PRIVACY E COOKIE POLICY
This notice, intended for all individuals
who browse this portal
(hereinafter, “Portal”), is given in accordance
with the art. 13 of Reg. (EU) n. 2016/679
(hereinafter "GDPR") and with
the art. 122 of Legislative Decree 196/2003 (hereinafter "Privacy Code") and the decision of
Italian Data Protection Authority of 8 May 2014
,
as supplemented by the decision of 10 June
2021 (hereinafter referred to as "Decision")
.
1.
Identity and contact details of the data controller
The data controller is Amilon S.r.l
., Tax ID and
VAT number 05921090964, with registered office in via Natale Battaglia n. 12,
Milan, e-mail address
privacy@amilon.it
(hereinafter, “
Data
Controller
” or “Amilon”).
2.
Contact details of the Data Protection Officer (DPO
)
The DPO can be contacted at the e-mail address
dpo-ext@amilon.it
.
3.
Type
of data processed
a.
Navigation
data
The computer systems and software procedures
used to operate the Portal acquire, during their regular operation, some
personal data whose transmission is implicit in the use of Internet
communication protocols. This category of data includes IP addresses or domain
names of computers and terminals used by users, URI/URL (Uniform Resource
Identifier/Locator) of requested resources, the time of the request, the method
used to submit the request to the server, the size of the file obtained in
reply, the numerical code indicating the status of the response from the server
(successful, error, etc..) and other parameters regarding the operating system
and computer environment.
These data, necessary for the use of web
services, are also processed to:
-
allow the access to the Portal and the use of the relative functionalities;
-
allow and monitor the correct functioning of the Portal and carry out
maintenance activities;
-
obtaining anonymous statistical information on the use of the Portal;
-
ascertain possible responsibilities in case of hypothetical computer crimes
against the Portal and to exercise and/or defend the Data Controller's rights.
The legal basis of the processing carried out
for the above purposes are the execution of a contract to which the data
subject is a party and the pursuit of the Data Controller's legitimate interest
.
b.
Data provided voluntarily by the user
To benefit of certain services on the Portal it
is necessary to provide personal data, in relation to which please refer to the
specific notice provided upon registration on the Portal and available in the
footer of the Portal.
c.
Information processed through cookies
The Portal uses cookies.
What
are cookies?
Cookies (or markers) are small text files sent by
the web server visited by the user to the user's device (
usually to the user’s browser
), when the latter accesses a site for the
purpose of storing and transporting information. They are stored so that they
can recognize that device on the next visit. On each subsequent visit, in fact,
cookies are resent from the user's device to the site.
Each cookie generally contains the name of the
server from which the cookie was sent, the expiry date and a value, usually a
unique number generated at random by the computer.
First party and third party
cookies
Cookies can be installed not only by the same
operator of the site visited by the user (first-party cookies), but also by a
different site that installs them through the first site (third-party cookies)
and is able to recognize them. This happens because on the site visited there
may be elements (images, maps, sounds, links to web pages of other domains,
etc.) that reside on servers other than that of the site visited.
Technical,
analytical and profiling cookies
Depending on the purpose, cookies can be divided
into technical cookies and profiling cookies
.
Technical cookies
are stored for the sole purpose of "
carrying out the transmission
of a communication over an electronic communication network or as strictly
necessary for the supplier of an information society service explicitly
requested by subscriber or user to provide the service
" (see Art. 122,
paragraph 1 of Privacy Code).
They are usually used to enable efficient
navigation between pages, store user preferences, store information on specific
user configurations, perform user authentication, etc.
Technical cookies can be divided into navigation
cookies, which are used to record data useful for the normal navigation and use
of the website on the user's computer (e.g. allowing the user to remember the
preferred page size in a list), and functional cookies, which allow the website
to remember choices made by the user in order to optimize its functionality
(e.g. functional cookies allow the website to remember specific user settings,
such as country selection and, if set, permanent login status). Some of these
cookies (
so-called “essential” or “
strictly
necessary
”
) enable functions without which certain
operations would not be possible.
Pursuant
to the art. 122, paragraph 1 of the Privacy Code, technical cookies do not
require consent, but it should be explained to the user what they do and why
they are necessary or useful.
Pursuant to the Decision, analytical cookies are
equivalent to technical cookies (and, therefore, users’ consent is not
required) if
:
i)
are stored directly by the owner of the visited website with the purpose to
collect aggregated information on the number of users and how they visit the
website, or
ii)
created and made available by third parties if:
a.
used by the first party website for merely
statistical purposes, where the ability to identify users is reduced (for
example, through hiding significant portions of the IP address) and such data
are processed just for make aggregate statistics in relation to a single website
or a single mobile application (so there is no tracking of the navigation of
the user on different applications or navigating different websites
);
b.
such third parties, who provide the web
measurement service, do not combine, enrich or cross-reference the data, even
minimized as above, with other information available to them (e.g. customer
files or statistics of visits to other sites) or transmit them to other third
parties
.
Profiling
cookies or similar
markers (e.g. pixels,
fingerprints, etc.) are used to track the user's browsing, analyse
his/her behaviour for marketing purposes and create
profiles on his/her tastes, habits, choices, etc. in order to
send targeted advertising messages in relation to the user's interests and in
line with the preferences expressed by the user when browsing online. Pursuant
to Article 122 of the Privacy Code, these tools may be installed on the user's
terminal only if the user has given his consent after being informed in the
simplified manner indicated by the Italian Data Protection Authority
(publication on the site of a ‘brief’ notice contained in a banner that appears
immediately on the home page - or other page through which the user can access
the site -, which refers to an ‘extended’ notice that can be accessed through a
link that can be clicked by the user).
Permanent and session cookies
Based on
their duration, cookies are divided into permanent, which remain stored,
until their expiry date, on the user's device, unless removed by the user, and session
cookies, which are not stored persistently on the user's device and disappear
when the browser is closed.
4.
List of cookies used by the Portal
Technical cookies
The Portal uses cookies or other technical tools installed for the
purposes indicated below, for which the prior consent of the users is not
required pursuant to art. 122 of the Privacy Code
.
Below are listed, for each cookie, the name,
purpose of use and duration.
|
NAME |
FIRST/THIRD PARTY |
DESCRIPTION (PURPOSE) |
DURATION |
|
culture |
Amilon |
Used to distinguish
the user's language
|
Session cookie |
|
.AspNet.Cookies
|
Amilon |
Used to store session data while browsing |
Session cookie |
|
ASP.NET_SessionId
|
Amilon |
Used to store session data while browsing |
Session cookie |
|
TC_OPTOUT |
Amilon |
Used to store
user's cookie consent preferences
|
396 days |
|
TC_OPTOUT_categories
|
Amilon |
Used to store user's
cookie consent preferences
|
396 days |
|
TCPID |
Amilon |
Used to identify
the user who is shown the short notice banner
|
365 days |
|
WID |
Amilon |
Used to identify
when the browser is closed in order to separate pages
views into their respective sessions
|
Session |
Anonymized analytical cookies
The Portal uses analytical cookies created and made available by third
parties to statistically analyse accesses or visits to the Portal itself, to
allow the Data
Controller
to improve the structure, navigation
logic and content and to collect information on the use of the Portal
.
For more details and information, you can visit the following link:
https://support.google.com/analytics/answer/1011397
These cookies, suitably anonymized (by masking significant portions of
the IP address), allow the collection of aggregate information on the number of
users and how they visit the Portal without being able to identify the
individual user. Therefore, the prior consent of users is not required, in
accordance with the provisions of the Decision
.
Below, for each analytical cookie used,
the name, the first or third party to which it refers, the purpose of use and
duration
.
|
NAME |
FIRST / THIRD
PARTY
|
DESCRIPTION (PURPOSE)
|
DURATION |
|
_ga |
Google |
Used
to differentiate
users
|
2 years – 730 days |
|
_gat |
Google |
U
sed
to
distinguish tracks created in the session
|
1 minute |
|
_gid |
Google |
Used to
distinguish pages viewed by users
|
24 hours |
Profiling
tools
On the Portal are not installed profiling
cookies.
5.
Provision
of data
Without prejudice to what has been
indicated above regarding cookies and similar markers used on the Portal,
navigation data are necessary to carry out computer and telematic protocols.
The data subject remains free to give
consent or not to give consent to profiling through the tracking tools
mentioned above.
6.
Recipients
The processing of data related to the web services of the Portal is
carried out by personnel expressly authorized to do so and who have received
adequate operational instructions
.
The data will be processed by Google that will process
them for the purpose indicated in the previous art. 4 as autonomous controller.
The Data Controller transfers the data outside the EU
or the EEA and in particular to the United States,
where the third parties mentioned above and the IT providers involved in the
management/maintenance of the Portal are established, a third country deemed
adequate by virtue of the decision of the European Commission of 10 July 2023 -
EU-US Data Privacy Framework. If data is transferred to countries outside of
the European Union (EU) or the European Economic Area (EEA) that have not been
deemed adequate by the European Commission, the ‘transfer tools’ referred to in
Article 46 of the GDPR will be used.
For more information, see the links to the
privacy policy
of the third parties indicated in the
table
.
7.
Preferences with respect to the installation of profiling cookies
Users are not required to give consent, as
the Portal does not implement cookies that need to be collected.
Users may, however, express their options on cookies also through the
settings of the browser used. Even if the web browser used by the user is set
to automatically accept cookies, the user can modify the default configuration
through the settings menu, deleting and/or removing all or some cookies,
blocking the sending of cookies or limiting it to certain sites. Disabling,
blocking cookies or deleting them may compromise the optimal use of certain
areas of the Portal or prevent certain features of the same, as well as affect
the operation of third party services. Below are the links to the guides to cookies
management for the main browsers
:
-
Safari
-
Opera
For browsers other than those listed above, it is necessary to consult
the relevant guide to identify how to manage cookies
.
8.
Data subjects’ rights
In relation to the processing of personal data carried
out by the Data Controller, data subjects, in addition to what is indicated in
the preceding paragraph, may exercise the rights set out in Articles 15 to 22
of the GDPR, where applicable, including the right to obtain confirmation as to
whether or not personal data concerning them are being processed and, where
that is the case, to request access to the data and to the information referred
to in Article 15 (purposes of the processing, categories of personal data,
etc.), the rectification of inaccurate data and the integration of incomplete
data pursuant to Article 16, the erasure of data in the cases provided for in
Article 17, the restriction of processing in the cases provided for by Article
18, as well as the portability of data (i.e. to receive the data in a
structured, commonly used and machine-readable format, as well as, if
technically feasible, to transmit them to another data controller without
hindrance) in the event that the processing is based on consent or agreement
and is carried out by automated means.
To exercise their rights, the data subjects may
contact Amilon at the contact points indicated in Section 1.
The data subjects have the right to lodge a complaint
with the competent supervisory authority in the Member State where they
normally reside or work or in the State where the alleged infringement occurred.