Legal

Privacy & Cookie Policy

How we collect, use, and protect your personal data.

This document describes how personal data is managed and processed for users who interact with this website. This policy is provided in accordance with Regulation (EU) 2016/679 (GDPR) and applies exclusively to data collected through this website.

Article 1. Data Controller & Legal Basis

Pursuant to Art. 13 of Regulation (EU) 2016/679 (General Data Protection Regulation, hereinafter "GDPR"), you are informed that CS Holding (hereinafter the "Data Controller") will process the personal data of the individuals to whom this Privacy Policy is addressed, for the purposes and in the manner described below.

Article 2. Purpose of Processing

Data is processed for the following purposes:

  • Obtaining statistical information on the use of the website and its services;
  • Ensuring the correct functioning of the services offered and improving the browsing experience;
  • Sending communications or responding to enquiries received from the Data Subject through the website.

Article 3. Data Processing

Data is collected for the purposes described in Article 2 on the basis of the consent expressed by the user. Processing will be carried out in automated and/or manual form in compliance with Art. 32 GDPR.

In all cases, personal data will be processed in accordance with the principles of lawfulness and fairness set forth in Art. 5 GDPR, always operating in a manner that guarantees the confidentiality and security of the information.

Article 4. Data Retention Period

The Data Controller reserves the right to retain the collected data for a maximum period of 180 (one hundred and eighty) days, in order to fulfil the purposes indicated in Article 2. After this period, the data will no longer be available.

Article 5. Types of Data Processed

The following types of data are subject to processing:

  • Navigation data: technical information automatically collected during website visits, used for statistical and security purposes;
  • Contact data: data sent voluntarily, explicitly, and optionally by the Data Subject to the Data Controller. This includes, by way of example, messages sent via the contact form on this website or communications sent to the Data Controller's social media pages.

Article 6. Rights of the Data Subject

The Data Subject has the right to:

  • Access (Art. 15 GDPR): obtain confirmation as to whether personal data is being processed and, if so, request specific information including the purposes, categories of data, third-party recipients, and retention period;
  • Rectification (Art. 16 GDPR): obtain correction of inaccurate personal data and completion of incomplete data;
  • Erasure (Art. 17 GDPR): obtain, without undue delay, the deletion of personal data held by the Data Controller where one of the conditions set out in Art. 17 applies (the so-called "right to be forgotten");
  • Restriction (Art. 18 GDPR): request restriction of processing in the cases provided, such as inaccuracy of data, unlawful processing, or pending opposition proceedings;
  • Notification (Art. 19 GDPR): the Data Controller shall communicate any rectification, erasure, or restriction of processing to each recipient to whom data has been disclosed, unless this proves impossible or involves disproportionate effort;
  • Portability (Art. 20 GDPR): receive a copy of personal data in a structured, commonly used, machine-readable format;
  • Objection (Art. 21 GDPR): object at any time to the processing of personal data;
  • Breach notification (Art. 34 GDPR): in the event of a personal data breach that may result in a high risk to the rights and freedoms of the Data Subject, the Data Controller will notify the Data Subject without undue delay.

Requests from the Data Subject should be sent in writing to the email address indicated in Article 8 below. The Data Controller will respond to requests without delay.

Article 7. Right to Lodge a Complaint

The Data Subject has the right, where they believe that the processing of their data by the Data Controller infringes the rights contained within the Regulation, to lodge a complaint with the competent supervisory authority pursuant to Art. 77 GDPR. The competent authority is the relevant national Data Protection Authority.

Article 8. Contact the Data Controller

For further information or to exercise the rights provided by this policy, you may contact the Data Controller at the following email address: carlo.salizzoni@cs-holding.it.

Requests will be handled free of charge and managed by the Data Controller as quickly as possible, and in any case within one month of receipt.

Article 9. Changes to This Policy

The Data Controller reserves the right to modify or update, in whole or in part, the content of this Privacy Policy, including as a result of changes to applicable European or national legislation. In the event of modifications, updated consent will be requested at the Data Subject's next access.

Article 10. Definitions & Legal References

For the correct and informed understanding of this privacy policy, the following definitions apply. For any definitions not specified here, reference should be made to the GDPR.

  • Personal data (Art. 4(1) GDPR): any information relating to an identified or identifiable natural person;
  • Processing (Art. 4(2) GDPR): any operation or set of operations performed on personal data, whether or not by automated means;
  • Data Controller (Art. 4(7) GDPR): the natural or legal person, public authority, agency, or other body which determines the purposes and means of the processing of personal data.

Article 11. Referral

For anything not explicitly stated in this Policy, reference is made to the provisions of the GDPR and any other applicable regulations.

Article 1. Purpose

This document aims to provide users of this website with a clear and detailed explanation of how cookies work, how they are managed, and the purposes for which they are used.

Article 2. What Are Cookies

Cookies are small text strings that websites visited by the user send to the device (computer, smartphone, tablet) where they are stored and retransmitted to the same websites on subsequent visits.

Cookies may be stored permanently with a variable duration (persistent cookies) or may expire when the browser is closed (session cookies). They may be installed by the website being visited (first-party cookies) or by other websites (third-party cookies).

Cookies are used to:

  • Obtain statistical information on the use of services;
  • Ensure the correct functioning of services offered and improve the browsing experience;
  • Send communications or respond to communications sent by the Data Subject.

Article 3. Types of Cookies Used

The cookies used on this website can be divided into the following categories:

  • Technical cookies: consent for these is necessary to allow navigation within the site. This category includes IP addresses, domain names, URI/URL addresses of requested resources, request times, and other parameters relating to the user's operating system and IT environment.
  • Preference cookies: used to remember user preferences and improve the browsing experience. The specific consent of the Data Subject is always required for the processing of such data.
  • Data communicated by the Data Subject: contact data of senders who voluntarily, explicitly, and optionally send communications to the Data Controller, such as messages via the contact form.

Article 4. Third-Party Cookies

This website may use the following third-party services, each of which may set its own cookies:

  • Google Analytics: _ga (used to distinguish users) and _ga_<container-id> (used to maintain session state).
  • WordPress: session and authentication cookies required for the functioning of the content management system.

For more information, please consult the privacy and cookie policies of Google Analytics and WordPress.

Article 5. Cookie Duration

Google Analytics cookies have a maximum duration of 2 (two) years. WordPress session cookies expire when the browser is closed. For more information on cookie duration, please consult the respective service providers' documentation.

Article 6. Obtaining Consent

Upon accessing any page of the site, a banner is shown to the Data Subject containing a brief Cookie Policy. Before proceeding with navigation, the Data Subject is invited to review this extended Cookie Policy and to indicate their preferences regarding the installation of optional cookies, by providing or withholding consent.

Article 7. Managing Cookies

The user can decide whether to allow or block cookies through their web browser settings. Most browsers allow users to: view installed cookies, delete them individually, block third-party cookies, block cookies from specific sites, block all cookies, and/or delete all cookies when the browser is closed.

If the user decides to completely disable cookies, some website functionalities may be limited. In particular, disabling necessary technical cookies may compromise the use of the site.

Article 8. Updates to This Cookie Policy

The Data Controller reserves the right to modify or update the content of this Cookie Policy, in whole or in part, including as a result of changes to applicable legislation. In the event of modifications, the consent banner will be shown again at the Data Subject's next visit.

Article 9. Contact Information

The Data Controller is CS Holding.

The Data Controller can be contacted at the following email address: carlo.salizzoni@cs-holding.it.

Last updated: March 2026