang personnel employed in such activities, including with respect to candidates who have not yet been interviewed or for candidates who have had an interview that was not followed by an employment engagement, so that we can contact you at a later time or evaluate your CV in the future (“Selection Process Optimization”).
c. To carry out marketing activities, conduct studies, research, market statistics and send you advertising and information material via e-mail or SMS, and/or over the telephone through operators and/or through the official pages of the Data Controller on social media related to the activities, products and services of the Data Controller (“Marketing”). You can, at any time, withdraw the consent that you have previously granted to traditional or automated marketing methods by giving notice to the Data Controller without any formality, simply by writing to the addresses indicated in Section 8 of the Privacy Policy, without prejudice to the lawfulness of the processing based on your previous consent.
d. To fulfil the obligations provided for by law which required the Data Controller to collect and / or further process certain types of Personal Data (“Compliance”).
e. To prevent or detect any fraudulent conduct or abuse of the Website in order to allow the Data Controller to defend itself in court (“Abuse/Fraud”).
f. To carry out statistical analysis without the possibility to identify the user (“Statistics”).
g. To disclose your Personal Data (e.g., name, surname and e-mail address) to companies which have sponsorship or partnership relationships with BitBang and which operate within the Digital Marketing field, for their autonomous marketing purposes. The identity of these companies is indicated from time to time on the webpage of the event you register to attend (“Disclosure to Third Parties”).
4. Legal basis and mandatory / discretionary nature of the conferment
The legal basis of the processing of Personal Data for the purposes referred to in Section 3 are the following:
a. Provision of the Service: the processing for this purpose is necessary to provide the Service and for the performance of the contract. The provision of your Personal Data for this purpose is optional, however, failure to provide them would imply the inability to provide the requested Services or to respond to your requests.
b. Recruitment: the processing for this purpose is necessary to allow the Data Controller to schedule interviews and manage the recruitment procedure. The provision of your Personal Data is optional, but any failure to provide it would make it impossible for BitBang to evaluate your profile and your application. The processing of your Personal Data does not require your consent as it is a spontaneous application, in accordance with the applicable Italian data protection law (see section 111-a of the Italian Data Protection Code, as amended by the legislative Decree no. 101/2018: “If an uninvited CV is received with a view to possible recruitment, the information referred to in Article 13 of the Regulation shall be provided when the respective data subject is first contacted thereafter. Within the framework of the purposes referred to in Article 6(1), letter b), of the Regulation, no consent shall be required to process the personal data contained in the CV”). In this regard, we remind you to not provide special categories of Personal Data (such as data concerning your health, your religious beliefs, your political opinions, etc.) if not strictly necessary; in this case, the processing of such Personal Data will take place in compliance with and within the limits of the general pro tempore authorization of the Garante per la protezione dei dati personali. The storage of CVs for the purpose of the Selection Process Optimisation is based on the legitimate interest of the Data Controller (art. 6(1)(f) GDPR reads: “[…] processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child”).
c. Marketing: the processing for this purpose is based on your prior consent (art. 6(1)(a) GDPR reads: “[…] the data subject has given consent to the processing of his or her personal data for one or more specific purposes”). It is not mandatory for you to give your consent to the Data Controller for this purpose and you can withdraw your consent at any time without any consequences (except for the fact that you will no longer receive marketing communications from the Data Controller). You may withdraw your previously granted consent by following the instructions provided in Paragraph 8 of this Privacy Policy..
d. Compliance: the processing for this purpose is necessary for BitBang in order to fulfil any legal obligations to which it is subject (art. 6(1)(c) GDPR reads: “[…] processing is necessary for compliance with a legal obligation to which the controller is subject”). When providing Personal Data to the Data Controller, such data must be processed according to the applicable regulations, which could entail their retention and disclosure to the Authorities for accounting, tax or other obligations.
e. Abuse/Fraud: the information collected for this purpose will be used exclusively to prevent and / or identify any fraudulent activity or abuse in the use of the Website and therefore allows the Data Controller to protect itself in court..
f. Statistics: it is specified that such processing is not performed on Personal Data and therefore can be freely carried out by the Data Controller.
g. Disclosure to Third Parties: the processing of your Personal Data for this purpose is based on your consent (art. 6(1)(a) GDPR reads: “[…] the data subject has given consent to the processing of his or her personal data for one or more specific purposes”). The provision of your Personal Data for this purpose is entirely optional and does not affect the use of the Services. If, in any case, you wish to object to the processing of your Personal Data for this purpose you may do so at any time by writing to the Data Controller, without prejudice to the lawfulness of the processing based on your consent given prior to the withdrawal.
5. Recipients of Personal Data
Your Personal Data may be shared with the subjects mentioned below (collectively “Recipients”):
a. Subjects typically acting as data processors, namely: persons, companies or professional firms which provide the Data Controller with advice and consulting in accounting, administrative, legal, tax, financial and debt collection matters related to the provision of the Services.
b. Subjects who are engaged with in order to provide the Services (for instance, hosting providers or email platform providers).
c. Persons authorised to perform technical maintenance of the Website (including the maintenance of network equipment and electronic communications networks).
d. . Persons authorized by the Data Controller to process the Personal Data required for carrying out activities strictly related to the provision of the Services, who have committed themselves to confidentiality or have an appropriate legal obligation of confidentiality (for example, the employees of BitBang).
e. Subjects, bodies or authorities to whom it is mandatory to disclose your Personal Data to in accordance with Compliance, Abuse/Fraud purposes or under the orders of the authorities.
f. Third parties active in the field of Digital Marketing for their own autonomous and separate marketing purposes, only if you have given your specific consent.
6. Transfers of Personal Data
Your personal data may be shared with Recipients outside the European Economic Area. The Data Controller ensures that the processing of your Personal Data by these Recipients will take place in compliance with the applicable legislation. Transfers will be made through appropriate guarantees, such as adequacy decisions, Standard Contractual Clauses approved by the European Commission or others. For further information on the transfers of personal data, you may contact BitBang by writing to: dpo@bitbang.com or ufficioprivacy@bitbang.com
7. Retention of Personal Data
Personal Data processed for the Provision of the Service purpose will be kept by the Data Controller for the period deemed strictly necessary to fulfil such purposes. In any case, as these Personal Data are processed for the provision of the Services, the Data Controller will retain the Personal Data for the period allowed by Italian law to protect its interests (Article 2946 and ensuing articles of the Italian Civil Code).
Personal Data processed for Recruitment purposes will be kept by the Data Controller for the entire duration of the evaluation procedure, while for Selection Process Optimization purposes, Personal Data will be kept for 7 years after receipt of your CV.
Personal Data processed for Marketing purposes will be kept by the Data Controller until you withdraw your consent. Once consent has been withdrawn, the Data Controller will no longer use your Personal Data for such purposes, but it may in any case retain them, in particular as may be necessary in order to protect the interests of the Data Controller from possible complaints based on such processing.
Personal Data processed for the Compliance purpose will be retained by the Data Controller for the period provided for by specific legal obligations or applicable legislation.
Personal Data processed to prevent Abuse/Fraud will be retained by the Data Controller for the time strictly necessary for the aforesaid purpose and therefore until the Data Controller is bound to keep them to protect itself in court to disclose such data to the competent Authorities.
Personal Data processed for Disclosure to Third Parties will be processed, as a general rule, until the withdrawal of your consent.
Further information about the data retention period and the criteria used to determine this period can be requested by writing to the Data Controller at the addresses provided in Paragraph 8 of the Privacy Policy.
8. Data subject rights. Contact details of the Data Controller
Under Articles 15 and following of the Regulation, you, as a data subject, are entitled to request from BitBang, at any time, access to your Personal Data, the correction and erasure of your Personal Data, as well as to object to its processing pursuant to Article 21 of the Regulation. You are also entitled to request the restriction of the processing of your Personal Data in the cases set out in Article 18 of the Regulation, as well as to obtain the Personal Data you have provided to BitBang in a structured, commonly used and machine-readable format, in the cases set out in Article 20 of the Regulation.
Consent to analysis through cookie may be withdrawn by following the indications laid down in Paragraph 2.e of this Privacy Policy and by clicking on “Cookie preferences” at the bottom of the Website.
Requests should be made in writing to: ufficioprivacy@bitbang.com or to the physical address of the Data Controller indicated above.
In any case, please note that, as a data subject, you are entitled to file a complaint with the competent supervisory authority (the Italian Data Protection Authority – Garante per la protezione dei dati personali) pursuant to Article 77 of GDPR, if you believe that the processing of your Personal Data carried out through this Website violates applicable law, as well as to seek judicial redress through the courts (Article 79 of the GDPR).
9. Amendments
This Privacy Policy has been effective since February 29 2024. The Data Controller reserves the right to partly or fully amend this Privacy Policy, or simply to update its content, e.g., as a result of changes in applicable law. The Data Controller will inform you of such changes as soon as they are introduced. The Data Controller therefore invites you to regularly visit this Privacy Policy in order to acquaint yourself with the latest updated version of the Privacy Policy, so that you may always be informed on how the Data Controller collects and uses your Personal Data.
Version no. 3.0, 29/02/2024