Our services are aimed at the general public and do not specifically target underage subjects. However, we are aware that minors deserve specific protection. We are therefore committed to immediately erase information in the event that a violation of this sort comes to our attention.

If necessary, this Notice may be accompanied by a specific form for the issuance of consent – as provided for in section 7 of the Regulation – which will be tailored on the use we intend to make of your Personal Data, according to the type of service that Guglielmo Srl provides.

What does the current notice mean by “personal data”?
Some examples 

Overall, the New Regulation defines as personal data any information concerning an identified or identifiable natural person (“data subject”). An “identifiable” person is considered to be a natural person who can be linked, directly or indirectly, by an element such as personal details (name, surname, date of birth, etc.), location, online account, characteristics of physical, physiological, genetic, psychic, economic, cultural or social identity, bank details, telephone number, address, place and type of work, photographs, videos of you and the sites you visit. All these elements, although indirectly, tell a lot about us, for example preferences and habits.

In order to better understand the context of this notice, it is specified, for the benefit of all users, that the use of any communication network, without exception, including cellular or “wired” networks, is a process that leaves traces that go well beyond the data processed in the exercise of Guglielmo Srl’s business activities and which are the subject of this present document. These traces are scattered on the device you are using and on all the network devices involved. In some cases, they are easy to intercept by external devices. Therefore, the activity of connection to a network, such as the Internet in particular, must never be considered as a “private” action in any of its aspects, regardless of the activity/service performed by Guglielmo S.r.l..

On the basis of these clarifications Guglielmo Srl considers of fundamental importance the protection of personal data of its current and/or potential future customers and users. For this reason, it ensures that the processing of personal data, carried out by any means, both automated and manual, is performed in full compliance with the guarantees and rights recognized by Regulation (EU) no. 2016/679 of the European Parliament and of the 27 April 2016 Council on the protection of individuals, with regard to the processing of personal data and on the free movement of such.

Data is collected for several reasons: it may be required by the law in force, by one of our customers or to provide specific services to the customer or user. The subsequent processing of collected data, carried out by Guglielmo Srl, is based on the identifiers of the devices which are utilized by users and detected automatically. This is not directly attributable to a person, and not unique. Processing operations result in the classification of users into groups. It never leads to the reconstruction of the activities of the each individual user.
Based on automatically collected data, Guglielmo does not normally perform analysis to determine the identity of a user.
An exception to this situation is when, by law or at the request of our customers (not physical persons but companies), the user is required to enter data directly. In these cases, this data is used to make the classification more precise or to interact with the user (so-called profiling), based on the relative consent and always in respect of the privacy and security of each individual user.
Analysis carried out by Guglielmo focus on data related to the device you use and with which you access the “network”, whose transmission is implicit in the use of Internet communication protocols and whose collection is, in some cases, imposed by the law on the management of Internet connections. Such data are anonymous in themselves, but may be associated with those provided by the user during registration.

Localization

Guglielmo Srl offers its customers services that include analysis based on the location of the devices (for example, geolocation via mobile phones, smartphones, PCs). The data are analyzed in an aggregated way in order to identify groups of behavior. Data sources can be multiple, from wireless device radio interfaces to GPS. All sources can be deactivated by the user. In these cases, the end user is asked and then given the right and informed consent, if necessary, as well as being adequately alerted and informed.

Internet browsing 

In some cases the services offered by Guglielmo Srl include analyses based on the period of time in which these services were provided, that is during the time of connection to the Internet by the devices used and/or the traffic generated. The collection of such data is based on the operation of the Internet itself, without alterations, and is similar to a log collection activity. It is therefore not linked to “man-in-the-middle” activities, nor to services able to violate encryption systems or mechanisms known as data “tunnels” (for example, we are not able to read searches made on Google, intercept the content of posts on Social Media networks, searches on Amazon or encrypted VPN, etc.). All our activities always take place in full compliance with privacy and user safety regulations.

What are cookies?
Cookies are short fragments of text (letters and/or numbers) that allow the web server to store information on the client (the browser) to be reused during the same visit to the site (session cookies) or later, even days later (persistent cookies). Cookies are stored, according to the user’s preferences, by the browser on the specific device used (computer, tablet, smartphone). Similar technologies, such as, for example, web beacons, transparent GIFs and all forms of local storage introduced with HTML5, can be used to collect information on user behavior and use of services. We will refer to cookies and all similar technologies using the term “cookies” below.

First-party cookies typologies and preferences management
Our site uses cookies to provide you with a better browsing experience. Cookies are small files of information that you place on your browser while browsing, where they are stored and then sent back to our site each time you make a subsequent connection. They allow us to count visits anonymously and in no way allow us to identify you directly.
We only use technical and analytical cookies.
Technical cookies are necessary for the proper functioning of certain areas of the website. They include both persistent cookies and session cookies. In the absence of such cookies, the website or parts of it may not function properly. Cookies in this category are always sent from our domain.
Analytical cookies are used to collect information on  website activity. They are the basis for statistical analysis, for actions of improvement and simplification of functionalities, for monitoring the correct functioning. This type of cookies collects information in anonymous form about user activity on the site and how they arrived at the site and the pages visited.
Our website also contains third party cookies i.e. cookies from other sites and content in various elements hosted on our pages (social network icons that allow visitors to interact with it). Cookies in this category are sent by the domains of the websites that offer the functionalities present on our own, therefore they are not included or read by Guglielmo. Third parties may use the collected data for their own purposes. For more information about these cookies and how each third party uses them, you can use the links below.
Guglielmo uses the Google Analytics service of Google, Inc. to understand how visitors interact with the website content. Google Analytics uses a set of cookies to collect information and generate statistics on the website activity, avoiding the identification of individual visitors.
Google provides Guglielmo data in aggregate form. Data are never directly associated with the identity of single users. Data are provided through reports and other computer services. To consult Google’s privacy policy, related to the Google Analytics service, you can visit the website:

http://www.google.com/intl/en/analytics/privacyoverview.htm 

We also integrate certain features of third-party websites into our own website. This especially occurs with Social Media networks (Google, Facebook and Auth0). These features sometimes incorporate scripts or other elements that can recognize, and sometimes place cookies from Social Media networks on your device. We have no access to or control over these cookies or the data collected by these cookies, but because we integrate Social Media login features and services on the Guglielmo and ICEPro website we would like to inform you about the use of these elements. For more information, please see the list of possible Social Media networks cookies below.

Click on the links below to read the different information notices. You can opt in or out:
Auth0 Login. It allows you to access your Auth0 account and interact with our websites through your account: https://auth0.com/docs/sessions/concepts/cookies

Facebook Login. It allows you to access your Facebook account and interact with our websites through your account: https://www.facebook.com/policies/cookies

Google Login. It allows you to access your Google account and interact with our websites through your account: https://policies.google.com/privacy?hl=it 

You still have the option to deny consent to the use of different cookies. In this case, you will be able to continue browsing our site on a regular basis, but as some features are no longer active you may encounter some problems, such as accessing the configuration portal of your ICEPro device.

To disable the use of different types of cookies, select the appropriate setting on your browser that allows you to block or delete them at the end of each session. Below are the links with instructions on how to disable cookies on the most popular browsers.

Internet Explorer: https://support.microsoft.com/it-it/help/17442/windows-internet-explorer-delete-manage-cookies 
Google Chrome: https://support.google.com/chrome/answer/95647 
Mozilla Firefox: https://support.mozilla.org/it/kb/Bloccare%20i%20cookie 
Safari: https://support.apple.com/it-it/HT201265 
Opera: https://www.opera.com/help/tutorials/security/cookies 

Policy and policy updates
The information is related to the use of cookies, both first- and third-party, which have been detected at the date of preparation of the current version. The owner guarantees the commitment to periodically verify the contents of this information notice, in order to keep it updated with technological and regulatory developments.

Mobile App integration
The Guglielmo platform also includes a library, Software Development Kit (SDK), that can be used by Mobile Application developers. The library is able to collect an identifier and use it for network login procedures. The identifier is chosen and passed to Guglielmo’s SDK by a third-party developer, according to the indications of the company’s Client. Please refer to the information relating to the specific application prepared by the third-party developer for further information on the identifier that may be used.

In case of credit card registration or payment processing
In some cases, the registration procedure requires credit card details. In these cases, Guglielmo Srl redirects the user to third-party services. Throughout this process, Guglielmo does not collect any data. The only trace left of the transaction in Guglielmo’s system is a completely anonymous transaction ID, which no activity is done with unless you directly provide it to the third-party system which managed the transaction for any analysis in case of litigation.

It is clarified that by the terms “personal data processing” it is meant any operation or set of operations performed with or without the aid of automated processes and applied to personal data or sets of personal data, even if not recorded in a database, such as collection, recording, organization, the structuring, storage, processing, selection, blocking, adaptation or modification, extraction, consultation, use, communication by transmission, dissemination or any other form of making available, comparison or interconnection, restriction, deletion or destruction.

The Data Controller is the physical or legal person, public authority, service or other body who, alone or jointly with others, determines the purposes and means of the processing of personal data. Where the purposes and means of such processing are determined by Union or Member State law, the Controller or the specific criteria applicable to its designation may be determined by Union or Member State law.

During routinary operations, the computer systems and software procedures used to operate our services acquire certain personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could allow users to be identified through processing and association with data held by third parties.

IT systems and software procedures used to operate our services acquire, during their normal operation, some personal data whose transmission is implicit in the use of internet communication protocols. This information is not collected in order to be associated with identified interested parties. However, by their very nature, they could, through processing and association with data held by third parties, play a role in identifying users.

• Data is stored in such a way that it cannot be changed without leaving a trace. They shall be stored for as long as the service is provided or until the data subject’s consent is revoked, when given.
• Data may be retained even after the termination of the service or the user’s request, if required for legal reasons.
• Data processed for marketing or profiling purposes will be stored in compliance with the principle of proportionality and, in any case, until the purposes of the processing have been pursued or until – if previously – the withdrawal of specific consent by the data subject.
• Data processed for marketing or profiling purposes are kept for a maximum period, which corresponds to that provided by the applicable legislation and, in any case, no longer than 12 months since the last use of the service.
• If you exercise your right to oblivion through a request for express cancellation of your personal data which are processed by the owner, please note that such data will be stored – in a protected form and with limited access, only for the purpose of investigation and prosecution of crimes – for a period not exceeding 12 months since the day of the request and then they will be deleted securely or turned anonymous irreversibly.
• Finally, we remind you that for the same purposes, data related to telematic traffic – which exclude in any case the contents of communications – will be kept for the maximum time allowed by the law currently in force.

1. The data subject has the right to obtain confirmation from the Data Controller as to whether or not personal data concerning him/her are being processed and, if so, to obtain access to the personal data and the following information:
   a) the purposes of the processing;
   b) the categories of personal data concerned;
   c) the recipients or categories of recipients to whom the personal data have been or will be disclosed, in particular if they are recipients in third countries or international organizations;
   d) where possible, the intended period of retention of personal data or, if that is not possible, the criteria used to determine that period;
   e) the existence of the right of the data subject to ask the Data Controller to rectify or delete personal data or to limit the processing of personal data concerning him/her or to object to its processing;
   f) the right to lodge a complaint with the supervisory authority;
   g) where the data are not collected directly from the data subject, all available information on their origin;
   h) the existence of an automated decision-making process, including profiling as referred to in Article 22, (1) and (4), and, at least in such cases, significant information on the policies adopted as well as the importance and expected consequences of such processing for the data subject.
2. Where personal data are transferred to a third country or an international organization, the data subject shall have the right to be informed on the existence of adequate safety policies according to Article 46 with respect to the transfer.
3. The Data Controller provides a copy of the personal data being processed. In case the data subject requests further copies, the Data Controller may charge a reasonable fee based on administrative costs. Where the data subject submits the request by electronic means, and unless otherwise indicated by the data subject, the information shall be provided in an electronic format in common use.
4. The right to obtain a copy – see in paragraph 3 – shall not prejudice the rights and freedoms of others.

The data subject has the right to obtain from the Data Controller the rectification of inaccurate personal data concerning him/her without undue delay. Taking into account the purposes of the processing, the data subject has the right to obtain the integration of incomplete personal data, also by providing a supplementary statement.

1. The data subject has the right to request and obtain from the Data Controller the cancellation of personal data concerning him/her without undue delay and the Data Controller is bound to erase the personal data without undue delay, if one of the following reasons exists:
   a) the personal data are no longer necessary for the purposes for which they were collected or otherwise processed; 4.5.2016 L 119/43 Official Journal of the European Union EN;
   b) the data subject withdraws the consent on which the processing is based in accordance with Article 6(1)(a) or Article 9(2)(a) and if there is no other legal basis for the processing;
   c) the data subject opposes processing within the meaning of Article 21(1) and there are no overriding legitimate grounds for processing, or opposes processing within the meaning of Article 21(2);
   d) personal data have been processed unlawfully;
   e) personal data must be erased in order to comply with a legal obligation under the European Union law or the law of the Member State to which the controller is subject;
   f) personal data have been collected in the context of the services referred to in Article 8(1).
2. Where the Data Controller has made the personal data public and is obliged pursuant to paragraph 1 to erase the personal data, the Data Controller, taking account of available technology and the cost of implementation, shall take reasonable steps, including technical measures, to inform Controllers which are processing the personal data that the data subject has requested the erasure by such Controllers of any links to, or copy or replication of, those personal data.
3. Paragraphs 1 and 2 shall not apply in the case the treatment is necessary to:
   a) the exercise of the right to freedom of expression and information;
   b) the performance of a legal requirement which involve data processing as it is foreseen by the European Union law or in the law of the Member State to which the Data Controller is subject or for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
   c) address reasons of public interest in the field of public health in accordance with Article 9(2)(h) and (i) and Article 9(3);
   d) archive in the public interest, for scientific or historical research or for statistical purposes in accordance with Article 89(1), in so far as the right referred to in paragraph 1 is likely to render impossible or seriously jeopardize the attainment of the objectives of such processing;
   e) ascertain, exercise or defense of a right in court.

1. The data subject has the right to obtain from the Data Controller the restriction of data processing when one of the following cases applies:
a) the data subject objects to the accuracy of personal data, during the time period which is necessary for the Data Controller to verify the accuracy of such data;
b) data processing is unlawful and the person concerned opposes the deletion of personal data and asks instead that its use be limited;
c) although the Data Controller no longer needs data for the purposes of processing, personal data are necessary for the data subject to ascertain, exercise or defend a right in court;
d) the data subject has objected to the processing within the meaning of Article 21 (1), while waiting for the  verification as to whether the legitimate reasons of the controller take precedence over those of the data subject.
2.Where processing is restricted in accordance with paragraph 1, personal data shall, except for storage, only be processed with the consent of the data subject or for the establishment, exercise or defense of a right in court or for the protection of the rights of another natural or legal person or for reasons of substantial public interest of the Union or of a Member State. 4.5.2016 L 119/44 Official Journal of the European Union EN

Duty to notify in case of rectification or erasure of personal data or restriction of processing
The Data Controller shall inform each recipient to whom the personal data have been disclosed of any rectification or erasure or restriction of processing carried out pursuant to Articles 16, 17(1) and 18, unless this proves impossible or requires a disproportionate effort.

L’utente ha il diritto di richiedere la documentazione completa relativamente al trattamento dei dati personali forniti a Guglielmo Srl in quanto Titolare del Trattamento. In altre parole se l’interessato intende richiedere i servizi ad altro “gestore” diverso da Guglielmo srl, ha il diritto di chiedere e ottenere da questo la consegna di tutti i dati personali precedentemente forniti.

1. The user has the right to request complete documentation regarding the processing of personal data provided to Guglielmo Srl as the Data Controller. In other words, if the interested party intends to request the services from another “manager” other than Guglielmo Srl, he or she has the right to request and obtain from the latter the delivery of all personal data previously provided.
   1. Data subjects have the right to receive in a structured, user-friendly and machine-readable format personal data which were provided to the Data Controller. They also have the right to transmit such data to another Data Controller without hindrance by the Data Controller to whom they have provided them if they have provided them:

   (a) processing is based on consent pursuant to Article 6(1)(a) or Article 9(2)(a) or on a contract pursuant to Article 6(1)(b);
   b) processing is carried out by automated tools;

   2. Data subjects, in exercising their rights regarding the portability of data in accordance with paragraph 1, shall have the right to obtain direct transmission of personal data from one Data Controller to another, if technically feasible.
   3. The exercise of the right referred to in paragraph 1 of this Article shall be without prejudice to Article 17. This right shall not apply to processing necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.
   4. The data subject’s right described in paragraph 1 shall not affect the rights and freedoms of others.

1. Data subjects shall have the right to object at any time, on grounds relating to a specific situation, to the processing of their own personal data pursuant to Article 6(1)(e) or (f), including profiling on the basis of those provisions. The Data Controller shall refrain from further processing of personal data unless there is proof that there are compelling legitimate reasons for processing which override the interests, rights and freedoms of the data subjects or for the establishment, exercise or defence of a right in court.
2. Where personal data is processed for direct marketing purposes, data subjects have the right to object at any time to its processing which is carried out for such purposes, including profiling for direct marketing activities.
3. If data subjects object to the processing for direct marketing purposes, personal data shall no longer be processed for such purposes. 4.5.2016 L 119/45 Official Journal of the European Union EN.

It is the right of the person concerned to revoke the consent given at any time. This operation must be as easy as the operation that allowed the data to be processed.  At the same time, the person concerned has the right to lodge an official complaint with the Authority for the Protection of Personal Data, following the procedures and indications published on the official website – www.garanteprivacy.it.