(pursuant to EU Regulation 2016/679 – GDPR)
- Data Controller
The Data Controller is:
BM SRL A SOCIO UNICO
Registered office: Via Antonio Salandra, 18 – 00187 Roma, Italy
Email: marketing@brunoribadi.it - Types of Data Collected
We may collect and process the following personal data:
Personal and contact details (name, surname, email, phone number, address);
Browsing data (IP address, access logs, data collected through cookies and similar technologies);
Commercial data (information relating to orders, online purchases, invoicing);
Data voluntarily provided by users (e.g. by filling in contact forms, subscribing to the newsletter, event bookings, job applications). - Purpose of Processing
Data is collected and processed for the following purposes:
Managing requests sent through the website or our contact channels;
Sending newsletters and promotional communications (subject to consent);
Administrative, accounting, and tax compliance;
Managing orders, sales, and shipments;
Improving online services and user experience (through statistics and cookies). - Legal Basis of Processing
The processing of data is based on:
Performance of a contract or pre-contractual measures (e.g. purchasing beer or booking events);
Compliance with legal obligations;
Legitimate interest of the Controller (e.g. IT security, direct marketing to existing customers);
User consent (for newsletters, profiling cookies, and commercial communications). - Methods of Processing
Data is processed using electronic and paper tools, in compliance with the security measures required by the GDPR, to ensure confidentiality, integrity, and availability of personal data. - Data Retention
Data will be kept for the time strictly necessary to achieve the purposes for which it was collected, and in any case:
For contractual and tax purposes: up to 10 years after the end of the relationship;
For marketing purposes: until consent is withdrawn or for a maximum of 24 months;
For browsing data: in accordance with current legislation. - Data Communication and Disclosure
Personal data may be communicated to:
Employees and collaborators of Birrificio Bruno Ribadi, authorized to process data;
External service providers (e.g. shipping services, accounting and tax consultants, marketing agencies, hosting providers);
Public bodies and competent authorities, where required by law.
Data will not be disclosed publicly without the user’s consent. - Transfer of Data Outside the EU
Some data may be transferred outside the EU (e.g. cloud services, newsletter platforms). In such cases, transfers will take place only to countries deemed adequate by the European Commission, or through contractual safeguards compliant with the GDPR (e.g. Standard Contractual Clauses). - Data Subject Rights
Users have the right to:
Access their personal data;
Rectify or update their data;
Request erasure (“right to be forgotten”);
Restrict processing;
Data portability;
Object to processing for marketing purposes;
Withdraw consent at any time.
To exercise these rights: send a written request to [privacy@brunoribadi.it]. - Cookies and Tracking Tools
This website uses technical, analytical, and profiling cookies.
For more details and to manage preferences, please see the Cookie Policy. - Right to Lodge a Complaint
If you believe that the processing of your personal data violates data protection laws, you have the right to lodge a complaint with the Italian Data Protection Authority (www.garanteprivacy.it) or the competent supervisory authority. - Changes to this Policy
This Privacy Policy may be updated at any time. Updates will be published on this page with the date of revision.
Last update: 15 september 2025