Privacy and Cookies Policy

This web page describes how and why the personal data of users (hereinafter, also ‘users’) visiting the website and (hereinafter, also the ‘Website’) are processed.

Pursuant to Article 13 of Regulation (EU) 2016/679, the ‘General Data Protection Regulation’ (hereinafter, ‘GDPR’), and Italian data protection laws (Italian Legislative Decree no. 196/2003 and subsequent amendments, in particular those introduced by the Italian Legislative Decree no. 101/2018), this privacy policy is provided to users who access the Website via the address and, and does not refer to other external websites that may be linked thereto.

Personal data processing means any operation or set of operations performed on personal data or on sets of personal data, whether or not by automated means, even if said data are not recorded in a database, such as collection, recording, organisation, structuring, storage, processing, selection, blocking, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

1. Data Controller

The Data Controller is IMAL srl.
Data collected via the information request form are processed by electronic means, using adequate security measures.

2. Data Protection Officer (DPO)

The role of the Data Protection Officer is provided for by Article 37 of the GDPR.
The DPO cooperates with the Italian Data Protection Authority and acts as point of contact for all matters concerning personal data processing, also vis-à-vis data subjects (Articles 38 and 39 of the GDPR); the DPO also coordinates the implementation and keeping of data processing records (Article 30 of the GDPR).
As required by Article 37(7) of the GDPR, please find below the contact details of the Data Protection Officer: PEC [certified e-mail address]: E-mail:

3. Legal basis for data processing

The personal data indicated on this page are processed for the purpose of performing tasks that are in any case linked to exercising the activity requested.
After visiting this Website, data relating to identified or identifiable persons may be processed. Data freely provided by users on a voluntary basis shall be acquired and processed in accordance with the provisions of the GDPR.
IMAL srl undertakes to respect and protect your privacy by processing the personal data you provide in compliance with legal provisions aimed at ensuring that data are secure, accurate, up to date and pertinent to the purposes stated. Personal data provided by users who submit requests are only used to reply to the requests in question; such data are only disclosed to third parties if this is strictly necessary and functional for said purpose, in compliance with EU and Italian legislation. Data are processed by specifically authorised staff and only if data processing is necessary for them to perform their assigned tasks.

4. Processing methods

Personal data are processed electronically for the amount of time that is strictly necessary to fulfil the purposes for which they have been collected.
Specific security measures are applied in order to prevent any loss, illegal use or misuse of data, as well as any unauthorised access thereto.

5. Type of data and the purpose of processing

All personal data provided through the Website shall be lawfully and correctly processed for the purpose of providing the requested services and to reply to users’ communications and questions.

Data provided voluntarily
This Website allows users to send requests and communications using the contact details provided. Providing these data is mandatory and is required in order to be able to reply to the requests or to recontact the sender to request clarifications on the matter(s) reported.

Browsing data
This category of data includes the IP addresses or computer domain names of the users who access the Website, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the reply provided by the server (successful, error, etc.) and other parameters relative to users’ operating systems and computing environments. Browsing data are not collected for the purpose of identifying users, but for the sole purpose of collecting anonymous statistical data regarding use of the Website and the services offered.

6. Cookies

Cookies are small text files that websites send to users’ devices after being visited; they are then stored on users’ devices and sent back to the same websites when users next visit them. This Website uses:

  • session cookies, which are not used to collect personal data able to identify users, as they only send data identifying sessions in the form of numbers automatically generated by the server. Session cookies are not permanently stored on users’ devices and are automatically deleted when the browser is closed;
  • Technical cookies are not used for profiling activities.

    Users may choose whether to allow or disable cookies by altering their browser settings, following the instructions provided by the relative suppliers available from the links below:

    7. Rights of the Data Subject

    Pursuant to Article 15 et seq. of the GDPR, Data Subjects (the natural persons to whom the personal data refer) may, at any point in time, exercise their rights and, in particular, the right to access their personal data, to request that their data be rectified or restricted, updated if incomplete or wrong and erased if collected in violation of the law, as well as to object to their processing, unless the Data Controller has legitimate reasons.
    To this end, it is possible to contact the staff who, pursuant to the decree of the President of the Council of Ministers dated 25 May 2018, perform data controller duties, by sending a request to the points of contact or via e-mail to the PEC [certified e-mail] address: or to the e-mail address:, using the dedicated form available on the Italian Data Protection Authority’s website, via the link
    It is also possible to lodge a complaint with the Data Protection Authority, by following the procedures and instructions published on the Italian Authority’s website
    Exercising these rights is not subject to any constraints in terms of form and is free of charge.

    8. Amendments to this privacy policy

    This privacy policy may be amended in order to comply with legal provisions or regulations.