Privacy & Cookie Policy

1. Introduction

Last Updated: February 27, 2025

Thank you for visiting cismeitaly.com ("Website"). We respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we process your data when you visit or use our Website, in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Who We Are

2.1 Data Controller & Data Protection Officer

CISME Italy SRL ("we," "us," "our") is both the Data Controller and the Data Protection Officer. We are responsible for determining the purposes and means of processing your personal data when you visit or use the Website.

2.2 Contact Information

• Company Name: CISME Italy SRL
• Postal Address: Via Giuseppe Marcora, 7, 20121 Milano (MI), Italy
• Email: [email protected]

If you have any questions or concerns regarding this Privacy Policy or your personal data, please use the above contact details.

3. Personal Data We Collect

3.1 Usage Data: Information about how you interact with our Website (e.g., pages visited, links clicked, the time and duration of visits).

3.2 Device Information: IP address, browser type, operating system, and other technical data.

3.3 Contact Information: If you choose to reach out to us (e.g., by email or contact form), we may collect your name, email address, phone number, or other information you provide.

4. Legal Basis for Processing

We only process your personal data if at least one of the following legal bases under the GDPR applies:

4.1 Consent (Article 6(1)(a) GDPR): Where you have provided clear and affirmative consent for us to process your personal data.

4.2 Contractual Necessity (Article 6(1)(b) GDPR): Where processing is necessary for the performance of a contract with you or to take steps at your request prior to entering into a contract.

4.3 Legal Obligation (Article 6(1)(c) GDPR): Where processing is required under applicable laws.

4.4 Legitimate Interests (Article 6(1)(f) GDPR): Where processing is necessary for the purposes of our legitimate interests, provided those interests are not overridden by your fundamental rights and freedoms.

5. How We Use Your Data

We use your personal data for the following purposes:

5.1 Website Functionality: Ensuring the security, accessibility, and proper operation of our Website.

5.2 Analytics: Understanding how users interact with our Website to improve content and user experience.

5.3 Communication: Responding to your inquiries and providing you with information about our services.

5.4 Legal and Security: Protecting our legal rights, complying with laws and regulations, and preventing misuse of our Website.

6. Cookies and Similar Technologies

Cookies are small text files placed on your device to store information. We use cookies to enhance your experience, analyze our Website traffic, and ensure our Website functions properly. Below is a detailed overview of the cookies we use, their purposes, and how long they remain on your device.

6.1 Strictly Necessary Cookies

• __cf_bm
  • Provider: Cloudflare Inc.
  • Domain: .cismeitaly.com
  • Duration: 30 minutes
  • Purpose: Used to distinguish between humans and bots. This is beneficial for the Website in order to make valid reports on the use of the Website.
• XSRF-TOKEN
  • Provider: .cismeitaly.com
  • Duration: 1 year
  • Purpose: Helps with site security by preventing Cross-Site Request Forgery attacks.
• VISITOR_PRIVACY_METADATA
  • Provider: YouTube
  • Domain: .youtube.com
  • Duration: 6 months
  • Purpose: Stores the user's consent and privacy choices for interactions with embedded YouTube videos, ensuring the user's preferences are honored in future sessions.

6.2 Performance Cookies

• _ga_DDSMPZYTT0
  • Provider: .cismeitaly.com
  • Duration: 1 year 1 month
  • Purpose: Used by Google Analytics to persist session state.
• _ga
  • Provider: Google LLC
  • Domain: .cismeitaly.com
  • Duration: 1 year 1 month
  • Purpose: Associated with Google Universal Analytics; used to distinguish unique users by assigning a randomly generated number as a client identifier. Helps calculate visitor, session, and campaign data for analytics reports.

6.3 Targeting Cookies

• YSC
  • Provider: Google LLC
  • Domain: .youtube.com
  • Duration: Session
  • Purpose: Set by YouTube to track views of embedded videos.
• VISITOR_INFO1_LIVE
  • Provider: Google LLC
  • Domain: .youtube.com
  • Duration: 6 months
  • Purpose: Keeps track of user preferences for YouTube videos embedded in the Website; also determines whether the visitor is using the new or old version of YouTube's interface.

6.4 Unclassified Cookies

• __Secure-ROLLOUT_TOKEN
  • Domain: .youtube.com
  • Duration: 6 months
  • Purpose: Unclassified; awaiting classification.
• cisme_italy_session
  • Domain: .cismeitaly.com
  • Duration: 1 year
  • Purpose: Unclassified; awaiting classification.

6.5 Cookie Consent Manager

We use a cookie consent manager provided by CookieScript (Cookie-Script.com) to collect and manage user consents for cookies. This tool helps ensure that you can easily customize or withdraw your consent at any time in compliance with GDPR.

7. Managing Cookies

You can manage or delete cookies at any time by adjusting the settings in your web browser. Please note that blocking or deleting certain cookies may impact the functionality of the Website, and you may not be able to access all features.

7.1 Cookie-Script.com

Our cookie consent form is powered by CookieScript. It provides a clear interface for you to accept, reject, or customize your cookie settings, including withdrawing consent for non-essential cookies.

8. Third-Party Services

We may use third-party services that place their own cookies or other tracking technologies to collect information about your use of our Website. These services include, but are not limited to, Google Analytics and YouTube. We encourage you to review the privacy policies of any third-party service providers for more information on their data practices.

• Google Analytics: https://policies.google.com/privacy
• YouTube: https://policies.google.com/privacy

9. Data Sharing and International Transfers

9.1 We do not sell or rent your personal data. However, we may share your data with:

• Service Providers: Third parties that help us operate our Website or provide services on our behalf (e.g., hosting providers, analytics providers).
• Legal and Regulatory Authorities: Where required by law or to protect our legal rights.

9.2 If your personal data is transferred outside the European Economic Area (EEA), we ensure the destination country has an adequate level of data protection or appropriate safeguards (e.g., Standard Contractual Clauses) in place.

10. Data Retention

We retain your personal data only for as long as is necessary to fulfill the purposes for which it was collected, to satisfy any legal obligations, or for the establishment, exercise, or defense of legal claims.

11. Your Rights Under the GDPR

Under the GDPR, you have the following rights in relation to your personal data:

11.1 Right of Access: Request confirmation of whether we process your personal data, and access a copy of the data we hold about you.

11.2 Right to Rectification: Request that we correct any inaccuracies or incomplete data.

11.3 Right to Erasure ("Right to Be Forgotten"): Request the deletion of your personal data, subject to certain conditions.

11.4 Right to Restriction of Processing: Request that we limit the processing of your personal data under certain conditions.

11.5 Right to Data Portability: Receive your personal data in a structured, commonly used, and machine-readable format and have the right to transmit it to another controller.

11.6 Right to Object: Object to the processing of your personal data where we rely on legitimate interests or direct marketing.

11.7 Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw it at any time without affecting the lawfulness of processing based on consent before its withdrawal.

11.8 To exercise any of these rights: Please contact us at [email protected]. You also have the right to lodge a complaint with a supervisory authority in your country of residence.

12. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access. While we strive to ensure the highest level of security, no method of electronic transmission or storage is completely secure, and we cannot guarantee absolute security.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our data processing practices. We will notify you of any significant changes by updating the "Last Updated" date at the top of this page and, where required by law, by providing a more prominent notice.

14. Contact Us

For questions or concerns about this Privacy Policy, or to exercise your rights, please contact:

• Company: CISME Italy SRL
• Postal Address: Via Giuseppe Marcora, 7, 20121 Milano (MI), Italy
• Email: [email protected]

We will respond to your request or inquiry within a reasonable timeframe and in accordance with applicable data protection laws.

Thank you for visiting cismeitaly.com and trusting us with your personal data.