The fields marked with * are mandatory



Pursuant to arts. 13 and 14 of EU Regulation 2016/679 (General Data Protection Regulation - GDPR)


Dear Visitor,

The European Regulation 2016/679, applicable in all Member States, recognizes the protection of their personal data that are subject to treatment by third parties to each data subject, as a sign of respect for human dignity and fundamental human rights and freedom.

Based on the provisions of the aforementioned Regulation, we wish to inform you that the processing of your data will be carried out in full compliance with the principles of lawfulness, fairness and transparency and protection of the confidentiality of your data in compliance with the provisions of said regulation.

Please also note that the data you provide to us through our websites or via email requesting information or clarifications will be acquired for the sole purpose of replying to your requests. Any other use will be subject to our explicit consent.

Therefore, according to the provisions of the applicable European Regulation and Member State law, we provide you with the following information.


1. Applied legal basis, purposes of the processing

The purposes of the processing for which your data are intended are linked to respond to your explicit requests, the fulfilment of the contractual and pre-contractual relationship existing between the parties for compliance with the rules and legal obligations to which the Data Controller is subject and for the pursuit of the legitimate interests of the Data Controller or third parties, if previously authorised. Any processing of your personal data for purposes other than those specified herein shall be subject to specific and independent disclosure and specific consent.


2. Method of processing

The data concerning you will be processed and stored using computerized media and tools and/or in printed form, so as to allow you access to your personal data in our possession, according to the most suitable methods to guarantee its completeness, updating, security and confidentiality, including the protection from unauthorised and/or unlawful processing, loss, destruction or accidental damage. Subject to communications carried out in compliance with legal obligations, the data may be disclosed to third parties who perform specific tasks on behalf of the undersigned person against explicit commitment to the protection of your personal data in accordance with the provisions of this privacy statement and the rules regarding the Data Processor pursuant to arts. 28 et seq. of EU Regulation 679/2016, as well as the applicable legal provisions.


3. Data storage

The data concerning you will be retained for the entire duration of the relationships established between the parties and after termination of the existing relationship/contract or upon completion of your request. Where there are contractual obligations, the data will be kept in compliance with civil and tax law requirements applicable to the existing relationship, as well as any other Data Controller’s fulfilment/legal obligation; in any case, they will be deleted after 10 years from the last processed operation (backup history deletion).


4. Data Controller

The data controller is Cy. Pag. S.r.l., based at 13 Via del Commercio, 23017 Morbegno (SO).

Tel: 0342 605011; e-mail: info@cypag.com

External data processors may be appointed upon the assignment of external tasks by the Data Controller, the execution of which requires the disclosure of your data, from among those who provide sufficient guarantees to put in place suitable technical and organisational measures to meet normative requirements and guarantee the protection of the rights of data subject, after the Data Controller has signed a specific contract/addendum to the professional assignment containing data processing requirements and specifications.


5. Rights of the data subject

You may exercise all the rights envisaged by the European Regulation and Member State law, namely arts. 13, 14, 15 to 22 and 34 of said regulation and decrees, at any time on written request, in particular:

   a) the right of free access to the personal data and/or obtain a copy of the personal data undergoing processing, with the indication of all the aspects relevant to the processing envisaged by the GDPR;


   b) the right to obtain, free of charge, the updating, the rectification of inaccurate personal data concerning you, the restriction of processing or the addition of supplementary data, as required;


   c) the right to object, in whole or in part, to the processing of personal data concerning you even if pertinent to the purposes of collection for legitimate reasons or to withdraw, in whole or in part, your consent, whenever necessary.


   d) the right to partial or total erasure of your data, including the right to be forgotten.


   e) the right to lodge a complaint with a supervisory authority (in Italy, the Guarantor for personal data protection) or judicial authorities where the conditions exist.


The complete list of the rights of the data subject can be consulted on the Guarantor’s website or it is available at the Data Controller’s Head Office and can be sent via email, upon written request.

You can exercise your rights by sending a letter or an e-mail to Cy. Pag S.r.l., registered office at 13 Via del Commercio, 23017 Morbegno (SO), phone (++39) 0342 605011; e-mail: privacy@cypag.com



Below is a description of how we manage our website in connection with the processing of visiting users’ personal data. This disclosure is provided for all those who interact with the company web services and can be seen by logging on to www.cypag.com.


Our website can be accessed via SSL protocol and certified in compliance with current WEB security guidelines.




Browsing data: during normal operation, the computer system and software procedures used to manage the www.cypag.com website acquire some personal data whose transmission is implicit in Internet communication protocols. The information collected is not intended to be associated with identified data subjects but which, by its very nature, could allow users to be identified through the processing and association with data held by third parties. This category includes the following data:


IP addresses:

  • Domain names of computers used by visitors connecting to the website;
  • URI (Uniform Resource Identifier) notation addresses of the requested resources, the time of the request, the method used to send the request to the server, the size of the response file, the numerical code indicating the status of the server response (successful, error, etc.) and other parameters relating to the operating system and the user’s computer environment.


These data are only used to manage contacts with customers, consultants, suppliers and/or collaborators in general; they will be deleted immediately after processing/use. However, they could be used to identify any responsibilities in case of hypothetical computer crimes against the website or connected in any way to browsing on any links.


The www.cypag.com website can use session cookies and persistent cookies.


The types of cookies generated by this website directly are:


Technical cookies, that used :

  • to authenticate and manage a browsing session (e.g. to identify and validate the user for access to the Reserved Area);
  • for safety purposes (e.g. to take into account the number of failed logins identifying possible abuses in authentication and preventing fraud);
  • to customize the user interface (e.g. to record user’s preferences, such as language, currency, page display format and connection area);
  • the correct functioning of the connection (e.g. by addressing user requests to different servers).


Third-party cookies:


This website also allows third-party cookies to be transmitted to the user terminals.


As a technical service intermediary, Informatica Service Center S.r.l. only sends third-party cookies and does not manage their processing (i.e. they do not have control and access to any provided/acquired information) as this is third parties’ responsibility. For these cookies, you can access the privacy statement and the third-party consent forms by clicking on the links below.


  • data subjects from which Cy.Pag S.r.l. obtains aggregate/statistical information on users visiting this website. The google.com/analytics service provided by Google Inc. is therefore used.
  • technical cookies, used to authenticate and manage a browsing session (e.g., e.g. to identify and validate the user for access to the Reserved Area).


You can consult Google Analytics Privacy Policy by logging on to https://policies.google.com/privacy.


You can disable cookies on your browsers at any time. The procedure is illustrated below.


Users can manage these cookies through their browser settings.


Browser settings:

Users can manage their cookie preferences through the features available in common browsers (Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari) to delete/remove cookies (all or some) or change browser settings so as to block the sending of cookies or limit it to specific sites (compared to others).


It is also possible to know how to configure browser settings (normally accessible from the “Tools” bar) from the “Support” web pages of browser providers (identifiable through a common search engine).


Disabling cookies does not, in principle, prevent the use of website services; however, if all cookies were deleted/blocked, including technical cookies, some operations could not be performed or would be more complex and/or less secure, such as operations in website Reserved Areas (cookies allow for user identification and data storage within the session).


If any users/visitors logging on to this website send own personal data to access to certain services or make requests by email, this involves the acquisition by Cy.Pag S.r.l. of the sender’s address and/or other personal data that will be processed only to respond to this request or provide the service. Personal data provided by users/visitors will be communicated to third parties solely when disclosure is required to meet users/visitors’ requests or is subject to their consent.


Cookies consist of portions of code installed in the browser that assist the Owner in providing the Service according to the purposes described. Some of the purposes for which Cookies are installed may also require the User's consent.

Where the installation of Cookies is based on consent, such consent can be freely withdrawn at any time following the instructions provided in this document.

Technical Cookies and Cookies serving aggregated statistical purposes


Activity strictly necessary for the functioning of the Service

This Application uses Cookies to save the User's session and to carry out other activities that are strictly necessary for the operation of this Application, for example in relation to the distribution of traffic.


Activity regarding the saving of preferences, optimization, and statistics

This Application uses Cookies to save browsing preferences and to optimize the User's browsing experience. Among these Cookies are, for example, those used for the setting of language and currency preferences or for the management of first party statistics employed directly by the Owner of the site.


Other types of Cookies or third parties that install Cookies

Some of the services listed below collect statistics in an anonymized and aggregated form and may not require the consent of the User or may be managed directly by the Owner - depending on how they are described - without the help of third parties.

If any third party operated services are listed among the tools below, these may be used to track Users’ browsing habits – in addition to the information specified herein and without the Owner’s knowledge. Please refer to the privacy policy of the listed services for detailed information.



The services contained in this section enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior.


Google Analytics (Google Inc.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Data collected to track and examine the use of this Application, to prepare reports on its activities and share them with other Google services.
Google may use the Data collected to contextualize and personalize the ads of its own advertising network.

Personal Data collected: Cookies and Usage Data.

Place of processing: US – Privacy Policy – Opt Out.


Displaying content from external platforms

This type of service allows you to view content hosted on external platforms directly from the pages of this Application and interact with them.
This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it.


Google Maps widget (Google Inc.)

Google Maps is a maps visualization service provided by Google Inc. that allows this Application to incorporate content of this kind on its pages.

Personal Data collected: Cookies and Usage Data.

Place of processing: US – Privacy Policy.


How to provide or withdraw consent to the installation of Cookies

In addition to what is specified in this document, the User can manage preferences for Cookies directly from within their own browser and prevent – for example – third parties from installing Cookies.
Through browser preferences, it is also possible to delete Cookies installed in the past, including the Cookies that may have saved the initial consent for the installation of Cookies by this website.
Users can, for example, find information about how to manage Cookies in the most commonly used browsers at the following addresses: Google ChromeMozilla FirefoxApple Safari and Microsoft Internet Explorer.

With regard to Cookies installed by third parties, Users can manage their preferences and withdrawal of their consent by clicking the related opt-out link (if provided), by using the means provided in the third party's privacy policy, or by contacting the third party.

Notwithstanding the above, the Owner informs that Users may follow the instructions provided on the subsequently linked initiatives by the EDAA (EU), the Network Advertising Initiative (US) and the Digital Advertising Alliance (US), DAAC (Canada), DDAI (Japan) or other similar services. Such initiatives allow Users to select their tracking preferences for most of the advertising tools. The Owner thus recommends that Users make use of these resources in addition to the information provided in this document.


Owner and Data Controller

Via del Commercio, 1323017 Morbegno (SO), Italia

Owner contact email: info@cypag.com

Since the installation of third-party Cookies and other tracking systems through the services used within this Application cannot be technically controlled by the Owner, any specific references to Cookies and tracking systems installed by third parties are to be considered indicative. In order to obtain complete information, the User is kindly requested to consult the privacy policy for the respective third-party services listed in this document.

Given the objective complexity surrounding the identification of technologies based on Cookies, Users are encouraged to contact the Owner should they wish to receive any further information on the use of Cookies by this Application.


Definitions and legal references


Personal Data (or Data)

Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.


Usage Data

Information collected automatically through this Application (or third-party services employed in this Application), which can include: the IP addresses or domain names of the computers utilized by the Users who use this Application, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.



The individual using this Application who, unless otherwise specified, coincides with the Data Subject.


Data Subject

The natural person to whom the Personal Data refers.


Data Processor (or Data Supervisor)

The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.


Data Controller (or Owner)

The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of this Application. The Data Controller, unless otherwise specified, is the Owner of this Application.


This Application

The means by which the Personal Data of the User is collected and processed.



The service provided by this Application as described in the relative terms (if available) and on this site/application.


European Union (or EU)

Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.



Small piece of data stored in the User's device.

Legal information

This privacy statement has been prepared based on provisions of multiple legislations, including Art. 13/14 of Regulation (EU) 2016/679 (General Data Protection Regulation).

This privacy policy relates solely to this Application, if not stated otherwise within this document.

Latest update: October 12, 2018