The data controller is Elica S.p.A., with registered office in Via Ermanno Casoli no. 2 – 60044 Fabriano (AN) – Italy, F.C. COMPANY REGISTRY AN 00096570429, Telephone +39 0732 610 1, Fax +39 0732 610 249, e-mail: email@example.com (hereinafter referred to as the “Data Controller“).
DPO can be contacted at e-mail address: firstname.lastname@example.org
What is a cookie?
Cookies (or markers) are small text files that are sent from the web server visited by the user, to the user’s device (usually to the browser) when the latter accesses a particular web site for storing and transporting information. Cookies are stored in order to recognize the device at every visit. On each subsequent visit, cookies are sent from the user’s device back to the web site.
Each cookie generally contains the name of the server from which the cookie was sent and its expiry date in addition to a value, usually a unique number randomly generated by the computer.
First-party and third-party cookies
Cookies can be installed not only by the same provider of the web site visited by the user (first- party cookies), but also by a different web site installing them through the first web site (third- party cookies), which is able to recognize them. This happens because there may be some elements (images, maps, sounds, links to web pages of other domains, etc.) on the web site visited, which are actually on other servers and not on the one of the visited site.
Technical, analytical and profiling cookies
According to their purpose, cookies are divided into two categories: technical cookies and profiling cookies.
Technical cookies are installed for the sole purpose of “carrying out the transmission of certain information on an electronic communications network, or insofar as this is strictly necessary for the provider of an information service to provide the services requested explicitly by the subscriber or user.” (see Art. 122, para. 1, Privacy Code). They are usually used to allow efficient navigation between pages, store user preferences, store information on specific user configurations, perform user authentication, etc..
Technical cookies can be divided into browser cookies, which are used to record useful data for the web site standard navigation and usage on the user’s computer (allowing, for example, to memorize the preferred size of the page in a list) and functional cookies, which allow the website to memorize the choices made by the user in order to optimize its operation (for example, functional cookies allow the website to memorize a user’s specific settings, such as country selection and, if set, permanent login status). Some of these cookies (called essential or strictly necessary) enable some features which are necessary to perform certain operations.
Pursuant to the aforementioned Art. 122, para. 1 of the Privacy Code, the use of technical cookies does not require any consent by users, just the obligation to inform them.
Pursuant to the aforementioned Provision, the so-called analytics cookies are assimilated to technical cookies – and therefore their installation doesn’t require any user consent – should they be:
Profiling cookies are used to track the user’s navigation, analyze their behavior for marketing purposes and create profiles based on their tastes, habits, choices, etc. in order to send targeted advertising messages in relation to their interests and in line with the preferences expressed when browsing online. As pursuant to art. 122 of the Privacy Code, these cookies may be installed on the user’s terminal only upon their consent after being informed in the simplified manner indicated by the Italian Data Protection Authority in the Provision (publication on the web site of a “short” policy, contained in a banner appearing immediately on the home page (or another page through which the user can access the web site), which refers to an “extended” policy and that can be accessed through a link to be clicked by the user).
Persistent and session cookies
Based on their duration, a distinction is made between persistent cookies, which are stored on the user’s device until they expire unless the user removes them, and session cookies, which are not stored persistently on the user’s device and disappear when the browser is closed.
List of cookies used by this web site
This web site makes use of technical cookies, installed by the site itself for the purposes indicated below.
This type of cookie cannot be disabled and their installation does not require the prior consent by users, pursuant to art. 122 of the Privacy Code, as indicated above.
|Name||First-party or third-party||Purposes||Duration|
|PHPSESSID||Elica||Stores session status||Session|
After the above-mentioned retention periods have elapsed, data will be destroyed or rendered anonymous, subject to technical deletion and backup procedures.
Data relating to cookies, for which consent is not required, is necessary for the provision of the related service; therefore, failure to provide such data will make it impossible to provide the requested service.
The processing activity connected to the web services of this Web Site is carried out by personnel, expressly authorized upon receiving adequate operating instructions.
Data may also be processed by third parties, on behalf of the Data Controller, designated as Data Processors pursuant to Article 28 of the GDPR, such as natural and/or legal persons who carry out activities connected to the aforementioned purposes, for example the company that is in charge of the management and maintenance of the Web Site.
Data may be communicated to autonomous data controllers, such as authorities and supervisory and control bodies entitled to request/receive the data, as well as to third party providers (or vendors) that are listed in the above tables containing the list of cookies, which also include a link to the relevant policy.
Should data be transferred to countries outside the European Union (EU) or the European Economic Area (EEA) that have not been deemed adequate by the European Commission, then the “transfer tools” referred to in Article 45 of the GDPR will be used, considering the possible adoption of “additional measures” to ensure a level of protection which is substantially similar to the one required by EU law. For further information, please see the links in the policy of the third parties indicated in the table.
Users can also express their options on cookies through the settings of the browser they use. Even if the web browser used by the user is set to automatically accept cookies, the user can change the default configuration through the settings menu, thus deleting and/or removing all or some cookies, blocking the sending of cookies or limiting it to certain web sites. Disabling, blocking or deleting cookies may affect the optimal use of certain areas of the Web Site or prevent certain features of the Web Site, as well as affect the operation of third-party services. Below are the links to the guides of cookie management for the main browsers:
For browsers not included in the aforementioned list, it is necessary to consult the relevant guide in order to understand how to manage cookies.
In relation to the processing of personal data carried out by the Data Controller, the data subject,- in addition to what has been specified in the preceding paragraph- , may exercise the rights set out in Articles 15 to 22 of the GDPR, where applicable, and, in particular, may request access to the data concerning them and to the information referred to in Article 15 (purposes of data processing, categories of personal data, etc.), and their cancellation in the cases provided for in Article 17, the amendment of inaccurate data, the integration of incomplete data, the limitation of data processing in the cases provided for by art. 18, as well as data portability (i.e. to receive data in a structured, commonly used and machine-readable format, and, if technically feasible, to transmit them to another data controller without any hindrance) in case the processing is based on a consent or contract and is carried out with automated tools.
To exercise their rights, the data subject may contact the Controller at the contact points indicated in section 1.
The data subject shall have the right to lodge a complaint with the competent supervisory authority in the Member State in which he/she normally resides or works or in the State in which the alleged violation occurred.