Blueriviera

PRIVACY POLICY – BLUERIVIERA

Last updated: November 24, 2025

This Privacy Policy describes how the website www.blueriviera.it (“Website”) processes the personal data of its users, in accordance with Regulation (EU) 2016/679 (“GDPR”) and applicable Italian data protection laws.

1. Data Controller

The Data Controller is:

NORTHRAY ITALIA SRL
Via XXV Aprile 2/C, Camucia Cortona (AR), 52044 – Italy
VAT No.: IT02488730512
Email: info@northrayitalia.it

For inquiries specifically related to the Blueriviera Website:
Email: info@blueriviera.it

2. Types of Data Processed

The Website may process the following categories of personal data:

Data provided voluntarily by the user

  • First and last name
  • Email address
  • Phone number (if provided)
  • Information submitted through contact forms or email
  • Data necessary for the management of orders or services (if applicable)

Browsing data

Collected automatically when browsing the Website:

  • IP address
  • Date and time of access
  • Pages viewed
  • Browser and device information
  • System logs
  • Cookies (technical, analytics, and—if applicable—profiling cookies upon consent)

3. Purposes of Processing

Personal data may be processed for the following purposes:

  1. Technical management and security of the Website
    Ensuring functionality, performance, and protection from cyber-attacks.
  2. Responding to user requests
    Handling inquiries, support requests, or messages received through forms or email.
  3. Order management and contractual activities (if the Website enables purchases)
    Processing orders, invoicing, shipping, customer support.
  4. Legal, administrative, and accounting obligations
    Complying with Italian and EU laws.
  5. Marketing and communications
    Sending newsletters or promotional messages only with the user’s prior consent.

4. Legal Basis of Processing

Depending on the context, data is processed on the basis of:

  • Contract performance or pre-contractual steps (Art. 6.1.b GDPR)
  • Legal obligation (Art. 6.1.c GDPR)
  • Legitimate interest of the Controller (Art. 6.1.f GDPR)
  • User consent (Art. 6.1.a GDPR) for newsletter, promotional emails, and non-technical cookies

5. Processing Methods

Data is processed using electronic and, in limited cases, paper-based tools.
The Controller implements appropriate technical and organizational measures to ensure security, confidentiality, and protection from unauthorized access, loss, or unlawful use.

6. Data Retention Period

Personal data is retained only for the time necessary to fulfil the purposes for which it was collected:

  • Contact/communication data: retained as long as needed to manage the request
  • Order/contract data: retained for the duration of the contract and subsequently for legal requirements (typically 10 years)
  • Marketing data: retained until consent is withdrawn
  • Browsing and technical data: retained for a limited period (usually 6–12 months)

7. Recipients of Personal Data

Data may be shared with:

  • Technical service providers (hosting, maintenance, email, security)
  • Professional consultants (legal, tax, accounting)
  • Third parties involved in service or order management (e.g., couriers, payment platforms)
  • Authorities or public bodies where required by law

Data will not be publicly disseminated.

8. Transfer of Data Outside the EU

If some service providers store data outside the European Union, such transfers will comply with Articles 44–50 GDPR, through:

  • Adequacy decisions by the European Commission
  • Standard Contractual Clauses (SCCs)
  • Other appropriate safeguards

9. User Rights

Users may exercise the rights provided by Articles 15–22 GDPR at any time, including:

  • Right of access
  • Right to rectification
  • Right to erasure (“right to be forgotten”)
  • Right to restrict processing
  • Right to object
  • Right to data portability
  • Right to withdraw consent (where applicable)

Requests should be sent to:
info@northrayitalia.it
or, for Website-related matters: info@blueriviera.it

Users also have the right to lodge a complaint with the Italian Data Protection Authority:
https://www.garanteprivacy.it

10. Cookies

The Website uses necessary technical cookies.
Analytics or profiling cookies from third parties may only be activated after the user provides consent through the cookie banner.

Further information is available in the Website’s Cookie Policy.

11. Changes to this Privacy Policy

This Privacy Policy may be updated at any time.
The latest version is the one indicated at the top of this page.PRIVACY POLICY – BLUERIVIERA

Privacy Policy of Blueriviera (www.blueriviera.it)

1. Introduction

Pursuant to Article 13 of EU Regulation 2016/679 (the “GDPR”), this Privacy Policy describes how NORTHRAY ITALIA SRL (the Data Controller) processes personal data collected through the website www.blueriviera.it.

The processing of personal data is carried out in full compliance with the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, integrity, and confidentiality, in accordance with applicable legislation.

2. Data Controller

NORTHRAY ITALIA SRL
Registered office: Via XXV Aprile 2/C – Camucia Cortona (AR) – 52044 – Italy
Website: www.northrayitalia.it
E-mail: info@northrayitalia.it

The Data Controller determines the purposes and means of processing personal data related to the use of this website and is responsible for ensuring data protection compliance.

3. Types of Data Processed

a) Browsing Data

The IT systems and software procedures used to operate this website acquire certain personal data during normal operation, the transmission of which is implicit in Internet communication protocols.

This information is not collected to be associated with identified users, but by its nature could, through processing and association with data held by third parties, allow identification.

This category of data includes, for example:

  • IP address;
  • URI (Uniform Resource Identifier) of the requested resources;
  • time of the request;
  • method used to submit the request to the server;
  • size of the file obtained in response;
  • numerical code indicating the status of the response from the server (success, error, etc.);
  • and other parameters related to the user’s operating system and computing environment.

Such data are used exclusively for the purpose of obtaining anonymous statistical information on website usage and to check its correct functioning. They are deleted immediately after processing.

b) Analytics Data (Google Analytics 4)

This website uses Google Analytics 4, a web analytics service provided by Google LLC, configured to anonymize IP addresses and collect data only in aggregated, non-identifiable form.

The analytics data help the Data Controller understand how visitors interact with the website (for example, which pages are visited, time spent on each page, type of device used, etc.) and are used solely to improve performance and usability.

No profiling or marketing activities are performed, and no data are used to identify individual visitors.

For more information:

You may opt out of Google Analytics using the browser add-on:
👉 https://tools.google.com/dlpage/gaoptout

4. Purpose and Legal Basis of Processing

Personal data collected through the website are processed exclusively for the following purposes:

  • to enable the technical operation and security of the website;
  • to obtain anonymous statistical information about website traffic;
  • to monitor and improve website performance and usability.

The legal basis for processing such data is:

  • Article 6(1)(f) GDPRlegitimate interest of the Data Controller to ensure the correct functioning and optimization of the website.

No personal data are processed for marketing, profiling, or automated decision-making purposes.

5. Processing Methods and Data Retention

Data are processed by personnel authorized by the Data Controller using IT and electronic systems in a manner that ensures security, integrity, and confidentiality.
Data are retained only for the time strictly necessary to fulfill the purposes indicated above, typically a few days for browsing logs, and are then automatically deleted or anonymized.

No automated decision-making or profiling is performed.

6. Data Recipients and Transfers

The browsing and analytics data may be processed, on behalf of the Data Controller, by technical service providers (such as hosting providers, IT maintenance companies, or analytics services) duly appointed as Data Processors under Article 28 GDPR.

Data are processed and stored within the European Economic Area (EEA).
Should any transfer outside the EEA occur, it will only take place under the safeguards provided for in Articles 44–49 of the GDPR, such as Standard Contractual Clauses or adequacy decisions.

7. Data Subject Rights

In accordance with Articles 15–22 of the GDPR, users (data subjects) have the right to:

  • obtain confirmation as to whether or not personal data concerning them are being processed;
  • access their data and receive a copy;
  • request rectification, erasure, or restriction of processing;
  • object to processing carried out on legitimate interest grounds;
  • lodge a complaint with the competent Data Protection Authority.

Requests to exercise these rights may be sent to:
📧 info@northrayitalia.it

8. Changes to This Privacy Policy

The Data Controller reserves the right to update or modify this Privacy Policy at any time.
The most recent version is always available on this page.
Last updated: October 24, 2025.

AI-Generated Content

Some of the content published on this website — including, but not limited to, images, videos, graphics, and descriptive text — may have been created or modified using Artificial Intelligence (AI) technologies, such as generative text, image, or video models (for example, Google Veo, Gemini Flow, or similar tools).

These contents are used solely for illustrative, creative, or communication purposes, and do not depict real people, places, or events, unless explicitly stated otherwise.
Where AI-generated human figures are used, they do not represent real individuals and are not intended to reproduce or evoke the likeness of any identifiable person.

All published materials are produced with respect for the principles of transparency, accuracy of information, and protection of third-party rights, including copyright and image rights.
Any reports, objections, or clarification requests regarding AI-generated content can be submitted to the website owner using the contact details provided in this policy.