REGULATORY FRAMEWORK
Directive 2002/58/EC on the “processing of personal data and the protection of private life in the field of electronic communications”.
Regulation (EU) 2016/679 of the European Parliament and of the Council dated 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data and repealing. Directive 95/46/EC (“General Data Protection Regulation”).
THE DATA CONTROLLER
While consulting this web site, data concerning identified or identifiable persons can be processed. The “Data Controller” is Colussi S.p.A., with registered office in in Via Spadolini, 5 – 20141 Milan.
PLACE OF DATA PROCESSING and STORAGE TIME
The processing operations connected to the web services of this site are carried out at the aforementioned offices of the Data Controller and are carried out only by personnel expressly authorized by this latter, or by any third-party suppliers appointed as Data Processors pursuant to article 28 of the GDPR. The data collected will be stored – for each type of data processed – only for the time necessary to achieve the specific purposes indicated in the special summarizing information notices displayed in the pages of the web site and drawn up for particular services.
TYPES OF DATA PROCESSED
Browsing data
The information systems and software procedures necessary for the functioning of this website acquire, during their normal exercise, some personal data whose transfer is implicit in the use of the Internet communication protocols.
Such data are not collected to be associated with identified data subjects, but – due to their nature – they could, through processing and association with data held by third parties, allow to identified the users.
To this category of data belong the IP addresses or the domain names of the computers used by the users who connect to the web site, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used while sending the request to the server, the size of the file obtained in response, the numerical codeindicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s information environment.
These data are used for the sole purpose to obtain anonymous statistical information on the use of the web site and to control the correct operation and are deleted immediately after their processing. The data could be used to ascertain the liability in case of possible cyber-crimes against the web site. Except for this possibility, at present the data on web contacts do not persist for more than seven days.
Data provided voluntarily by the user
The optional, explicit and voluntary supply of personal data by the user in the registration forms present on this web site entails the subsequent acquisition of the data provided by the sender, needed to provide the service required.
Such data will be processed by the Data Controller mainly with electronic means, in order to follow up the user’s request (for example asking information). Specific concise information notes will be progressively published or displayed in the pages of the web site prepared on purpose for particular services upon request (i.e. toll-free number in the contact area). The site also contains a toll-free number which the user can call to receive information on our products. By calling the toll-free number, the telephone number of the caller will be visible to personnel authorised by the Data Controller unless the calling user has anonymised it. Under no circumstances will the telephone number be saved by authorised personnel, unless this is necessary to fulfil a specific request from the user (i.e. to contact him/her again following a specific request). The calls will not be recorded and under no circumstances will the personal data collected be disclosed, but we inform you that the personal data may be disclosed to third parties who carry out specific services on behalf of the Data Controller itself, in order to provide the user with a correct and timely response.
COOKIES
Cookies are small text files containing a certain amount of information exchanged between a website and the user’s terminal (usually the browser). Their main task is allowing the web site to work and operate in a more efficient way, as well as providing information to the web site owners. Cookies may be either session cookies or persistent cookies. Session cookies remain stored in the terminal for a short period of time and are deleted as soon as the user closes the browser. Their use is strictly limited to the sending of session identifiers (made up of random numbers generated by the server) necessary to allow the safe and efficient exploration of the web site. Persistent cookies, instead, remain stored in the user’s terminal until a predetermined deadline. Since they are not deleted directly when the browser is closed, they make it possible to remember the choices made by the user on the site as well as to collect information about the pages of the site visited by the user, the frequency with which the site is visited and to identify the browsing path of the users, in order to improve the experience on this site. Cookies, either session cookies or persistent cookies, can be either First-Party or Third-Party cookies depending on whether the entity installing the cookies on the user’s terminal is the same operator of the site which the user is visiting (in which case we talk about First-Party cookies) or a different entity (in which case we talk about Third-Party cookies).
Cookies used by this site
This website makes use both First-Party and Third-Party cookies as it uses the functionality of Google Analytics services offered by Google Inc.
Google Analytics uses “cookies” to collect and analyse information about the use of the websites visited by the user. For more information about Google Analytics cookies and their use by Google Inc. please refer to: http://www.google.com/intl/it/policies/technologies/cookies/ e https://developers.google.com/analytics/devguides/collection/analyticsjs/cookies-usage,
the Google Analytics privacy policy at the address: http://www.google.com/intl/en/analytics/privacyoverview.html
The table below details the cookies currently present on the website.
COOKIE NAME | PREDEFINED EXPIRY | TYPE | COOKIE DESCRIPTION |
_ga | Default expiry is after 2 years | Third-party analytics | This cookie is associated with Google Analytics and is used to distinguish users by assigning to each of them a randomly generated number as an identifier. It is used to calculate the number of visitors to the page, of sessions and of data in order to produce anonymous statistical analysis reports. |
_gid | Default expiry is after 24 hours | Third-party analytics | This cookie is associated with Google Analytics and is used to distinguish users by assigning to each of them a randomly generated number as an identifier. It is used to calculate the number of visitors to the page, of sessions and of data in order to produce anonymous statistical analysis reports. |
_gat | Default expiry is every 10 minutes | Third-party analytics | This cookie is associated with Google Analytics. It is used to speed up access requests. |
In addition to the cookies present in the above table, this web site also uses so-called session cookies. These cookies are not permanently stored on the user’s computer and disappear when the browser is closed. Their use is strictly limited.
Cookie management
Normally, browsers allow you to control most of the cookies via your browser settings. Please note, however, that the total or partial disabling of the so-called technical cookies may compromise the use of the web site’s functions. In any case, if the user does not wish to receive any type of cookies on his/her computer, neither from this site nor from others, he/she can increase the level of privacy protection by modifying the security settings of his/her browser:
Mozilla Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
Google Chrome: https://support.google.com/chrome/answer/95647?hl=it
Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies
Safari 6/7 Mavericks: https://support.apple.com/kb/PH17191?viewlocale=it_IT&locale=it_IT
Safari 8 Yosemite: https://support.apple.com/kb/PH19214?viewlocale=it_IT&locale=it_IT
Safari su iPhone, iPad, o iPod touch: https://support.apple.com/it-it/HT201265
LINKS TO OTHER WEBSITES
This web site may contain links or references for the access to other web sites, such as the social networks Facebook and Instagram. By clicking on the appropriate links you can, for example, share our contents. We inform you that the Data Controller does not control cookies or other monitoring technologies of such websites to which this Policy does not apply.
OPTIONAL NATURE OF DATA PROVISION
Apart from what has been specified concerning the browsing data, the users are free to provide their personal data or not. However, the non-providing can entail the impossibility of obtaining what they asked.
PROCESSING METHODS and STORAGE PERIOD
Personal data are processed even through the use of automated tools, for the time strictly necessary to achieve the purposes for which they were collected. . Personal data are processed also with automated tools, for the time strictly necessary to achieve the purposes for which they have been gathered. Specific safety measures are observed in order to prevent the loss of data, the illegal or wrong use of them. The Data Controller has adopted all the minimum security measures required by law and, drawing inspiration from the main international standards, has also adopted additional security measures to minimise the risks relating to the confidentiality, availability and integrity of the personal data collected and processed.
DATA SHARING, COMMUNICATION AND DISSEMINATION
The data collected may be transferred or communicated to other companies that carry out activities for the data controller which are strictly connected and instrumental to the operation of the service, such as the company So.Gest.I. S.r.l., belonging to the Colussi Group, which manages the personal data of users registered on the Colussi Group’s sites and the computer systems on which they are stored. The personal data provided by users who request information material (brochures, information material, etc.) are used solely for the purpose of providing the requested service and are communicated to third parties only if necessary for this purpose (companies providing packaging, labelling, shipping services). Outside of these cases, personal data will not be communicated unless provided for by contract or law, or unless specific consent is requested from the data subject.
In this sense, personal data may be sent to third parties, but only and exclusively in the case in which:
a) there is explicit consent to share the data with third parties;
b) there is a need to share the information with third parties in order to provide the requested service;
c) this is necessary to comply with requests from the Judicial or Public Security Authorities.
No data deriving from the web service is disclosed.
RIGHTS OF DATA SUBJECTS
Personal data protection legislation expressly provides for certain rights of the subjects to whom the data are referred (so-called data subject). In particular, pursuant to articles 15 et seq. of Regulation (EU) n.2016/679, each data subject has the right to obtain confirmation of the existence of his/her data, to obtain the specification about the origin, purposes and methods of processing, the updating, rectification, integration of data, as well as their cancellation in case they are processed infringing the law or in case one of the reasons specified in article 17 of the EU Regulation 2016/679 should exist.
TRANSFER OF PERSONAL DATA OUTSIDE THE EU
In case it’s needed to transfer data to subjects seated outside the European Union that have to process or access them, the Data Controller obtains the necessary guarantees so that the Data transfer is carried out in compliance with the provisions of Chapter V of the GDPR (verifying for example the possible suitability decision provided by the Personal Data Protection Authority – Garante -, verifying the possible certification of the third subject to the Privacy Shield or, otherwise, drawing up specific standard contractual provisions for the protection of data).
CHANGES TO THESE PRIVACY POLICIES
The Data Controller periodically controls its data protection and security policy and, if necessary, reviews it in connection with modification deriving from regulations or organization or dictated by the technological changes. In case the policy should be modified, the new version will be published on this page of the web site.
QUESTIONS, COMPLAINTS, SUGGESTIONS AND EXERCISE OF RIGHTS
Those who are interested in receiving further information, in contributing their suggestions or making complaints or disputes regarding our privacy policies, the way in which our Company processes personal data, as well as in asserting their rights under data protection legislation, may contact the Data Controller by writing to Sapori 1832, with registered office in Via Spadolini, 5 – 20141 Milan. or by sending an email to
LAW AND JURISDICTION
The interpretation and execution of these conditions are regulated by Italian law. The Court of Milan (Italy), will have exclusive jurisdiction for any dispute howsoever connected to these conditions. The Data Controller reserves the right to obtain urgent remedies from any Court, even abroad,in order to protect its interests and enforce its rights.