INFORMATION ON THE PROCESSING OF PERSONAL DATA

pursuant to art. 13 of European Regulation no. 2016/679 (GDPR)

DATA CONTROLLER

The Data Controller is the company COS.PEL. S.r.l. (VAT: IT02145810046), with registered office in Via Venezia, 58 – 12084 Mondovì, ITALY.

E-mail: cospel@cospel.it; Legal mail: cospelsrl@legalmail.it; Tel: +39 0174 69 85 02.

WHAT ARE COOKIES

Cookies are small fragments of text, normally made up of letters and/or numbers, which are sent from the website visited and stored by the software (e.g. a web browser) installed on the device used by the user for navigation. Cookies are then retransmitted to the aforementioned website the next time the user visits it.

Cookies allow information about a user’s visit to a website to be stored and are a very useful technology, because they allow websites to function more efficiently and provide useful information to website operators. Without cookies, or other similar technologies, websites would have no way to “remember” information about visitors, such as how many items the user has placed in the shopping cart or whether or not they logged in.

Cookies can be categorized according to:

  • duration: session or persistent cookies;
  • origin: first-party or third-party cookies;
  • purpose: technical, analytical or profiling

Cookies that expire at the end of a browser session (normally when a user closes their browser) are called session cookies and are useful for example to store a user’s purchase order or for security purposes, such as when accessing their internet banking or webmail account. Cookies, on the other hand, which are stored for a longer period of time (between sessions) are called persistent cookies and are useful, for example, to remember users’ preferences or to offer targeted advertising.

The definition of first party or third party refers to the website or domain that installs the cookie. First party cookies are installed directly from the website the user is visiting, while third party cookies are installed from a different domain than the one the user is visiting, for example if the website incorporates elements from other sites, such as images, social media plugins or advertisements.

It should be noted that the purposes usually served by a cookie may also be achieved by other similar technologies, including the use of certain features that allow you to identify your devices so that you can analyse your visits to a website. This policy applies to any technology that stores or accesses information on your device. This may include, for example, local HTML5 storage, Local Shared Objects (also called flash cookies) and fingerprinting techniques. In particular, device fingerprinting is a technique that consists of combining a series of information in order to uniquely identify a particular device. Examples of the information that device fingerprinting can detect, associate or infer (data derived from the configuration of a device, data derived from the use of particular network protocols, JavaScript, HTTP header information, clock information, installed fonts, plugins installed in the browser).

You can also combine these elements with additional information, such as IP addresses or unique identifiers, etc.

From now on, when talking about cookies, this definition will also include other similar technologies.

PURPOSE, LEGAL BASIS AND CONSERVATION PERIOD

Depending on the purpose, cookies installed on this site are divided into technical cookies, analytical cookies and profiling cookies.

Technical cookies are necessary for the operation of the website because they enable functions to make it easier for the user to navigate, for example, to access his or her profile without having to log in each time or to select the language in which he or she wishes to navigate the website without having to set it each time.

Technical cookies are considered strictly necessary because the storage of information is essential to provide a service requested by the user. Therefore, technical cookies cannot be disabled and no prior user consent is required for their installation (art. 122 of Legislative Decree 196/2003).

Analytical cookies, which may be first or third party, are installed to collect information on the use of the website. In particular, they are useful to statistically analyze accesses or visits to the site itself and to allow the Data Controller to improve its structure, navigation logic and content. The information collected is used to perform statistical analysis in order to improve the use of the site and possibly to make the contents more interesting and relevant to the user’s wishes.

Analytical cookies are not necessary for the functioning of the website, therefore the consent (art. 6.1.a GDPR) of the users is required for installation.

Profiling cookies, which may be first or third party cookies, are used to track the user’s navigation, analyse his/her behaviour for marketing purposes and create profiles regarding his/her tastes, habits, choices, etc. In this way it is possible, for example, to transmit targeted advertising messages in relation to the user’s interests and in line with the user’s preferences when surfing online. These cookies also include social cookies.

Profiling cookies can only be installed on the user’s terminal if the user has given his or her consent (Art. 6.1.a GDPR).

Below, for each type of cookie, the name, whether of the first or third party, the purpose of use and the link and the duration are listed:

Cookie type Provider Purpose URL Duration
Technical cookies
CookieConsent First party Stores the user’s cookie consent status for the current domain https://cospel.it/la-nuova-scommessa-di-cos-pel/ 1 year
ASP.NET_SessionId First party It preserves the user’s status on the different pages of the site. https://catalogo.cospel.it/IT/login.aspx Session
CookieConsent First party Stores the user’s cookie consent status for the current domain https://catalogo.cospel.it/IT/login.aspx 1 year
Analytical cookies
__utma Third party Collects data on the number of times a user has visited the website, as well as data for the first visit and the most recent visit. Used by Google Analytics. https://catalogo.cospel.it/IT/login.aspx 2 years
__utmb Third party Records a timestamp with the exact time the user accesses the site. Used by Google Analytics to calculate the duration of a visit to the site. https://catalogo.cospel.it/IT/login.aspx 1 day
__utmc Third party Records a timestamp with the exact time the user exits the site. Used by Google Analytics to calculate the duration of a visit to the site. https://catalogo.cospel.it/IT/login.aspx Session
__utmt Third party Used to limit the speed of requests to the site. https://catalogo.cospel.it/IT/login.aspx 1 day
__utmz Third party It collects data on where the user came from, the search engine used, the link clicked and the search term used. Used by Google Analytics. https://catalogo.cospel.it/IT/login.aspx 6 months

CONSENT MANAGEMENT

When you first access any page of the website, there is a banner that contains a brief information and the cookie preferences management panel/button through which you can accept all cookies. The user has the possibility to select/deselect individual categories of cookies. The consent to the use of cookies is recorded with a special “technical cookie”.

However, users can also express their preferences about cookies through the settings of the browser used. By default, almost all web browsers are set to automatically accept cookies, but users can change the default configuration through the settings of the browser used, which allow them to delete/remove all or some cookies or block the sending of cookies or limit it to certain sites.

Disabling/blocking cookies or deleting them may compromise the optimal use of certain areas of the site or prevent certain features, as well as affect the operation of third party services.

The configuration of cookie management depends on the browser used. Below are instructions and links to the cookie management guides of the main desktop browsers:

Microsoft Internet Explorer: Click on the gear icon at the top right and select “Internet Options”. In the window select “Privacy”, “Advanced” and adjust the cookie settings. Below is the link for more information:

http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies

Google Chrome: click on the icon with the three dots in the top right corner and then click on “Settings”. Select “Advanced” and in the “Privacy and Security” section click on “Site Settings”.

Then adjust your cookie settings by selecting “Cookies and site data”. Below is the link for more information:

https://support.google.com/chrome/answer/95647?hl=it&p=cpn_cookies%20https://support.google.com/accounts/answer/61416?hl=it

Mozilla Firefox: click on the icon with the three horizontal bars at the top right and select “Options”. In the window select “Privacy and Security” to adjust the cookie settings. Below is the link for more information:

https://support.mozilla.org/it/kb/Attivare%20e%20disattivare%20i%20cookie

Apple Safari: Select “Preferences” and then “Privacy” to adjust your cookie settings. Below is the link for more information:

https://support.apple.com/it-it/guide/safari/sfri11471/mac

Opera: select the icon with the three horizontal bars at the top right and then on “Advanced”. Select “Confidentiality & Security” and then “Site Settings”. From the “Cookies and site data” section, adjust the cookie settings. Below is the link for more information:

https://help.opera.com/en/latest/web-preferences/#cookies

For browsers other than those listed above, you should consult the relevant guide to find out how to manage cookies.

MANDATORY NATURE OF THE CONFERMENT

The personal data processed through the installation of technical cookies are necessary to ensure correct navigation within the site.

It is optional to provide consent to the installation of analytical cookies and profiling cookies. Your personal data will be processed by these cookies only with your express consent as indicated above.

DATA RECIPIENTS

Personal data may be transmitted to external service providers of the Data Controller, who act as Data Processors, and to internal subjects in charge of data processing, on the basis of specific instructions given by the Data Controller.

Your personal data may be processed, if explicit consent is given, by third parties to whom such data is communicated.

DATA TRANSFER OUTSIDE THE EEA

The data may be processed by parties operating outside the European Economic Area only on the basis of an adequacy decision by the European Commission or other condition provided for in Chapter V of the GDPR.

RIGHTS OF DATA SUBJECTS

Interested parties have the right to:

  1. access to their own data held by the Data Controller,
  2. request their correction and/or deletion, if the conditions are met,
  3. request the restriction of processing, if the conditions are met,
  4. oppose the processing, if the conditions are met,

with direct request to the Data Controller at the above mentioned addresses.

In the event that they believe that the processing of personal data is in violation of the European Regulation 2016/679, the interested parties also have the right to lodge a complaint to the Control Authority in which they usually reside or work (for Italy: Garante per la Protezione dei Dati Personali), or to refer the matter to the competent Judicial Authority.