Website privacy policy and cookie policy

Information pursuant to Articles 12 et seq. of EU Regulation 679/2016
Iscot Italia S.p.A., with registered office in Via Isonzo 22 – 10141 Turin (hereinafter referred to as ‘ISCOT’), (hereinafter referred to as the ‘Data Controller’), as the data controller pursuant to the GDPR and the provisions of the Personal Data Protection Code, recognises the importance of personal data protection and considers its protection to be one of the objectives of its business.

Before communicating any personal data, ISCOT invites you to carefully read this privacy policy (‘Privacy Policy’), as it contains important information on the protection of personal data and the security measures adopted to ensure its confidentiality in full compliance with applicable legislation.

This Privacy Policy is to be understood as information provided pursuant to Article 13 of the GDPR to those who interact with the Website.

Iscot Italia S.p.A. informs you that the processing of your personal data will be based on principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimisation, accuracy, integrity and confidentiality. Your personal data will therefore be processed in accordance with the applicable legislative provisions and the confidentiality obligations set forth therein.

Data controller
We hereby inform you that the Data Controller is Iscot Italia S.p.A., with registered office in Turin, Via Isonzo 22, whose contact details are provided at the bottom of the Home Page and on every other web page of this site.

Data Protection Officer (DPO)
The Data Protection Officer (DPO) is the lawyer Cristiano Michela, MCHCST69M24L219F, domiciled at Corso Siccardi n. 11/bis – 10122 Turin (TO).

Email: c.michela@avvocatipacchiana.com
Pec: cristianomichela@pec.ordineavvocatitorino.it                                             

Personal data subject to processing
‘Personal Data’ means any information relating to an identified or identifiable natural person, with particular reference to an identifier such as a name, an identification number, location data, an online identifier or one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person.
The Personal Data collected by the Website are as follows:

a. Browsing data
The Site’s computer systems collect certain Personal Data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with you, but by its very nature could, through processing and association with data held by third parties, allow you to be identified. This includes the IP addresses or domain names of the devices used to connect to the Website, the URI (Uniform Resource Identifier) addresses of the resources requested, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) etc.) and other parameters relating to your operating system and IT environment.

This data is used to obtain anonymous statistical information on the use of the Site and to check its correct functioning; to allow – given the architecture of the systems used – the correct provision of the various functions requested by you, for security reasons and to ascertain responsibility in the event of hypothetical computer crimes against the Site or third parties, and is deleted after 7 days. In any case, this data is stored by the Site Owner for the period strictly necessary and in any case in accordance with the relevant regulations in force.

b. Data provided voluntarily
Through this Website, you have the option of voluntarily providing Personal Data such as your first name, last name, email address and, if applicable, the name of your company in order to contact ISCOT via the ‘Contact Us’ form available at the link https://www.iscot.it/en/contacts/.
You are free to provide your personal data, but failure to do so may make it impossible to obtain the requested service. ISCOT will process this data in compliance with applicable legislation, assuming that it refers to you or to third parties who have expressly authorised you to provide it on the basis of a suitable legal basis that legitimises the processing of the data in question.

With regard to the latter case, you act as an independent data controller, assuming all legal obligations and responsibilities. In this regard, you grant the broadest indemnity with respect to any dispute, claim, request for compensation for damage from processing, etc. that may be received by ISCOT from third parties whose Personal Data has been processed through your use of the Site in violation of the GDPR or any other applicable legislation.

c. Cookies and similar technologies
ISCOT collects Personal Data through cookies.
Further information on the use of cookies and similar technologies is available on the website page dedicated to the Cookie Policy.

Purpose, legal basis and mandatory or optional nature of processing
The Personal Data you provide through the Website will be processed by ISCOT for the following purposes:

a) purposes related to the performance of a contract to which you are party or to the implementation of pre-contractual measures taken at your request (e.g. contact request via the Contact form or e-mail, etc.);

b) statistical research/analysis on aggregated or anonymous data, without the possibility of identifying the user, aimed at measuring the functioning of the Website, measuring traffic and evaluating usability and interest;

c) purposes related to the fulfilment of a legal obligation to which ISCOT is subject;

d) purposes necessary to establish, exercise or defend a right in court or whenever the judicial authorities exercise their judicial functions.

The legal basis for the processing of Personal Data for the purposes referred to in point a) is the provision of a service or response to a request; such processing – pursuant to the GDPR – does not require your express consent.

The purpose referred to in point b) does not involve the processing of Personal Data.

The legal basis for the processing of Personal Data for the purposes referred to in points c) and d) is the fulfilment of a legal obligation to which ISCOT is subject or the legitimate interest in protecting its rights in court.

The provision of your Personal Data for the purposes listed above is optional, but failure to provide it could make it impossible to respond to your request or fulfil a legal obligation to which ISCOT is subject.

Methods

a. Tools and logic
In relation to the purposes mentioned above, processing is carried out using manual, computerised and telematic tools with logic strictly related to the aforementioned purposes and, in any case, in such a way as to guarantee the security and confidentiality of the data itself and with the commitment to promptly notify us of any corrections, modifications and updates. Such processing may be carried out on behalf of the Data Controller for the purposes and in the manner described above and in compliance with criteria suitable for ensuring security and confidentiality, by companies, firms, entities and external collaborators appointed as Data Processors and only in relation to the processing carried out by them.        

b. Special categories of data
None of your personal data held by the Data Controller falls within the definition of “Special categories of data” in Article 9 of EU Regulation 2016/679. If such data is transmitted, we will delete it immediately in the absence of explicit written consent.

Recipients
Your Personal Data may be shared, for the purposes specified in point 3, with:

a. parties necessary for the provision of the services offered by the Website, including, by way of example, the analysis of the functioning of the Website, who typically act as data processors for ISCOT;          

b. persons authorised by ISCOT to process Personal Data who have committed themselves to confidentiality or have an adequate legal obligation of confidentiality; (e.g. employees and collaborators (a. and b. are collectively ‘Recipients’);

c. judicial authorities in the exercise of their functions when required by applicable law.

Transfers
Your Personal Data will not be transferred to countries outside the EU.

Data retention
ISCOT will process your Personal Data for the time strictly necessary to achieve the purposes indicated in point 3.

Your rights
Within the limits of the Applicable Regulations, you have the right to ask ISCOT, at any time, for access to your Personal Data, the correction or deletion of the same, or to object to their processing, the limitation of processing, as well as to obtain the data concerning you in a structured, commonly used and machine-readable format.

Pursuant to the GDPR, you have the right to lodge a complaint with the competent supervisory authority (the Data Protection Authority) if you believe that the processing of your Personal Data is contrary to current legislation.

Changes
This Privacy Policy was last updated on 2 February 2026.

ISCOT reserves the right to modify or simply update its content, in part or in full, including due to changes in the Applicable Regulations. ISCOT therefore invites you to visit this section regularly to review the most recent and updated version of the Privacy Policy so that you are always up to date on the data collected and its use.

Cookie policy and online trackers
This Cookie Policy is an integral part of the Privacy Policy drawn up and published by ISCOT.

This website uses cookies, including third-party cookies, to offer services in line with the user’s preferences and, in some cases, to send advertising messages.

When you first visit the website, a banner will appear containing a brief information notice and the cookie preference management panel, as well as a button that allows you to accept or reject all or some cookies (you can select/deselect individual categories of cookies, etc.).

1.Definitions and characteristics of cookies
Cookies and tracking systems are pieces of information that websites and apps send or read on your devices when you first visit them, and then retransmit to the same websites/apps on your next visit. Cookies are active identifiers; tracking systems are passive systems, based on the mere observation of the configurations that distinguish the user’s device. Thanks to these technologies, websites and apps remember actions and preferences (such as login details, chosen language, font size, other display settings, etc.) so that they do not need to be re-entered on your next visit.

These technologies are used to perform computer authentication, session monitoring and storage of information regarding the activities of users accessing a service and may also contain a unique identification code that allows the user’s navigation within the site to be tracked for statistical or advertising purposes.

There are different types of cookies and other tracking systems which, depending on their characteristics and functions, may remain on your device for different periods of time: so-called session cookies, which are automatically deleted when you close your browser; and so-called persistent cookies, which remain on your device until a predetermined time.

In line with applicable legislation, your prior consent for the use of cookies is not always required.

In particular, such consent is not required for ‘technical cookies’, e.g. those used for the sole purpose of carrying a communication over an electronic communications network, or strictly necessary to provide a service expressly requested by the user (in other words, cookies that are essential for the operation of a website).

Your prior consent is required for non-anonymised ‘analytical’ cookies and profiling cookies, e.g. those that provide statistical analysis on the use of a website or that create user profiles to send them advertising messages in line with the preferences they have expressed while browsing.

2.Types of cookies used by the Website and possibility of deselection
When browsing the Website, you will receive the following cookies:

Technical cookies are cookies that are essential for browsing the website and using the services requested by the user (so-called navigation or session cookies), allowing the user to be identified and remain identified during the session. Without these cookies, some operations could not be performed or would be less secure. They are not used for other purposes and are installed directly by the Data Controller.

Profiling cookies: this website does not use proprietary profiling cookies, i.e. cookies designed to create user profiles in order to send advertising messages in line with the preferences expressed while browsing the Authority’s website.

Third-party cookies, i.e. cookies from third-party websites or servers that are different from those of the Data Controller. Please note that these third parties, listed below with links to their privacy policies and opt-out mechanisms, process your Personal Data as data processors on behalf of the Data Controller. These third parties have signed data processing agreements with the Data Controller and the cookies have been anonymised by masking the IP addresses.

The website does not use any IT techniques to directly acquire personal data identifying the user or systems for tracking or profiling the user. Our IT systems do not use any type of persistent cookies, but only statistical tools and technical session cookies for the transmission of personal information, which are not stored after the end of the session. Although the Organisation endeavours to implement all possible technical measures to deactivate or neutralise any third-party cookies on its website, these types of files may sometimes be activated using functions that allow you to interact with social networks, which may then track your browsing. This could happen, for example, by using the sharing functions via Facebook, LinkedIn, Twitter and WhatsApp, or by playing YouTube video clips that may be embedded in the website. In this regard, we invite you to always refer to the information on the processing of personal data provided by the respective social networks.

3.Cookie settings
If profiling/tracking cookies are present, when you first access any page of the Website, a banner will appear containing a brief information notice and the cookie preferences management panel, with a button that allows you to accept all cookies.

The user has the option to select/deselect individual categories of cookies, with the exception of technical cookies.

The user’s preferences regarding cookies will need to be reset if different devices or browsers are used to access the Website.

With regard to cookies sent directly by the Site operator, in addition to the procedure provided on this page, the user can also block or delete (all or part of) cookies through the specific functions of their browser or can decide to withdraw the consent already given on the ‘review cookie choices’ page in the footer of the Site.

For further information on how to set your preferences on the use of cookies, please refer to the instructions provided by your browser supplier; this information is easily available using a search engine. If you use a mobile phone, please refer to the relevant manual for further information. After disabling cookies through your browser settings, please remember that you must always use the same settings to delete those already present before disabling them.