PRIVACY POLICY:

 

INFORMATION PURSUANT TO ART. 13 AND 14 OF THE REGULATION (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR), relating to the protection of individuals with regard to the processing of personal data and of Legislative Decree 10/8/2018 N. 101 containing the "Code regarding the protection of personal data.

General introduction

This Privacy Policy is intended to describe the management methods of this Website with reference to the processing of the personal data of users / visitors who consult it.

The information is provided only for this website on which it is reported and not for other websites that may be consulted by the user via links.

This information is also intended to allow users of the Site to know the purposes and methods of processing personal data by the Site Owner in the event of their conferment.

Users must carefully read this information before forwarding any type of personal information and / or filling in any electronic form that may be present on the website.

Premise

In order to facilitate the user, we report part of articles of a more "general" nature (art. From 1 to 7). The more "specific" articles are partially reported in the relative chapters.

 

Article 1 of EU Regulation 2016/679 Object and purpose establishes rules relating to the protection of individuals, with regard to the processing and protection of personal data, as well as rules relating to the free circulation of such data.

 

Article 2 of EU Regulation 2016/679 - Material scope provides that: This regulation applies to the fully or partially automated processing of personal data and to the non-automated processing of personal data contained in an archive or intended to appear therein.

 

Article 3 of EU Regulation 2016/679 - Territorial scope of application provides that this regulation applies to the processing of personal data carried out in the context of the activities of an establishment by a data controller or a data processor in the Union, regardless of whether the processing is carried out in the Union or not.

The art. 4 of Regulation (EU) 2016/679 Definitions governs the processing of personal data, meaning by:

"personal data": any information concerning an identified or identifiable natural person ("interested party"); the natural person is considered identifiable who can be identified, directly or indirectly, with particular reference to an identifier such as the name, an identification number, location data, an online identifier or one or more characteristic elements of his physical identity, physiological, genetic, psychic, economic, cultural or social;

"treatment": any operation or set of operations, carried out with or without the aid of automated processes and applied to personal data or sets of personal data, such as the collection, registration, organization, structuring, storage, '' adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, limitation, cancellation or destruction;

"data controller": the natural or legal person, public authority, service or other body which, individually or together with others, determines the purposes and means of the processing of personal data; when the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria applicable to its designation may be established by Union or Member State law;

"data processor": the natural or legal person, public authority, service or other body that processes personal data on behalf of the data controller;

"persons in charge of processing", the natural persons authorized to carry out processing operations by the owner or manager;

"data subject", the natural person to whom the personal data refer;

"processing limitation": the marking of personal data stored with the aim of limiting their processing in the future;

"archive": any structured set of personal data accessible according to specific criteria;

"recipient": the natural or legal person, public authority, service or other body that receives communication of personal data;

"third party": the natural or legal person, public authority, service or other body other than the data subject, the data controller, the data controller and the persons authorized to process personal data under the direct authority the owner or manager;

"personal data breach": the security breach that accidentally or unlawfully involves the destruction, loss, modification, unauthorized disclosure or access to personal data transmitted, stored or otherwise processed;

"consent of the interested party": any manifestation of free, specific, informed and unambiguous will of the interested party, with which the same expresses his / her consent, by unequivocal positive declaration or action, that the personal data concerning him / her are being processed ;

"main establishment" means the place of its central administration in the Union;

"profiling": any form of automated processing of personal data consisting in the use of such personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning professional performance, economic situation, health, the personal preferences, interests, reliability, behavior, location or travel of that natural person;

"pseudonymisation": the processing of personal data in such a way that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and subject to technical and organizational measures intended to ensure that such personal data are not attributed to an identified or identifiable natural person;

"genetic data": personal data relating to the inherited or acquired genetic characteristics of a natural person which provide unique information about the physiology or health of that natural person, and which result in particular from the analysis of a biological sample of the natural person in question ;

"biometric data": personal data obtained from a specific technical treatment relating to the physical, physiological or behavioral characteristics of a natural person that allow or confirm the unique identification, such as facial image or fingerprint data;

"health data" means personal data relating to the physical or mental health of a natural person, including the provision of health care services, which reveal information relating to his or her state of health;

"enterprise": the natural or legal person, regardless of the legal form covered, which carries out an economic activity, including partnerships or associations that regularly carry out an economic activity.

 

Article 5 of EU Regulation 2016/79 Principles applicable to the processing of personal data specifies that personal data are processed in a lawful, correct and transparent manner towards the data subject ("lawfulness, correctness and transparency"); collected for specific, explicit and legitimate purposes, and subsequently processed in a way that is not incompatible with these purposes; further processing of personal data for archiving purposes in the public interest, for scientific or historical research or for statistical purposes is not, in accordance with Article 89, paragraph 1, considered incompatible with the initial purposes ("purpose limitation"); adequate, relevant and limited to what is necessary with respect to the purposes for which they are processed ("data minimization"); accurate and, if necessary, updated; all reasonable measures must be taken to promptly delete or correct inaccurate data with respect to the purposes for which they are processed ("accuracy"); stored in a form that allows the identification of the data subjects for a period of time not exceeding the achievement of the purposes for which they are processed; processed in such a way as to guarantee adequate security of personal data, including protection, by means of adequate technical and organizational measures, from unauthorized or unlawful processing and from accidental loss, destruction or damage ("integrity and confidentiality").

 

Article 6 of EU Regulation 2016/679 - Lawfulness of processing, provides that processing is lawful only if and to the extent that at least one of the following conditions is met: the interested party has given consent to the processing of their personal data for one or more specific purposes; the processing is necessary for the execution of a contract of which the interested party is a party or for the execution of pre-contractual measures adopted at the request of the same; the processing is necessary to fulfill a legal obligation to which the data controller is subject; the processing is necessary for the protection of the vital interests of the data subject or of another natural person; the processing is necessary for the performance of a task of public interest or connected to the exercise of public authority of which the data controller is invested; the processing is necessary for the pursuit of the legitimate interest of the data controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail, in particular if the data subject is a minor.

 

The art. 7 of EU Regulation 2016/679 - Conditions for consent provides that, if the processing is based on consent, the data controller must be able to demonstrate that the data subject has given his consent to the processing of his personal data. If the consent of the interested party is given in the context of a written declaration that also concerns other matters, the request for consent is presented in a way that is clearly distinguishable from other matters, in an understandable and easily accessible form, using simple and clear language. No part of such a declaration that constitutes a violation of this regulation is binding. The interested party has the right to withdraw his consent at any time. The withdrawal of consent does not affect the lawfulness of the processing based on consent before the withdrawal. Before giving his consent, the interested party is informed of this. Consent is withdrawn as easily as it is granted. In assessing whether the consent has been freely given, the utmost consideration is taken of the possibility, among others, that the execution of a contract, including the provision of a service, is conditional on the provision of consent to the processing of personal data not necessary for the execution of this contract.

TYPE OF DATA PROCESSED

It is premised that no personal data of users is acquired by the site in this regard.

The site is accessible to users without the need to provide their personal data.

Data relating to economic activity.

The main processing concerns data relating to the performance of economic activities of the site owner. In particular, the data processed by the Data Controller are, as a rule: name, surname, company name or company name, address, nationality, municipality and province of residence, landline / mobile telephone and fax numbers, e-mail / certified e-mail account, VAT number, tax code, bank / postal coordinates, data essential to allow the identification of the Suppliers whether they are natural persons or natural persons operating in the name and on behalf of the Suppliers, legal persons and / or Customers whether they are natural persons or natural persons operating in name and on behalf of Clients legal entities, (even potential, during the pre-contractual phase) in order to draw up contracts for the supply / purchase of services / goods.

These personal data processed are, generally, those provided by the interested party on the occasion of: visits, telephone calls; direct contacts, participation in events, proposal of offers; transmissions and transactions following the order, interactions through the website, etc ...

Legal basis The legal basis consists of the execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same. Some treatments are carried out for the legitimate interest of the Data Controller (promotion of their commercial activities and pursuit of corporate purposes).

Curriculum

The personal data processed are those of those who spontaneously, or following a search for personnel, send their curriculum and are processed for the purposes related to the evaluation and selection, or to possibly propose other job offers consistent with the professional profile. of the interested party.

They are normally provided following: sending the curriculum, evaluation interviews, direct contacts during exhibitions, fairs, exhibitions, etc ... - reporting by third parties.

Legal basis

The legal basis is constituted by the response to a pre-contractual request of the interested party.

Navigation data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data that are implicitly transmitted in the use of internet communication protocols. These are data relating to telematic traffic, which by their nature, are not collected to be immediately associated with identified interested parties, but which by their very nature could, through processing or association with data held by third parties, allow users / visitors to be identified. of the site. This category of data includes the "IP addresses" or domain names of the computers used by users who connect to the site, the URL (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used in submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc ...) and other parameters relating to the operating system and the IT environment of the user.

These data are possibly used for the sole purpose of obtaining anonymous statistical information relating to visits / use of the site and to check its correct functioning and are deleted immediately after processing. These data are kept by the owner of the site for the strictly necessary period and in any case in compliance with the current regulations on the subject.

Legal basis

The legal basis is a processing carried out in the legitimate interest of the Data Controller.

Data provided voluntarily by the user

If visitors intend to register in the site's database, if any, in order to access the services provided by the site, they must fill in a "form" in which they will issue their express consent to the processing of data. Users are free to provide their personal data but failure to provide them may make it impossible to obtain the requested service.

The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address and the data provided by the same, for which the user also gives express consent to the processing necessary to respond to requests. In the event that users enter or otherwise process the data of third parties, they guarantee, from now on, assuming all responsibility for having previously provided them with the information referred to in Article 13 of Legislative Decree 196/2003 and art. 13 and 14 of EU Regulation 2016/679 and to have acquired their consent to the processing

The personal data provided by users who forward any requests to send information material (eg via newsletters, mailing lists, etc.) are used for the sole purpose of performing the service or provision requested and are not widespread. The provision of users' personal data is optional, even if functional to the provision of certain services; in these cases, therefore, failure to provide data could compromise or make it impossible to provide the service. The data could also be used to ascertain responsibility in case of hypothetical computer crimes against the Site. The interested party may at any time refuse the use of the e-mail coordinates for receiving the aforementioned communications through the procedure cancellation from the service.

Legal basis

The personal data of natural persons are lawfully processed for the execution of a contract of which the interested party is a party or the execution of pre-contractual measures adopted at the request of the same.

Minors: you do not knowingly use your website to request data from minors. The art. 8 of EU Regulation 2016/679 provides that the processing of the minor's personal data is lawful if the minor is at least 16 years old. If the minor is under the age of 16, the processing is lawful only if and to the extent that such consent is given and authorized by the holder of parental responsibility.

 

The owner of the site does not require the interested party to provide data c.d. "particular", or, according to the provisions of the GDPR (Article 9), personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data relating to the health or sexual life or sexual orientation of the person. In the event that the service requested from the owner of the site requires the processing of such data, the interested party will be asked for consent.

 

Personal data relating to criminal convictions and offenses are not processed.

Purpose of the processing for which the data are intended

Premise: the owner of the site, the owner of the site, the legal representative of the site owner, the site manager, the data controller, is from now on the owner of the website.

The Owner of the Site informs that the personal data in its possession, collected directly from the interested party, even verbally in the past, or from third parties, or that they will be requested or already freely communicated by the interested party also by e-mail or by third parties, or that will be freely communicated by the interested party also via e-mail or by third parties are and will be processed exclusively according to the purposes and methods described in this Information and in compliance with the applicable provisions of Regulation (EU) 2016/679 and can be processed, also by third-party companies appointed as Managers, for:

 

Accounting, administrative, fiscal and similar purposes, in fulfillment of the obligations established by laws, regulations and community legislation, or by provisions issued by Authorities legitimated by the law and by supervisory bodies.

The provision of personal data necessary for these purposes is mandatory and the related processing does not require the consent of the interested parties. Refusal to provide them will make it impossible to establish relationships with the Site Owner.

 

The legal basis of these treatments is the fulfillment of the services inherent to the contractual relationship and compliance with legal obligations and the legitimate interest of the Data Controller to carry out treatments necessary for these purposes.

 

Purposes strictly connected and instrumental to the management of contractual relationships with Customers and Suppliers, in existence or in the course of negotiations (eg: acquisition of information preliminary to the conclusion of a contract, execution of operations on the basis of the obligations deriving from the concluded contract, checks and assessments on the results and progress of relations, as well as on the risks associated with them, etc.).

The provision of personal data necessary for these purposes is not mandatory, but the refusal to provide them may make it impossible for the Site Owner to provide the service in relation to the relationship between the data and the requested service. If these data are provided, their processing does not require the consent of the interested party.

 

The legal basis of these treatments is the fulfillment of the services inherent to the request for registration, information and contact and / or sending information material and compliance with legal obligations.

 

Purposes functional to the activity of the owner of the site such as: detection of the degree of customer satisfaction with the quality of the services rendered and the activity carried out carried out through telephone and personal interviews, questionnaires, etc ..., the promotion and sale of products and services carried out through letters, telephone, advertising material, automated communication systems, etc ..., the elaboration of studies and market researches, carried out through questionnaires, telephone interviews, personal, etc ..., the carrying out of public relations activities . The provision of personal data necessary for these purposes is not mandatory; if provided, their treatment requires consent.

 

The legal basis of these treatments is the consent given by the interested party prior to the treatment itself, which can be revoked by the interested party freely and at any time.

 

If the data are not obtained from the data subject, the data controller provides the data subject with the following information: the identity and contact details of the data protection officer, where applicable; the purposes of the processing for which the personal data are intended as well as the legal basis of the processing; the categories of personal data in question; any recipients or any categories of recipients of the personal data.

Methods of data processing - Tools and logic

The owner of the site declares, with reference to art. 5, 6.7 DGPR 2016/679 and in relation to the aforementioned purposes, that the data are processed in a lawful, correct and transparent manner towards the interested party ("lawfulness, correctness and transparency"); collected for specific, explicit and legitimate purposes, and subsequently processed in a way that is not incompatible with the aforementioned purposes.

The processing takes place using manual, IT and telematic tools with logic strictly related to the aforementioned purposes and, in any case, in order to guarantee the security and confidentiality of the data and with the commitment on your part to promptly notify us of any corrections, modifications and updates. .

This processing may be carried out on behalf of the Data Controller for the purposes and in the manner described above and in compliance with suitable criteria to guarantee security and confidentiality, by external companies, studies, bodies and external collaborators appointed as Managers and only for what concerns the treatments carried out by them.

Furthermore, if the data processing is based on consent, the Data Controller is able to demonstrate that the interested party has given his consent. (Article 7 of EU REG 2016/679).

Duration - Retention period - Expiry data

Unless the interested party explicitly expresses his will to remove them, the personal data of the interested party will be kept as long as they are necessary with respect to the legitimate purposes for which they were collected. Therefore, they will be processed for the entire duration of the contractual relationships established. Subsequently they will be only for the fulfillment of legal obligations and commercial purposes.

In the event that a user forwards unsolicited or unnecessary personal data to the Owner of the Site for the purpose of carrying out the requested service or for the provision of a service strictly connected to it, the Owner of the Site cannot be considered the owner of these. data, and will delete them as soon as possible.

Any genetic data, biometric data, data relating to health, provided with explicit written consent will be kept for the entire duration of the contract and subsequently destroyed, without prejudice to the fulfillment of legal obligations.

Regardless of the determination of the interested party to remove them, personal data will in any case be stored according to the terms established by current legislation and / or national regulations.In addition, personal data will in any case be kept for the fulfillment of obligations (eg . tax and accounting) that remain even after the termination of the contract (Article 2220 of the Italian Civil Code); for these purposes, the owner of the site will only keep the data necessary for its pursuit. The cases in which the rights deriving from the contract and / or from the registration in the registry are valid, in which case the personal data of the interested party, exclusively those necessary for these purposes, will be processed for the time indispensable to their pursuit.

Categories of subjects to whom the data may be communicated and who can learn about them as managers and persons authorized to process personal data under the direct authority of the owner or manager (persons in charge) and the scope of data dissemination Personal data are not disclosed, in any form, including consultation. The communication of the personal data of the interested party takes place mainly towards third parties and / or recipients whose activity is necessary for the performance of the activities inherent to the relationship established and to respond to certain legal obligations.

 

The Owner of the Site may communicate, without the consent of the interested party being necessary, the personal data in its possession to those subjects to whom such communication must be made in fulfillment of an obligation established by law, by a regulation or by community legislation.

 

Furthermore, the Owner of the Site may communicate, with the consent of the interested party, the personal data in its possession to companies, studios, organizations and external collaborators who carry out treatments on its behalf for the purposes described above.

The identification of the subjects to whom the data may be communicated can take place upon your simple request to the Data Controller.

 

The aforementioned natural and legal persons may become aware of the data as Data Processors and as Appointees, in relation to the data necessary for the performance of the assigned tasks, the natural persons belonging to the following categories: employees of the Site Owner, project workers, temporary workers, interns, consultants, posted external workers, employees of external companies appointed as managers, member workers.

 

The legal basis of these treatments is the fulfillment of the services inherent to the relationship established, compliance with legal obligations and the legitimate interest of the Data Controller to carry out treatments necessary for these purposes.

Rights of the interested party (Regulation (EU) 2016/679 Chapter III)

 

Art. 12 - Information, communications and transparent methods for exercising the rights of the data subject provides that the Site Owner takes appropriate measures to provide the data subject with all the information relating to the processing in a concise, transparent, intelligible and easily accessible form, with simple and clear language, in particular in the case of information intended specifically for minors. The information is provided in writing or by other means, including, where appropriate, by electronic means. If requested by the interested party, the information can be provided orally, provided that the identity of the interested party is proven by other means. Furthermore, the owner of the site facilitates the exercise of the rights of the data subject, unless the data controller demonstrates that he is unable to identify the data subject.

Art. 15 - right of access, 16 - right of rectification, 17 - right to cancellation (right to be forgotten), 18 - right to limitation of processing, 19 - obligation to notify, rectify or cancel 20 - right to portability, 21 - right to object, 22 - right to object to the automated decision-making process of the GDPR 2016/679:

the interested party has the right to obtain from the Data Controller the following:

a) confirmation as to whether or not personal data concerning him is being processed and, in this case, to obtain access to personal data and the following information:

1. the purposes of the processing;

2. the categories of personal data in question;

3. the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;

4. when possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period;

5. the existence of the right of the interested party to ask the data controller to correct or delete personal data or limit the processing of personal data concerning him or to oppose their treatment;

6. the right to lodge a complaint with a supervisory authority;

7. if the data are not collected from the interested party, all available information on their origin;

8. the existence of an automated decision-making process, including profiling, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the data subject.

9. the adequate guarantees provided by the third country (non-EU) or an international organization to protect any data transferred

b) the right to obtain a copy of the personal data being processed, provided that this right does not affect the rights and freedoms of others; In case of further copies requested by the interested party, the data controller may charge a reasonable fee based on administrative costs.

c) the right to obtain from the data controller the correction of inaccurate personal data concerning him without undue delay and the integration of missing data

d) the right to obtain from the data controller the cancellation of personal data concerning him without undue delay, if the reasons provided for by the GDPR in art. 17, including, for example, in the event that they are no longer necessary for the purposes of the processing or if this is assumed to be illegal, and the conditions provided for by law always exist; and in any case if the processing is not justified by another equally legitimate reason;

e) the right to obtain from the data controller the limitation of the processing, in the cases provided for by art. 18 of the GDPR, for example where it has contested its accuracy, for the period necessary for the Data Controller to verify its accuracy. The interested party must be informed, in a reasonable time, even when the suspension period has been completed or the cause of the limitation of the processing has ceased, and therefore the limitation itself has been revoked:

f) the right to obtain communication from the owner of the recipients to whom the requests for any corrections or cancellations or limitations of the processing carried out have been transmitted, unless this proves impossible or involves a disproportionate effort.

g) the right to receive personal data concerning him in a structured format, commonly used and readable by an automatic device and the right to transmit such data to another data controller without impediments by the data controller to whom he provided them , in the cases provided for by art. 20 of the GDPR, and the right to obtain the direct transmission of personal data from one data controller to another, if technically feasible.

Responsibility of the Data Controller The Data Controller / Data Controller, ie the person who decides the "purposes" and "means" of the processing of personal data, also declares that he has implemented the appropriate technical and organizational measures. Personal data are accessible to a limited number of natural persons (Officers), and only the data necessary for the performance of their respective duties are processed. The data processing carried out by data processors is governed by a regular contract that guarantees the protection of the rights of the data subject.

The Owner of the Site does not carry out treatments consisting of automated decision-making processes on the data of natural persons, and of natural persons who operate in the name and on behalf of legal persons

The Site Owner / Data Controller does not transfer personal data to third countries or to international organizations.

Finally, the owner of the site / data controller declares that this site may share some of the data collected with services located outside the European Union area. In particular with Google, Facebook and Microsoft (LinkedIn) through social plugins and the Google Analytics service. The transfer is authorized and strictly regulated by art. 45 REG. EU 679/2016 for which no further consent is required. The companies mentioned above guarantee their adherence to the Privacy Shield. Data will never be transferred to third countries that do not comply with the conditions set out in this article.

The interested party can revoke the consent

With reference to art. 6 of the GDPR 679/2016, the interested party can revoke any consent given at any time. However, the processing covered by this information is lawful and permitted, even in the absence of consent, as it is necessary for the execution of a contract to which the interested party is a party (the supply relationship) or for the fulfillment of his requests.

The interested party may oppose the processing of their personal data (Article 21 GDPR) For reasons relating to the particular situation of the interested party, the same may oppose the processing of their personal data at any time if it is based on legitimate interest or if it occurs. for commercial promotion activities, by sending the request to the Data Controller at the place where the data is processed The interested party has the right to have their personal data deleted if there is no legitimate overriding reason for the Data Controller with respect to the one that gave rise to the request, and in any case in the event that the interested party has opposed the processing for commercial promotion activities.

The interested party can lodge a complaint (Article 15 GDPR)

Without prejudice to any other administrative or judicial action, the interested party may lodge a complaint with the competent supervisory authority on the Italian territory (Guarantor Authority for the protection of personal data) or the one that carries out its duties and exercises its powers. in the Member State where the violation of the GDPR took place.

In order to ensure that the aforementioned rights are exercised by the interested party and not by unauthorized third parties, the owner of the site may request the same to provide any additional information necessary for the purpose.

Place of data processing

The data processing takes place at the Site Owner, at the address shown on this website in the Home Page and / or in other web pages of the same site.

To contact us, the interested party can contact the aforementioned address.

E - Data Controller and Data Processor

The Data Controller and Data Processor is the Site Owner whose data are reported on this website in the Home Page and / or in other web pages of the same site.

 

EXTENDED INFORMATION ON COOKIES

Ref .: Identification of simplified procedures for information and the acquisition of consent for the use of cookies. Provision no. 229 of 8/5/2014 - Published on the Official Gazette 126 of 3/6/2014

We take the privacy and protection of our visitors' personal data very seriously. This information therefore has the purpose of explaining what cookies are, how they are used on the Site and how the visitor can make conscious decisions for their management.

This site uses cookies, including from third parties, to offer services in line with the preferences of the navigator and in some cases to send advertising messages. By closing the banner of the brief information on cookies on the site, scrolling the pages, clicking on a link or continuing to browse in any other way, you are consenting to the use of cookies. If you want to learn more or opt out of all or some cookies, read the following in full.

1. WHAT ARE THE SITE AND WHICH COOKIES USES

Cookies are small text strings that the sites visited by the user send to their terminal (usually the browser), where they are stored before being re-transmitted to the same sites at the next visit by the same user. While browsing a site, the user can also receive cookies on his terminal that are sent from different sites or web servers (so-called "third parties"), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) present on the site that the same is visiting.

Cookies, usually present in users' browsers in very large numbers and sometimes even with characteristics of wide temporal persistence, are used for different purposes: execution of computer authentication, session monitoring, storage of information on specific configurations concerning users who access the server, etc ...

In order to arrive at a correct regulation of these devices, it is necessary to distinguish them since there are no technical characteristics that differentiate them from each other precisely on the basis of the purposes pursued by those who use them. Moreover, the same legislator has moved in this direction, which, in implementation of the provisions contained in Directive 2009/136 / EC, has brought back the obligation to acquire the prior and informed consent of users to the installation of cookies used for purposes other than purely technical ones (see art. 1, paragraph 5, letter a), of Legislative Decree no. lgs. May 28, 2012, n. 69, which modified art. 122 of the Code).

In this regard, and for the purposes of this provision, two macro-categories are therefore identified: "technical" cookies and "profiling" cookies.

to. Technical cookies

The site uses first-party technical cookies (session, functionality and in some cases analytics in aggregate form) and possibly third-party technical cookies.

Technical cookies are those used for the sole purpose of "carrying out the transmission of a communication over an electronic communications network, or as strictly necessary for the provider of an information society service explicitly requested by the subscriber or user to provide this service "(see art. 122, paragraph 1, of the Code).

They are not used for other purposes and are normally installed directly by the owner or manager of the website. They can be divided into navigation or session cookies, which guarantee the normal navigation and use of the website (allowing, for example, to make a purchase or authenticate to access restricted areas); analytics cookies, similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users and how they visit the site; functionality cookies, which allow the user to browse according to a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service provided.

For the installation of these cookies, the prior consent of the users is not required, while the obligation to provide information pursuant to art. 13 of the Code, which the site manager, if he uses only such devices, will be able to provide in the manner he considers most suitable

However, it is possible to block the installation of technical cookies in the manner indicated in paragraph 3 below.

NB: We invite you to consider that, by blocking the installation of technical cookies, or subsequently deleting them, the possibility of accessing the Site, of using it in whole or in part, of enabling or disabling certain functions or of receiving certain services could be totally or partially compromised.

Legal basis of the processing

The use of technical cookies is a treatment carried out in the legitimate interest of the Data Controller; the use of analytical cookies is carried out with the consent of the interested party.

b. Profiling cookies

The site does not use first-party profiling cookies, but could use third-party ones.

Profiling cookies are designed to create user profiles and are used in order to send advertising messages in line with the preferences expressed by the user while surfing the net. Due to the particular invasiveness that such devices may have in the private sphere of users, European and Italian legislation provides that the user must be adequately informed on the use of the same and thus express their valid consent.

The art. 122 of the Code where it provides that "the storage of information in the terminal equipment of a contractor or user or access to information already stored is permitted only on condition that the contractor or user has given their consent after being been informed with the simplified procedures referred to in article 13, paragraph 3 "(article 122, paragraph 1, of the Code).

It is possible to block the installation of third-party profiling cookies in the manner indicated in the following paragraph 3.

Subjects involved: publishers and "third parties"

A further element to consider, for the purposes of the correct definition of the matter in question, is the subjective one. That is, it is necessary to take into account the different subject that installs cookies on the user's terminal, depending on whether it is the same operator of the site that the user is visiting (which can be briefly referred to as "publisher") or a site different that installs cookies through the first (so-called "third parties").

On the basis of what emerged from the public consultation, it is considered necessary that this distinction between the two subjects indicated above be taken into due account also in order to correctly identify their respective roles and responsibilities, with reference to the release of the information and acquisition of the consent of online users.

There are many reasons why it is not possible for the publisher to be obliged to provide the information and obtain consent to install cookies on its site, even for those installed by "third parties". The publisher therefore declines any and all responsibility for any request and / or release of personal data to third-party sites.

 

2. WHO IS REQUIRED TO PROVIDE THE INFORMATION AND TO REQUEST THE CONSENT OF COOKIES

According to the FAQ published by the Guarantor for the protection of personal data, they are required to provide the information and to request consent for the use of cookies:

The owner of the website who installs profiling cookies. We remind you that this site - as mentioned above - does not use first-party profiling cookies.

For third-party cookies installed through the site, the disclosure and consent obligations are imposed on third parties, but the owner of the site, as a technical intermediary between them and the users, is required to include the updated links in the "extended" information to the information and consent forms of the third parties themselves.

 

3. HOW TO DISABLE COOKIES

to. By configuring the browser

The user can decide whether to accept cookies or not. For this purpose, he can use the settings of the Internet browser. Most browsers allow you to manage (view, enable, disable and delete) cookies through the settings.

Consult the user manual of the navigation browser used to find out how to manage cookies. We indicate below by way of example and not exhaustive how to find the instructions provided by the manufacturers of the most popular browsers:

Chrome: for more information visit the dedicated page

Mozilla Firefox: for more information visit the dedicated page

Internet Explorer: for more information visit the dedicated page

Safari: for more information visit the dedicated page

Opera: for more information visit the dedicated page

The links indicated above may be subject to changes in time not due to the site. The same information is, however, easily available using a search engine.

If your browser is not present, refer to the information on cookies provided by the browser itself. If you are using a mobile phone, consult its manual for more information.

Following the disabling of cookies through the browser settings, we remind you of the need to always provide through the same to the elimination of those already present before disabling itself.

N.B .: by indiscriminately blocking the receipt of all cookies, including technical ones, without providing a specific exception for the Site, you may no longer be able to browse the Site or to use all or part of its functions. Furthermore, by deleting all cookies from the browser, technical cookies could also be removed and, therefore, the preferences set using the Site could be removed or the products or services included in the cart could no longer be found.

b. Through the methods made available by third parties

This site may use third-party cookies in certain sections. Among these the main ones are:

Google Analytics Link Link

Google YouTube Link

Google AdSense Link Link

Google Maps Link

Facebook Link (accedere al proprio account > sezione privacy)

Twitter Link Link

LinkedIn Link

Google+ Link

Instagram Link

Pinterest Link

Tumblr Link

Flickr Link

Vimeo Link

AddToAny Link

N.B .: the links indicated above may be subject to changes in time not due to the site. The same information is, however, easily available using a search engine.

c. Through the website www.youronlinechoices.com