Information document pursuant to and for the purposes of Article 13 Regulation (EU) 2016/679 (GDPR)
The reasons for this information
Pursuant to Regulation (EU) 2016/679 (hereinafter "GDPR"), this page describes how personal data are processed. This is a statement that is formulated pursuant to art. 13 GDPR. The information is not valid for other websites of third parties, which may be consulted via links on this website, for which there is no alleged responsibility. Personal data that can be processed Personal data: any information relating to an identified or identifiable physical person («data subject»); a physical person who can be identified, directly or indirectly, with specific reference to an identifier such as the name, shall be considered identifiable, an identification number, location data, an online identifier or one or more elements characteristic of its physical, physiological, genetic, psychological, economic, cultural or social identity(C26,C27,C30 GDPR).
Data from contractors/users
Navigation Data
The computer systems and software procedures responsible for the operation of this site will acquire during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocol. This data category includes the IP addresses or domain names of computers and terminals handled by users, the addresses in URI/URL (Uniform Resource Identifier/Locator) notation of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the computer environment of the user.
Data reported voluntarily
The explicit and voluntary sending of messages to the contact addresses indicated on this site and/or the compilation of data collection forms involves the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered.
Specific information
Specific information may be present on the pages of the Site in connection to particular services or data processing provided.
1. Cookies and other tracking systems . What are they? What are they for?
For the Cookies and other tracking systems refer to the cookie policy in the site’s footer and the following link: https://www.cofimco.com/en/cookie-policy.html
2. WHO IS THE DATA CONTROLLER? HOW TO MAKE CONTACT?
The Data Controller is COFIMCO SRL, with registered office in Via Gramsci 136- 28050 Pombia (NO) in person of the pro tempore legal representative; for any information contact can be made via +39 0321968311; e-mail
3. PURPOSE OF DATA PROCESSING, LEGAL BASIS, PERIOD OF DATA RETENTION AND NATURE OF THE PROVISION
| PURPOSE OF DATA PROCESSING | LEGAL BASIS | PERIOD OF DATA RETENTION | NATURE OF THE PROVISION |
| Navigation on this website. The data necessary for the use of web services are also processed for the purpose of: • obtaining statistical information on the use of the services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.); • Ensure that the services provided are functioning properly. The data will be used to determine who is responsible for hypothetical computer |
The processing is necessary for the pursuit of the legitimate interest of the controller or third parties, provided that the interests or fundamental rights and freedoms of the data subject that require the protection of personal data do not prevail, taking into account the reasonable expectations of the data subject and the activities strictly necessary for the operation of the site and the navigation itself (Art. 6, par. 1 lett. f and C47 of the GDPR) |
Navigation data will be saved for the entire browsing session. | Data provision is essential for website navigation. |
| Use of cookies and comparable technologies. The cookie policy can be found in the site's footer. |
For cookies and similar non-technical technologies required, the processing is based on consent to the processing of personal data (art. 6 par. 1 lett.a. and C42, C43 of the GDPR). Consent is granted through the site's banner and cookie policies. |
Refer to cookie policy in the site’s footer. | Refer to cookie policy in the site’s footer. |
In addition to navigation, we will process personal data for the following reasons:
| PURPOSE OF DATA PROCESSING | LEGAL BASIS | PERIOD OF DATA RETENTION | NATURE OF THE PROVISION |
| A) Contact requests and/or information can be submitted via a special form. | Processing is necessary for the implementation of pre-contractual measures adopted At the request of the person concerned (C44) Art. 6, |
1 year from request | The data provision is necessary. Failure to provide data will make it impossible to comply with the requests of the data subject. |
| B) Direct marketing entails sending advertising materials or selling directly, as well as conducting market research, commercial and promotional communication, and newsletters. Reporting systems are employed by the Data Controller to evaluate and enhance the outcomes of automated communication. Thanks to the reports, the Data Controller will be able to know, for example: the number of readers, openings, unique "clickers" and "clicks"; the devices and operating systems used to read the communication; the details of the activity of individual users; the detail of the e-mails sent, e-mails delivered or not, of those forwarded; All these data are used for the purpose of comparing, and possibly improving, the results of communications. |
The processing of personal data is contingent on consent (C42, C43) art. 6 par. 1 lett. a) of the GDPR. |
Until consent withdrawal of (or opt-out) |
The transfer is not mandatory. Failure to provide the necessary data will make it impossible to receive direct marketing communications |
| C) Assessing applications received by filling out data collection forms. | The interested party (C44) requires processing to execute pre-contractual measures Art. 6, par. 1, lett. b) GDPR |
Maximum 24 months from receipt. | The data provision is necessary. Failure to provide data will make it impossible to follow up the requests of the data subject |
| D) MANAGEMENT OF YOUR REQUESTS and requests of other data subjects, pursuant to art. 15 and ss of the GDPR (rights of the data subject). | The processing is necessary to fulfil a legal obligation to which the data controller is subject to (C45) Art. 6 par. 1 lett. c) of the GDPR |
5 years from the closing of the request, unless contentious | The provision of personal data is mandatory, as it is essential to be able to comply with legal obligations. |
4. To whom will personal data be communicated? Recipients of data
Personal data will be communicated, also based on the purposes provided for in specific areas, to subjects who will process data as independent data controllers or data processors (art. 28 GDPR) and processed by natural persons (art. 29 GDPR) acting under the authority of the Data Controller and Data Processors on the basis of specific instructions provided for the purposes and methods of processing, for specific purposes according to the area of reference. The data will be communicated to recipients belonging to the following categories:
• subjects providing services for the management of the information system used by Cofimco Srl and telecommunications networks;
• freelancers, firms or companies in the context of assistance and consultancy relationships;
• authorized agents and dealers;
platform operators for the services listed above (e.g. site hosting);
• upon request competent authorities for compliance with legal obligations and/or provisions of public bodies;
• company of the Group.
Data Processors list is available by writing to
5. Will the data be transferred to non-EEA countries?
Personal data will not be transferred to non-EEA countries.
6. What are your rights? How can you exercise them?
You can assert the rights as expressed by art. 15 and s.s. GDPR, by contacting the Data Controller at
To stop receiving automated direct marketing communications (e-mail, SMS messages, instant messaging) write an e-mail to
In the event that the data subject considers that the processing of Personal Data carried out by the Data Controller is in breach of the provisions of Regulation (EU) 2016/679, the data subject has the right to lodge a complaint with the Supervisory Authority, In the Member State where he regularly resides or work or in the place where the alleged violation of the Regulation (Guarantor Privacy https///www.garanteprivacy.it/) has occurred, or to bring an action before the appropriate courts.
If the data subject considers that the processing of personal data carried out by the Data Controller infringes the provisions of Regulation (EU) 2016/679, the data subject has the right to lodge a complaint with the Supervisory Authority, specifically in the Member State where he regularly resides or work or in the place where the alleged violation of the Regulation (Guarantee Privacy https///www.garanteprivacy.it/) occurred, or to bring the matter before the competent courts.
7. INFORMATION AMENDMENTS
The Data Controller reserves the right to modify, update, add or remove parts of this information. In order to facilitate the verification and modification of the text, the information will contain the date of update.
Update date: 04 April 2024
