caricamento...
caricamento...
COOKIE POLICY
COOPSELIOS Cooperativa Sociale S.C., (Fiscal code and VAT n.: 01164310359) (hereinafter referred to as “COOPSELIOS”), in the person of its legal representative pro tempore, with registered office in Reggio Emilia (RE), via A. Gramsci, 54/S, and PROGETTARE ZEROSEI S.r.l. (Fiscal code and VAT n.: 02001330352) (hereinafter “P06”), in the person of its legal representative pro tempore, with registered office in Reggio Emilia (RE), via A. Gramsci, 54/V, in their capacity as co-owners/joint controllers of the processing pursuant to art. 4 n. 7) and 26 of EU Regulation n. 2016/679 (GDPR), illustrate below the cookie policy (Policy) referring to this website (Site).
Hereinafter, COOPSELIOS and P06 may only be jointly referred to as “co-owners”.
1. Legal framework.
1.1. The Policy is based on the following EU and/or national (first and/or second level) regulatory provisions or measures: (i) Directive n. 2002/58/EC of 12.7.2012 (so-called ePrivacy Directive), as amended by Directive n. 2009/136/EC; (ii) art. 122 of the new Legislative Decree n. 196/2003 (Privacy Code), which has implemented, within the national legal system, ePrivacy Directive; (iii) GDPR: articles 4 n. 11), 7, 12, 13, 25 and 95 (in addition, in particular, to Recitals n. 30, 32 and 173); (iv) Guidelines n. 5/2020 adopted on 4.5.2020 by the EDPB, replacing the Guidelines of 10.4.2018 signed by WP Art. 29; (v) Measure n. 231 of 10.6.2021 [web doc. n. 9677876] signed by Italian Data Protection Authority (Privacy Guarantor); (vi) Recommendation n. 2/2001 of the WP Art. 29; (vii) Opinion n. 2/2010 of the WP Art. 29; (viii) Opinion n. 4/2012 of the WP Art. 29; (ix) Guidelines n. 8/2020 of the EDPB; (x) Measures n. 224 of 9.6.2022 [doc. web n. 9782890], n. 243 of 7.7.2022 [doc. web n. 9806053] e n. 254 of 21.7.2022 [doc. web n. 9808698] signed by Privacy Guarantor.
2. Cookies and other tracking tools: definition and classification.
2.1. The “cookies” are, as a rule, strings of text that a website (“publisher” or “first party”) visited by the user or a different website (“third party”) places and stores, directly (in the case of the first party website) or indirectly (through the latter, in the case of the third party website), in a terminal device available to the user: in this regard, the Privacy Guarantor has specified the fact that the information, encoded in cookies, may include both personal data under art. 4 n. 1) of the GDPR (e.g. IP address; user name; email address; unique identifier) and non-personal data pursuant to art. 3 n. 1) of EU Regulation n. 1807/2018 (e.g. language; type of device used).
Alongside (or in addition to) them, ‘other tracking tools‘ may exist (and therefore be used), which can be divided into ‘active’ (which have almost the same characteristics as cookies) and ‘passive’ (e.g., finger printing).
2.2. In addition to the above-mentioned intrinsic features, cookies (and other tracking tools) may have different characteristics in terms of time (and thus be considered “session” or “permanent”, depending on their duration), subjectively (depending on whether the publisher acts autonomously or on behalf of a “third party”) and, finally (but especially), depending on the purpose of the processing pursued, so that they can be divided into two different (big) categories:
In this regard, the Privacy Guarantor has highlighted, in Measure n. 231 of 10.6.2021 (in line with the previous provision on the subject of 2014), that the “analytics cookies” may well be included within the scope of cookies (or other tracking tools) of a “technical” nature (and, therefore, can be used without the prior acquisition of consent from the person concerned), under certain conditions, aimed at precluding the possibility that it comes, through their use, the direct identification of the person concerned (single out).
3. Cookies installed on the Site.
3.1. Within the Site, the following types of cookies have been installed (or may be installed, subject to obtaining the specific consent of the user):
|
Name |
Type |
Purpose |
Supplier |
Deadline |
|
_FBP |
Marketing/Tracking |
Used by Facebook to provide a range of advertising products, such as real-time offers from third-party advertisers. |
Part Three (facebook) |
6/2022 |
|
TR |
Marketing |
Used by Facebook to provide a range of advertising products such as real-time offers from third-party advertisers. |
Part Three (facebook) |
Session |
|
FR |
Marketing/Targeting |
Used to provide a serving or retargeting. |
Part Three (facebook) |
12/2022 |
|
WP_WPML_CURRENT_LANGUAGE |
Technician |
Stores user language settings. |
Part One |
Session |
|
DATR |
Technician/Analytical |
It is used by Facebook to check whether the user is accessing Facebook from different devices. |
Part Three (facebook) |
3/2024 |
|
USIDA |
Analytical/marketing |
It enables behavioural advertising and analysis by Facebook. |
Part Three (facebook) |
Session |
|
LI_MC |
Technician/Analytical |
Used as a temporary cache to avoid searches of the user’s content in the database for non-essential cookies, and used to obtain information on the user’s consent in order to enforce that consent. |
Part Three (linkedin) |
3/2024 |
|
AMCV_14215E3D5995C57C0A495C55%40AdobeOrg |
Analytical |
Unique identifier for Adobe Experience Cloud. |
Part Three (linkedin) |
9/2022 |
|
LMS_ADS |
Analytical/marketing |
Used to identify LinkedIn users in designated countries for advertising purposes. |
Part Three (linkedin) |
4/2022 |
|
ANALYTICSSYNCHISTORY |
Technician/Analytical |
Used to store information about the time a synchronisation took place with the lms_analytics cookie for users in designated countries. |
Part Three (linkedin) |
4/2022 |
|
LANG |
Technician |
Used to remember the user’s language settings and ensure that LinkedIn.com pages are displayed in the language selected by the user in personal settings. |
Part Three (linkedin) |
Session |
|
LIAP |
Technician |
Used to indicate the access status of the user. |
Part Three (linkedin) |
3/2023 |
|
_GCL_AU |
Analytical |
Used through Google Analytics to understand user interactions with the site and advertising. |
Part Three (linkedin) |
6/2022 |
|
LI_GC |
Technician |
Used to store the consent of guests in connection with the use of cookies for non-essential purposes. |
Part Three (linkedin) |
5/2023 |
|
LMS_ANALYTICS |
Analytical |
Used to identify LinkedIn users in designated countries for analysis purposes. |
Part Three (linkedin) |
4/2022 |
|
AAM_UUID |
Analytical |
Set to synchronise the ID for Adobe Audience Manager. |
Part Three (linkedin) |
4/2022 |
|
S_TSLV |
Technician |
Used to store and retrieve the elapsed time since the last visit in Adobe Analytics. |
Part Three (linkedin) |
8/2022 |
|
LIDC |
Technician |
To optimise data centre selection. |
Part Three (linkedin) |
3/2022 |
|
BCOOKIE BSCOOKIE |
Analytical |
Browser ID cookie to uniquely identify the devices on which LinkedIn is accessed in order to detect abuse on the platform. |
Part Three (linkedin) |
3/2024 3/2024 |
|
USERMATCHHISTORY |
Analytical |
Used to synchronise LinkedIn ad IDs. |
Part Three (linkedin) |
4/2022 |
|
SDSC |
Technician |
Access data service context cookie, used for database redirection to ensure consistency across all databases when a change is made. Used to ensure that the content entered by the user is immediately available to the user upon submission. |
Part Three (linkedin) |
Session |
|
GPV_PN |
Technician |
Used to store and retrieve the last page visited in Adobe Analytics. |
Part Three (linkedin) |
8/2022 |
|
_CLSK |
Technician |
It links several page views by a user into a single session record. |
Part Three (cookiebot) |
3/2022 |
|
_GUID |
Analytical |
Used to identify a LinkedIn user for advertising purposes through Google Ads. |
Part Three (linkedin) |
5/2022 |
|
_UETVID _UETSID |
Technician/analytical |
It stores and monitors visits through websites. |
Part Three (cookiebot) |
4/2023 3/2022 |
|
_CLCK |
Analytical |
It collects the user’s unique ID. |
Part Three (cookiebot) |
3/2023 |
|
COOKIECONSENT |
Technician |
It collects the consent given by the user. |
Part One |
9/2023 |
|
WD |
Technician |
It offers an optimal experience according to the screen of the user’s device. |
Part Three (facebook) |
4/2022 |
|
_SECURE-3PISIDCC _SECURE-1PSID _SECURE-3PSID _SECURE-3PAPISID _SECURE-1PAPISID |
Technician |
Cookie needed to use the website options and services. |
Part Three (google) |
3/2023 2/2024 2/2024 2/2024 2/2024 |
|
SID SIDCC SAPISID APISID SSID |
Technician |
Cookie needed to use the site options and services. |
Part Three (google) |
2/2024 2/2024 2/2024 2/2024 |
|
HSID |
Technician |
Avoid fraudulent behaviour. |
Part Three (google) |
2/2024 |
|
YT-PLAYER-HEADERS-READABLE YT-PLAYER-BANDWIDTH |
Technician |
Determines the optimal video quality according to the user. |
Part Three (youtube) |
Persistent Persistent |
|
VISITOR_INFO1_LIVE |
Technician |
It tries to estimate the bandwidth of users on pages with embedded YouTube videos. |
Part Three (youtube) |
9/2024 |
|
RC::A RC::B RC::C RC::D-15 RC::F |
Technician |
Used to distinguish between humans and robots. |
Part Three (google) |
Persistent Session Session Persistent Persistente |
|
CONSENT |
Technician |
Used to detect whether the visitor has accepted the marketing category in the cookie banner. |
Part Three (youtube) |
9/2024 |
|
_GRECAPTCHA |
Technician |
Used to distinguish between humans and robots. |
Part One Third part (google) |
Persistent 5/2023 |
|
YSC |
Analytical |
It records a unique ID for statistics related to which YouTube videos have been viewed by the user. |
Part Three (youtube) |
Session |
|
YT.INNERTUBE::NEXTID YT.INNERTUBE::REQUESTS YTIDB::LAST_RESULT_ENTRY_KEY _SECURE-YEC |
Analytical |
Stores the user’s video player preferences using the embedded YouTube video. |
Part Three (youtube) |
Persistent Persistent Persistent 10/2024 |
|
_GA |
Analytical |
Registers a unique ID used to generate statistical data on how the visitor uses the website. |
Part One |
9/2024 |
|
IN_OR |
Analytical |
Records statistical data on user behavior on the website. |
Part One |
1 day |
|
LAST_RESULT_ENTRY_KEY |
Analytical |
Used to track user interaction with embedded content. |
Part Three (youtube) |
Session |
|
LI_SUGR |
Analytical |
Collects data on user behavior and interaction, to optimize the site and make the advertising shown more relevant. |
Part Three (linkedin) |
12 months |
|
NEXTLD REQUESTS TESTCOOKIESENABLED YTBLDMETA#DATABASES |
Analytical |
Used to track user interaction with embedded content. |
Part Three |
Session Session 1 day Persistent |
|
SERVICEWORKERLOGSDATABASE |
Technician |
Necessary for the implementation and functionality of YouTube video content on the site. |
Part Three (youtube) |
Persistent |
|
_UETVID _UETSID |
Analytical |
Stores and combines user views of a site page into a single session record. |
Part Three (cookiebot) |
10/2024 9/2023 |
|
_GID |
Analytical |
Registers a unique ID used to generate statistical data on how the visitor uses the site. |
Part Three (cookiebot) |
9/2023 |
|
OTZ |
Technician |
Cookie used to track information about site traffic. |
Part Three (google) |
9/2023 |
|
NID |
Technician |
Cookie used to guarantee the functioning of the re-captcha code inserted in the contact page. |
Part Three (google) |
3/2024 |
|
SOCS |
Technician |
Stores the user’s cookie consent status for the current domain. |
Part Three (google) |
9/2024 |
|
AEC |
Technician |
Cookie used to ensure that requests within a browsing session are made by the user. |
Part Three (google) |
11/2023 |
|
_GAC |
Technician |
Store and track the reach of your site’s visitor audience. |
Part Three (cookiebot) |
3/2024 |
4. Browser settings.
4.1. Co-owners highlight the possibility for the user to delete and block the operation of the cookies described in article 3 above at any time by using the specific setting features of the browser used: in this respect, co-owners add that, if the user decides to disable the technical cookies referred to in article 2.2. point i), the quality and speed of the services and functionalities offered and made available by the Site may deteriorate.
You can find information on how to manage cookies with some of the most popular browsers by visiting the following web pages:
https://support.google.com/chrome/answer/95647?hl=it
https://support.mozilla.org/it/kb/Gestione%20dei%20cookie?redirectlocale=enUS&redirectslug=Cookies
https://support.microsoft.com/it-it/help/17442
https://support.apple.com/it-it/guide/safari/sfri11471/mac
https://support.apple.com/it-it/HT201265
https://help.opera.com/en/latest/security-and-privacy/#clearBrowsingData
In addition, co-owners indicate, below, the main web pages of the third parties described in Article 3 above:
5. Data subject’s rights.
5.1. In relation to the user’s personal data, co-owners inform that the relevant data subject pursuant to art. 4 n. 1) of the GDPR has the right to exercise the following rights which may be subject to the limitations provided for in art. 2 undecies and 2 duodecies of Privacy Code: right of access pursuant to art. 15 of the GDPR: right to obtain confirmation as to whether or not personal data concerning the data subject are being processed, as well as the information referred in art. 15 of the GDPR (e.g. purpose of processing, storage period); right to rectification under art. 16 of the GDPR: right to correct, update or supplement personal data; right to erasure under art. 17 of the GDPR: right to obtain erasure or destruction or anonymisation of personal data, where, however, the conditions listed in the same article apply; right to restriction of processing under art. 18 of the GDPR: right to obtain the restriction of the processing of personal data in the cases governed by art. 18 of the GDPR; right to data portability under art. 20 of the GDPR: right to obtain the personal data provided to co-owners in a structured, commonly used and machine-readable format (and, where required, to transmit them directly to another Data Controller), where the specific conditions set out in that article are met (e.g. legal basis of consent and/or execution of a contract; personal data provided by the data subject); right to object under art. 21 of the GDPR: right to obtain the cessation, on a permanent basis, of a specific processing of personal data; right to lodge a complaint with the Privacy Guarantor under art. 77 of the GDPR: right to lodge a complaint where it is considered that the processing under analysis violates national and EU legislation on the protection of personal data.
5.2. In addition to the rights described in art. 5.1. above), co-owners specifie that, in relation to the personal data of the data subject, there is, where possible and conferring, the right to exercise, on the one hand, the (sub)right provided for art. 19 of the GDPR (“The controller shall communicate to each of the recipients to whom the personal data have been transmitted any rectification or erasure or restriction of processing carried out pursuant to article 16, article 17(1) and article 18, unless this proves impossible or involves a disproportionate effort. The data controller shall inform the data subject of such recipients if the data subject so requests”), to be considered connected and related to the exercise of one or more of the rights regulated in articles 16, 17 and 18 of the GDPR; on the other hand, co-owners specify that, in relation to the personal data of the data subject, there is, where possible and conferring, the right to exercise the right provided for in art. 22(1) of the GDPR (“The data subject shall have the right not to be subject to a decision which is based solely on automated processing, including profiling, and which produces legal effects concerning him or her or significantly affects him or her in a similar way”), subject to the exceptions provided for in paragraph 2 below.)
5.3. Pursuant to article 12 paragraph 1) of the GDPR, co-owners undertake to provide the User with the communications referred in art. from 15 to 22 and 34 of the GDPR in a concise, transparent, intelligible, easily accessible and plain language form: such information shall be provided in writing or by other electronic means, or, at the User’s request, orally provided that the User’s identity is proven by other means.
5.4. In accordance with article 12 paragraph 3) of the GDPR, co-owners inform you that it undertakes to provide you with information regarding the action taken in respect of a request pursuant to art. from 15 to 22 of the GDPR without undue delay and, in any event, at the latest within one month of receipt of such request; this period may be extended by n. 2 months if necessary, taking into account the complexity and number of requests (in this case, the Controller undertakes to inform the user of such extension and the reasons for the delay, within one month of receipt of the request).
5.5. The user may exercise the above-described rights at any time (except for the right under Art. 77 of the GDPR) by using the contact details set out in art. 6.
6. Contact details.
6.1. COOPSELIOS can be contacted at the following address: presidenza@coopselios.com; P06 can be contacted at the following address: info@progettarezerosei.it
6.2. The Data Protection Officer (DPO) pursuant to art. 37 of GDPR, appointed by COOPSELIOS, can be contacted at the following address: privacydpocoopselios@baldiandpartners.it; the Data Protection Officer (DPO) pursuant to art. 37 of GDPR, appointed by P06, can be contacted at the following address: privacydpoprogettarezerosei@baldiandpartners.it.
Reggio Emilia (RE), 7.9.2023 (date of last update).
COOPSELIOS Cooperativa Sociale S.C. and PROGETTARE ZEROSEI S.r.l.
(in the person of their legal representative pro tempore)
[1] See Recital (30) of the GDPR (“Natural persons may be associated with online identifiers produced by the devices, applications, tools and protocols used, such as IP addresses, temporary markers (cookies) or other identifiers, such as radio frequency identification tags. Such identifiers may leave traces which, when combined with unique identifiers and other information received by the servers, can be used to create profiles of natural persons and identify them”), and Article 122(1) and (2) of the Privacy Code (“1. The storage of information in the terminal equipment of a contractor or user or access to information already stored is permitted only on condition that the contractor or user has given his consent after having been informed in a simplified manner. This shall not prevent any technical storage or access to information already stored if the sole purpose is the transmission of a communication over an electronic communications network or to the extent strictly necessary for the provider of an information society service explicitly requested by the contracting party or user to provide such a service. For the purposes of determining the simplified modalities referred to in the first sentence, the Guarantor shall also take into account the proposals put forward by the most representative associations at national level of the consumers and economic categories involved, also with a view to guaranteeing the use of methodologies ensuring the effective awareness of the contracting party or user. For the purposes of expressing the consent referred to in paragraph 1, specific configurations of computer programmes or devices may be used which are easy and clear for the contracting party or the user to use…”); see, also, p. 15) of Measure n. 231 of 10.6.2021 signed by the Privacy Guarantor: “…there is not yet, to date, a universally accepted system of semantic coding of cookies and other tracking tools that allows you to objectively distinguish, for example, the technical ones from the analitycs or from those of profiling, if not based on the information made by the owner in the privacy policy […] the hope that you come quickly to a general coding”.
[2] Cookies designed to collect and store data while a user accesses a website and disappear once the user closes the relevant browsing session.
[3] Cookies that are designed to last for a fixed period (e.g., minutes; months; years).
[4] Analytical cookies are usually used to assess the effectiveness of an information society service provided by a publisher, for the design of a website or to help measure traffic (i.e., the number of visitors, including possibly broken down by geographic area, time of connection).
[5] See Provision n. 231 of 10.6.2021 signed by the Privacy Guarantor, p. 13/14: “The structure of the analytics cookie must then provide for the possibility that the same is referable not only to one, but to several devices, so as to create a reasonable uncertainty about the identity of the person who receives it. As a rule, this effect is achieved by masking appropriate portions of the IP address in the cookie. Taking into account the representation of IP addresses version 4 (IPv4) at 32 bits, which are usually represented and used as a sequence of four decimal numbers between 0 and 255 separated by a point, one of the measures that can be implemented in order to benefit from the exemption consists in masking at least the fourth component of the address, an option that introduces an uncertainty in the attribution of the cookie to a specific person equal to 1/256 (about 0.4%). Similar procedures should be adopted with reference to IP addresses version 6 (IPv6), which have a different structure and a much larger address space (being made up of binary numbers represented with 128 bits). The Guarantor also stresses the need for the use of analytics cookies to be limited solely to the production of aggregate statistics and that they be used in relation to a single site or a single mobile application, so as not to allow tracking of the navigation of the person using different applications or browsing different websites. Therefore, it is understood that third parties providing the web measurement service to the Publisher shall not combine the data, even if minimized in this manner, with other processing (customer files or statistics on visits to other websites, for example) or pass them on to other third parties, otherwise the risk of user identification would be unacceptably high, unless the production of statistics carried out by them with the minimized data involves several domains, websites or apps attributable to the same Publisher or business group. However, even in the absence of the adoption of the prescribed minimization measures, it is possible to consider lawful the use of statistical analyses relating to multiple domains, websites or apps attributable to the same owner, provided that the owner performs the statistical processing himself, without such analyses resulting in an activity which, going beyond the boundaries of a mere statistical count, actually takes on the characteristics of a processing aimed at making commercial decisions”.
