Cookie Policy Integration

PRIVACY POLICY NOTICE PURSUANT TO ART. 13 OF EU REGULATION 2016/679

with regard to personal data processed through cookies and any other tracking technologies used on this website

Data protection is a very serious matter for us, so we would like to inform you about the way in which your data is processed and the rights you can exercise under current data protection legislation, in particular EU Regulation 2016/679 (hereinafter also: “GDPR”).

This privacy policy notice supplements the further privacy policy notices already provided by the Data Controller regarding any other data processing carried out on this website or other relations with the same. Therefore, with reference to everything that is not expressly stated in this privacy policy notice, full and complete reference is made to the aforesaid further privacy policy notices already provided by the Data Controller (including with regard to any processing carried out through the management of the “contact” form or any other forms, please refer to the specific privacy policy notices).

In any case, please refer to the Privacy Policy Notice for further details not mentioned in this notice.

In addition to and in derogation of what is stated in the “Cookie Policy Notice”, we specify that what is stated in the latter document and in the aforementioned notice, applies to all users or persons who navigate on this site, www.in-domus.it, even if they are not resident in the European Economic Area or in Switzerland.

Who is the Data Controller? And where can I contact him?

1. Data controller

In-Domus S.r.l.
Via Mario del Monaco, 4,
20157 MILAN (MI)
Telephone contact details: 02 45377590
Email contact details: privacy@in-domus.it

2. Purposes, basis of processing and categories of processed personal data

With regard to the purpose of processing and the type of data processed, as well as the relevant retention periods, please refer to what is specified for each type of cookie used, respectively, under the heading “WHICH COOKIES THE www.in-domus.it website USES” and, above all, to the Cookie Policy that can be consulted here,

specifying that we process data relating to the IP address, as well as other navigation data, detectable by means of cookies and any other tracking tools active and/or used on the aforementioned site, and that the legal basis relating to processing carried out solely by means of technical cookies, which do not require the prior consent or acceptance of the user/concerned party, is the legitimate interest (ex-art. 6 paragraph 1 (f) of the GDPR). As regards all other types of cookies, classifiable as NON-TECHNICAL, the legal basis is express consent (ex-art. 6 paragraph 1 (a) of the GDPR).

——————————————————————————————————-

3. Use of cookies

The following information is provided to the user in implementation of the provision of the Italian Data Protection Authority of the 8^th of May 2014 “Identification of the simplified procedures for the provision of privacy policy notices and the acquisition of consent for the use of cookies” and the subsequent Guidelines on cookies and other tracking tools, dated 10 June 2021 (issued by the aforementioned Data Protection Authority).

WHAT ARE COOKIES?

Cookies are small text strings that a website can send, while you are browsing, to your device (be it a PC, a notebook, a smartphone, a tablet; they are usually stored directly on the browser used for browsing). The same website that sent them can then read and record cookies that are on the same device to obtain various types of information. Which ones? For each type of cookie there is a well-defined role.

HOW MANY TYPES OF COOKIES EXIST?

There are three basic macro-categories, with different characteristics: technical cookies (which in turn can be divided into necessary or navigation cookies and functional cookies), analytical (or statistical) cookies and profiling cookies.

Technical cookies are generally necessary for the website to function properly and to allow navigation; without them you may not be able to view pages correctly or use certain services. For example, a technical cookie is needed to keep you logged in throughout your visit to a website, or to store language settings, display settings, and so on. Technical cookies can be further distinguished into:

• browsing cookies, which ensure normal navigation and use of the website (enabling, for example, a purchase to be made or authentication to access restricted areas);
• functionality cookies, which allow the user to navigate according to a set of selected criteria (e.g. language, products selected for purchase) in order to improve the service rendered to the user;

The following categories of cookies also exist:

• analytics cookies, which can be assimilated to technical cookies only where they are used directly by the site operator to collect information, in aggregate form, on the number of users and on how they visit the site itself, as well as where the further specific requirements of the aforementioned Guidelines, mentioned in the introduction above, are met, and which hardly (or hardly ever) occur;
• Profiling cookies are more sophisticated! These cookies have the purpose of profiling the user and are used in order to send advertising messages in line with the preferences expressed by the user while browsing.

Profiling and analytical cookies can also be called or classified as non-technical.

Cookies can, again, be classified as:

• session cookies, which are deleted immediately when the browser is closed;
• persistent cookies, which – unlike session cookies – remain in the browser for a set period of time. They are used, for example, to recognize the device connecting to the site by facilitating authentication operations for the user.
• first-part cookies, i.e. cookies generated and managed directly by the operator and/or owner of the website on which the user is browsing.
• third-party cookies (third-part cookies), which are generated and managed by parties other than the operator of the website and/or website owner on which the user is browsing (also under a contract between the website owner and the third party). Third-party cookies may also include the profiling cookies (or non-technical cookies in general) mentioned and described above (for such possible types of cookies, please refer to what has been said above, also with reference to the prior acquisition of free consent). With regard to third-party cookies, detailed and updated information on their use and on the relevant deadlines can be found on the specific information pages of the third parties, which can be accessed via links provided in the description of the individual cookies used. In this regard, please refer to the Cookie Policy which can be consulted here.

*****

WHICH COOKIES USES In-Domus S.r.l.?

On this website, the Data Controller ONLY USES THIRD-PARTY COOKIES, INCLUDING, in addition to technical cookies (in particular functional cookies), MARKETING COOKIES THAT MAY BE CONSIDERED PROFILING COOKIES, AS WELL AS STATISTICAL OR ANALYTICAL COOKIES, WHICH CANNOT BE CONSIDERED COMPLETELY ANONYMOUS under the aforementioned Guidelines.

WITH RESPECT TO DETAILED INFORMATION ON THE COOKIES USED BY THE DATA CONTROLLER on this website, or which may be installed via the same, PLEASE REFER TO THE COOKIE POLICY available here.

In this regard, we specify and anticipate that, with the exception of cookies or tracking tools defined as ‘Functional’ and therefore ‘Technical Cookies’, all other cookies activated or installed through the aforementioned website fall under ‘NON-Technical Cookies’ (therefore, at least potentially having statistical and/or profiling purposes) and are therefore assimilated to the latter, as well as being optional and activated only following the prior choice or consent of the user/involved.”

With regard to any scripts and web beacons that may constitute tracking techniques and that may be used on the aforementioned website, please refer to paragraph 6 (Present Cookies) of the Cookie Policy for detailed information.

4. Recipients or categories of recipients of personal data (ex-Art. 13(1)(e) of the GDPR) *

Within the scope of the above-mentioned purposes, the data controller may communicate your data to

• Data Controller’s own internal offices and functions;
• Companies and professionals providing IT services, including electronic data processing, software management, site management and IT consultancy;
• Third parties that generate or manage cookies used on the above-mentioned website.

* More information on the Recipients (ex art. 4.9 of the GDPR) is available from the Data Controller at the above-mentioned addresses.

5. Recipients or categories of recipients of personal data (ex-Art. 13 (1)(f) of the GDPR)* and transfer of data to non-EU countries

The Data Controller informs you that it has no intention of transferring your data to countries outside the EU and the EEA for the purposes set out above, subject to any exceptions or derogations relating to any third-party cookies (located in such countries) that may be used in the future on this website, in which case they would be described or detailed individually in a specific paragraph.

* More information on the Recipients (ex-art. 4.9 of the GDPR) is available from the Data Controller at the above-mentioned addresses.

6. Rights of the data subject

The data subject, in relation to the personal data covered by this information notice, is entitled to exercise the rights provided for in the EU Regulation below:

• the data subject’s right of access [Art. 15 of the EU Regulation] (consisting in the possibility of being informed about the processing carried out on one’s personal data and possibly receiving a copy of it);
• Right to rectification of one’s personal data [Art. 16 of the EU Regulation] (the data subject has the right to rectification of inaccurate personal data concerning him/her);
• right to erasure of one’s own personal data without undue delay (‘right to be forgotten’) [Art. 17 of the EU Regulation] (the data subject has, as well as will have, the right to erasure of his or her own data);
• the right to limitation of the processing of one’s personal data in the cases provided for by Article 18 of the EU Regulation, including in the case of unlawful processing or contestation of the accuracy of personal data by the data subject [Article 18 of the EU Regulation];
• right to data portability [Art. 20 of the EU Regulation], (the data subject may request his or her personal data in a structured format in order to transmit them to another data controller, in the cases provided for in the same article);
• Right to object to the processing of one’s own personal data [Art. 21 of the EU Regulation] (the data subject has, as he or she will have, the right to object to the processing of his or her own personal data in the cases provided for and regulated by Art. 21 of the EU Regulation);
• right not to be subjected to automated decision-making processes [Art. 22 of the EU Regulation] (the data subject has, as will have, the right not to be subjected to a decision based solely on automated processing).

With regard to any purposes for which consent is required, the Data Subject may revoke his or her consent at any time and the effects shall run from the moment of revocation, subject to the time limits provided for by law. In general terms, revocation of consent has effect only for the future.

These rights can be exercised in accordance with the EU Regulation by sending an email to privacy@in-domus.it.

In-Domus S.r.l., in compliance with Art. 19 of the EU Regulation, shall inform the recipients to whom the personal data have been disclosed of any rectification, erasure or restriction of processing required, where possible.

In order to allow a faster response to your requests made in connection with the exercise of the aforementioned rights, they may be addressed to the Data Controller by addressing them to the addresses indicated in point 1 and, in particular, to privacy@in-domus.it.

7. Right to lodge a complaint (ex-Art. 13(2)(d) GDPR)

If the data subject considers that his or her rights have been compromised, he or she has the right to lodge a complaint with the Italian Data Protection Authority.

Further information on rights and how to exercise them can be found at http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/4535524 or by sending written notice to the Data Protection Authority.

8. Possible consequence of non-disclosure of data and nature of the provision of data (ex-Art. 13(2)(e) of the GDPR)

8.1 In case of fulfilment of any legal or contractual obligations

Please note that should any processing purposes, other than those listed above, have a legal or contractual (or even pre-contractual) obligation as a legal basis, the data subject must necessarily provide the requested data.

Failure to do so will make it impossible for the Controller to pursue the specific processing purposes.

8.2 In the case of the pursuit of a legitimate interest

Similarly, in relation to the purposes based on a legitimate interest and which do not require consent (i.e. the use of technical cookies), the data subject’s objection entails or will entail the impossibility of proceeding with the fulfilment of the respective purposes and any related activities or services/functions, to which respectively the data subject has objected, without prejudice to the Data Controller’s overriding legitimate reasons or for the protection of rights in judicial proceedings (in relation to which the objection cannot be exercised), specifying that the only way to object in advance to the use of cookies c.d. necessary cookies, would be not to proceed with navigation on this site, without prejudice to the deactivation of such cookies as well, after navigation, by disabling them through the browser (as specified above).

8.3   In case of consent of the data subject

Please be advised that with regard to any purposes (and thus cookies) for which consent has been given as a legal basis, the data subject may revoke his or her consent at any time and the effects will take effect from the time of revocation, subject to the time limits provided by law. In general terms, revocation of consent has effect only for the future. Therefore, the processing that was carried out before the revocation of consent will not be affected and will retain its legitimacy.

Failure to give consent (or withdrawal of consent) may not guarantee the full provision of services or activities, with respect to the individual purposes for which consent is withheld and shall not prejudice or prevent other purposes (and activities related thereto) not expressly affected or affected by the withholding of consent or not based on such legal basis.

When the data are no longer needed, they are routinely deleted; if deletion is impossible or only possible with disproportionate effort due to a particular storage method, the data may not be processed and must be stored in inaccessible areas.

9. Absence of automated decision-making (including profiling)

The use of purely automated decision-making processes as detailed in Article 22 of the GDPR is currently excluded. Should it be decided in the future to establish such processes for individual cases, the data subject will be notified separately if this is required by law or updated in this policy.

10. Processing methods

Personal data shall be processed in computerized and telematic form and entered into the relevant databases, which may be accessed and thus become known to the employees expressly designated by the Data Controller as Persons in charge of and authorized to process personal data, who may carry out consultation, use, processing, comparison and any other appropriate operation, including automated operations, in compliance with the provisions of the law necessary to guarantee, inter alia, the confidentiality and security of the data as well as their accuracy, updating and relevance to the stated purposes.