Cookies

Cookie Policy

The Garante della Privacy with Provvedimento of 8 May 2014 transposed, with effect in Italy from 2 June 2015, European Directive 2009/136/EC, which requires web page administrators to publish information on the cookie policy of the site that visitors are browsing.

This policy also complies with the requirements of the 2020 EDPB European Data Protection Board Guidelines on retargeting, and the new Cookie Guidelines issued by the Garante Privacy on 10 June 2021

On this page you can find the necessary information on the use of cookies carried out on each of the Data Controller’s websites, and how to identify and disable or delete them.

The Site may contain links to other websites that have their own privacy policy, which may be different from the one adopted by the Site’s positioning-seo and which are therefore not responsible for these sites.

What cookies are and how they are used

Cookies are short strings of information (text files) concerning the user’s activity on the website, which websites (so-called “publishers” or “first party”) visited by the user or different websites or web servers (so-called “third parties”) place and store inside a terminal device available to the user browsing the Internet (e.g. a personal computer, tablet, smartphone, or any other device capable of storing information), to then be retransmitted to the same sites that generated them on the next visit by the same user, allowing our website to be used by the user at a later date. a personal computer, a tablet, a smartphone, or any other device capable of storing information), to then be retransmitted to the same sites that generated them on any subsequent visit by the same user, enabling our site to automatically recognise the user (or other users who use the same device) after the first visit and thus improve their user experience.

Their operation is totally dependent on the navigation browser the user is using and may or may not be enabled by the user.

Cookies can perform a variety of important functions, including performing computer authentication, session tracking, storing information about specific configurations of users accessing the server, facilitating the enjoyment of online content, etc. They can, for example, be used to keep track of items in an online shopping cart or information used to fill out a computer form. So-called ‘authentication’ cookies are of particular importance whenever verification is needed as to who is accessing certain services, such as payment.

The same result can also be achieved through the use of other online tracking tools (so-called ‘active’ and ‘passive’ identifiers), which enable processing similar to the above.

Among the ‘passive’ tools, fingerprinting is increasingly used, i.e. the technique of identifying the device used by the user by collecting information on the specific device configuration adopted by the data subject.

This technique can also be used to achieve the same profiling purposes aimed at displaying customised behavioural advertising and analysing and monitoring the behaviour of website visitors.

Fingerprinting and other tracking tools are included in the scope of this Policy.

In order to ensure the best possible navigation at all times, our site offers the best performance with cookies enabled.

Cookies can be:

• first party‘ when they are implemented and managed directly by the website manager, i.e. the data Data Controller (thus without the intervention of third parties);
• third-party‘ when cookies are set and managed by third parties, i.e. outside the first-party website visited by the user.

Third-party cookies fall under the direct and exclusive responsibility of the respective operator, and in relation to their installation the Owner (operator of the first-party site) assumes the role of a mere technical intermediary.

• Persistent or ‘persistent’ cookies: these cookies remain stored on the device even after leaving the website or closing the browser: in particular, they remain until they expire or are manually deleted by the user. Persistent cookies fulfil many functionalities in the interest of surfers (such as storing passwords), but in some cases they may also be used for promotional purposes.
• Session (or temporary) cookies: these have a limited duration during the visit and are deleted when the browser is closed, which ends the ‘session’ of access to the website. As a rule, they allow the user to access personalised services and to make full use of the site’s functionalities, avoiding the use of other IT techniques potentially prejudicial to the confidentiality of users’ browsing.

Purpose of cookies

In general practice, a website may also use the following categories of cookies in combination:

• Technical-functional (or “necessary”) cookies, e.g. for the transmission of session identifiers necessary to enable the safe and efficient exploration of the site. These cookies avoid the use of other information technology techniques that could potentially prejudice the confidentiality of users’ browsing.

For the use of technical cookies, the law requires the mere provision of information to the data subject, as is the case with this communication.

By default, no cookies other than technical cookies are placed on the user’s device when the user first accesses the Data Controller’s website.

• Analytical cookies (so-called “analytics”): these cookies may be either temporary or permanent, and allow the aggregate and/or disaggregated collection and analysis of statistical information relating to access (e.g. geographical area of origin of the user, access tool used, age, etc.) and in general to user behaviour on the site and thus to improve the experience and content provided.

Analytical cookies can only be assimilated to technical cookies if they are made and used directly by the first party site (without, therefore, the intervention of third parties), and:

• are only used to produce aggregate statistics (i.e. without direct and unambiguous identification of the data subject, so called single out) and in relation to a single site or mobile application, so as not to allow the tracking of the navigation of the person using different applications or browsing different websites;

• provision is made for the cookie to be referable not only to one, but to several devices, so as to create reasonable uncertainty as to the computer identity of the person receiving it (e.g. at least the fourth component of the IP address within the cookie is masked for third-party ones);
• third parties receiving them refrain from combining them, even as minimised above, with other processing (customer files or statistics of visits to other sites, for example) or passing them on to third parties.

For example, the first-party site makes use of log files (i.e. it records the history of operations as they are performed) and log files (which include IP addresses, browser type, operating system used by the user’s device, Internet Service Provider (ISP), date, time, entry and exit page and the number of clicks, but also the pages visited on the site, the third-party sites from which the user came).

This is done in order to analyse trends in user behaviour and to administer and optimise the site. The information collected in this way has no personal value as the data is collected and analysed anonymously.

If, on the other hand, analytical cookies are made and/or used by third parties (i.e. other than the first party website owner), they cannot be assimilated to technical cookies and have a different legal treatment.

• Profiling’ (or advertising) cookies (always permanent). These cookies are used to link specific actions or behavioural patterns of the user recurring in the use of the offered functionalities (patterns) to specific identified or identifiable subjects, in order to group the different profiles (aggregated, i.e. anonymous or not) within homogeneous clusters of different sizes, so that targeted advertising messages can be sent, i.e. in line with the preferences expressed by the user while surfing the web (instead of general advertising offered indiscriminately to all) (so-called “behavioral advertising”).
• Social cookies: these cookies are third party cookies i.e. provided directly by the domains of the most common social media networks that are linked to the first party Site (e.g. the Owner’s) via links to official pages, content sharing buttons and links. The use of such buttons and features implies the exchange of information (e.g. text, photographs, videos, etc.) with such sites. The interactions and information acquired by this website are in any case subject to the user’s privacy settings relating to each individual social network. In the event that a social network interaction service is installed, it is possible that, even if users do not use the service, it will collect navigation data relating to the pages where it is installed.

The aforementioned premise does not mean that this website of the Data Controller actually uses all the categories of cookies indicated above. For a list of these active cookies, see below in the LIST OF ACTIVE COOKIES section.

Legal basis for processing

The installation of technical-functional cookies is possible by the Data Controller even without the need for the user’s prior consent, since it is based on the legitimate interest of the Data Controller to make the Website function smoothly, making it possible to access and use the various services published on it, also in the interest of the user himself.

The installation of all non-technical cookies, on the other hand, is subject to the user’s prior consent.

Such consent is given in the simplified forms provided for by the Garante’s Provision of 8.5.2014 as supplemented by the Garante’s Guidelines on Cookies of 10 December 2020 on the use of cookies and other tracking tools, also in the light of EDPB European Data Protection Bard Guidelines No. 5/2020, namely) by using the functions offered by a synthetic banner viewable by the user when first “landing” on our Site.

Such a banner allows for the generation of a further unique action of use of the Site (based on which a click on an option presented as a link/text) with which the user can communicate his/her consent, or, alternatively, access to an analytical (i.e. complete) cookie information, against which the user can express his/her consent or disagreement, with reference to general categories of cookies and/or specific producers and/or intermediaries (third parties) with which our Site has established business relations (so-called “granular consent”).

In particular, when dealing with cookies other than technical ones, the Data Controller uses an immediately appearing banner of appropriate size that contains:

(a) the minimum indication that the site uses technical cookies and, only with the user’s consent, profiling cookies or other tracking tools, indicating their purpose (so-called ‘short information’);

(b) the link to the privacy policy containing the full information on a second layer, including any other recipients of personal data, data retention periods and the exercise of rights under the Regulation;

(c) a command to accept the placement of all cookies or the use of other tracking techniques;

1. d) a link to another dedicated area where you can analytically choose the functionalities, third parties and cookies, possibly also grouped by homogeneous categories, that you wish to install and, by means of two further commands, you can give your consent to the use of all cookies if not previously given or revoke it, even in a single solution, if already expressed; this user choice is also adequately documented by the owner.
2. e) a command (e.g. an X in the top right-hand corner) or a hypertext/link shown to the user as a specific option, to close the banner without giving consent to the use of cookies or other profiling techniques by maintaining the default settings.

Any action by the user based on the aforementioned selection of an element of the banner, such as an image or hypertext/link, which can be qualified as a positive action capable of unequivocally manifesting the will to give consent to processing, generates a more articulated process in which the system automatically determines a log, which can be recorded and documented with a guarantee of integrity at the site server.

NB: It is not necessary to reiterate the user’s consent to the installation of cookies when this has previously been given, validly acquired (and the owner is able to prove this) and there has been no change in the cookies from the list of those for which consent has previously been given or when it is impossible for the site operator (e.g. because the cookies have been deleted by the user or are blocked by the operating system or browser), to know whether a cookie has previously been stored in the device in order to be transmitted again, on a subsequent visit by the same user, to the site that generated it e.g. in the event that the user chooses to delete cookies legitimately installed on his device and the owner has not adopted any other system to keep track of the consent given.

In any case, the user is guaranteed the right to revoke his or her consent to cookies at any time by means of the specific dashboard made available to the user by clicking on the cookie banner published on the home page of the Data Controller’s website. From this restricted area the user will be able to make detailed choices both with regard to the types of cookies and the list of possible third party recipients of the cookies themselves.

The Data Controller refrains from applying any “take it or leave it” mechanism, i.e. whereby the user is obliged to express his or her consent to receiving profiling cookies, failing which he or she will be unable to access the site.

List of active cookies

The list of cookies actually used by the Data Controller in relation to the site(s) referred to in this Cookie Policy is published within the second-level cookie banner that appears to the user when they first land on a page of the site.

By way of example only, some of the above-mentioned active cookies are listed below.

Storage of preferences and settings.

Settings may be stored on the user’s device that allow products to function properly or maintain preferences over time. For example, if a user specifies a login application setting, ALPAC/HELTY may store that data in a cookie to allow the user to view relevant local information when they return to the site. In addition, ALPAC/HELTY saves preferences, such as language settings.

Access and authentication.

When logging in to a site with a personal account, a unique ID number and login time may be identified in an encrypted cookie on the user’s device. This cookie allows the user to move between pages on the site without having to log in again on each page. In addition, the user can save their login information so that they do not have to log in each time they return to the site.

Social media.

Some of our websites include social media cookies, including those that allow users connected to a social media service to share content through that service.

Performance.

In some web applications, load balancing cookies are used to ensure that websites are always operational.

Statistical analytical cookies

The Site uses Google Analytics cookies, which is a web analysis service provided by Google Inc. (an American company, third party, based in 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA), for the purpose of tracking history, counting visits, navigation statistics concerning the users of our website. Google Analytics does not collect any strictly personal information, but only, in aggregate statistical form, data on the age, gender, and interest preferences of our users (in order to better evaluate the use of our website and the activities carried out by the visitor and to better target the services provided, based on the behaviour as noted above).

The ‘Analytics’ feature is in fact configured by default, so as to significantly mask final portions of the user/visitor’s IP address, and therefore the data relating to the IP address thus collected and visible to us is already anonymised at the source and therefore the analytical cookie does not allow our Company to trace even indirectly – in particular, through further processing – the identity of the user/visitor.

These Google cookies are stored on servers located in the United States or other countries. Google reserves the right to transfer the information collected with its cookie to third parties where this is required by law or where the third party processes information on its behalf.

Google may use personal data to contextualise and personalise ads in its advertising network.

The privacy notices concerning the operation and consent to the use of Google cookies are available at the following links:

• Information and general notes on Google’s marketing services http://www.google.it/analytics/learn/privacy.html, https://policies.google.com/technologies?hl=en
• How Google uses data when using Google partner sites or applications https://policies.google.com/privacy/google-partners
• Google Analytics cookie policy https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage,

https://policies.google.com/privacy?hl=en

For the Privacy Policy of Google Analytics, see: https://developers.google.com/analytics/devguides/collection/analyticsjs/cookie-usage

Other active analytics tools (all anonymous aggregate statistics):

• FACEBOOK ANALYTICS,
• LINKEDIN ANALYTICS,
• INSTAGRAM ANALYTICS,
• YOUTUBE ANALYTICS.

Named profiling cookies. Remarketing and behavioural targeting

The remarketing and/or behavioural targeting activity enables a website and its third party partners to communicate, optimise and serve online advertisements based on the user’s past use of this website. This activity is carried out through the tracking of browsing data and the use of cookies, which information is passed on to the third party partners to which the remarketing and behavioural targeting activity is linked.

This site use named profiling cookies, i.e. based on personal identification data.

Our site use:

• remarketing lists on the AdWords search network and Google Display Network ads, i.e. online advertisements based on general interest categories expressed by categories of users through previous web browsing;
• the following advertising functions of Google Analytics:
• Remarketing with Google Analytics
• Google Display Network impression reports (if used via AdWords)

• Integrations with the DoubleClick for Publishers platform (this is an advertising service provided by Google Inc. with which ALPAC/HELTY may conduct advertising campaigns in conjunction with external advertising networks with which ALPAC/HELTY, unless otherwise specified herein, has no direct relationship)

• Google Analytics demographics and interest reports

which enable additional functionalities that are not available through standard implementations of Google Analytics and the associated cookies (in particular, in addition to the data already collected by a standard implementation of Google Analytics, the collection of user traffic data through Google advertising cookies and anonymous identifiers).

For more information on online behavioural advertising and some tips on how to deactivate the display of interest-based advertisements online: www.youronlinechoices.eu/it.

For information on the advertising functions of Google Analytics:

https://support.google.com/adwords/answer/117120?hl=it

Other advertising cookies are processed by ALPAC/HELTY through the following services:

• Monitoring Google Ads conversions

Google Ads conversion tracking is a statistical service provided by Google Inc. – U.S.A that links data from the Google Ads ad network with actions taken within this Web Site. With this technology, cookies are set when you interact with one of our ads, e.g. click on it. This service uses navigation data and cookies. Cookies are used to analyse what happens after you interact with an advert, e.g. whether you have purchased our product, viewed the advert from a mobile phone, downloaded our app or subscribed to a newsletter. Google’s Privacy Policy: https://policies.google.com/privacy?hl=it

For how to deactivate the customisation of Google advertisements see the URL: https://adssettings.google.com/authenticated?hl=it.

• Facebook Remarketing

Facebook Remarketing is a remarketing and behavioral targeting service provided by Meta, Inc. that connects the activity of this Website with the Facebook advertising network in order to provide you with relevant advertisements on the Facebook network, based on the content you have shown interest in on this website. Personal data collected: Cookies; Usage data. Place of processing: U.S.A. – Privacy Policy.

• Linkedin Website Retargeting

LinkedIn Website Retargeting is a remarketing and behavioral targeting service provided by LinkedIn Corporation that links the activity of this Application with the LinkedIn advertising network. Personal data collected: Cookies and Usage Data. Place of processing: U.S.A. – Privacy Policy

• Linkedin Conversion Monitoring

LinkedIn’s conversion tracking is a statistical service provided by LinkedIn Corporation that links data from the LinkedIn ad network with actions taken within this Application. Personal data collected: Cookies and Usage Data. Place of processing: U.S.A. – Privacy Policy.

For more information on online behavioural advertising and some tips on how to deactivate the display of interest-based advertisements online, see www.youronlinechoiches.eu/it or http://optout.networkadvertising.org/?c=1#!/

Retention period of cookies

Cookies are stored by the Data Controller for the durations respectively indicated in the Cookies List in the second layer of the cookie banner published on our Website.

How cookies work and how to disable them

Accepting or rejecting cookies is your right.

Browser Settings

By default, browsers generally accept the use of cookies both from our site and from third-party sites.

In order to allow the site to function properly, take advantage of its functionality and use it in its entirety, we recommend that you accept the use of cookies.

The user is enabled, however, to change the default configuration at any time.

In order to manage the way cookies work, as well as the options for restricting or blocking cookies, it is in fact sufficient for the user to change the settings of his or her Internet browser via its toolbar.

You can choose between

• unconditional acceptance of all cookies,
• the indiscriminate rejection of all cookies, or
• the display of a pop-up window (warning) in order to be able to assess whether or not to accept an individual cookie through an explicit user action.

We provide links to the configuration of the most popular browsers that describe how cookies are handled:

• Chrome: https://support.google.com/accounts/answer/61416?hl=it
• Firefox: https://support.mozilla.org/it/kb/Gestione%20dei%20cookie
• Internet Explorer: http://windows.microsoft.com/it-it/windows-vista/block-or-allow-cookies
• Opera: https://www.opera.com/help/tutorials/security/privacy/
• Safari: https://support.apple.com/it-it/HT201265
• Microsoft Edge: https://support.microsoft.com/it-it/microsoft-edge/eliminare-i-cookie-in-microsoftedge-63947406-40ac-c3b8-57b9-2a946a29ae09

To change cookie settings in browsers other than those listed, please refer to the help documentation provided by the manufacturer of the specific browser.

Remember that you have to set cookie preferences for each browser and each different device (desktop PC, laptop, tablet, smartphone) used to browse the Internet (also refer to the device’s user manual).

For more information on cookies and privacy, please consult the specific document prepared by the Garante della Privacy at the following link:

http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/2142939

Social networking site settings

The management of personal data and how to delete such social cookies is regulated by the social media sites themselves: users are invited to consult the respective privacy policies of each of them at the following links:

• Facebook information: https://www.facebook.com/about/privacy, https://www.facebook.com/legal/FB_Work_Privacy, https://www.facebook.com/help/cookie/ and https://www.facebook.com/policies/cookies/
• Linkedin information: https://www.linkedin.com/legal/cookie-policy, https://www.linkedin.com/legal/privacy-policy?trk=uno-reg-guest-home-privacy-policy,
• Instagram info: https://help.instagram.com/402411646841720
• Youtube information: https://policies.google.com/privacy?fg=1

The use of such cookies is purely anonymous, no personal information is collected unless the user explicitly wishes to provide it by sending contact and/or enquiry forms.

Further information on privacy and the use of social cookies can be found directly on the websites of the respective third-party operators.

Using the user area

Some registered users can update their user settings and profiles, organisation settings and event registrations by logging into their accounts and directly editing their settings or profiles.

Disabling Google Analytics

The user can also selectively disable the action of Google Analytics by downloading and installing the opt-out add-on specially provided by Google for their browser at the following link: https://tools.google.com/dlpage/gaoptout?hl=it.

Disabling the DoubleClick cookie

Users can deactivate DoubleClick’s use of cookies by visiting the DoubleClick deactivation page or the Network Advertising Initiative deactivation page.

More information on cookies

For more information on the Italian rules on cookies, you can consult the Garante della Privacy Guidelines at: https://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/9501061

Rights of the data subject

With regard to the processing of personal data, the data subject, by contacting the Data Controller without any particular formalities at the addresses indicated in this Policy, may exercise the rights set out in Articles 13 to 22 of the GDPR, which are set out below:

• request confirmation as to whether or not personal data concerning him/her are being processed and, if so, to obtain access to the personal data and the following information:
  • the purposes of the processing;
  • the categories of personal data in question;
  • the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organisations;
  • where possible, the intended period of retention of personal data or, if this is not possible, the criteria used to determine that period;
  • the existence of the data subject’s right to request from our Company the rectification or erasure of personal data or the restriction of the processing of personal data concerning him or her, or to object to their processing;
  • the right to lodge a complaint with a supervisory authority;
  • if the data are not collected from the data subject, all available information on their origin;
  • the existence of an automated decision-making process, including profiling and, at least in such cases, meaningful information on the logic used, as well as the importance and expected consequences of such processing for the Data Subject.
• where personal data are transferred to a third country or international organisation, the data subject has the right to be informed of the existence of appropriate safeguards relating to the transfer;
• request, and obtain without undue delay, the rectification of inaccurate data; taking into account the purposes of the processing, the integration of incomplete personal data, also by providing a supplementary declaration;
• request deletion of data if
  1. personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  2. the Data Subject withdraws the consent on which the processing is based and there is no other legal basis for the processing;
  3. the Data Subject objects to the processing, if there is no overriding legitimate reason for processing, or objects to processing for direct marketing purposes (including profiling for such direct marketing);
  4. personal data have been unlawfully processed;
  5. personal data must be deleted in order to comply with a legal obligation under the law of the Union or of the Member State to which the Data Controller is subject;
  6. personal data were collected in connection with the provision of information society services from the Data Controller’s database;
• request the restriction of processing concerning the Data Subject, when one of the following cases occurs:
  1. the Data Subject disputes the accuracy of the personal data; in this case, the restriction of processing (i.e. suspension of processing) may take place for the period necessary for the Data Controller to verify the accuracy of such personal data;
  2. the processing is unlawful (e.g. because the data subject was not provided with the prior information required by law) and the data subject objects to the deletion of his or her personal data (i.e. he or she prefers that we keep them in our paper and/or computer archives) and instead requests that their use be restricted as above;
  3. although our company no longer needs them for processing purposes, the personal data are required by the data subject for the establishment, exercise or defence of a legal claim;
  4. the Data Subject has objected to the processing carried out for direct marketing purposes, pending verification as to whether the Data Controller’s legitimate reasons prevail over those invoked by the Data Subject;
• obtain from the Data Controller, upon request, the communication of the categories of third party recipients to whom personal data have been transmitted;

Notwithstanding the foregoing, the data subject may request from the Data Controller the full name list of third party recipients who have been appointed by the Data Controller as data processors pursuant to Article 28 of the GDPR;

• revoke at any time consent to the processing of personal data where previously communicated for one or more specific purposes; the lawfulness of processing based on consent given before revocation shall remain unaffected.
• Right to portability, which can be exercised by requesting the Data Controller to be able to receive in a structured, commonly used and machine-readable format the personal data concerning the Data Subject that he or she has provided to our Company and, if technically feasible, to have such data transmitted directly to another Data Controller without hindrance on our part, if the following (cumulative) condition is met
  1. the processing is based on the consent of the data subject for one or more specific purposes, or on a contract to which the data subject is party and for the performance of which the processing is necessary; and
  2. the processing is carried out by automated means (software);

[NB: The exercise of the right to portability is without prejudice to the right to cancellation provided for above];

• not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning him or significantly affects him in a similar way. NB: The Data Controller does not operate any automated decision of the aforementioned kind.
• lodge a complaint with the competent supervisory authority under the GDPR (that of your place of residence or domicile). In Italy: Garante per la protezione dei dati personali, Piazza Venezia n. 11, 00187 ROMA (garante@gpdp.it, tel. +39 06 69677.1, fax +39 06 69677.3786).

We try to respond to all legitimate requests within one month and will contact you if we need more information to follow up your request or verify your identity. In some cases it may take longer than one month, taking into account the complexity and number of requests we receive.

Change of policy

This Policy from the date of its publication supersedes any previous version thereof. Unless otherwise notified by the Owner, the new Policy shall be effective from the date of publication on the Site indicated therein.

The Data Controller reserves the right to make changes to this Policy at any time by notifying users on this page, therefore, it is recommended to regularly consult this page to check the most recent version of the Policy, taking as reference the date of last modification indicated at the bottom of the relevant text.

In the event of non-acceptance of future changes, the data subject must cease using the website or functionalities to which the privacy change relates, and in the absence of such abstention, the changes shall be deemed to have been accepted (except for those that modify the conditions for obtaining consent, where mandatory, for processing).

Rev 6.0 of 04.06.2026