This page describes how the Site manages and processes the personal data of its users.

This information is also subject to compliance with the provision of the EU Regulation 2016/679 of the European Parliament and the Council of 27 April 2016 regarding the protection of personal data of those who access the web services provided by IBF Servizi S.p.A. electronically at the address:

This information is valid only for the IBF Servizi S.p.A. website and not for any other websites possibly visited by the User via link.


The Data Controller is IBF Servizi S.p.A. – Via L. Cavicchini, 2 44037 Jolanda di Savoia (FE) – Tel. 0532836102 Fax. 0532836722 – E-mail address


Processes related to the web services of this Site, including the simple response to request information, takes place at the headquarters, located in Via L. Cavicchini 2, 44037 Jolanda di Savoia (FE). Here technical staff who are trained in processing personal data and in charge of occasional maintenance handles the data. The personal data is stored at the Aruba data center “Datacenter IT1” site in Via Gobetti, 96 52100 Arezzo.

No data derived from the web service is communicated or disseminated.

The personal data provide by a User who has requested information (annual reports, answers to questions, acts and measures, etc.) is used for the sole purpose of performing the requested service and is only communicated to third parties when seen necessary.


Navigation data:
The computer systems and software procedures responsible for running the operations of this website acquire, in the course of their normal operations, some personal data, whose transmission is implicit in the use of Internet communication protocols.

This information is not collected to be used in identification, but which by its very nature could, through elaborations and associations with third party data, allow in identifying users.

This type of data includes: the IP addresses or domain names of the users’ computers accessing the site, addresses in URI (Uniform Resource Identifier) of the resources requested, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response from the server (success, error, etc.) and other parameters related to the operating system and the User’s computer environment. This data is used for the sole purpose of obtaining anonymous statistical information about the use of the site and to check its proper functioning and are deleted immediately after processing. The data could be used to ascertain liability in case of hypothetical cybercrime against the site, though besides this case, the web contact data does not persist for more than seven days.

Data voluntarily provided by User
Optionally, explicitly and voluntarily sending an e-mail to the addresses listed on this Site involves the subsequent acquisition of the sender’s address that is necessary to respond to the request as well as any other personal data sent. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services requested.


Cookie management can be found in the Cookie policy.


Aside from the information specified for the navigation data, the User is free to provide personal data reported in the application forms or otherwise indicated when contacting the Offices to solicit sending informational material or other communications.

Failure to do so may make it impossible to obtain what is requested.
Note, remember in some cases (not subject of the ordinary management of this site) the Authority may request news and information under the provision of the EU Regulation 2016/679 of the European Parliament on monitoring the processing of personal data. In these cases, a response is mandatory and subject to penalty.


Automated tools handle personal data only for the time necessary to carry out the purpose for which they were collected.

Specific security measure have been taken to prevent the loss of data, as well as unlawful, incorrect use and unauthorized access.
Data subject rights:

You have the right to request from the data controller:

  • Confirmation of the existence or lack of personal data concerning you, even if it has not been recorded yet, and their communication in an intelligible form;
  • Rectification, integration, limitation and deletion of your data;
  • Portability of your data.

You have the right to:

  • Revoke your consent at any time
  • Place a claim to the Control Authority
  • Know the consequences of non-consent (e.g. inability to conclude a contract or carry out the supply)
  • Know the existence of data profiling process
  • Know the existence of automatic decision process, its logic and any possible consequence
  • Oppose, entirely or in part:
    • For legitimate reasons, the processing of personal data concerning yourself, however relevant to the purpose of collection;
    • To the processing of personal data related to direct marketing purposes (sending advertising or direct sales material or for carrying out market or commercial communication research) including profiling for marketing purposes


You have the right to exercise all your rights by simply sending a written request, even electronically, to the Data Controller.