Privacy Policy

Privacy policy in pursuance of Art. 13 and 14 of the European Regulation 679/2016 and consent.

In pursuance of Art. 13 and 14 of the European Regulation (EU) 679/2016 (GDPR),as regards to the personal data provided to our Company, we hereby inform you that:


The data controller is I.C.A.S. Spa, registered office Via Torino, 288 – 10015 S. Bernardo d’Ivrea (TO), PIVA/CF. 00477030019, in the person of its Director Alberto Getto (referred to hereinafter as the “Data Controller”).
The Data Controller may be contacted by e-mail at:
The list of Data Protection Officers, if appointed, is available at the Data Controller’s headquarters.
The list of the Data Controller’s representatives is available at the Data Controller’s headquarters.
The Data Controller has not appointed a Data Protection Officer, DPO.


Your personal data (first name, last name, taxpayer’s code number, address, telephone number, e-mail address, banking data) shall be processed:

A) Without your express consent (Art.6, paragraph.1, lett. b) for the following purposes:

  • Contracts of sale and/or supply;
  • Fulfillment of pre-contract obligations, as well as contract and fiscal obligations resulting from the relations currently in place with you;
  • Fulfillment of obligations provided for by law, by regulations, by Community legislation or by order of the Authorities (for example, with regard to money-laundering)
  • Exercise of the Data Controller’s rights (for example, the right to legal defense).

B) Only prior your specific and clear consent ( that is, by signing this document or the online form as per art. 7 of the GDPR) for the following purposes:

  • Marketing and/or promotional activities by e-mail, SMS, Apps, social media, second-class mail and/or phone, newsletters, forwarding of commercial information and/or advertising material about products and/or events offered and organized by the Data Controller.


Personal data shall be processed (that is, collected /recorded/ organized / structured / kept/ consulted/ extracted / modified/ selected / used/ forwarded / compared / interconnected/ deleted/ destroyed) by means of both paper and computer files (including portable devices) and through automated decision-making processes, including profiling for the above-mentioned purposes.


With regard to the personal data concerning the performance of the contract of which you are party or the fulfillment of a legal obligation ( such as those regarding book-keeping and accounting), the non-provision of personal data shall prevent the contract from being implemented.


Your personal data, which are subject to processing for the above-mentioned purposes, shall be kept for the duration of the contract and, subsequently, for the time in which the Data Controller is subject to record-keeping obligations for tax purposes or for other purposes as provided for by law or regulations. With particular regard to marketing/promotional purposes, the retention period of the personal data provided shall be 10 years.


Your personal data, for the purpose of the performance of the contract and for the above-mentioned purposes, may be disclosed to:

  1. Consultants and other professionals (accountants, lawyers) who provide a service (contractual and fiscal) for the above-mentioned purposes;
  2. Natural and legal persons (legal, accounting and tax firms, auditing firms, carriers and forwarding agents, data centers etc.), in those cases in which disclosure of data is necessary for the above-mentioned purposes;
  3. Banks for the management of takings and payments;
  4. Factoring and debt collection companies;
  5. Our specially authorized collaborators and employees in the performance of their job duties;
  6. Judicial and administrative authorities, for the fulfillment of legal obligations.

Data provided shall not be transferred to a third non-EU country.


According to the GDPR, you are entitled to:
Receive from the Data Controller confirmation of the existence or otherwise of personal data concerning you, even if not recorded yet, and communication of it in an intelligible form; be informed by the Data Controller about:

  • The origin of personal data;
  • means and purposes of processing;
  • the logic behind the processing by means of electronic devices;
  • the identification details of Data Controller and Data Protection Officer;
  • the subjects or categories of subjects to whom the personal data may be disclosed or who may become aware of them in their capacity as data protection officers or authorized employees;
  • To request access to your personal data and information related to personal data; updating and rectification of incorrect data or integration of incomplete data; deletion of personal data (upon the occurrence of one of the conditions pursuant to art.17, paragraph 1 of the GDPR and in compliance with the exceptions pursuant to art. 17, paragraph 3); the restriction on processing of your personal data (upon the occurrence of one of the events set forth in art.18, paragraph 1 of the GDPR);
  • To obtain the anonymization or blocking of data processed in violation of the law, including those for which record-keeping is not necessary with regard to the purposes for which the data have been collected and subsequently processed;
  • To request and obtain from the Data Controller- if the legal basis for the processing is the contract or consent, and the processing is carried out by automated means- your personal data in a structured and readable format by automatic device, also for the purpose of disclosing such data to another data controller ( the so-called right to data portability);
  • To oppose, at all times, the processing of your personal data by the means and within the limits pursuant to art.21 of the GDPR;
  • To withdraw the consent at all times, as far as the processing is based on your consent for one or more specific purposes and concerns ordinary personal data (such as date and place of birth or place of residence), or specific data categories ( such as data revealing your racial origin, political opinions, religious beliefs, health status or sex life).Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

Request to exercise such rights shall be forwarded to the Data Controller by e-mail to
or by certified mail letter to I.C.A.S. Spa, in the person of its Director Alberto Getto, Via Torino, 288 – 10015 S. Bernardo d’Ivrea (TO) – Italy.
Should the interested party believe that his or her rights have been violated by the Data Controller and/or by a third party, he or she shall have the right to lodge a complaint with the supervisory authority (Personal Data Protection Authority –

Cookie Policy


Cookies are small text files which the websites operated by the user transfer to the user’s terminal (usually the browser), where they are stored in memory and sent back to the same websites if the user visits them again. When navigating on a website, users may also receive cookies from different websites or web servers on their terminal (the so-called “third-party cookies”), containing components (such as images, maps, audio or specific links to web pages in other domains) available on the website that the user is visiting.


Cookies can either last for a browser session or be persistent. Session cookies are automatically deleted when the browser window is closed. Persistent cookies are stored on the user’s device until deletion or for the period of time specified in the cookie.
Technical cookies are used for the sole purpose of “transmitting a communication on a electronic communication network, or as strictly necessary to allow the provider of a information service to provide such service explicitly required by the website subscriber o user” (as per art. 122, paragraph 1 of the Privacy Code).
These cookies are not used for any other purposes and are usually installed by the Data Controller or Webmaster.
They can be classified as follows:

  • navigation or session cookies, which ensure normal navigation or use of the website (for instance, allowing the user to make purchases or perform authentication to access reserved areas);
  • analytics cookies, which are similar to technical cookies in that they are directly used by the webmaster to gather information, in the aggregate, on the number of users and on how they visit the website;
  • functionality cookies, which allow the website to remember the choices or changes made by the user (such as the language and products selected for purchase) in order to provide enhanced and more personal features.

These cookies do not require the user’s consent to installation.
Profiling cookies are designed to create user profiles and to deliver targeted advertisements, which are more relevant to the user and to his/her interests shown during Internet browsing. Due to the potential for invasion of privacy, according to European and Italian law, users must be adequately informed about the use of such cookies and consent to their use. Article 122 of the Privacy Code provides that: “The filing of information in the computer of a contracting party or of a user or the access to already filed information is only allowed on condition that the contracting party or the user has expressed his/her consent after being informed in the streamlined manner as per art. 13, paragraph 3 of the Privacy Code”.


First-party cookies belong to the website that created them. Third-party cookies are created by websites other than the one the user is visiting and data are collected, processed and used by third parties and subject to the provider’s Privacy Policy. The third-party is therefore required to inform the user about the use of cookies and obtain, if necessary, the user’s consent in its capacity as data controller. If a website enables the placement of third-party cookies, the third party has the responsibility for ensuring users are clearly informed about cookies and for obtaining their consent. Users must be adequately informed, even if in the streamlined manner provided for by law, when they access the website that enables the storage of third-party cookies, that is, when they access the content provided by third parties and, in any case, before the cookies are downloaded on their computer.


This website uses technical cookies, in order to help the website perform smoothly and to optimize the user’s surfing experience.

This website uses third-party cookies (Google Analytics) for statistical purposes in order to improve the website’s content. Google Analytics is a website analysis service provided by Google Inc. (“Google”) designed to monitor the number of users, the pages visited or the time spent on a specific page for the purpose of tracking and measuring website traffic: the most clicked pages, for how long users stay on a web page or the country they come from. Said data is collected only for statistical purposes and anonymously.

The data collected by Google Analytics, including the user’s IP address, is anonymously sent to the Google Inc server. These cookies cannot be used to profile or identify users, but exclusively for statistical purposes in the aggregate.

For information on Google’s Privacy Policy and to disable the Google Analytics service, please refer to:

The website provides access to other websites, each with its own Privacy Policy. For further information please refer to the Privacy and Cookie Policy of each other social network and service that you visit:


Most web browsers (Chrome, Safari, Internet Explorer, Firefox, etc.) automatically accept cookies. Most of them, however, allow you to control and even disable cookies by adjusting the browser settings. In order to change your browser settings, please refer to the browser’s user manual. Please note, however, that full deactivation of cookies by the user may compromise the use of various functions on the website.
For further information about managing cookies for main web browsers, please refer to the following links:
Cookie Settings in Internet Explorer
Cookie Settings in Firefox
Cookie Settings in Chrome
Cookie Settings in Safari