Cookie Policy.

Who are we and what do we do with your personal data?

Congrify S.r.l., with registered office in Piazza Quattro Novembre No. 4, 20124 Milan, (hereinafter the “Data Controller”), as Data Controller, is concerned about the confidentiality of your personal data and to guarantee them the necessary protection from any event that may put them at risk of violation.

The Data Controller puts into practice for the purpose of policies and practices regarding the collection and use of personal data and the exercise of the rights that are recognized to you by the applicable legislation. The Data Controller takes care to update the policies and practices adopted for the protection of personal data whenever this is necessary and in any case in the event of regulatory and organizational changes that may affect the processing of your personal data.

You can contact the Data Controller PO at [email protected].

How does the Data Controller collect and process your data?

Personal information about you will be processed for:

  1. Browsing the website
The processing of your personal data, such as navigation data, e.g. the IP address and cookies issued by browsing the site are processed by the Data Controller to follow up on the management of the site and to collect information, even of an aggregate nature.

Your personal data will not be in any way disseminated or disclosed to indeterminate subjects.

(a) Communication to third parties and recipients
The communication of your personal data takes place mainly to third parties and/or recipients whose activity is necessary for the performance of the activities related to the aforementioned purposes, and also for respond to certain legal obligations. Any communication that does not respond to these purposes will be subject to your consent.

In particular, your data will be disclosed to third parties/recipients for:

  1. the performance of the service (e.g. IT service provider; navigation optimization);
  2. communications to the financial administration, and to public supervisory and control bodies against which the Data Controller must fulfill specific obligations deriving from the specificity of the activity exercised;
The personal data that the Data Controller processes for this purpose are:
  1. browsing data (IP address, URL).

(b) Cybersecurity reasons
The Data Controller processes, also through its suppliers (third parties and/or recipients), your personal data (e.g. IP address) or traffic collected, or obtained, in the case of services displayed on the website to an extent strictly necessary and proportionate to ensure the security and ability of a network or servers connected to it to withstand, at a given level of security, unforeseen events or illicit or malicious acts that compromise the availability, authenticity, integrity and confidentiality of personal data stored or transmitted.

For these purposes, the Data Controller provides procedures for the management of the personal data breach (data breach).

What are cookies and for what purposes they can be used

A “cookie” is a small text file created by some websites on the user’s computer when he accesses a particular site, with the purpose of storing and transporting information. Cookies are sent from a web server (which is the computer on which the visited website is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on your computer of the latter; they are then sent back to the website at the time of subsequent visits.

Some operations could not be performed without the use of cookies, which, in some cases, are therefore technically necessary. In other cases, the site uses cookies to facilitate and facilitate navigation by the user or to allow them to take advantage of services specifically requested.

Cookies can remain in the system even for long periods and may also contain a unique identification code. This allows sites that use them to keep track of the user’s navigation within the site itself, for statistical or advertising purposes, that is, to create a personalized profile of the user to starting from the pages that the same has visited and then show him and/or send him targeted advertisements (so-called Behavioural Advertising).

Which cookies are used and for what main purpose

The Owner reports below the specific categories of cookies used, the purpose and consequence that derives from their de-selection:

Name Provider Purpose Expiration Type Statement
_tccl_visitor Go Daddy Statistics 30 minutes HTTP Cookie Please read the Dodaddy Privacy Statement.
_tccl_visit Go Daddy Statistics 30 minutes HTTP Cookie Please read the Dodaddy Privacy Statement.
_ga Google Analytics Statistics 1 year HTTP Cookie Please read the Google Privacy Statement.
_ga_LG7QEFC9B5 Google Analytics Statistics 90 days HTTP Cookie Please read the Google Privacy Statement.
Google Fonts Google Fonts API Functional immediately HTTP Cookie Please read the Google Privacy Statement.
Third-party cookies

Third-party cookies are also operating on this website, i.e. cookies created by a website other than the one the user is currently visiting. To view the complete and always updated list of third-party cookies, deselect and enable cookies, consult the page “cookie preferences”

What happens if you don’t provide your data?

We invite you to read the consequences of deselecting individual cookies, as shown in the table above.

How, where and for how long is your data stored?

For detailed information about data retention please refer to the table above.

How we process your data

The processing of personal data is carried out through IT procedures by specially authorized and trained internal subjects. They are allowed access to your personal data to the extent and within the limits in which it is necessary for the performance of the processing activities that concern you.

The Data Controller periodically checks the tools through which your data are processed and the security measures provided for them, of which it provides for constant updating; checks, also through the subjects authorized to process, who are not collected, processed, stored or stored personal data whose processing is not necessary; verify that the data is stored with the guarantee of integrity and authenticity and their use for the purposes of the treatments actually carried out.

Where we process your data

The data is stored in computer and telematic archives located within the European Economic Area. The personal data (name, surname, email) entered for the subscription to the newsletter are stored in computer and telematic archives located mainly inside the European Economic Area. The Data Controller guarantees compliance with appropriate security measures, for more information you can write to [email protected].

How long we process your data

We invite you to read the terms of retention of personal data as indicated in the table above.

Site navigation:

Personal data is kept for the time necessary to allow navigation of the site and in any case no later than 28 days, except in cases where events occur that involve the intervention of the competent Authorities also in collaboration with third parties/recipients to whom the Data Controller’s information security activity is entrusted, to carry out any investigations into the causes that led to the event, as well as to protect the interests of the Data Controller relating to any liability related to the use of the site and related services.

What are your rights?

At any time, free of charge and without special charges and formalities for your request, you can:

  1. obtain confirmation of the processing carried out by the Data Controller;
  2. access your personal data and know its origin (when the data are not obtained from you directly), the purposes and purposes of the processing, the data of the subjects to whom they are communicated, the period of retention of your data or the criteria useful to determine it;
  3. update or rectify your personal data so that they are always accurate and accurate;
  4. delete your personal data from databases and/or archives, including backups of the Data Controller, if, among others, they are no longer necessary for the purposes of the processing or if this is assumed as unlawful, and always if the conditions provided for by law are met; and in any case if the processing is not justified by another equally legitimate reason;
  5. limit the processing of your personal data in certain circumstances, for example where you have challenged its accuracy, for the period necessary for the Data Controller to verify its accuracy. You must be informed, in a reasonable time, even when the suspension period has been completed or the cause of the limitation of processing has disappeared, and therefore the limitation itself is revoked;
  6. obtain your personal data, if received or processed by the Data Controller with your consent and/or if their processing takes place on the basis of a contract and with automated tools, in electronic format also at in order to transmit them to another data controller.

The Data Controller must proceed in this sense without delay and, in any case, at the latest within one month of receiving your request. The deadline may be extended by two months, if necessary, taking into account the complexity and number of requests received by the Data Controller. In such cases, the Data Controller, within one month of receiving your request, will inform you and inform you of the reasons for the extension. To exercise your rights, write to [email protected].

How and when can you object to the processing of your personal data?

For reasons related to your particular situation, you can object to the processing of your personal data at any time if it is based on legitimate interest, by sending your request to the Data Controller, address [email protected].

You also have the right to delete your personal data if there is no legitimate reason prevailing from the one that gave rise to your request.

Who can you file a complaint with?

Without prejudice to any other administrative or judicial action, you can file a complaint with the competent supervisory authority or the one that carries out its duties and exercises its powers in Italy where you have your habitual residence or work or if different in the Member State where the violation of Regulation (EU) 2016/679 (GDPR) took place.