This policy statement describes the methods of website management with respect to the processing of the personal data of users who consult it, together with practices for processing data transmitted through this site from persons concerned to the Data Controller.
This statement is made pursuant to Article 13 of Legislative Directive No. 196/2003 – the Code for the Protection of Personal Data – to those who interact with the web services of the company Contactlab, with offices at Via Natale Battaglia 12 – 20127 Milan (Italy), which can be accessed telematically through the web address staging.contactlab.com, the homepage of the Contactlab website.
The statement applies exclusively to the Contactlab website in question and not to other websites which users may access through links.
The “data controller”
Following a visit or voluntary registration with this website, data, including sensitive data or data which could reveal the health of identified or identifiable persons, may be processed. The “controller” of the data processing is Contactlab, Via Natale Battaglia 12 – 20127 Milan (Italy), email: firstname.lastname@example.org, Tax and VAT Code: 09480090159.
Persons and entities responsible for processing and places of data processing
Processing connected with the web services of this website takes place at the offices of the Data Controller as indicated above and on the server located at the INET server farm of the BT Italia Group located at Via Darwin 85, 20019 Settimo Milanese (Milan).
Data will be processed by Contactlab using its own personnel at its marketing, commercial, administration, system administration and programming departments, according to objectives to be established on the bases of requests from persons concerned. For the purposes of server housing, INET S.p.a., with offices at Via Darwin 85, in Settimo Milanese (Milan), has been appointed by Contactlab as the Entity Responsible for Processing. A list of other entities responsible for processing is available from the Data Controller and may be requested by email from: privacy@Contactlab.com.
Method of processing
Personal data is processed, including by automatic and electronic means, for the time necessary to achieve the purposes for which it has been collected.
Specific security measures have been implemented in order to prevent data loss, unlawful or improper uses and unauthorised access. These measures include the secure https protocol for some confidential parts of the website and its applications, and protection against unauthorised access to the servers and other processors.
Personal data provided by users who register or request information (reports, newsletters, responses to inquiries, etc.) is used solely for the purpose of performing the service or responding to enquiries and is forwarded to third parties who are not appointed by the Data Controller as persons or entities responsible for processing (subject to the consent of the person concerned) only in cases where necessary for such purposes.
Types of data processed
During their normal operation, the computer systems and software procedures used by this website acquire some personal data, the transmission of which is implicit in the use of internet communication protocols.
This is information which is not collected in order to be associated with particular persons, but which by its nature could, through processing and combination with data held by third parties, enable users to be identified.
This category includes: IP addresses and domain names of computers utilised by users to connect to the website, addresses of requested resources in URI (Uniform Resource Identifier) notation, the time the request was made, the method used to submit the request to the server, the size of the file obtained in response, the numeric code indicating the state of the response given by the server (successful conclusion, error, etc.) and other parameters relating to the user’s operating system and informatics environment.
This data is used solely to obtain anonymous statistical information on the use of the website and to verify that it is functioning correctly (see also the paragraph on Cookies). The data could be used by the competent authorities to ascertain responsibility in hypothetical cases of computer-related crime resulting in damage to the site.
Personal data provided voluntarily by the client may also be processed.
Cookies are the text files that are saved on your computer and which are read by our remote servers or the third-party servers which we use as part of our service. The use of permanent cookies or session cookies (which are not persistently stored on the user’s computer and vanish when the browser is closed) is strictly limited to managing the technical service provision as requested by users and to the transmission of session identifiers (based on random, server-generated numbers) which are necessary to enable secure and efficient exploration of the site and its applications.
The so-called ‘session cookies’ used in this website obviate any recourse to other IT techniques potentially prejudicial to the confidentiality of users’ browsing. and do not allow the acquisition of the personal identification details of users.
Where user consent is provided (and excepting those cookies which are strictly necessary for technical reasons, statistical gathering and data-aggregation purposes) this website makes use of some systems – cookies, beacons – that analyse user browsing to create visit statistics or improve the offer of content and may be used to set targeted advertising into web pages.
The systems used are IntelligenceFocus and Google Analytics, the latter a web analysis service provided by Google Inc. (“Google”). Like other systems, Google Analytics uses “cookies” which are text files that are stored in your computer to enable the website to analyse how users use the site. Information generated by the cookie on your use of the website (including your IP address) will be transmitted to and stored by Google servers in the United States. Google will use this information to trace and examine your use of the website, to compile reports on the activities of the website for the website operators and to provide other services related to the activities of the website and Internet use. Google may also transfer this information to third parties where required to do so by law or where such third parties process the information on behalf of Google. Google will not associate your IP address with any other data possessed by Google.
No other use is made of cookies for the transmission of information of a personal nature, nor will other persistent cookies or other user tracing systems be used. Note that you can set your browser software (e.g. Firefox, Internet Explorer, Safari, Chrome) so that it will not accept cookies, nor even technical ones, thereby activating so-called ‘anonymous navigation’. In this manner no information will be processed through these systems.
Optionality of the provision of data other than navigation data
Apart from what has been specified with respect to navigation data, users are free to provide the personal data indicated in application/registration forms (some by a separate, specific request for informed consent for any processing which requires it) or in any case indicated in contacts with Contactlab made to request informative material or other communications (such as management of personal contact requests for quotes or information on the services offered by Contactlab). The optional, explicit or voluntary sending of email to the addresses indicated on this site, or through registration or communication forms, entails the subsequent acquisition of the sender’s address, necessary for responses to requests, and of any other personal data contained in the messages.
Specific summary information and requests for consent will be progressively posted or displayed on the pages of the site dedicated to particular services (e.g. subscription to newsletters, registration, requests for services). Failure to provide consent could in some cases render the request unobtainable.
In cases whereby the user registers or subscribes to specific Contactlab services through social network plug-in technologies (e.g. LinkedIn), users consent to the communication of profile/account data from said social network to ContactLab, insofar as this is necessary for the management of the registration/subscription to the Contactlab service in question.
Rights of persons concerned
Those to whom the personal data refers have the right at any time to obtain confirmation of the existence or otherwise of such data, to be informed of its content and origin, to verify its accuracy or request that it be supplemented, updated or corrected (Article 7 of Legislative Decree No. 196/2003).
The said Article also provides that those concerned have the right to request that data processed in violation of law be deleted, transformed into anonymous form or frozen and in all cases to object to its processing on legitimate grounds.
All requests should be sent to the postal address of the Data Controller or by email to: email@example.com.