Cookie Policy

GET srl, responsible for this website, get-consulting.it, considers the protection of the personal data of its own and/or potential customers and users to be of paramount importance by ensuring that the processing of personal data, carried out by any means, whether automated or manual, takes place in full compliance with the protections and rights recognised by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data (hereinafter the “Regulation”) and on the free movement of such data and by the further applicable rules on the protection of personal data.

The term ‘personal data’ refers to the definition contained in Article 4(1) of the Regulation, i.e. ‘any information relating to an identified or identifiable natural person; an identifiable person is one who can be identified, directly or indirectly, by reference in particular to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to his or her physical, physiological, genetic, mental, economic, cultural or social identity’ (hereinafter ‘Personal Data’).

The Regulation provides that, before processing Personal Data – by which is meant, according to the relevant definition contained in Article 4(2) of the Regulation, “any operation or set of operations which is performed upon personal data or sets of personal data, whether or not by automatic means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use communication by transmission, dissemination or otherwise making available, comparison or interconnection, restriction, erasure or destruction” (hereinafter the “Processing”) – it is necessary that the person to whom such Personal Data belong, in this case you as the user/visitor (hereinafter the “User”) of this website (hereinafter the “Website”) is informed about the reasons why such data are required and how they will be used.

In this regard, the purpose of this document is to provide you, in a simple and intuitive manner, with all the useful and necessary information so that you can be informed in an informed manner about the use and processing of your Personal Data carried out by the Cookies as subsequently defined and used by this Website.

The extended information on the use of Cookies and similar technologies (the “Cookie Policy”), therefore, has been drafted on the basis of the principle of transparency and all the elements required by Article 13 of the Regulation and is divided into individual sections (hereinafter “Sections” and individually “Section”) each of which deals with a specific topic in order to make reading quicker, easier and easier for you to understand.

Cookies are text strings made up of portions of code sent by a web server (e.g. a website) to an Internet browser and installed inside it. In particular, they are small text files that Internet sites visited by users send to their terminals, where they are stored and then retransmitted to the same sites on subsequent visits. Almost all browsers are set up to allow cookies to be stored automatically on the User’s terminal.

Cookies are used for different and various purposes, have different peculiarities and can be used both by the Data Controller and by third parties who use or may use the following categories of cookies on the Website, also in combination with each other:

• Session or persistent cookies
  Cookies can expire at the end of a browser session (the period between the User opening a browser window and closing it) or they can be stored for a longer period of time.Session cookies are those that allow websites to link a user’s actions during a browser session.Session cookies expire when the browser session ends. Persistent Cookies are retained on a user’s device between browser sessions, for varying periods of time, and allow the user’s preferences or actions with respect to a website to be stored.
  
  
• Technical or profiling cookies
  Technical Cookies are those used by the owner of a site for the sole purpose of carrying out the transmission of a communication over an electronic communication network, or to the extent strictly necessary for the provider of an information society service explicitly requested by the subscriber or User to provide this service. Users’ prior consent is not required for the installation of such Cookies where they are used directly by the website operator. Profiling cookies are designed to create profiles of the User and are used in order to send advertising messages in line with the preferences expressed by the User when surfing the web. Because of the particular invasiveness that these cookies can have on the private sphere of Users, European and Italian legislation provides that the User must be adequately informed about their use, by means of a short information notice (banner) and an extended one on the website, and must express his or her express consent to them the first time he or she visits the website. This consent can be expressed in a general manner, by interacting with the short information banner on the landing page of the site, in the manner indicated in that banner. A record of this consent is kept on subsequent visits. However, the User always has the possibility of revoking all or part of the consent already expressed.
  
  
• First-party or third-party cookies
  A cookie is either a “first party cookie” or a “third party cookie” depending on the website or domain from which it originates.
  First party cookies are, in essence, cookies set and/or managed by the website owner. For these Cookies, the obligation to inform, obtain consent and/or allow the possible blocking of Cookies lies with the site owner. Third-party Cookies are Cookies set by a domain other than the one visited by the User. For these Cookies, the obligation to provide information and details on how to give consent and/or block the Cookies is the responsibility of the third party, while the site owner is only obliged to include the link to the third party’s site where such elements are available.

The Data Controller according to the relevant definition contained in Article 4 point 7) of the Regulation, “the natural or legal person, public authority, service or other body which alone or jointly with others determines the purposes and means of the processing of personal data” is: GET srl based in Corso Re Umberto, 8 10121 Turin with VAT number 11958910017 (hereinafter the “Data Controller”). You can contact the Data Controller by sending an email to the email address info@get-consulting.it to the kind attention of the Data Controller.

Furthermore, in order to facilitate the relationship between you, as the data subject, i.e. the ‘identified or identifiable natural person’ to whom the Personal Data refer pursuant to Article 4(1) of the Regulation (hereinafter the ‘Data Subject’) and the Data Controller, the Regulation has provided, in certain specific cases, for the appointment of a control and support figure who, among the various tasks entrusted to him/her, also acts as a point of contact with the Data Subject. In our case, the DPO (Data Protection Officer) coincides with the Data Controller.

The DPO, pursuant to and for the purposes of Article 39 of the Regulation, is called upon to perform, inter alia, the following activities

– informing and advising the Data Controller, the Joint Data Controllers, the Data Processor as well as the employees carrying out the Processing about the obligations arising from the Regulation as well as from other provisions of the European Union or of the Member States relating to the protection of Personal Data;

– monitor and supervise the observance of the Regulation, of the applicable Personal Data protection regulations as well as of the policies and procedures adopted by the Data Controller and the Processors

– provide feedback support to the Data Subject;

– cooperate with the Data Protection Authority or other competent supervisory authority.

As provided for in Article 38 of the Regulation, you may freely contact the DPO for all matters relating to the Processing of your Personal Data and/or should you wish to exercise your rights as provided for in Section I of this Policy, by sending a written communication to the e-mail address info@get-consulting.it

For what purposes will your personal data be processed and which cookies will be used?

This section contains information on the Cookies installed through the Website. In particular, the Data Controller uses Cookies of a technical and profiling nature. Cookies of a technical nature can be divided into the following subcategories:

– Browsing cookies, by means of which browsing preferences can be saved and the User’s browsing experience can be optimised;

– Analytics cookies, including third party cookies, by means of which statistical information is acquired regarding the User’s browsing patterns. This information is processed in aggregate and anonymous form;

– Functionality cookies, including third party cookies, used to enable specific functionalities of this Website and necessary to provide the service or improve it.

These Cookies, as specified in this Cookie Policy, being of a technical nature, do not require your prior consent to be installed and used and their use will be legally based on the legitimate interest of the Data Controller.

The profiling cookies used are for the purpose of profiling and communication for commercial purposes, in various forms of advertising, tailored to your interests and behaviour. Their use is subject to your consent, which is the legal basis for the processing.

Some of the services listed below based on the functionality offered to Users, centred on the use of third-party cookies, may not require your consent. These third parties may also – in addition to what is specified in this Cookie Policy and also without the knowledge of the Data Controller – carry out additional tracking activities on the User.

For detailed information on the subject, we recommend that you consult the respective privacy policies of the services listed, where you can receive all the information on the relative processing and deny your consent in this regard.

The services contained in this section allow the Data Controller to monitor and analyse traffic data and serve to keep track of the User’s behaviour.

Google Analytics is a web analysis service provided by Google Ireland Limited (“Google”). Google uses the Personal Data collected in order to track and examine the use of this Application, compile reports and share them with other services developed by Google.

Google may use the Personal Data to contextualise and personalise the advertisements of its advertising network.

Personal Data processed: Cookies and Usage Data.

Place of processing: Ireland – Privacy Policy – Opt Out.

In addition to what is set out in this Cookie Policy, you can manage your cookie preferences directly within your browser and prevent – for example – third parties from installing cookies. You can also use your browser preferences to delete cookies that you have installed in the past, including any cookies in which you have saved your consent to the installation of cookies by this Website. Please note that by disabling all Cookies, the operation of this Website may be impaired. You can find information on how to manage cookies in your browser at the following addresses: Google Chrome, Mozilla Firefox, Apple Safari and Microsoft Windows Edge.

In the case of services provided by third parties, you may also exercise your right to object to the tracking by informing yourself through the privacy policy of the third party, through the opt-out link if explicitly provided in this Cookie Policy or by navigating directly within the privacy policy of the third party.

Notwithstanding the foregoing, please note that you can also make use of the tools provided by Your Online Choices. Through this service you can manage your tracking preferences for most advertising tools. We recommend that you use this tool in addition to the other tools set out in this Cookie Policy.

Since the installation of Cookies and other tracking systems by third parties through the services used within this Website cannot be technically controlled by the Data Controller, any specific reference to Cookies and tracking systems installed by third parties is to be considered indicative only. For complete information, please consult the privacy policy of the third parties as indicated in this Cookie Policy.

Given the objective complexity of identifying cookie-based technologies and their very close integration with the operation of the web, we invite you to contact us using the contact channels set out in the Cookie Policy should you wish to receive any further information on the use of cookies and any use of cookies – for example by third parties – made through this Website.

One of the principles applicable to the Processing of your Personal Data relates to the limitation of the storage period, which is governed by Article 5(1)(e) of the Regulation, which states that “Personal Data shall be kept in a form which permits identification of Data Subjects for no longer than it is necessary for the purposes for which it is processed; Personal Data may be kept for longer periods provided that they are processed solely for archiving purposes in the public interest, for scientific or historical research or for statistical purposes in accordance with Article 89(1), subject to the implementation of appropriate technical and organisational measures required by this Regulation to protect the rights and freedoms of the Data Subject”.

In accordance with this principle, your Personal Data will be processed by the Controller only to the extent necessary for the fulfilment of the purpose set out in this Cookie Policy. In particular, your Personal Data will be kept for a period of time equal to the minimum necessary in accordance with Recital 39 of the Regulation, i.e. until you withdraw your consent where required.

As provided by the Regulation, if you have given your consent to the Processing of your Personal Data you may, at any time, withdraw it in whole and/or in part without affecting the lawfulness of the Processing based on the consent given before the withdrawal.

The procedures for revoking consent are very simple and intuitive, you just need to access the advertising preferences panel or contact the Data Controller.

As provided for in Article 15 of the Regulation, you will be able to access your Personal Data, request its rectification and updating if incomplete or erroneous, request its deletion if it was collected in violation of a law or regulation, and object to the Processing for legitimate and specific reasons.

In particular, we list below all your rights that you may exercise, at any time, vis-à-vis the Data Controller.

Right of access: you have the right, pursuant to Article 15(1) of the Regulation, to obtain from the Controller confirmation as to whether or not your Personal Data is being processed and, if so, to obtain access to such Personal Data and to the following information (a) the purposes of the Processing; (b) the categories of Personal Data concerned; (c) the Recipients or categories of Recipients to whom your Personal Data has been or will be disclosed, in particular if Recipients from third countries or international organisations; d) where possible, the expected period of retention of Personal Data or, if this is not possible, the criteria used to determine this period; e) the existence of the Data Subject’s right to request from the Data Controller the rectification or erasure of Personal Data or the restriction of the Processing of Personal Data concerning him/her or to object to the Processing of Personal Data f) the right to lodge a complaint with a supervisory authority; g) if the Personal Data are not collected from the Data Subject, all available information on their origin; h) the existence of an automated decision-making process, including profiling as referred to in Article 22(1) and (4) of the Regulation and, at least in such cases, meaningful information on the logic used, as well as the importance and the foreseen consequences of such Processing for the Data Subject.

All this information can be found in this Policy, which will always be available to you in the Privacy section of each of the Websites.

Right of rectification: you may obtain, pursuant to Article 16 of the Regulation, the rectification of your Personal Data that is inaccurate. Taking into account the purposes of the Processing, you may also obtain the integration of your Personal Data that are incomplete, including by providing a supplementary declaration.

Right to erasure: you may obtain, pursuant to Article 17(1) of the Regulation, the erasure of your Personal Data without undue delay and the Data Controller shall be obliged to erase your Personal Data if any of the following reasons apply (a) your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) you have withdrawn the consent on which the Processing of your Personal Data is based and there is no other legal basis for its Processing; c) you have objected to the Processing in accordance with Article 21(1) or (2) of the Regulation and there is no longer any overriding legitimate ground for the Processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data in order to comply with a legal obligation under Community or national law.

In some cases, as provided for in Article 17(3) of the Regulation, the Data Controller is entitled not to delete your Personal Data if the Processing of your Personal Data is necessary, for example, for the exercise of the right to freedom of expression and information, for the fulfilment of a legal obligation, for reasons of public interest, for archiving in the public interest, for scientific or historical research or statistical purposes, for the establishment, exercise or defence of legal claims.

Right to restriction of processing: you may obtain the restriction of the Processing, pursuant to Article 18 of the Regulation, in the event that one of the following cases occurs (a) you have contested the accuracy of your Personal Data (the restriction will last for the period necessary for the Data Controller to verify the accuracy of such Personal Data); (b) the Processing is unlawful but you have objected to the deletion of your Personal Data, requesting instead that its use be restricted c) although the Data Controller no longer needs your Personal Data for the purposes of the Processing, your Personal Data is needed for the establishment, exercise or defence of legal claims; d) you have objected to the Processing pursuant to Article 21(1) of the Regulation and are awaiting verification as to whether the Data Controller’s legitimate reasons prevail over yours.

In the event of a restriction on Processing, your Personal Data will be processed, except for storage, only with your consent or for the establishment, exercise or defence of a right in court or to protect the rights of another natural or legal person or for reasons of substantial public interest.

Right to data portability: you may, at any time, request and receive, pursuant to Article 20(1) of the Regulation, all of your Personal Data processed by the Data Controller and/or the Joint Data Controllers in a structured, commonly used and readable format or request its transmission to another data controller without being required to provide us with the exact details of the new data controller to whom you intend to transfer your Personal Data by providing us with written authorisation.

Right to object: pursuant to Article 21 of the Regulation, you may object, at any time, to the Processing of your Personal Data if a) your Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; b) you have withdrawn the consent on which the Processing of your Personal Data is based and there is no other legal basis for the Processing; c) you have objected to the Processing in accordance with Article 21(1) or (2) of the Regulation and there is no longer any overriding legitimate ground for the Processing of your Personal Data; d) your Personal Data has been processed unlawfully; e) it is necessary to delete your Personal Data in order to comply with a legal obligation under Community or national law.

In some cases, as provided for in Article 17(3) of the Regulation, the Data Controller is entitled not to delete your Personal Data if the processing of your Personal Data is necessary, for example, to exercise your right to freedom of expression and information, to comply with a legal obligation, for reasons of public interest, for archiving in the public interest, for scientific or historical research or statistical purposes, for the establishment, exercise or defence of legal claims.

To exercise all your rights as identified above, simply contact the Data Controller in the manner indicated above in this Policy.

In addition, you have the right to lodge a complaint with the supervisory authority: without prejudice to your right to appeal to any other administrative or judicial body, if you consider that the Processing of your Personal Data carried out by the Data Controller and/or the Data Processors is in breach of the Regulation and/or the applicable legislation, you may lodge a complaint with the Italian Data Protection Authority or any other competent supervisory authority.