Privacy policy

Through this document (privacy policy statement), Giellepi S.p.A., hereinafter referred to as “Data Controller” or “Controller”, with registered office in Via Saffi, 21 – 20123 Milan, Italy, wishes to explain to users how their personal data are processed by (hereinafter referred to as “site” or “the site”).

1.1 Content and information voluntarily provided by the User

1.1.1 Contact data and contents: these are those personal data that the User voluntarily provides to the Application during its use, such as personal data, contact details. This data will be processed following requests made by the User to the Data Controller for information on products or services, via the dedicated forms on the site or the addresses on the site itself.

1.1.2 Personal data collected by social media: users can control the personal data that the site can access via the privacy settings available in the social media in question. For further information, please refer to the cookie policy in the section “Interaction with social networks and external platforms”.

1.1.3 Special category data: special category data are defined as Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, as well as genetic data, biometric data intended to uniquely identify a natural person, data concerning a person’s health or sexual life or sexual orientation.

The site does not ask users to enter their particular/sensitive data; however, it is pointed out that the user, by entering the common data requested and indicated above, could enter information from which his tastes or particular data could be indirectly inferred.

These deductions/information will not be subject to specific and different processing by the site. The inclusion of data, from which the user’s particular data can easily be deduced, constitutes a manifestation of consent to the processing.

1.2 Data and content automatically acquired while using the application

1.2.1 Technical data: the computer systems and software procedures used to operate this site may acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified users, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category includes IP addresses, or the domain names used by users connecting to the application, the URI (Uniform Resource Identifier) notation addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained, etc.

1.2.2 Usage data: for statistical purposes, personal data relating to the use of the application by the user may also be collected, such as pages visited, actions performed, features and services used.

1.2.3 Personal data collected through cookies or similar technologies: the application uses cookies, web beacons, unique identifiers and other similar technologies to collect personal data about the pages, links you visit and other actions you perform when using our services. This data is stored in order to be retransmitted on the next visit by the same user.

The User can view the full Cookie Policy at the following address:


The personal data collected may be used for the performance of contractual and pre- contractual obligations and for legal obligations as well as for the provision of services requested by the user following the submission of requests via the site form or addresses on the site.

Ultimately, the personal data collected may also be processed for purposes related to:
1. usage statistics: to carry out statistical analyses based on point or aggregate data that could make it possible to identify the user;
2. profiling;
3. remarketing.


Personal data are processed by computer and/or telematic tools, with organisational methods and logic strictly related to the indicated purposes.
In some cases, external parties (such as IT companies, service providers, postal carriers, hosting providers, etc.) may also have access to personal data.

These parties, if necessary, will be appointed as Data Processors, as provided for in Article 28 of the European Data Protection Regulation No. 2016/679, by the Data Controller.
The updated list of Responsible Persons can be requested by e-mail at

3.1 Interaction with social networks and external platforms

This type of service enables interaction with social networks or other external platforms, directly from the pages of this site.
Interactions and information acquired from this site are, in any case, subject to the User’s privacy settings relating to each social network.

This type of service may still collect traffic data for pages where the service is installed, even when Users do not use it. It is recommended to disconnect from the every service to ensure that the data processed on this site is not linked back to the User’s profile.

Linkedin social button and widgets (LinkedIn Corporation)
The Linkedin social button and widgets are services for interaction with the Linkedin social network, provided by LinkedIn Corporation.
Personal data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy

Google Maps widget (Google, Inc.)
Google uses the Personal Data collected in order to track and examine the use of this Application, compile reports and share them with other services developed by Google. Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.
Personal data collected: Cookies and Usage Data.
Place of processing: USA – Privacy Policy


The legal basis for the purpose of data processing, relating to the handling of the data subject’s requests, is the data subject’s consent.
The legal basis for the purpose of data
usage statistics is the legitimate interest of the owner, since the analyses are used to optimise the use of the app services.

The legal basis for profiling and remarketing is the data subject’s consent.


Personal data are processed at the data controller’s premises at external data storage facilities located on the Internet, but within the European Community.
For further information, please contact the Controller at the following e-mail address


Data processing is carried out in a manner and with instruments that guarantee the security and confidentiality of personal data, given that the Data Controller has adopted appropriate technical and organisational measures that guarantee, and allow it to be demonstrated, that processing is carried out in compliance with the relevant legislation.


Personal data will be kept for the period of time necessary to fulfil the purpose for which they were collected.
In particular, personal data will be stored for as long as necessary to comply with applicable legal and regulatory obligations, as well as for own or third-party defence purposes. Personal data may be stored for a longer period if necessary to fulfil a legal obligation or by order of an authority.


All personal data collected shall not be subject to any automated decision-making process, including profiling, which may produce legal effects for the individual or which may significantly affect the individual.


Users may exercise certain rights with regard to personal data processed by the Data Controller. In particular, the User has the right to:

  • a)  revoke consent at any time;
  • b)  object to the processing of their personal data;
  • c)  access to their personal data;
  • d)  check and request rectification;
  • e)  obtain restriction of processing;
  • f)  obtain the deletion of their personal data;
  • g)  receive their personal data or have them transferred to another data controller;
  • h)  file a complaint with the data protection supervisory authority and/or take legal

In order to exercise their rights, users may address a request to the Controller’s contact details indicated in the next point. Requests are processed by the Controller as quickly as possible, in any case within 30 days.


The Data Controller may amend or simply update this Policy, in whole or in part, by informing the Users thereof.
Changes and updates will be binding as soon as they are published on the application. The user is therefore invited to read the Privacy Policy each time the application is accessed.

In the event of non-acceptance of the changes made to the Privacy Policy, the user is obliged to cease using this application and may request the Data Controller to remove his or her personal data, as set out above under the heading ‘User Rights’.