PRIVACY POLICY AND NOTICE

TECHNICAL

To help you understand the meaning of some commonly used technical terms, below are some definitions:

1.     IP Address

• An identifier for the user's computer assigned by the Internet service provider;

• the IP address alone is not considered personal data because it is often assigned at random, i.e. it changes every time according to the connection;

• it may be used for diagnostic and optimizing purposes by the service provider.

2.     Cookies

• strings of information, sent by the service provider server to the user's computer. They contain the user name, so that the administrator may identify the user's computer and track his/her favorite sites on the Web.

• Cookies may be:

  o   transient, also called session or "per-session" cookies , if they are erased when the user ends the connection. They are used to optimize navigation;

  o   persistent, if they are stored on a user's hard drive, unless the user himself/herself deletes the cookies; they are used to collect a large variety of information, which can be tracked by the supplier of the service for different purposes.

• It is possible to check the use of cookies through specific browser set-ups: e.g. Internet Explorer permits, both for non-stored (per-session) cookies and stored cookies, to opt for full activation, activation after receiving a warning message and confirmation or deactivation.

3.     Internet Tags

Computer functions made up by smaller cookie strings, mainly used to record technical information such as user IP and browser type. They are also called invisible GIFs, clear GIFs, 1-by-1 GIFs or single-pixel GIFs.

4.     Browsing data

They are files residing on the provider servers, also called log files, clickstream data, server logs; they may automatically register data relating to a connection for different purposes:

§  accounting-administrative functions

§  tracking of type of user access (e.g.: system administration, type of browser, date and time of visit, images or texts selected, purchases (if any), file download, screen set-up, etc.) also to improve the contents of the site.

5.     E-Mail

Electronic mail service managed by a provider through the Internet.

6.     Mailing list

• A list used for sending e-mails and/or newsletters.

• A list of addresses which automatically receive forwarded messages.

7.     Registration

The process of making a person’s identity known to a system, associating a unique identifier with that identity, and collecting and recording the person’s relevant attributes into the system.

The user is required to provide some data, either on an mandatory or a voluntary basis, to improve the relation, with possible contractual implications inherent to the type of services provided. Specific information and, if appropriate, the relevant consent are required.

LEGISLATIVE

To assist you in understanding the privacy policy we have provided, we list the meaning of the main terms therein:

The Processing is any operation or set of operations on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction, even if carried out with the aid of automated processes.

Personal data is any information relating, directly or indirectly, to an individual (e.g., name, an identification number, location data, an online identifier, one or more characteristic elements of his or her physical, physiological, genetic, mental, economic, cultural or social identity, etc.).

The data subject is the individual whose personal data are being processed.

The data controller is the natural or legal person, public authority, service or other body which, individually or jointly with others, determines for what purposes and in what form personal data are to be processed.

The data processor is the natural or legal person, public authority, department or other body that processes personal data on behalf of the controller (e.g., companies that provide services for and process personal data on behalf of other companies).

A personal data breach is a security breach (physical or cyber) that accidentally or unlawfully results in the destruction, loss, modification, unauthorized disclosure of, or access to, the personal data processed.

The Data Protection Officer is the person whose task is to perform support functions for corporate functions and control with respect to the processing of personal data. He or she is also responsible for cooperating with the Supervisory Authority and is the point of contact, including with respect to data subjects, for matters relating to the processing of personal data.

The Garante per la Protezione dei Dati Personali is Italy's supervisory authority for personal data protection.