Privacy Policies

Data, information and any personal data published on this site may be freely used by those interested in the products of CPL CONCORDIA Soc. Coop.

Following are the main policies provided pursuant to GDPR 679/2016 – the European Regulation on the Protection of personal data.

Identity of the Data Controller

The Data Controller of any processing carried out is CPL CONCORDIA Soc. Coop., with registered and administrative office in Via A. Grandi 39 – 41033 CONCORDIA sulla Secchia (MO), represented by the General Manager pro tempore.
The Data Controller guarantees the security, confidentiality and protection of personal data at its disposal, at any stage of their processing.

 

Data protection officer
The Data Controller has appointed the Data protection officer pursuant to Art. 37, domiciled for the office at the company’s headquarters and can be reached by writing to the email address dpo@cpl.it.

 

Data transfer

The Data Controller will not transfer personal data to third countries or to international organisations for any reason.

Where cloud services are used, providers are selected from among those with servers in Europe. If it becomes necessary to transfer data outside the EU (e.g. in the case of a contract with a multinational company), CPL will check that the suppliers provide adequate guarantees, as required by Art. 46 of the GDPR 679/2016 and update the Privacy Policy.

 

Rights of the data subject

With regard to Art. 15 – right of access, 16 – right of rectification, 17 – right of erasure, 18 – right to restriction of processing, 20 – right to portability, 22 – right to oppose automated decision-making processes of the GDPR 679/16, the data subjects can exercise their rights by writing to the Data Controller CPL CONCORDIA Soc. Coop. at the address above or by email to dpo@cpl.it, specifying the subject of the request, the right being exercised and attaching a copy of an identity document that attests to the legitimacy of the request.
The Data Controller points out in particular that any data subject may exercise the right to object in the form and manner provided for in Art. 21 of the GDPR 679/2016.

 

Lodging a complaint

The data subject has the right to lodge a complaint with the supervisory authority in his or her country of residence. If you believe that the processing of your personal data has been carried out in breach of the legislation on the protection of personal data, you have the right to lodge a complaint with the Italian Data Protection Authority, Piazza Venezia, 11 – 00187 – Rome, using the forms available at the following link https://www.garanteprivacy.it/modulistica-e-servizi-online/reclamo.

 

Automated decision-making processes

The Data Controller does not perform any processing consisting of automated decision-making based on personal data.

This Privacy Policy is provided to individuals acting in the name and on behalf of customers of “CPL CONCORDIA Soc. Coop.”, pursuant to articles 13 and 14 of the GDPR 679/2016 “European Regulation on the Protection of Personal Data”.

 

Source of the data

The personal data processed are those provided by data subjects for:

  • public sources, online contact tracing;
  • participation in events, seminars and conferences promoted by CPL;
  • consent of the data subject (explicit or by an unambiguous positive act, e.g. exchanging business cards);
  • pre-contractual phases, requests for information and estimates, including by telephone and email;
  • sending orders, concluding contracts and their extension;
  • performance of the contractual relationship and related activities;
  • provision of data and sales activities subsequent to the order;
  • compliance with current legislation (e.g. public procurement, occupational health and safety, data protection, taxation, etc.);
  • participation in tenders;
  • receiving communications via PEC certified email;
  • requests for information on previous sales activities;

or, alternatively, they may be contact details of potential customers obtained from parties other than the data subject.

 

Categories of processed data

The data processed may be:

  • personal identification data, professional profile data, banking data, economic data (financial losses, compensation), salary data (remuneration, salary), curricular data;
  • judicial data, self-certifications and declarations of convictions;
  • other certifications, copies of identity documents;
  • images and videos;
  • all data contained on the company servers being backed up;
  • log data, computer traffic, user ID, login credentials;
  • data of family members (related parties).

 

 

As regards processing carried out on the basis of the consent given by the data subject, it should be noted that such processing is the subject of a specific separate policy.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/2016, the data subject can withdraw any consent given at any time.

However, processing covered by this Privacy Policy that is based on a different legal basis is lawful and permitted even in the absence of consent, insofar as it is necessary for the performance of a contract to which the data subject is party or for the fulfilment of their requests or legal obligations.

Withdrawal of consent at any time shall not affect the lawfulness of processing based on the consent given before the withdrawal.

 

Refusal to provide data

Customers cannot refuse to provide the Data Controller with the personal data necessary to comply with the laws that regulate commercial activities and taxes.
The provision of further personal data may be necessary to improve the quality and efficiency of commercial activities.
Therefore, refusal to provide the data required by law or to execute the contract will prevent the execution of orders, while failure to provide further data may compromise in whole or in part the execution of other requests and the quality and efficiency of the commercial activity itself.

 

Data recipients

The personal data processed by the Data Controller will not be disseminated, i.e. they will not be disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.
In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations.

To the extent strictly necessary, they may also be disclosed to parties that for the purposes of processing orders or other requests or services related to the commercial activity or the contractual relationship with the Data Controller must provide goods and/or perform services on behalf of the Data Controller. Finally, they may be communicated to the competent bodies in the event of fulfilment of obligations connected with the regulations in force, as well as to the parties entitled to access them by virtue of provisions of the law, regulations and Community legislation.

This Privacy Policy is provided to individuals acting in the name and on behalf of suppliers of “CPL CONCORDIA Soc. Coop.”, pursuant to articles 13 and 14 of the GDPR 679/2016 “European Regulation on the Protection of Personal Data”.

 

Source of the data

The personal data processed are those provided by the data subject or their employer for:

  • public sources, online contact tracing;
  • pre-qualification and/or qualification activities through a platform dedicated to the Supplier Qualification System;
  • participation in events, seminars and conferences promoted by CPL;
  • consent of the data subject (explicit or by an unambiguous positive act, e.g. exchanging business cards);
  • pre-contractual phases, requests for information and estimates, including by telephone and email;
  • sending orders, concluding contracts and their extension;
  • performance of the contractual relationship and related activities;
  • provision of data and sales activities subsequent to the order;
  • compliance with current legislation (e.g. public procurement, occupational health and safety, data protection, taxation, etc.);
  • participation in tenders;
  • receiving communications via PEC certified email;
  • requests for information on previous sales activities.

 

Categories of processed data

The data processed may be:

  • personal details, contact data, professional profile data, qualifications, licences, copy of ID document, other certifications, training certificates (e.g. health and safety), curricular data;
  • bank data, economic data (financial losses, compensation), salary data (compensation, salary, level, contract date);
  • health data (fitness for work, accidents, medical certificates, etc.);
  • judicial data, self-certifications and declarations of criminal convictions and offences;
  • image on badge, other images and videos;
  • geographical location data;
  • all data contained on the company servers being backed up;
  • any data on PCs, telematic traffic data and user ID, login credentials, log data, telematic traffic, user ID.

 

Data Processors

For the activity of pre-qualification and/or qualification of the Supplier, through the platform dedicated to the Supplier Qualification System, the Company Net4market – CSAmed s.r.l. has been appointed as Data Processor.
Subsequently, in the pre-contractual phase, the Supplier’s data are managed through a dedicated platform and the Company Zucchetti Spa has been appointed as Data Processor.

 

 

As regards processing carried out on the basis of the consent given by the data subject, it should be noted that such processing is the subject of a specific separate policy.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/2016, the data subject can withdraw any consent given at any time.
However, processing covered by this Privacy Policy that is based on a different legal basis is lawful and permitted even in the absence of consent, insofar as it is necessary for the performance of a contract to which the data subject is party or for the fulfilment of their requests or legal obligations.
Withdrawal of consent at any time shall not affect the lawfulness of processing based on the consent given before the withdrawal.

 

Refusal to provide data

Suppliers cannot refuse to provide the Data Controller with the personal data necessary to comply with the laws that regulate commercial activities and taxes.
The provision of further personal data may be necessary to improve the quality and efficiency of commercial activities.
Therefore, refusal to provide the data required by law or to execute the contract will prevent the execution of orders, while failure to provide further data may compromise in whole or in part the execution of other requests and the quality and efficiency of the commercial activity itself.

 

Data recipients

The personal data processed by the Data Controller will not be disseminated, i.e. they will not be disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.
In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations.
To the extent strictly necessary, they may also be disclosed to parties that for the purposes of processing orders or other requests or services related to the commercial activity or the contractual relationship with the Data Controller must provide goods and/or perform services on behalf of the Data Controller. Finally, they may be communicated to the competent bodies in the event of fulfilment of obligations connected with the regulations in force, as well as to the parties entitled to access them by virtue of provisions of the law, regulations and Community legislation.

This Privacy Policy is provided pursuant to Art. 13 of the GDPR 679/16 – “European Regulation on the Protection of Personal Data”, to visitors and in general to all persons temporarily present at the headquarters of CPL CONCORDIA Soc. Coop. in via Grandi 39 – Concordia sulla Secchia, for visits, deliveries, maintenance work and any other occasional or previously agreed event.

 

Source of the data

The personal data processed are those provided by data subjects who enter the offices for:

  • visits or work in the offices;
  • interviews or work sessions in the offices;
  • delivery or collection of goods, parcels, correspondence.

Images of people and means of transport collected through the video surveillance system are also processed, see the ad hoc Privacy Policy.

 

Categories of processed data

The data processed may be data related to personal identification, professional profile and entry card images, other images and videos.

 

 

As regards processing carried out on the basis of the consent given by the data subject, it should be noted that such processing is the subject of a specific separate policy.

 

Data recipients

The personal data processed by the Data Controller will not be disseminated, i.e. they will not be disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.
In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations.
They may also be communicated, to the competent bodies in the event of fulfilment of obligations connected with the regulations in force, as well as to the parties entitled to access them by virtue of provisions of the law, regulations and Community legislation such as, for example:

  • law enforcement authorities;
  • medical specialists in case of accident or illness.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/2016, the data subject can withdraw any consent given at any time.
However, processing covered by this Privacy Policy that is based on a different legal basis is lawful and permitted even in the absence of consent, insofar as it is necessary for the performance of a contract to which the data subject is party or for the fulfilment of their requests or legal obligations or the pursuit of a legitimate interest of the Data Controller.
Withdrawal of consent at any time shall not affect the lawfulness of processing based on the consent given before the withdrawal.

 

Refusal to provide data

Visitors may not refuse to provide the Data Controller with the personal data required to access the site. Therefore, refusal to provide the data will prevent access.

This Privacy Policy is provided pursuant to articles 13 and 14 of the GDPR 679/16 – “European Data Protection Regulation”, to all recipients of written communications from a party acting on behalf of CPL CONCORDIA Soc. Coop. at via Grandi 39 – Concordia sulla Secchia.

The contents of e-mails are to be considered confidential. Therefore, the information contained therein, or included in any attachments, is reserved exclusively for the addressees.
The authenticity of the sender and the content are not guaranteed.

 

Data source and legal basis

The personal data processed are those provided by the data subjects or by other recipients of messages originating from the data subjects and forwarded, or reciprocally transmitted during the exchange of correspondence.
CPL’s databases include contacts and email addresses of companies and entities, including contact persons in legal entities:
i) with whom there have been previous communications by email or other means of communication for pre-contractual or contractual reasons;
ii) or who have voluntarily provided their email address during direct contacts, giving their consent;
iii) or contacts that – based on the recipient’s role – were appropriate within their organisation and that led CPL to believe that the communication sent could respond to a common and legitimate interest.
This is always without prejudice to the possibility for the recipient to exercise their right to object to the processing with the consequent immediate and free interruption of the processing. In general, all contacts and addresses are used by CPL in accordance with the desire and willingness of data subjects to receive communications from the company via email.

 

Categories of processed data

The data processed may be any data contained in the mail.

 

Data storage

As regards attachments contained in email messages received by the respective offices, the retention periods are those laid down for each type of data in relation to the purposes for which it will be processed.
For emails, the retention times are those foreseen for backups following data retention policies that do not exceed 6 months.

 

Data recipients

Persons or subjects other than the addressees and the persons who cooperate with them for the proper fulfilment of the purposes strictly connected with the communication received, also pursuant to Art. 616 of the Italian Criminal Code, are not authorised to read, copy, modify and/or disseminate the message to third parties.

It is prohibited for anyone who receives a communication from CPL in error to use it and bring it to the attention of third parties, while anyone who receives such a communication is obliged to delete it from their mailbox and notify the sender.

 

We inform you that all email addresses of the domain “…@cpl.it” are company emails, and as such are used for work-related communications. Therefore, for operational needs any outgoing or incoming message could be read by parties other than the sender and/or the recipient.

The personal data processed by the Data Controller will not be disseminated, i.e. they will not be disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.

In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations.

To the extent strictly necessary, they may also be disclosed to parties that for the purposes of processing orders or other requests or services related to the commercial activity or the contractual relationship with the Data Controller must supply goods and/or perform services on behalf of the Data Controller in connection with the communication. Finally, they may be communicated to the competent bodies in the event of fulfilment of obligations connected with the regulations in force, as well as to the parties entitled to access them by virtue of provisions of the law, regulations and Community legislation.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/2016, the data subject can withdraw any consent given at any time.
However, processing covered by this Privacy Policy, which are based on the legal basis referred to in letter b) of Art. 6 par. 1 of the GDPR, is lawful and permitted even in the absence of consent, insofar as it is necessary for the performance of a contract to which the data subject is party or for the fulfilment of their requests or legal obligations.
Withdrawal of consent at any time shall not affect the lawfulness of processing based on the consent given before the withdrawal.

 

Refusal to provide data

Natural contact persons of companies and legal entities, identified by their own organisation, for the management of documents related to the execution of a contract or for the fulfilment of legal obligations, cannot refuse to provide the Data Controller with the personal (contact) data necessary to proceed with these activities.
Therefore, refusal to provide the data required by law or to execute the contract will prevent the execution of orders, while failure to provide further data may compromise in whole or in part the execution of other requests and the quality and efficiency of the commercial activity itself.

This Privacy Policy is provided pursuant to Art. 13 of the GDPR 679/16 – “European Regulation on the Protection of Personal Data”, to visitors and in general to all persons temporarily present at the headquarters of CPL CONCORDIA Soc. Coop. in via Grandi 39 – Concordia sulla Secchia, for visits, deliveries, maintenance work and any other occasional or previously agreed event, as they enter the perimeter subject to video surveillance systems.

 

Source of the data

Video surveillance systems.

 

Categories of processed data

Images and videos of people and vehicles collected through the video surveillance system.

 

Purposes of the processing

The above personal data are processed for the purposes of occupational safety and protection of company assets (including crime prevention).

The data are processed in accordance with the provisions of the various trade union agreements signed between the company and the territorially competent trade unions, and in full compliance with the principles of lawfulness, necessity, proportionality, in accordance with the purposes and provisions established by Art. 4 of Italian Law No. 300/70, the Resolution of 8 April 2010 of the Italian Data Protection Authority on video surveillance and Guidelines 3/2019 of the EDPB (European Data Protection Board) on the processing of personal data through video devices.

 

Legal basis of the processing

Visitors’ personal data are lawfully processed to pursue the legitimate interest of the Data Controller.

 

Data recipients

The personal data processed by the Data Controller are not disseminated, i.e. they are not disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.

In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations.

They may also be communicated, to the extent strictly necessary, to the competent authorities in the case of fulfilments connected with current regulations, as well as to the parties entitled to access them by virtue of legal provisions, regulations and Community legislation such as, for example, law enforcement authorities.

 

Data storage

Video recorded images are retained for a maximum period of 7 (seven) days after capture. For particularly important events that may lead to a specific investigative request by the judicial authority or the judicial police, the term of retention of the images is established by the authority itself, or is extended until the request is fulfilled and the investigation concluded.

 

Refusal to provide data

The provision of personal data, insofar as it cannot be avoided in order to access the workplaces of CPL CONCORDIA Soc. Coop., is necessary for the pursuit of the legitimate interests of the Data Controller and is mandatory for the data subject. Therefore, refusal to provide the data will prevent access.

In addition, the data subject is required to comply with company procedures, regulations and practices.

This Privacy Policy is provided pursuant to Art. 13 of the GDPR 679/16 – “European Regulation on the Protection of Personal Data”, to visitors and in general to all persons (not employees) temporarily present at the headquarters of CPL CONCORDIA Soc. Coop. for visits, deliveries, maintenance work and for any other occasional or previously agreed event:

i) who complete the declaration required during the COVID-19 emergency and have their temperature taken, to ensure compliance with CPL safety protocols, as well as those

ii) who, being employed in the private sector, are required to possess and show a COVID-19 Green Pass to access workplaces where work is carried out.

 

Background:

Art. 3 of Italian Decree-Law No. 127 of 21/09/2021, published in the Official Journal No. 226 of 21/09/2021, stipulates that anyone working in the private sector is required to possess and show a COVID-19 Green Pass to access workplaces where work is carried out. CPL CONCORDIA Soc. Coop. has therefore adopted the “Company Protocol – COVID-19 phase 4 rev.0” and carries out the above-mentioned checks in accordance with the procedures contained therein.

If the data subject refuses to produce the aforementioned Green Pass, or if it is found to be invalid, they will not be allowed access to the workplace and persons found to be without a Green Pass will be removed.

 

Source of the data

The personal data processed are provided by the data subjects through the completion of the above declaration during visits or works, interviews or work sessions, delivery or collection of goods, packages, correspondence at the premises; by showing a green pass, as well as having their temperature taken.

 

Processed data

  1. a green pass verified by the “VerificaC19” App (downloaded onto a mobile device or other suitable equipment provided by the Cooperative and set to “basic” verification) which will only show a graphic sign on the device (green light), without recording or storing any data. As of 28/02/2022, the medical certificate for vaccination exemption (issued on the basis of Circular 0035309-04/08/2021 of the Italian Ministry of Health) can only be verified digitally, in the same way as a green pass;
  2. identification details (in particular name, surname and date of birth) of the data subject;
  3. body temperature, without recording or storing it, except in the case of a temperature of more than 37.5°C, as it is necessary to demonstrate the reason for refusing access.

 

Purposes of the processing

The aforementioned personal data are processed during the COVID-19 emergency phase, for the prevention of infection, as well as to fulfil a legal obligation introduced by Italian Decree-Law No. 127/2021.

 

Legal basis of the processing

The personal data of visitors are lawfully processed to fulfil a legal obligation to which the Data Controller is subject (Art. 6 letter c) under Italian Decree-Law No. 127/2021.

 

Data recipients

The personal data processed by the Data Controller are not disseminated, i.e. they are not disclosed to unidentified parties in any form, including making them available or publishing them for viewing. However, they may be communicated to workers employed by the Data Controller and to certain authorised external parties who collaborate with them and/or who are identified as Data Processors.

In particular, on the basis of the roles and tasks performed, the processing of personal data will be carried out by persons expressly instructed and authorised to carry out specific processing operations (such as Health and Safety Officers and visitors or goods receptionists).

They may also be communicated, to the competent bodies in the event of fulfilment of obligations connected with the regulations in force, as well as to the parties entitled to access them by virtue of provisions of the law, regulations and Community legislation such as, for example, law enforcement authorities and/or health personnel.

 

Data storage

The Data Controller keeps and processes personal data for the time necessary to fulfil the purposes specified. In particular, data released by declaration will be deleted two months after the end of the COVID-19 emergency phase.

Green Pass data are not retained but will be verified throughout the period of validity of the above-mentioned Decree-Law.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/16, the data subject can withdraw any consent given at any time. However, it should be noted that the processing of data provided by declaration is lawful and permitted even in the absence of consent.

 

Refusal to provide data

The data subject can refuse to give the Data Controller his or her personal data because the provision of data is optional. However, the refusal to provide data will make it impossible to enter the offices of CPL CONCORDIA Soc. Coop.

This Privacy Policy is provided to natural persons who access and consult the website of CPL CONCORDIA Soc. Coop.”, pursuant to Art. 13 of the GDPR 679/16 – “European Regulation on the Protection of Personal Data”.

 

Identity of the Data Controller

The Data Controller is the General Manager of:

“CPL CONCORDIA Soc Coop.” with headquarters in Via Grandi 39, Concordia Sulla Secchia, Modena.

 

Purposes of the processing

During normal operation, the computer systems and software procedures used for this website acquire some personal data whose transmission is implicit in the use of internet communication protocols.

This is information that is not collected to be associated with identified data subjects, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified.

This category of data includes IP addresses or domain names of the computers used by users connecting to the website, the addresses in the Uniform Resource Identifier (URI) notation of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters related to the operating system and the user’s computer environment.

These data are used for the sole purpose of obtaining anonymous statistical information on the use of the website and to verify its correct operation and are deleted immediately after processing.
The data could be used to ascertain responsibility in case of any computer crimes against the website.

 

Legal basis of the processing

The use of technical cookies involves processing carried out in the legitimate interest of the Data Controller. The use of analytical cookies is carried out with the consent of the data subject.

 

Data recipients

The Data Controller does not disclose any personal identification data or information to third parties, unless where strictly necessary to those who act as suppliers providing services relating to the management of the website and for the consequent management of the contractual relationship and related administrative obligations.

 

Data transfer

The Data Controller will not transfer personal data to third countries or to international organisations.

 

Data storage

The Data Controller keeps the data for the time necessary to obtain anonymous statistical information on the use of the website and to verify its correct operation. The data are deleted immediately after processing.

 

Rights of the data subject

With regard to Art. 15 – right of access, 16 – right of rectification, 17 – right of erasure, 18 – right to restriction of processing, 20 – right to portability, 22 – right to oppose automated decision-making processes of the GDPR 679/16, the data subject can exercise his or her rights by writing to the Data Controller at the address above or by e-mail, specifying the subject of the request, the right being exercised and attaching a copy of an identity document that attests to the legitimacy of the request.

The Data Controller points out in particular that any data subject may exercise the right to object in the form and manner provided for in Art. 21 of the GDPR 679/2016.

 

Withdrawal of consent

With regard to Art. 7 of the GDPR 679/16, the data subject can withdraw consent at any time.

 

Lodging a complaint

The data subject has the right to lodge a complaint with the supervisory authority in his or her country of residence.

 

Refusal to provide data

The data subject can refuse to give the Data Controller his or her browsing data.

To do this, cookies must be disabled by following the instructions of the browser being used.

Disabling cookies can make browsing and use of the website’s features difficult.

 

Automated decision-making processes

The Data Controller does not carry out automated decision-making processes.

 

Types of Cookies

Cookies are information saved by your browser when you visit a website or use a social network with your PC, smartphone or tablet.

Each cookie contains different data like, for example, the name of the server it came from, a numerical identifier, etc.

Cookies can remain in the system for the duration of a session (i.e. until the browser is closed) or for long periods, and may contain a unique identification code.

 

  • Technical cookies

Some cookies are used to perform authentication, to monitor sessions and to store specific information about users accessing a web page.

These so-called technical cookies are often useful because they can make browsing and use of the web faster, because they facilitate some procedures when you shop online, when you access restricted areas or when a website automatically recognises the language you usually use.

Particular types of cookie called analytics are then used by website managers to collect information in aggregate form on the number of users and how they visit the website, and then develop general statistics on the service and its use.

 

  • Profiling cookies 

Other cookies can instead be used to monitor and profile users while browsing, to study their movements and web browsing or consumption habits (what they buy, what they read, etc.), also for the purpose of sending advertising of targeted and personalised services (so-called Behavioural Advertising). These are profiling cookies.

Web pages may contain cookies from other websites and content in various elements embedded in the page itself, like banner ads, images, videos, etc. These are so-called third-party cookies, which are usually used for profiling purposes.

Given the particular invasiveness that profiling cookies (especially those of third parties) may have in the private sphere of users, European and Italian legislation state that the user must be adequately informed about their use and express consent to the saving of these cookies on their terminals.

 

Cookies used

The site www.cpl.it uses cookies to make website services simpler and more efficient for the user viewing the web pages. Users who access the website will have a very small amount of information saved on their devices, whether computers or mobile devices, in the form of small text files called “cookies” stored in the folders used by their browsers.
The cookies used by www.cpl.it make it possible to:

  • store browsing preferences;
  • avoid having to repeatedly enter the same information;
  • analyse the use of services and contents provided by the website to optimise the browsing experience.

The www.cpl.it website uses the following cookies:

 

Google Analytics

As for Google Analytics cookies, the information generated by the cookie about the use of the website is sent to Google Inc. and stored on its servers. Recipients of the data use this information for the purpose of producing reports on website activity intended for the Data Controller or parties appointed by it.

It is possible to refuse to provide browsing data by selecting the appropriate setting on the browser. In this respect, please see the information published on Google’s website https://www.google.it/intl/it/policies/privacy/ e alla componente aggiuntiva del browser per la disattivazione di Google Analytics https://tools.google.com/dlpage/gaoptout?hl=it ).

However, this choice could prevent you from using all the features of the website. On the contrary, by accepting the use of cookies as described above and continuing browsing, the user provides free and unconditional consent to the processing of personal data by the Committee and Google Inc. in the manner and for the purposes specified above.

From the moment the user clicks on the Facebook icons, he or she is directed to the respective websites and receives cookies from them that are not under the control of the Data Controller.

Finally, if the user visits this website after clicking a banner posted on another website, he or she must know that the manager of the advertising network has generated the cookies necessary to detect the throughput and the amount of any purchases made. The party responsible for the management of these cookies is the manager of the advertising network, whose information is normally available on its website.  

 

In particular, the website uses these cookies

Complianz

Functional

Usage

We use Complianz for cookie consent management.

Sharing data

This data is not shared with third parties. For more information, please read the Complianz Privacy Statement.

Functional

Name
cmplz_user_data
Expiration
365 days
Function
Read to determine which cookie banner to show
Name
cmplz_id
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_banner-status
Expiration
365 days
Function
Store if the cookie banner has been dismissed
Name
cmplz_consented_services
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_policy_id
Expiration
365 days
Function
Store accepted cookie policy ID
Name
cmplz_marketing
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_statistics
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_preferences
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_functional
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_saved_categories
Expiration
365 days
Function
Store cookie consent preferences
Name
cmplz_saved_services
Expiration
365 days
Function
Store cookie consent preferences

WPML

Functional

Usage

We use WPML for locale management.

Sharing data

This data is not shared with third parties.

Functional

Name
wp-wpml_current_language
Expiration
1 day
Function
Store language settings

WP Google Maps

Functional

Usage

We use WP Google Maps for maps display.

Sharing data

This data is not shared with third parties.

Functional

Name
wpgmza-api-consent-given
Expiration
1 year
Function
Store cookie consent preferences

Matomo

Functional

Usage

We use Matomo for website statistics.

Sharing data

This data is not shared with third parties.

Functional

Name
MATOMO_SESSID
Expiration
session
Function
Provide fraud prevention

Miscellaneous

Purpose pending investigation

Usage

Sharing data

Sharing of data is pending investigation

Purpose pending investigation

Name
AMP-CONSENT
Expiration
Function
Name
fbssls_1790642357853144
Expiration
Function
Name
continueReview
Expiration
Function
Name
complianz_policy_id
Expiration
365 days
Function
Name
complianz_consent_status
Expiration
365 days
Function
Name
ajs_anonymous_id
Expiration
Function
Name
pum-10865
Expiration
Function
Name
_pk_id.1.62b9
Expiration
Function
Name
_pk_ref.1.62b9
Expiration
Function
Name
mtm_cookie_consent
Expiration
Function
Name
_pk_id_1_62b9
Expiration
Function
Name
_pk_ref_1_62b9
Expiration
Function
Name
wp-autosave-1
Expiration
Function
Name
_gid
Expiration
Function

 

Change cookie consent

DPO details

 

Tel.: 0535.616.111
E-mail: dpo@cpl.it

Certifications and accreditations