The Data Protection Officer (DPO) can be contacted at piazza IV Novembre n. 5, 20124 Milan, to the attention of the Data Protection Officer, and at the e-mail email@example.com .
The site processes navigation data. By way of example, this category of data includes: the IP addresses or the names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of requests, the method used when submitting requests to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.
Cookies are small text strings. They are created by a server and stored on the hard disk of the computer or on any other device used by the user to access a website (smartphone, tablet, etc.) and then be re-transmitted to the site at the next visit by the user. Cookies allow, for example, to activate features and customizations aimed at facilitating user interaction with a website, keeping track of the items in a shopping cart or information for filling in a computer form.
With regard to duration, cookies can be classified as session cookies and persistent cookies.
Session cookies disappear when the browser is closed or have a limited duration. Persistent cookies they are stored permanently on your computer or other device user and have a variable duration. Cookies that expire at the end of a session (normally when a user closes their browser) are useful, for example, for security purposes, such as when the user accesses their e-mail box or a reserved area of a site. Instead, cookies that are stored for a longer period (between one session and another) are used, for example, to remember user preferences (such as the navigation language on the site) or to offer targeted advertising.
With reference to the origin, cookies can be classified as first-party cookies or third-party cookies. First -party cookies are installed directly from the website the user is visiting, while third-party cookies they are installed by a domain other than the one the user is visiting, for example, if the website incorporates elements from other sites, such as images or social media plugins.
In any case, it is possible to easily change the choices made relating to the cookies used by the Site at any time by clicking on the button that appears on each page of the Site at the bottom left.
In any case, the user can express his/her preferences on cookies also through the settings of the browser used. Most browsers automatically accept cookies by default, however, if you set your browser preferences appropriately, you can reject them or accept them selectively (the methods offered by some browsers are shown below: Chrome, Firefox, Safari, Opera, Edge, Internet Explorer)
Disabling, blocking or deleting cookies could compromise the optimal use of some areas of the Site or prevent some features, as well as affect the operation of third-party services.
To monitor the collection of data for the purposes of analysis carried out by Google analytics cookies , the user is invited to visit the page of the browser add-on for the deactivation of Google Analytics where, if desired, he can proceed to disable these cookies, by downloading the specific browser plug-in available there.
The strictly necessary technical cookies are used to ensure correct navigation within the Site and to provide the service requested by the user, therefore the user’s prior consent is not required for their installation, as indicated in the relevant paragraph.
As regards the remaining types of cookies, these are installed only after obtaining the user’s consent. This consent is optional. However, denial of consent may result in parts of the Site not functioning correctly.
The data may be processed by employees of the corporate functions responsible for pursuing the aforementioned purposes, who have been expressly authorized to process them and who have received adequate operating instructions.
User data may be processed by external parties operating as controllers, such as supervisory control authorities and bodies and in general by subjects, including private individuals, entitled to request data, Public Authorities who express requests to the Data Controller for administrative or institutional purposes, in accordance with the provisions of national and Union legislation, as well as persons, companies, associations or professional firms that provide assistance and advice.
The data may also be processed, on behalf of the Data Controller, by external parties designated as managers, who are given adequate operating instructions. These subjects are essentially included in the following categories:
- a) companies that provide communications mailing services;
- b) companies that provide website and information systems maintenance services;
- c) companies that offer support in the implementation of marketing initiatives and market studies.
The user’s personal data may be processed, in case of his/her consent, by third parties to whom they are communicated.
The data collected using cookies may be transferred to countries outside the European Economic Area (EEA) whose data protection level has been deemed adequate by the European Commission pursuant to art. 45 of the GDPR.
Furthermore, personal data may be transferred abroad to non-EEA countries, and in particular to the United States (e.g. Google, Social networks, etc.), after signing the standard contractual clauses (Standard Contractual Clauses) adopted and approved by the European Commission pursuant to art. 46 of GDPR.
A copy of the guarantees adopted can be obtained by contacting the Data Controller at firstname.lastname@example.org
Data Subjects can ask the Data Controller for access to their personal data, their correction or cancellation, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18 GDPR, as well as the opposition to processing in case of data processed for direct marketing purposes or legitimate interests.
Furthermore, for cases in which the processing is based on consent or the contract and is carried out with automated tools, data subjects have the right to exercise the right to data portability by receiving their personal data in a structured, commonly used and device-readable format, as well as, if technically feasible, to transmit them to another controller without impediments.
These rights can be exercised by sending an e-mail to email@example.com.
Data subjects have the right to lodge a complaint with the competent Supervisory Authority (in particular in the Member State in which they usually reside or work or in the State in which the alleged violation has occurred).
Last update: March 2022