Logo ufficiale blumit
Privacy notice

Privacy Policy

Information on the processing of personal data of users who visit blumit.it or submit requests through contact forms.

Last updated: 2026

1. Data Controller

The Data Controller is Blumit S.R.L., VAT ID IT10027640969, based in Milan, Italy. For privacy-related requests, you may contact privacy@blumit.it.

2. Personal data processed

The website may process the following categories of personal data:

  • identification and contact data, such as name, surname, email address, company or contact details voluntarily provided by the user;
  • request content, meaning information entered in forms or sent by email;
  • technical browsing data, such as IP address, user agent, technical logs, date and time of the request, and information required for website security and operation;
  • technical preferences, such as the language selected by the user.

3. Purposes and legal bases

Personal data is processed for the following purposes:

  • responding to user requests, managing commercial, technical or informational contacts and replying to communications received; legal basis: pre-contractual measures or legitimate interest;
  • managing and securing the website, preventing abuse, unauthorized access, malfunctions or harmful activities; legal basis: the Controller’s legitimate interest;
  • complying with legal obligations, including tax, administrative or authority-related requirements; legal basis: legal obligation;
  • protecting the Controller’s rights in judicial or extrajudicial contexts; legal basis: legitimate interest.

4. Processing methods and retention

Processing is carried out using IT tools and technical and organizational measures designed to protect confidentiality, integrity and availability of data. Data submitted through contact forms or email is retained for the time necessary to manage the request and any resulting relationship. Technical logs are retained for the time necessary to ensure security, maintenance and correct website operation, unless longer retention is required to investigate unlawful activity or comply with legal obligations.

5. Recipients and providers

Data may be processed by authorized personnel of Blumit S.R.L. and by technical providers supporting hosting, website maintenance, IT systems, email, security and related services. Such parties process data according to the Controller’s instructions, where applicable as processors. Personal data is not sold to third parties.

6. Transfers outside the EU

If certain technical providers process personal data outside the European Economic Area, the transfer will take place in compliance with the safeguards required by applicable law, including adequacy decisions, Standard Contractual Clauses or other instruments recognized by the GDPR.

7. Data subject rights

Where provided by applicable law, data subjects may exercise the rights of access, rectification, erasure, restriction of processing, objection, data portability and withdrawal of consent where consent has been given. Data subjects also have the right to lodge a complaint with the competent supervisory authority.

8. Privacy contact

To exercise your rights or request information about personal data processing, you may contact privacy@blumit.it.

Note: this page is an operational basis for the website and should be verified against the tools actually installed, the providers used and the internal data retention procedures.