I This page describes the way in which the website is managed, with particular reference to the processing of personal data of users who visit and use the site.
It also regards information provided:
- in accordance with article 13 of legislative decree 196/2003 - Code on the subject of the protection of personal data
- in accordance with article 13 of G.D.P.R. 679/2016 - European regulation on the protection of individuals with regard to the processing and free movement of personal data
- in accordance with Provision no. 229 regarding Cookies issued by the Italian Data Protection Authority on 08.05.2014
- in accordance with Recommendation no. 2/2001 adopted by the working group instituted in accordance with article 29 of Directive no. 95/46/EC
which broadly describes the practices adopted by those who interact with the web services of Cola s.p.a.. available at the website www.cogal.com, which is the homepage of the company’s official website.
By using the site, the user therefore declares that he or she has read and understood this policy and accepts it.
1. Data Controller
In all phases of data processing, the Data Controller guarantees the security, confidentiality and protection of persons identified or identifiable after visiting this site, and also guarantees that their personal data is used in accordance with current laws regarding privacy (legislative decree 196/2003 and G.D.P.R. 679/2016).
The Data Controller is identified as Cogal s.p.a., VAT code 00227190162 acting through its pro tempore legal representative, with registered office at Piazza Matteotti no. 20, 24122 Bergamo (BG), Italy Ident. CEE IT 00227190162, CCIAA di Bergamo n°60659, social capital € 6.540.510 i.v. (hereinafter solely referred to as Cogal or the Company), email address email@example.com, pec firstname.lastname@example.org.
2. Data Types
Among the personal data collected from this application/site, autonomously or through third parties, there are: Cookies, use data, e-mail, first name, last name, phone number, address, nation, province, postal code, birth date, username, password, company/business name, tax code, VAT, city.
The IT systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols.
These information aren’t collected to be established to identified interested, but by their very nature could, through elaborations and associations with data hold by third parties, allow to identify the users.
This category includes IP addresses or domain names of computers used by users who connect to the site, addresses in URI notation (Uniform Resource Identifier) of the requested resources, the time of request, the method used in submitting the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response given by the server and other parameters relating to the operating system and to user’s computer environment.
These data are used only to obtain anonymous statistical information on site usage and to check its correct functioning and is deleted immediately after processing. The data could be used to ascertain the responsibility in case of hypothetical computer crimes damaging the site.
Data voluntarily provided by the user
The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender's address, necessary to answer to requests, and of any other personal data inserted in the missive.
Likewise, sending a purchase order involves the acquisition of data and the use of the same in order to permit Cogal fulfil the contractual performance.
The lacked bestowal by some user's personal information could prevent this application/site to deliver their services.
Other personal information
Third parties’ personal data
The user assumes the responsibility for personal data of third parties published or shared through this application and assures to have the right to communicate or disseminate them, in this way freeing the owner by any responsibility towards third parties
3. Mode and place of collected data treatment
Mode of treatment
Personal data are processed with automated instruments, and/or telematics for the time strictly necessary, with organizational mode and logics that are strictly correlated to the achievement of the purposes for which they have been collected.
The owner treats the users’personal data adopting appropriate security measures designed to prevent access, disclosure, modification or unauthorized destruction of personal data.
As well as the Data Controller, access to stored personal data may be given to internal functionaries (administrative staff, salespersons, legal staff, system administrators, interns) or external contractors (such as third party technical service providers, mail couriers, hosting providers, IT companies, communication agencies, banking institutions) that have been expressly appointed, in writing, the task of processing data and - where necessary - have been nominated as Processors on behalf of the Data Controller.
Such parties may in turn process data using other individuals - expressly appointed in writing - that can perform the same tasks, and process data for the same purposes, as those that were bestowed upon the Processors by the Company.
In any case, data processing by such individuals will only occur if it is necessary for carrying out their duties, and only as far as it is required for the completion of said duties.
The updated list of Processors can always be requested from the Data Controller.
Data provided by the user (data subject) may be communicated to other third parties when there is a legal requirement to do so or in order to uphold the Company’s legal rights through the relevant authorities.
The data are processed for the time necessary to perform the service requested by the user, or required by the objectives described in this document, and the user can always ask to stop the treatment or to delete the data.
Purpose of the collected data treatment
Personal data is processed at the Data Controller's operational headquarters and in any other location where parties involved in data processing operate.
The Data Controller does not transfer personal data to third countries or international organisations.
4. Purposes of Data Processing
User data is collected to allow the Data Controller to provide services requested by the user to fulfil any contractual obligations. In particular, it is used for the following purposes: statistics, contact with users, address management, sending emails, interaction with social networks and external platforms, order management, purchased product shipping, invoicing, managing disagreements, and compliance with regulatory obligations with particular regard to accounting and fiscal regulations.
The types of Personal Data used for each purpose are indicated in the specific sections of this document.
5. Details concerning the processing of personal data
Personal data are collected for the following purposes and using the following services:
A. contact the user
Mailing List or Newsletter
By registering to our newsletter or mailing list, the user's e-mail address is automatically added to a list of contacts that may be sent e-mails containing information. including also commercial and promotional concerning this application/site.
This email address may also be added to this list as a result of registration to this application or after a purchase.
Personal data: e-mail and name and surname.
The Client, filling in with his information the contact form, consents to their use in order to answer to information, quotations’ requests, or of any other nature indicated by the header of the form.
Personal data: name, surname, e-mail, address, postal code, Province, nation, and phone number.
B. interaction with social networks and external platforms
The present website uses social plug-ins, or rather special instruments which allow for the incorporation of Social Network-related functions directly into the Website (for example the “Like” function for Facebook).
All of the social network plug-ins present in the website are identified with the relative logo of the social network platform (e.g. Facebook, Google+, Twitter etc.). When one visits a page of the website and interacts with the plug-it (e.g. clicking on the “Like” button) or leaves a comment, the corresponding information is transmitted by the browser directly to the social network platform, where it is memorised.
For information regarding the purpose, type and modality of the collection, processing, use and archiving of the personal data by the social network platforms, as well as the procedures for the exercising of personal rights, the User is invited to consult the privacy policies adopted by the individual social networks.
In the case in which an interaction service with the social network is installed, it is possible that even when the User is not using the service, the latter collects traffic data regarding the pages in which it installed.
This website offers the possibility to connect, also via dedicated links, to other websites owned by companies which are not part of E-Pol, or to connect to the present website from other third-party websites.
The Controller of the website declines all responsibility regarding any requests for and/or the provision of personal data to third-party websites, and regarding the handling of authentication credentials supplied by third-party subjects.
Social widget di Google Maps (Google Inc.) The Pinterest button and Pinterest social media widgets are services that interact with the Pinterest social network, provided by Pinterest Inc. or Pinterest Europe Ltd.
Personal information collected: Cookies and Usage Data.
The services contained in this section allow the owner to monitor and analyze traffic data and to track the user’s behavior.
Google Analylics (Google) Google Analylicsis a service of web analysis turned from Google Inc. ("Google"). Google uses personal information collected in order to trace and examine the use of this application, compile reports and share them with other services developed by Google.
Google may use your personal information to contextualize and personalize the notice of its advertising network.
Personal data collected: cookies and using Data.
Hotjar (Hotjar Ltd) Hotjar is a web analysis and feedback service provided by Hotjar Ltd ("Hotjar"). Hotjar anonymously collects Personal Data in order to examine the use of this Application / Site by tracking the user’s behavior.
Personal data collected: Cookies and usage data.
Yandex Metrica (YANDEX, LLC) Yandex Metrica è un servizio di statistica e heat mapping fornito da YANDEX, LLC. Yandex Metrica può essere utilizzato per individuare quali aree di una pagina sono oggetto del passaggio del cursore o di click del mouse in modo da rilevare quali di esse attraggono il maggior interesse.
Personal data collected: Cookies and usage data.
D. Payment of Services
PayPal (PayPal (Europe) S.à r.l. et Cie, S.C.A.) PayPal is a payment service provided by PayPal (Europe) S.à.r.l. et Cie, S.C.A., which uses the Personal Data, including credit card data, debit card data or pre-paid card data and/or bank account data, in order to manage PayPal services and reduce the risk of fraud.
Personal data collected: Cookies and usage data.
E. Order handling
By sending a purchase order, the User allows the acquisition of the data provided and the use of the same in order to permit Cogal to comply with its contractual services.
The non-provision by the User of certain Personal Data may impede this Application/Website from carrying out the services offered.
F. registration and authentication
With registration or authentication the user enables the application/site to identify him and give him access to facilities.
Depending on what follows, registration services and authentication could be turned with the help of a third party.
If this happens, this application/site can access some data stored by third party service used for registration or identification.
The Client registers by filling out the registration form and providing directly to this application his personal data personal collected: postal code, city, tax code, last name, date of birth, e-mail, Address, nation, Name, telephone number, VAT number, Password, Province and username.
G. Protection against spam
ReCAPTCHA checkbox by Google Plus (Google LCC or Google Italy S.r.l.) The “I'm not a robot” checkbox - not present in the latest version, Invisible ReCaptcha - and any ReCaptcha widgets form part of the protection against SPAM offered by Google LCC.
Personal information collected: Cookies and Usage Data.
6. Rights of data subjects
At any time, data subjects have the right to obtain confirmation that their data are being held by the Data Controller as well as a right to obtain the following information:
- the origin of the personal data;
- the purposes and methods of handling;
- the identity of the owner and any responsible;
- the subjects or categories of subjects to whom data may be communicated or who may become aware.
In accordance with the latest regulatory updates, data subjects can furthermore:
- request the amendment, correction or - if there is an interest to do so - the integration of data;
- request a copy of the data in a structured, commonly used and machine-readable format, and to transmit those data (also directly, if possible) to another data controller without hindrance;
- request to erase, render anonymous or block personal data processed in violation of the law, and oppose their use;
- refuse to give data to the Data Controller or, despite having already consented to their use at any time, revoke that consent knowing that this cannot in any way affect the lawfulness of data processing based on previously-given consent.
Any such requests should be sent to the Data Controller, acting through its pro tempore legal representative, the details of which are listed as follows for the convenience of the user:
- via registered post to Cogal s.p.a., VAT code 00227190162 acting through its pro tempore legal representative, with registered office at Piazza Matteotti no. 20, 24122 Bergamo (BG), Italy.
- via pec at: email@example.com .
Additionally, it is always possible for data subjects to make a complaint to the Data Processing Authority as per the conditions and the forms provided for by law.
Please note that this application/site does not support “Do Not Track” requests. To find out if any third party services support it, users should consult their respective privacy policies.
7. More information on treatment
User’s personal data can be used for defense by the holder in proceedings or preparatory phases to its eventual establishment, from abuses in the use of the same or related services from the user.
The user declares to be aware that the holder may be required to disclose the data at the request of the public authorities.
Log and maintenance
For needs related to operation and maintenance, this application/sites and any third parties used by it services may collect Log Systems, files that record the interactions and which may also contain Personal Data such as the User IP address.
Information not contained in this policy
Further information regarding the processing of personal data may be requested from the Data Controller at any time using the relevant contact information.
We invite you to visit this page often, taking as a reference the date of last modification noted at the bottom.
8. Definitions and legal references
Personal data (or data)
Personal Data means any information directly or indirectly relating to an identified or identifiable individual (the so-called “data subject”) with particular reference to identifiers such as name, identification number, location, online identifier, or one or more of an individual's physical, physiological, genetic, mental, economic, cultural or social characteristics.
These are personal data collected automatically by the application/site (or from third-party applications that it uses), including: IP addresses or domain names of computers used by users who connect to the application, the addresses in URI notation (Uniform Resource Identifier), the time of request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response from the server (successful, error, etc..), the country of origin, the characteristics of the browser and operating system used by the visitor, the time of the visit connotations (e.g. the time spent on each page) and the following itinerary details within your application, with particular reference to the sequence of the pages consulted, the parameters relating to the operating system and the computer environment of the user.
The individual who uses this application/site, which must coincide with the party concerned or be authorized by and whose Personal Data are treated.
Natural or legal person cul personal data refers.
Any operation or set of operations performed on personal data or sets of personal data either with or without the use of automated processes. These include the collection, recording, organisation, structuring, retention, adaptation, alteration, extraction, consultation, usage, disclosure via transmission, dissemination or any other form of distribution, comparison or interconnection, restriction, erasure or destruction.
The controller (or Head)
Owner (or the owner)
The natural or legal person, public administration and any other institution, association or body that compete, even with other holders, decisions in relation to the objectives, the methods of processing of personal data and the means used, including security, in connection with the operation and use of this application.
The data controller, unless otherwise specified, is the owner of this application.
The hardware or software tool by which are collected from the users.
It’s a small piece of data stored within the user's device.
Notice to European users: this privacy statement has been prepared to fulfil the obligations specified in EU Regulation 2016/679 of 27th April 2016 of the European Parliament and the European Council, which concerns the protection of individuals with regard to the processing and free movement of personal data, and which repeals the previous directive 95/46/EC (general data protection regulation).
In accordance with provision no. 229 of 08.05.2014, published on 03.06.2014 by the Data Protection Authority in issue no. 126 of the official journal (Gazzetta Ufficiale) and any subsequent revisions, this cookies policy has the specific aim of illustrating the types and usages of cookies. It also provides information on the steps necessary to refuse or delete cookies used by the website www.cogal.com, which is the home page of the official website of Cogal s.p.a., acting through its pro tempore legal representative, with registered office at Piazza Matteotti, no. 20, 24033 Bergamo (BG), Italy CEE IT 00227190162, CCIAA di Bergamo n°60659, Capitale Sociale € 6.540.510 i.v. (hereinafter solely referred to as Cogal or the Company), e-mail address firstname.lastname@example.org, pec email@example.com.
which, acting through its pro tempore legal representative, is the Data Controller of personal data relating to persons identified or identifiable after visiting this site.
1. COOKIES: WHAT THEY ARE AND HOW THEY WORKS.
Cookies are small text strings that web servers (e.g. websites) send to the user's Internet browser, where they are stored, and then retransmitted to the same websites the next time the same User visits the same websites. They tend to be used to optimize the online experience and navigation on mobile internet websites and/or applications. This website uses or may use, even in combination, the following categories of browser cookies:
a) technical: those cookies which are used with the sole purpose of making the transmission of a communication over an electronic communications network or just to extent the provision of a service expressly requested by the subscriber or the user to provide such a service. They are distinguished into:
browsing cookies - to ensure the normal use of the website, allowing, for example, to make a purchase or log in to access private areas;
cookies analitycs - assimilated to technical cookies when directly used by the website operator to collect information about the number of users and the way they visit the website;
functional cookies - that allow the user to navigate to a selected set of criteria (e.g., language, the products designated to buy, etc.) in order to improve the service provided to the same;
b) session cookies - that are stored on the user's computer to mere technical-functional needs, to the transmission of session identifiers required to allow safe and efficient exploration of the website; they cancel at the end of the "session" (whence the name) with the closure of the browser;
c) persistent cookies - which remain stored on the computer's hard drive until their expiration or deletion made by users/visitors; through persistent cookies visitors accessing the site (or any other users who use the same computer) are automatically recognized at each visit. Persistent cookies allow us to remember your preferences and user-choice selections, meeting many features in the interest of users (as the use of navigation language or the shopping cart purchases on line subscription);
d) "first party" cookies - which are managed directly by the owner and/or Manager of this website;
e) "third party" cookies - which are designed and managed by foreign leaders to the website visited by the User, that fall under the direct and exclusive liability of the operator and are divided into the following macro-categories:
analitycs - are cookies used to collect and analyse statistical information on accesses/visits to the website; these, in some cases, associated with other information such as the credentials submitted for access to private areas (your e-mail address and password) can be used to profile the user (personal habits, visited websites, downloaded contents, types of interactions made, etc.);
widgets - fall into this category all those graphic components of a user interface for a program that aims to facilitate the user interaction with the program itself (e.g. Facebook, Twitter, and Google + cookies widget);
advertising - cookies used to advertise within a site;
web beacons - code fragments that allow a website to transfer or collect information through the request of a graphic image.
There are, finally, the Flash cookies which are different from browser cookies in terms of volume, type, and data storage mode and are used to offer some multimedia contents. If you use some of these contents Google Analytics stores additional data on the computer, known as Flash Cookies by means of which the owner is able to know the total number of times a certain audio/video file is opened, the number of people who use it until the end and how many people instead close it before the end. For info about how to remove or disable Flash Cookies, visit the Adobe website http://www.adobe.com/products/flashplayer/security. It is recalled that limiting and/or eliminating the use of this type of Flash Cookies can preempt the available functions for applications based on Flash technology.
2. INFORMATION ABOUT COOKIES USED ON THIS WEBSITE
2.1. COOKIES OPERATIONALLY REQUIRED
This category of cookies is crucial in order to browse the website and use certain features; without them, in fact, online services such as access to private areas of the website, the shopping cart or the invoice validating the purchase, cannot be provided. These cookies don’t collect information for marketing purposes. You do not need to provide consent for cookies that are strictly necessary, as they are essential to ensure the required services.
2.2. PERFORMANCES COOKIES
These cookies collect information about how visitors use the Website and monitor the Website performances. They, for example, monitor the traffic to this website and build analytical information anonymously. Performances Cookies do not collect information that can personally identify the User and may also be used to identify and correct operational problems. In particular, this Website uses Google Analytics, a web analytics service provided by Google Inc., which uses text files that are stored on the User's computer to allow to Website’s managers to analyze the way it is used. The information generated by the cookies about the use of the website will be transmitted and stored at Google's servers in the United States. Google will use this data in order to track, investigate and compile reports on website activities to acknowledge the operators/managers of the same. Google ensures not to associate the user's IP address with any other data held in order to obtain a user's profile in greater detail. More information can be directly found on the Website http://www.google.com/intl/it_ALL/analytics/learn/privacy.html.
2.3. FUNCTIONAL COOKIES
3. HOW TO CHANGE THE COOKIES SETTINGS
Most of browsers automatically accept cookies, but the User can, at any time, by accessing his browser's settings, check the operating mode of the cookies as well as options to limit or block them. The section "Options" or "Preferences" of the browser’s menu allow the User to avoid using cookies or other User tracking technologies.
The following are the instructions to access the cookie management of the major browsers:
Microsoft Windows Explorer https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies
Apple Safari https://support.apple.com/
Alternatively and/or for any other needs it’s always possible to consult the "Help" section on the browser’s toolbar. For more information about how to manage/delete cookies depending on the type of browser used, it is also possible to visit the English website, www.aboutcookies.org or the www.touronlinechoices.com platform. To delete cookies from the Internet browser of your smartphone/tablet, it is necessary to refer to the device’s user manual.