As required by Regulation (EU) 2016/679 and by data protection legislation in general, the user (hereinafter also the “Data Subject”) is provided with information regarding the use of cookies.

Who is the Data controller? How can the DPO be contacted?

The site ferrero.gigroup.com (hereinafter the “Site“) uses cookies. The data collected using cookies are processed by Gi Group Holding S.p.a. (“Company“) based in Piazza IV Novembre 5, 20124 Milan, in the person of the Legal Representative (telephone number 02.444111, e-mail address it.privacy@gigroupholding.com).

The Data Protection Officer (DPO) can be contacted at piazza IV Novembre n. 5, 20124 Milan, to the attention of the Data Protection Officer, and at the e-mail dpo@gigroup.com .

What personal data are processed?

The site processes navigation data. By way of example, this category of data includes: the IP addresses or the names of the computers used by users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of requests, the method used when submitting requests to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment.

What is a cookie?

Cookies are small text strings. They are created by a server and stored on the hard disk of the computer or on any other device used by the user to access a website (smartphone, tablet, etc.) and then be re-transmitted to the site at the next visit by the user. Cookies allow, for example, to activate features and customizations aimed at facilitating user interaction with a website, keeping track of the items in a shopping cart or information for filling in a computer form.

 

With regard to duration, cookies can be classified as session cookies and persistent cookies.

Session cookies disappear when the browser is closed or have a limited duration. Persistent cookies they are stored permanently on your computer or other device user and have a variable duration. Cookies that expire at the end of a session (normally when a user closes their browser) are useful, for example, for security purposes, such as when the user accesses their e-mail box or a reserved area of a site. Instead, cookies that are stored for a longer period (between one session and another) are used, for example, to remember user preferences (such as the navigation language on the site) or to offer targeted advertising.

 

With reference to the origin, cookies can be classified as first-party cookies or third-party cookies. First -party cookies are installed directly from the website the user is visiting, while third-party cookies they are installed by a domain other than the one the user is visiting, for example, if the website incorporates elements from other sites, such as images or social media plugins.

 

 

What cookies does this site use and for what purposes?

<! – OneTrust Cookies List start ->

<! – OneTrust Cookies List end ->

 

The use of third-party cookies is governed by the rules established by the third parties themselves, therefore the user is invited to read the information on the processing of personal data of third parties indicated in the illustrative tables of the cookies used by the Site.

The Site uses Google Analytics to collect information in aggregate form on the number of users who visit the Site and on the methods of use of the same, in order to develop general statistics on the service and its use, without the possibility of tracing the identification of the single user. The Google Analytics settings provide for the sharing of data with Google in order to use the following services: i) Benchmarking, i.e. participation in the collection of anonymous data that helps to better understand the trend of the data; ii) Technical assistance, to enable Google to provide assistance and iii) Account Experts, in order to allow Google marketing experts to provide suggestions for improving configuration and analytics.

For more information, you can visit the supplier page here

The user can disable Google Analytics cookies by downloading a specific browser plug-in available here

 

How do you manage your cookie preferences?

At the time of the first access to any page of the Site, there is a banner that contains a brief information and the panel for managing preferences for cookies. The user has the possibility to select and deselect the cookies grouped by homogeneous categories. The consent to the use of cookies is registered with a specific “technical cookie”. By closing the banner by selecting a button marked with an X, positioned inside the banner at the top right, the user will maintain the default settings and therefore continue the navigation without cookies other than the strictly necessary technical ones. A special command is also available through which the user can express his consent by accepting the placement of all cookies.

In any case, it is possible to easily change the choices made relating to the cookies used by the Site at any time by clicking on the button that appears on each page of the Site at the bottom left.

In any case, the user can express his/her preferences on cookies also through the settings of the browser used. Most browsers automatically accept cookies by default, however, if you set your browser preferences appropriately, you can reject them or accept them selectively (the methods offered by some browsers are shown below: Chrome, Firefox, Safari, Opera, Edge, Internet Explorer)

Disabling, blocking or deleting cookies could compromise the optimal use of some areas of the Site or prevent some features, as well as affect the operation of third-party services.

For information relating to the use of cookies by Facebook, Instagram, YouTube, Twitter and LinkedIn, please consult the Facebook, Instagram, Google, Twitter and LinkedIn websites respectively.

To monitor the collection of data for the purposes of analysis carried out by Google analytics cookies , the user is invited to visit the page of the browser add-on for the deactivation of Google Analytics where, if desired, he can proceed to disable these cookies, by downloading the specific browser plug-in available there.

 

Is the acceptance of cookies mandatory?

The strictly necessary technical cookies are used to ensure correct navigation within the Site and to provide the service requested by the user, therefore the user’s prior consent is not required for their installation, as indicated in the relevant paragraph.

As regards the remaining types of cookies, these are installed only after obtaining the user’s consent. This consent is optional. However, denial of consent may result in parts of the Site not functioning correctly.

 

Who are the subjects authorized to the processing? Who are the data recipients?

The data may be processed by employees of the corporate functions responsible for pursuing the aforementioned purposes, who have been expressly authorized to process them and who have received adequate operating instructions.

 

User data may be processed by external parties operating as controllers, such as supervisory control authorities and bodies and in general by subjects, including private individuals, entitled to request data, Public Authorities who express requests to the Data Controller for administrative or institutional purposes, in accordance with the provisions of national and Union legislation, as well as persons, companies, associations or professional firms that provide assistance and advice.

The data may also be processed, on behalf of the Data Controller, by external parties designated as managers, who are given adequate operating instructions. These subjects are essentially included in the following categories:

  1. a) companies that provide communications mailing services;
  2. b) companies that provide website and information systems maintenance services;
  3. c) companies that offer support in the implementation of marketing initiatives and market studies.

The user’s personal data may be processed, in case of his/her consent, by third parties to whom they are communicated.

 

Are personal data transferred to countries outside the European Economic Area?

The data collected using cookies may be transferred to countries outside the European Economic Area (EEA) whose data protection level has been deemed adequate by the European Commission pursuant to art. 45 of the GDPR.

Furthermore, personal data may be transferred abroad to non-EEA countries, and in particular to the United States (e.g. Google, Social networks, etc.), after signing the standard contractual clauses (Standard Contractual Clauses) adopted and approved by the European Commission pursuant to art. 46 of GDPR.

A copy of the guarantees adopted can be obtained by contacting the Data Controller at it.privacy@gigroupholding.com

 

What are the rights of the data subjects?

Data Subjects can ask the Data Controller for access to their personal data, their correction or cancellation, the integration of incomplete data, the limitation of processing in the cases provided for by art. 18 GDPR, as well as the opposition to processing in case of data processed for direct marketing purposes or legitimate interests.

Furthermore, for cases in which the processing is based on consent or the contract and is carried out with automated tools, data subjects have the right to exercise the right to data portability by receiving their personal data in a structured, commonly used and device-readable format, as well as, if technically feasible, to transmit them to another controller without impediments.

These rights can be exercised by sending an e-mail to it.privacy@gigroupholding.com.

Data subjects have the right to lodge a complaint with the competent Supervisory Authority (in particular in the Member State in which they usually reside or work or in the State in which the alleged violation has occurred).

 

 

Last update: July 2022