Cookies Policy – Website Users

Who are we and what do we do with your personal data?

IGD SIIQ S.p.A., hereinafter the Data Controller, protects the confidentiality of your personal data and provides it with the necessary protection from any event that may put it at risk of violation.

For this purpose, the Data Controller implements policies and practices regarding the collection and use of personal data and the exercise of your rights under applicable law. The Data Controller is responsible for updating the policies and practices adopted for the protection of personal data whenever necessary and in any case in the event of regulatory and organisational changes that may affect the processing of your personal data.

The Data Controller appointed a Data Protection Officer (DPO) who you can contact if you have questions about adopted policies and practices. The contact details of the Data Protection Officer are as follows: dpo@gruppoigd.it

 

How does the Data Controller collect and process your data?

Your personal information will be processed for:

  1. Website Navigation
    The processing of your personal data, such as navigation data e.g. IP address and cookies issued by browsing the website are processed by the Data Controller to follow up the management of the site www.gruppoigd.it and to collect information also of an aggregate nature. Furthermore, the Data Controller uses a tracking tool, Matomo, for statistical purposes, through which it collects data in aggregate form only.
    Your personal data will in no way be disseminated or disclosed to undetermined subjects.
  2. Communication to third parties and recipients
    The communication of your personal data takes place mainly towards third parties and/or recipients whose activity is necessary for the performance of the activities related to the aforementioned purposes, and also to respond to certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.
    In particular, your data will be disclosed to third parties/recipients for:
  1. the service performance (e.g. IT service provider);
  2. communication to the financial administration and to the Public supervisory and control bodies in respect of which the Data Controller must fulfill specific obligations deriving from the specific nature of the activity carried out;

The personal data that the Data Controller processes for this purpose are:

  • browsing data (IP address)

3) IT Security reasons

The Data Controller processes, also through its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or collected data traffic, obtained, in case of services displayed on the website, to a strictly necessary and proportionate measure to ensure the security and ability of a network or servers connected to it, at a given level of security, unforesee events or illegal or malicious acts that compromise the availability, authenticity, integrity and confidentiality of stored or transmitted personal data.

For these purposes, the Data Controller provides procedures for the management of the personal data violation (data breach).

 

What are cookies and what are they used for?

A “cookie” is a small text file created by some websites on the user’s computer when the user accesses a particular site, with the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the latter’s computer; they are then re-sent to the website at the time of subsequent visits.

Some operations could not be performed without the use of cookies, which, in some cases, are therefore technically necessary. In other cases the site uses cookies to facilitate and facilitate the. navigation by the user or to allow them to use services specifically required.

Cookies can remain in the system for long periods and may also contain a unique identification code. This allows sites that use them to keep track of user’s browsing, for statistical or advertising purposes, to create a profile from the pages that the user has visited and show and/or send targeted advertising (c.d. Behavioural Advertising).

 

Which cookies are used and what are their main purposes?

The Data Controller reports below the specific categories of cookies used, the purpose and the consequence deriving from their de-selection:

TYPE OF COOKIE FIRST/THIRD PARTY PURPOSE RETENTION TIMES CONSEQUENCE IN CASE OF DESELECTION
Technical Cookies FIRST PARTY Site management.  They allow the operation and safe and efficient exploration of the website Session These are necessary cookies for the use of the site, block them does not allows them to function
THIRD PARTY Term left to the decision of the third party
Analytics cookies FIRST PARTY Collect information in aggregate form on the users browsing for optimize the browsing experience and services themselves 1 day
1 year
It wouldn’t be possible for the Data Controller acquire the aggregate information
THIRD PARTY Term left to the decision of the third party
Profiling cookies FIRST PARTY Create user profiles to proceed with sending advertising messages in line with preferences expressed by the user while browsing Session It wouldn’t be possible proceed with the profiling activity finalized to sending promotional messages
THIRD PARTY Term left to the decision of the third party

 

Third party cookies

Third party cookies are also used on this website, namely cookies created by a website other than the one that the user is currently visiting.

In particular, users are informed that the website uses the following services that release cookies:

  • Google: the cookies installed are used, if technical, to save the user’s preferences on the cookies installed or the interactions with Google Maps. To consult the privacy policy, as well as express your consent to the use of these cookies, please refer to the website https//policies.google.com/technologies/cookies?hl=en-US
  • Soundcloud: the cookies installed are used, if technical, to allow 3D viewing of the site and, if profiling one, to improve and develop embedded content. To consult the privacy policy, as well as express your consent to the use of these cookies, please refer to the website https://soundcloud.com/pages/cookies/03-2018#:~:text=We%20use%20our%20own%20cookies,qc%E2%80%9D)%20are%20SoundCloud%20cookies .
  • Youtube: the cookies installed are used, if technical, to save the user’s preferences on the cookies installed or to optimize the quality of the videos and, if profiling, to record the user ID in order to create a statistic of the videos viewed on YouTube or to track user interactions and preferences with the embedded content. To consult the privacy policy, as well as express your consent to the use of the aforementioned cookies, please refer to the website https://policies.google.com/technologies/cookies?youtube%20cookie%20policyhl=en-US
  • hcaptchathe cookie installed is used to protect the newsletter subscription form from spam and bots. To consult the privacy policy, as well as express your consent to the use of the aforementioned cookies, please refer to the website https://www.hcaptcha.com/gdpr

 

Social Buttons

On the website www.gruppoigd.it there are particular “buttons” (called “social buttons/widgets”) that depict the icons of social networks (e.g. Facebook, linkedin, etc.) and other web services (e.g. Youtube, etc.). The same allow users who are browsing the Data Controller’s web page to access the social networks of reference with a “click”. In this case, the social network and web services collect data relating to the user, while the Data Controller will not share any browsing information or user data collected through its website with social networks and web services accessible through social buttons/ widgets. These services release “third-party cookies”. Here are the links to the privacy policies of the most used social networks and websites to which the buttons refer:

 

Deselection and activation of cookies “Modify your consent

You can, at any time, manage your preferences by clicking on the red button located at the bottom left of the screen and then clicking on “Modify your consent”.

 

What happens if you do not provide your data?

We invite you to read the consequences deriving from the deselection of individual cookies, as shown in the table above.

 

How, where and for how long are your data stored?

How we process your data

The processing of personal data is carried out through IT procedures by specifically authorized and trained internal subjects. They are allowed to access your personal data in the measurement and limits that are necessary for the performance of the data processing activities that concern you.

The Data Controller periodically checks the tools by which your data are processed and the security measures required for them which foresees constant updating; verifies, also through the authorized data process subject that personal data which do not need to be processed, are not collected, processed, archived or stored; verifies that the data are stored with the guarantee of integrity and authenticity and guarantees their use for the carried out data process purposes.

Where do we process your data

Your data shall be stored in computer and telematic archives located also outside the European Economic Area. In particular:

  • USA – Provision of standard contractual clauses in order to ensure adequate guarantees, including regarding the rights of data subjects with regard to the transfer of personal data outside the EU.

How long do we process your data

  • Cookie: We invite you to read the retention terms of personal data as indicated in the previous table.
  • Website navigation: Personal data are kept for the necessary time to allow navigation on the website and in any case no later than 6 months, except in cases of events that involve the intervention of the competent Authorities, also in collaboration with third parties/recipients to whom the IT security activity of Data Controller is entrusted, to carry out any investigation into the causes of the event, as well as to protect the interests of the Data Controller relating to any liability related to the use of the site and related services.

 

What are your rights?

At any time and free of charge, without special charges and formalities, you can request:

  • obtain confirmation of the data processing carried out by the Data Controller;
  • access your personal data and know its origin (when the data are not obtained from you directly), the purposes and scope of the processing, the details of the subjects to whom the data are communicated, the conservation period of your data or the criteria used to determine it;
  • update or rectify your personal data so that they are always exact and accurate;
  • delete your personal data from the databases and/or archives, including backups, of the Data Controller in the event, among others, in which they are no longer necessary for the processing purposes or if this is assumed to be illegal, and always if there are conditions required by law; and in any case if the processing is not justified by another equally legitimate reason;
  • limit the processing of your personal data in certain circumstances, for example where you have contested its exactness, for the necessary period for the Data Controller to verify its accuracy. You must be informed, in a reasonable time, also of when the suspension period has been completed or the cause of the limitation of the processing has ceased, and therefore the limitation itself has been revoked;
  • obtain your personal data, if received or processed by the Data Controller with your consent and/or if their processing takes place based on a contract and with automated tools, also to transmit them to another data controller in electronic format.

The Data Controller must proceed in this sense without delay and, in any case, at the latest within one month from receiving your request. The deadline can be extended by two months, if necessary, considering the complexity and number of requests received by the Data Controller. In such cases, the Data Controller, within one month of receiving your request, will inform you giving the reasons for the extension. To exercise your rights, write to the address privacy@gruppoigd.it

 

How and when can you object to the processing of your personal data?

For reasons related to your own particular situation, you can object to your personal data processing at any time if it is based on a legitimate interest, by sending your request to the Data Controller to the email address privacy@gruppoigd.it

You have the right to have your personal data deleted if there is no legitimate reason overriding the one that arise your request.

 

Who can you complain to?

Without prejudice to any other administrative or judicial action, you can lodge a complaint with the competent supervisory authority or the one that carries out its duties and exercises its powers in Italy where you have your habitual residence or work or if different, in the State member where the violation of the Regulations has occurred (UE) 2016/679.