top of page

Privacy & Cookie Policy

Dear User,

 

this Privacy Policy is made pursuant to art. 13 and 14 of EU Regulation 2016/679 - (hereinafter only GDPR) and related provisions of the Privacy Code (D.lgs. n. 196/03) amended by Legislative Decree no. 101/18 on the protection of personal data to those who connect to the website and use the related services. This page describes the management of the website https://www.sorean.it/ owned by SOREAN S.R.L. hereinafter also "the Data Controller") and the processing operations of the personal data of the users who access and browse the site. The information refers only to the above mentioned page and not to other websites that may be consulted by the user through special links.

 

1. DATA CONTROLLER OF PERSONAL DATA

 Pursuant to art. 4, point 7 of the GDPR, the Data Controller is the one who "determines the purposes and means of the processing of personal data". Regarding this website, the Data Controller is: SOREAN S.R.L., with registered office in Via Monte Cervino, 3, 20149, Milano - Italia, P.IVA 11296400960, (hereinafter also "the Data Controller").

​

2. PERSONAL DATA PROTECTION OFFICER

The Data Protection Officer (DPO) is a figure provided by art. 37 of the GDPR. to perform support and control functions, advisory, formative and informative, whose designation is mandatory only in the cases provided for by art. 37, par. 1, lett. b) and c), of the GDPR. This figure is not mandatory for the Owner of this website.

 

3. TYPE OF DATA AND PURPOSES OF PROCESSING

   a. Navigation data

The computer systems and software procedures for the operation of this website acquire, during normal operation and for the duration of the connection only, certain personal data whose transmission is implicit in the use of Internet communication protocols.

This is information that is not collected to be associated with identified data subjects, but that by their very nature could, through processing and association with data held by third parties, allow to identify users. This category of data includes the IP addresses or domain names of the computers used by users connecting to the site, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the method used to submit the request to the server (good intent, error, etc.) the country of origin, the various temporal connotations of the visit (for example, the time of stay on each page) and other parameters related to the operating system and the computer environment of the user.

 

This data may be used to:

i) statistics: collection of data and information in aggregate and anonymous form in order to verify the proper functioning of the site. None of this information is related to the natural person-User of the site, and do not allow their identification in any way.

ii) security: collection of data and information in order to protect the security of the site (e.g. firewall filters and virus detection) and Users and to prevent or ascertain illegal behavior to the detriment of the website.

 

   b. Data provided voluntarily by the user

This category includes the following:

  • The data that the user provides by sending e-mail to the e-mail addresses indicated on the Site. In particular, in addition to the e-mail address of the user, necessary to respond, any other personal data contained in the e-mail message will be acquired.

  • The data that the user provides by filling out the form, such as name and surname, e-mail address, professional and commercial data (for example in relation to the reference company and working hours, business location, business model, project information, company turnover);

 

This data may be used to:

  1. customer service: responding to requests for information or requests of any nature related to customer support;

  2. Contract and pre-contractual negotiations;

  3. Defense of the rights and interests of the Data Controller in case of litigation. 

 

   c. Cookies

Cookies are small strings of text that the sites visited by the user send to their terminal (usually to the browser) where they are stored and then transmitted to the same sites on the next visit of the same user.

Some cookies are installed by the site operator (c.d. "first party"). While browsing a site, the user can also receive cookies on his terminal that are sent from different websites or web servers (c.d "third parties"), on which some elements may reside (such as, for example, images, maps, sounds, specific links to pages of other domains) on the site that the same is visiting.

Cookies can also be "session" when the data remains for the duration of a session and is deleted when the user closes the browser used for browsing the web. And persistent cookies, which remain stored in the user’s device for a certain period of time (e.g. to allow easy authentication of the user within the site)

The following are the types of cookies used by the site, with their characteristics, purposes and storage times.

 

1. Technical cookies

Technical cookies allow the transmission of a communication on an electronic communication network, or to the extent strictly necessary to the provider of an information society service explicitly requested by the subscriber or user to provide There are:

  • technical cookies session or navigation that ensure normal navigation and use of the website.

  • technical cookie of functionality and persistence facilitates the user’s navigation on this site avoiding that the brief information on cookies is proposed to the user himself, once this has clicked the 'OK' button on the banner or after the continuation of navigation on the site by the user himself.

 

2. Analytical cookies

Analytic cookies are used to obtain information on the number of users and how they visit the site.  In particular, on the site there are third-party cookies related to statistics (session and persistent): these cookies allow to know how the user visits this site and allow to evaluate and make any changes related to the possibilities of use of information and services (As a mere example and not exhaustive, these cookies: allow you to know the number of visitors to this site, the average time of stay within this site, the channels from which the user accesses this site, the most visited pages, etc.).

​

3. Profiling cookies

The site uses, with the user’s consent, profiling cookies necessary to create user profiles in order to send advertising messages in line with the preferences expressed by the user within the pages of the Site. There are, in particular, third party profiling cookies related to social networks (session and persistent) through the presence of the c.d. 'Social Plugin' (which allow, for example, the user to share the content of the site directly on social networks through a simple click) and by c.d. buttons 'Social Buttons', which could allow a third party to release profiling cookies on the user’s device. Please read the privacy policies of the social network before clicking on the relevant link.

 

4. LEGAL BASIS

The following are the legal bases for the processing of personal data for the purposes indicated in the previous paragraph:

  • purposes stated in § 3, lit. A), points i) and ii), lit. B) point iii), lit. C) point i): legitimate interest of the Data Controller;

  • explicit purposes in § 3, lit. B), points i), ii): contract and pre-contractual negotiations;

  • explicit purposes in § 3, lit. B) point iv) and lit. C) points ii) and iii): consent of the data subject.

 

5. NATURE OF THE TRANSFER

Apart from what is specified for navigation data, the user is free to provide personal data by sending e-mail messages or filling in the functional form to communicate with the Data Controller. In the event that the User decides to use the aforementioned form, the provision of certain data (indicated with *) is mandatory to forward the information to the Data Controller.

If the user provides, publishes, shares or otherwise processes personal data of third parties in the use of the site’s features, he or she hereby guarantees that he or she is entitled to carry out the processing and, where necessary, to have previously acquired the consent of the third party to the processing of information concerning him, assuming all responsibility in this regard with any indemnity to the Owner of the site.

 

5.1 Management of preferences on cookies

When accessing any page of the Site, there is a banner that contains a brief information. Inside the banner there is a link that allows you to access the tool to manage your preferences regarding the installation of cookies. By continuing navigation, by accessing another area of the site or selecting an element of the same (for example, an image or a link), the user provides consent to the use of third-party cookies. Consent to the use of cookies is recorded with a "technical cookie" functionality.

Technical cookies are generated by opening and closing the browser (when you access the session) and are deactivated by clearing the browser cache.

The user can manage the preferences related to cookies directly within their browser and, for example, prevent third parties from installing cookies, delete cookies installed in the past, including the Cookie in which the consent to the installation of Cookies by this site is saved. For more information see the specific help page of the web browser you are using. 

You may exercise the following options:

Block third-party cookies: third-party cookies are generally not indispensable to navigate, so you can refuse them by default, through special browser functions.

Enable the Do Not Track option: Do Not Track option is present in most latest generation browsers. If activated, the site automatically ceases to collect certain browsing data.

Directly delete cookies allows you to delete all cookies in block.

 

With reference to Cookies installed by third parties, the User can also manage their settings and withdraw consent by visiting the relevant opt out link (if available) using the tools described in the privacy policy of the third party or by contacting it directly.

 

6. METHOD AND PLACE OF PROCESSING, COMMUNICATION AND DISSEMINATION OF DATA

The processing of personal data takes place in a lawful, correct and transparent manner and, in any case, in compliance with the provisions of art. 5 and 6 of EU Regulation 2016/679 - GDPR. Your personal data are processed through manual and computer tools with logics strictly related to the purposes for which they were acquired and in any case in order to ensure the security and confidentiality of the data. Data management and storage takes place on servers located within the European Union & US.

Personal Data may be communicated and processed by internal collaborators and/or employees of the Data Controller, as subjects authorised for processing, within the scope of their respective functions and in accordance with the instructions given by the Data Controller.

In some cases, they may be communicated to external parties acting on behalf of the Data Controller, duly appointed, if necessary, Data Processors pursuant to Article 28 of the GDPR on the protection of personal data, such as:

  • Natural and legal persons performing the service of development and maintenance of the site;

  • Natural and legal persons who carry out, on behalf of the owner, the services related to the e-shop, shipping and logistics, payment services;

  • Accountants, lawyers and other professionals to whom the Owner addresses;

  • Financial institutions and public bodies.

The updated list of Data Processors may always be requested from the Data Controller.Please note that your data will not be disclosed to indeterminate third parties.

 

Data may be transferred to countries outside the European Union where it is necessary for the pursuit of the purposes indicated in §3. In this case, the Data Controller ensures that the transfer of data outside the EU will take place in accordance with the applicable legal provisions by stipulating, if necessary, agreements that guarantee an adequate level of protection or by adopting the standard contractual clauses provided by the European Commission.

​

7. CONSERVATION PERIOD

Without prejudice to what has already been stated in relation to cookies, the data collected are kept for the time strictly necessary to carry out the activities specified in §3. Upon expiration the data will be deleted or anonymized, unless there are additional purposes for the conservation of the same. The data for contractual purposes are stored for 10 years, those with statistics are stored in aggregate for 24 months.

​

8. RIGHTS OF THE USER

You can exercise your rights against the Data Controller, using the following contact details: e-mail info@sorean.it.

In order to ensure the proper exercise of rights, it must be clearly identifiable. The Data Controller undertakes to provide feedback within 30 days and, in case of impossibility to respect these times, to motivate the possible extension of the deadline. The feedback will be free of charge except in cases of unfounded (e.g. there are no data concerning the applicant) or excessive requests (e.g. repetitive over time) for which a fee may be charged not exceeding the costs actually incurred for the research carried out in this case.

At any time you can exercise, pursuant to articles 15 to 22 of the GDPR, the right to:

a)   ask for confirmation of the existence or not of personal data;

b)   obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, where possible, the retention period;

c)   obtain the correction and deletion of data;

d)   obtain the restriction of processing;

e)   obtain the portability of the data, that is, receive them from a data controller, in a structured, commonly used and machine-readable format, and transmit them to another data controller without hindrance;

f)    oppose the processing at any time and also in the case of processing for direct marketing purposes;

g)   to oppose an automated decision-making process for natural persons, including profiling;

h)   request the data controller to have access to and to rectify or delete the personal data or to restrict the processing of personal data concerning the data controller or to oppose the processing thereof, in addition to the right to data portability;

i)    withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the withdrawal;

j)  lodge a complaint with a supervisory authority.

You may also manage your preferences regarding the use of cookies in the manner specified in the cookie policy.

 

9. AMENDMENTS TO THIS DOCUMENT

This document constitutes the privacy policy of this site.

It may be subject to change or update. In case of relevant changes and updates, these will be reported with special notifications to users.

bottom of page