Cookie Policy

This Cookie Policy (hereinafter referred to as the “Policy”) governs the processing of your personal data through the use of cookies by So Make S.r.l., with registered office in Florence (FI), via di Ricorboli 17, VAT number 6710770485, email address [massimo@somake.it] (hereinafter referred to as the “Controller” or “So Make”), in accordance with the provisions on the protection of personal data, in particular, the EU Regulation 2016/679 (hereinafter referred to as the “GDPR”), through the website you are browsing (hereinafter referred to as the “Site”).

***

1. Identity and contact details of the data controller

The data controller is So Make. So Make is a company established in Italy, and therefore no representative has been appointed.

2. Contact details of the data protection officer

The Controller has appointed Attorney Simone Bonavita as its data protection officer, who can be contacted at the same addresses as the Controller or alternatively: Studio Legale Perani Pozzi Associati, Piazza Armando Diaz 7, Milan (VAT number 0239620994), dpo@somake.it.

3. Processing methods

Cookie 

Cookies are small text strings that the website you visit sends to the browser, which stores them and sends them back to the website upon your next visit.

Cookies allow the collection of information about your browsing activities.

Cookies can be stored permanently on your computer and have a variable duration (persistent cookies), or they can be stored temporarily on your device and automatically deleted when you close the browser (session cookies).

Cookies can be installed by the website you are visiting or by other websites that provide various services to that website (third-party cookies).

Technical cookies Technical cookies

Cookies in this category allow the Site to function properly.

Statistical cookies

The Site also uses statistical cookies created directly by the Controller or provided by third parties.

With statistical cookies created directly by the Controller, the Controller will perform statistical analyses related to different domains, websites, or apps belonging to the Controller, conducting statistical processing without any commercial decision-making purpose.

With third-party statistical cookies, tools have been adopted to reduce their identifying power, such as masking significant portions of the processed IP addresses. In the case of third-party statistical cookies, the third party has contractually committed to the Controller to use them exclusively for the provision of the service, to keep them separate, and not to “enhance” or “cross-reference” them with other information they have.

Browsing data and environmental variables

The Site automatically acquires certain personal data related to your browsing activities. This category of data includes, for example:

the IP addresses of the computer you are using; the number of accesses; the pages visited; the date and time of access; the URL of the browser before accessing the Site; the type of browser used; the operating system used. Profiling cookies Profiling cookies are non-technical cookies that allow the Controller to provide personalized services based on your needs. The Controller uses the profiling cookies listed.

4. Deleting and disabling cookies

You can configure your browser to prevent the processing of cookies or delete them immediately after browsing. Below are the methods for disabling and deleting cookies using the main browsers:

 

Delete/disable cookies Firefoxhttp://support.mozilla.com/it/kb/Eliminare%20i%20cookie
Delete/disable cookies EDGEhttps://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09 
Delete/disable cookies Chromehttp://support.google.com/chrome/bin/answer.py?hl=it&answer=95647

5. Data voluntarily provided

You have the faculty and freedom to provide data by sending an email to the addresses indicated on the Website, which the Data Controller may acquire for the purposes indicated from time to time. In addition to the email address required to respond to you, any other personal data contained in the communication will be processed. The collected data will be stored and processed exclusively for the purpose of preserving the correspondence, without using them for other purposes.

6. Purpose, legal basis for processing, optional consent, and consequences of non-consent

  • Personal data processed with technical cookies: The communication of personal data is an obligation of a contractual nature, without which the website could not be made available in full accordance with the terms and conditions of use.
  • Personal data processed with profiling cookies: The communication of personal data is purely optional. In case of failure to communicate the data, it will be impossible for the Data Controller to provide you with personalized services through profiling. The legal basis for processing is your consent, expressed in accordance with applicable regulations.
  • Personal data voluntarily provided via email: The communication of personal data is purely optional. In case of failure to communicate the data, the Data Controller will not be able to respond to your requests. The legal basis for processing is the legitimate interest of So Make, as the Data Controller, to respond to the requests.

You can express your consent to the processing of personal data with non-technical cookies by clicking on a specific box presented within a banner.

7. Automated decision-making and profiling

If you consent to the processing with profiling cookies to access personalized services, your personal data may be subject to automated decision-making, with a specific algorithm that will determine which communications are most suitable for your profile or may be of interest to you. The expected consequences of this processing are the sending of highly profiled commercial communications, sending of discounts, and sending of invitations to events considered of interest.

In accordance with Article 22 of the GDPR, you have the right to:

  • Obtain human intervention in the decision-making process by the Data Controller;
  • Express your opinion;
  • Obtain an explanation of the decision reached by the Data Controller;
  • Contest the decision itself.

8. Source and categories of personal data

The Data Controller will only process the personal data provided by you in accordance with the Cookie Policy, collected through the Website or the sending of your email. The Data Controller will not process data from publicly accessible sources. The Data Controller will not process special categories of personal data as referred to in Article 9 of the GDPR.

9. Recipients and potential categories of recipients of personal data

Your personal data may be received by:

Companies offering hosting services;
Companies selling advertising spaces;
Advertising companies;
Communication companies conducting communication activities on behalf of the Data Controller;
Companies offering information society services.

10. Data transfers

The Data Controller intends to transfer your personal data to entities established in a third country outside the European Union or an international organization. These entities may be represented, for example, by:

Communication companies conducting communication activities on behalf of the Data Controller;
Companies offering information society services;
Companies offering hosting services;
Providers of communication services;
Companies selling advertising spaces;
Advertising companies.
The transfer of personal data to such entities, if established in a third country, or to an international organization, is carried out in the presence of an adequacy decision of the European Commission, which has verified how the third country, territory, or one or more specific sectors within the third country, or the international organization in question guarantee an adequate level of protection of your rights. In the absence of such decisions, if deemed appropriate, the Data Controller reserves the right to conclude specific and separate agreements obliging these entities to adopt adequate security measures, including organizational measures, to offer appropriate guarantees regarding your rights.

In particular, Google Inc. has contractually committed to ensuring adequate protection of the data subject’s rights. The data may be transferred to the following countries: United States of America, Ireland, or others.

To obtain a copy of such data or the location where they have been made available, simply send a request to the following address: massimo@somake.it.

11. Data retention period

The Data Controller will retain your personal data processed with technical cookies for the purpose of enabling you to properly use the Website for a period not exceeding 12 (twelve) months from the date of each collection, in accordance with what is indicated in point 3.1 of the Cookie Policy.
The Data Controller will retain your personal data processed to provide personalized services through non-technical cookies and profiling cookies for a period not exceeding 12 (twelve) months from the date of each collection, in accordance with what is indicated in point 3.2 of the Cookie Policy.
The Data Controller will retain your voluntarily provided personal data processed to respond to your requests for a period strictly necessary to achieve this purpose and, in any case, not exceeding 12 (twelve) months from the date of each collection.
The Data Controller reserves the right to request your renewed consent to the processing and/or to verify the consents you have already expressed.

12. Your rights

Right to object
As a “data subject,” you have the right to object, at any time, for reasons related to your particular situation, to the processing of personal data concerning you, pursuant to Article 6, paragraphs 1, letters (e) or (f) of the GDPR, including profiling based on those provisions.

The Data Controller refrains from further processing your personal data unless So Make demonstrates compelling legitimate grounds for the processing that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

If personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data concerning you for such marketing, including profiling to the extent that it is related to such direct marketing.
In the event of objection to the processing for direct marketing purposes, personal data will no longer be processed for such purposes.

You may partially exercise your right to object to the processing of your personal data for direct marketing purposes, for example, by objecting only to the sending of promotional communications carried out through automated and/or digital tools or to the sending of paper communications and/or receiving telephone communications.
If your personal data is processed for scientific or historical research purposes or statistical purposes pursuant to Article 89, paragraph 1 of the GDPR, you have the right, for reasons related to your particular situation, to object to the processing of personal data concerning you unless the processing is necessary for the performance of a task carried out for reasons of public interest.

13. Other rights

The Data Controller also wants to inform you of the following rights:

Right of access: You have the right to obtain confirmation from the Data Controller as to whether or not personal data concerning you is being processed. In this case, you have the right to access your personal data and specific information in accordance with Article 15 of the GDPR.
Right to rectification: You have the right to obtain from the Data Controller the rectification of inaccurate personal data concerning you without undue delay. Taking into account the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement, in accordance with Article 16 of the GDPR.
Right to erasure: You have the right to obtain from the Data Controller the erasure of personal data concerning you without undue delay. The Data Controller has the obligation to erase personal data without undue delay if the grounds listed in Article 17 of the GDPR exist.
Right to restriction of processing: You have the right to obtain from the Data Controller the restriction of processing if the grounds listed in Article 18 of the GDPR exist.
Right to data portability: You have the right to receive the personal data concerning you, which you have provided to the Data Controller, in a structured, commonly used, and machine-readable format and have the right to transmit those data to another controller without hindrance from the Data Controller, where the conditions specified in Article 20 of the GDPR are met.

Right to object to commercial communications: You have the right to object at any time, free of charge, to the receipt of commercial communications from the Data Controller.
Right to lodge a complaint with the Supervisory Authority: You have the right to lodge a complaint with the Supervisory Authority for the Protection of Personal Data, to complain about a violation of the rules on the protection of personal data, in accordance with Article 77 of the GDPR.

14. How to exercise your rights

You can exercise the rights indicated in the Cookie Policy by addressing your requests directly to the Data Controller at the email address massimo@somake.it, or by sending the relevant communication by registered mail with return receipt requested to the address via di Ricorboli 17, Florence (FI).

You can lodge a complaint with the Supervisory Authority for the Protection of Personal Data in accordance with the procedures provided on the official website, sending it to the contact details available at https://www.garanteprivacy.it/home/footer/contatti.

15. Accessibility

The Cookie Policy is accessible at the address massimoc23.sg-host.com/trattamento-dei-dati-personali/ and at the Data Controller’s premises. If expressly requested, the Data Controller may provide you with the information orally, provided that your identity is proven, with a telephone request addressed to 3383028093.

16. Modifications

The Data Controller may modify the Cookie Policy, including to comply with national and/or European Union legislation or technological innovations. Any new versions of the Cookie Policy will be reported on the Website. Please check the Cookie Policy periodically. Any changes will be communicated to you through a pop-up on the Website or different methods and/or computer tools. If the Data Controller substantially amends the Cookie Policy, including new purposes of processing and/or categories of personal data processed, or changes third parties, the Data Controller will inform you and request the necessary consents through a specific banner. If it is impossible for the Data Controller to verify the storage of cookies on your device, for example, on a subsequent visit to the Website, such as in the case of cookie deletion, the Data Controller will inform you and request the necessary consents through a specific banner. If at least 6 (six) months have passed since the previous presentation of the banner on the Website, the Data Controller will inform you and request the necessary consents through a specific banner.