This document contains the following information:
1. What are cookies
1.1. Technical cookies
2. Third-party Cookies
3. Privacy and Safety on cookies
4. Other threats based on cookies
5. How to disable cookies
6. Cookies on the website http://www.investinlombardy.com
1. What are cookies
Cookies are small text files that the websites visited by the user send to the device (usually to the browser), they are stored in the corresponding folder of the browser while the user is busy visiting a website, and are passed on to these websites at subsequent visits. They are used in order to improve browsing, (the http protocol is stateless and cannot "remember" the authenticated user visiting the pages), safe user preferences already entered (username, password, etc.), track the user’s tastes and preferences allowing to manage the presence or absence of targeted marketing initiatives or provide services related to the activity of the Holder as newsletters, dem(direct email marketing), etc.
If their use is limited, this will surely affect the user's status during the consultation. Blocking or removing them from the browser cache, could result in an incomplete use of the services offered by the web application. For the purposes of interest, it is possible to divide the cookies in two categories: technical cookies and profiling ones.
The profiling cookies - as required by the 229/2014 provision by the Authority for the protection of personal data – aim at creating profiles relative to the user and are used to send advertising messages in line with the user’s preferences expressed while surfing the net.
1.1. Technical cookies
Technical cookies are used for the sole purpose of “performing the transmission of a communication over an electronic communications network, or as strictly necessary to the service provider of an information company explicitly requested by the subscriber or user to provide this service" (cfr. art. 122, paragraph 1, of the Code on the processing of personal data). Persistent cookies and session cookies are included among the cookies in this category.Session cookies are temporary cookies; they operate on the machine for a time limited to the duration of the user's session. When the browser is closed, the session cookies expire. These are generally used to identify users when they log onto a site, to remind the users of their preferences when moving among the pages of the site, to provide specific information collected previously.
The most common example of this feature is represented by the cart of an e-commerce site. For example, when visiting a page of a catalogue and selecting some items, the session cookie remembers the selection so that the items continue to be selected in a virtual shopping cart when ready for the checkout operation. Without the session cookie, if the user clicks on checkout, the new page could not recognise the activities gone by in the previous pages and the cart would still be empty.Persistent cookies, on the other hand, help websites remember the data and user settings for future consultations. This allows a faster and more convenient access in terms of time since it is not necessary to login again. Persistent cookies remain active even after the browser is closed.
In addition to authentication, other website features are made possible and include: the language selection, the theme selection, menu preferences, bookmarks or favourites, and many more. During the visit, the user selects their preferences and they will be remembered by using persistent Cookies during the next visit.
2. Third party cookies
The so-called third party cookies are cookies set by a different website than the one the user is browsing. They are used, for example, by the site that the visitor chose first and that contains ads from another server or third-party website. Operationally, the browser collects information provided by different sources so that all elements are displayed on the same page, creating more Cookies in the corresponding browser folder.
All these cookies can be removed directly from the browser settings, or through special and also free programs or their creation can be blocked. In the latter case, some services of the website could not work as planned and it could not be possible to access or even, not having the associated Cookie, lose the user preferences, so the information is displayed in the wrong local form or could not be available.
3. Privacy and safety on cookies
It is good to point out that the cookies are not viruses, they are just text files that are not interpreted by the browser or run on memory. As a result, they cannot duplicate, spread to other networks to be duplicated again. As they cannot perform these functions, they are not considered as viruses based on the standard definition. Nevertheless, cookies may be used for potentially malicious purposes, all the same.Since that thanks to them preference information are stored, as well as the history of a user's actions, the specific browsing among many websites, cookies can, indeed, be used to act as a dispyware form. Many anti-spyware products are aware of this issue and, routinely, report reporting cookies as possible threats.
4. Other threats based on cookies
5. How to disable cookies
Most browsers accept cookies automatically, but it is anyhow possible to choose not to accept them. It is advisable not to disable them, as this could prevent moving from one page to another and using all the site’s specific functions. If you do not want your computer to receive and store cookies, it is possible to change your browser's safety settings (Internet Explorer, Google Chrome, Safari etc.). In any case, it is précised that certain parts of the Site can be used fully only if the browser accepts cookies; on the contrary, for example, it may not be possible to complete operations like paying for an online service. Consequently, the choice of removing and not accepting cookies could affect your site visit and its enjoyment negatively.
In any case, if you want to change the settings of the cookies, hereunder are short instructions on how to carry out this operation for the four most popular browsers:
INFORMATION ON THE PROCESSING OF PERSONAL DATA Information pursuant to Article 13 of the Regulation (EU) 2016/679 (hereinafter referred to as "GDPR"), regarding the processing of the users’ personal data of the website www.investinlombardy.com (hereinafter referred to as “Site”). Data Controller The data controller is Agenzia italiana per l’internazionalizzazione – Promos Italia S.c.r.l., with registered office in via Meravigli 9/b, 20123 Milano (IT), VAT number IT10322390963, certified email address email@example.com. Data protection officer The data controller has designated the Data Protection Officer in accordance with art. 37 of the GDPR. Contact: firstname.lastname@example.org. Purposes and legal basis for the processing The personal data provided or collected while browsing the website are processed for the following purposes: a) guarantee the correct technical functioning and navigability of the website; b) manage requests sent to the e-mail addresses available on the website; c) prior consent, to send information and promotional communications via e-mail to users who subscribe to the newsletter; d) prior consent, to use third-party analytical cookies. Type of processed data Navigation data: the computer systems and software procedures used to operate this site acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This category of data includes IP addresses or domain names of computers and terminals used by users, the URI / URL (Uniform Resource Identifier / Locator) addresses of the requested resources, the time of the request, the method used in the submit the request to the server, the size of the file obtained in response, the numeric code indicating the status of the response given by the server (success, error, etc.) and other parameters relating to the operating system and the user's IT environment. These data, necessary for the use of web services, are also processed for the purpose of: • obtain statistical information on the use of services (most visited pages, number of visitors by time or day, geographical areas of origin, etc.); • check the correct functioning of the services offered. Data communicated by the user: the optional, explicit and voluntary sending of messages to the contact addresses as well as the completion and forwarding of the forms available on the Site, entail the acquisition of the sender's contact data, which are necessary to reply, as well as all personal data included in the communications. Cookies and other tracking systems: read the information on cookies. Providing data The provision of data for the purposes referred to in point 2: • a), it is necessary for browsing the Site and cannot be optional; • b), it is necessary for the management of requests sent, otherwise, it is impossible to respond to received requests; • c), it is mandatory only for fields marked with "*", otherwise, it is impossible to proceed with the registration to the newsletter; • d), it is optional, but failure to provide or consent could limit the functionality of some components of the Site. Recipients of the data Personal data are processed by personnel authorized from the owner. Browsing and registration data can be processed by external subjects in charge of managing the Site and IT systems. The data could be communicated to the judicial authority at its request for any investigation needs in case of offenses. The data may also be communicated to the Lombardy Region and Unioncamere Lombardia, as project partners. Storage period Browsing data do not persist beyond the end of the browsing session. The data processed with the consent of the interested party will be kept until revocation of the same consent to processing, which can be expressed at any time. In the case of particular legal obligations, the processing of information will continue in accordance with current legislation. Rights of the interested party and forms of protection The exercise of the rights is guaranteed to the interested party, which is recognized by articles 12 and following of the GDPR. In particular, he/she is recognized the right to: - access his/her personal data; - request the correction of inaccurate personal data; - request the deletion of personal data; - obtain the limitation of the treatment; - oppose the treatment; - ask for the portability of personal data; - withdraw consent to the treatment, without prejudice to the lawfulness of the treatments already performed; - propose a report to the Guarantor Authority for the protection of personal data, according to the methods provided by the Authority itself. For the exercise of the aforementioned rights, the interested party can contact the owner, through the contacts above mentioned.