This page describes how the www.b2-ride.com website is managed with regard to the processing of the personal data of users consulting it. The personal data provided by users are treated confidentially and used for the sole purpose of executing the requests submitted, in compliance with of the specific disclosures made pursuant to Article 13 of Legislative Decree 196/2003, and Article 13 of Regulation (EU) 2016/679 (hereinafter "GDPR"), laying down provisions on the protection of personal data of natural persons.

1. DATA CONTROLLER

The data controller referred to in this information is Auriga SpA with registered office in Altamura (BA) at Via Selva No. 101 and operational headquarters in Bari at Via Don Luigi Guanella 17; VAT number 05566820725.

2. PURPOSE OF PROCESSING

The data are processed by Auriga S.p.A. for the following purposes:

• Marketing activities through the sending of promotional and informational material;
• Providing, improving, and optimizing the performance of our services;
• Statistical purposes.

3. RIGHT OF DATA SUBJECTS

Pursuant to Article 7 of Legislative Decree 196/2003 and Articles 15-22 of the GDPR, the persons to whom the personal data refer have the right to:

1. Obtain confirmation of the existence of their personal data;
2. Receive information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be disclosed, and, where possible, the period of retention;
3. Obtain rectification and erasure of the data;
4. Obtain restriction of processing;
5. Receive the personal data in a structured, commonly used, and machine-readable format and transmit them to another controller without hindrance;
6. Object to processing at any time, including processing for direct marketing purposes;
7. Object to automated decision-making concerning individuals, including profiling, where applicable.

These rights can be exercised by sending a request to Auriga S.p.A. at the email address compliance@aurigaspa.com.

4. TYPES OF DATA PROCESSED

When browsing www.b2-ride.com, the following information may be collected and stored in the log files of the site's server (hosting):

• Internet Protocol (IP) address;
• Device parameters used to connect to the website;
• Name of the Internet Service Provider (ISP);
• Date and time of visit;
• Duration of visit per page (bounce rate);
• Number of visits to the website;
• Search engine from which the search originated;
• Type of request (e.g., web page get) and/or server response.

By filling out the "Contact/Request Demo" section, the following data are provided:

• Email;
• First Name;
• Surname;
• Any company affiliation and related job title;
• Geographical area of belonging (country).

5. LEGAL BASIS OF PROCESSING

The personal data processed by Auriga as described in point 4 are provided by the User. The user can revoke their consent at any time for the future by requesting it to the following email address compliance@aurigaspa.com. Auriga processes the personal data necessary to fulfill the above purposes based on Article 6, paragraph 1, letter b) of the GDPR. Other personal data will be processed in accordance with Article 6, paragraph 1, letter f) of the GDPR for the pursuit of Auriga's legitimate interests, e.g., for the optimized and technically error-free provision of the Service. Furthermore, it may be necessary to process personal data to fulfill a legal obligation to which Auriga is subject (Article 6, paragraph 1, letter c) of the GDPR) or to safeguard the vital interests of the User (Article 6, paragraph 1, letter d) of the GDPR).

6. DATA RETENTION PERIOD

Auriga will retain the User's personal data only for as long as reasonably necessary to fulfill the purposes for which it was collected, for a period not exceeding 2 years. Auriga may retain the User's personal data for a longer period as required by specific legal obligations or applicable regulations and therefore for compliance purposes. However, the retention of the data referred to in point 4 for the purposes of judicial protection provided for by applicable regulations shall be guaranteed in any case. To determine the appropriate retention period for personal data, Auriga considers the quantity, nature, and sensitivity of the personal data, the potential risk of unauthorized use or disclosure of the User's personal data, the purposes for which Auriga processes the User's personal data, and whether Auriga can achieve such purposes through other means. In any case, it may happen that the European or national legislator imposes a longer retention period. In such cases, the data will not be deleted or blocked until the corresponding retention period has expired. After this period, the data will be permanently deleted.

7. DISCLOSURE OF USER'S PERSONAL DATA

Auriga may disclose the User's personal data - only when necessary for the provision of the service and always for the purposes described in point 2 - to its employees and/or consultants, in their capacity as internal processors and/or responsible persons of the processing and/or system administrators, and to all companies controlled by it. The aforementioned subjects and/or consultants process the data on behalf of Auriga as Data Processors. Without the express consent of the user, the data cannot be transferred to third parties for their own use, and therefore outside the access described in the previous article 6. The data will not be disclosed in any case.

8. SECURITY

The Data Controller has adopted a variety of security measures to protect the data described in point 4 against the risk of loss, misuse, or alteration, in line with the measures expressed in Article 32 of the GDPR.

9. CHANGES TO THIS POLICY

This information notice may be subject to change. We therefore recommend that you check this notice regularly and refer to the most up-to-date version.