Privacy policy

Pursuant to Regulation (EU) 2016/679 (hereinafter the 'Regulation'), this page describes how the personal data of users consulting the website  are processed.

The data controller is the Chamber of Commerce of Como-Lecco, via Parini 16, 22100 Como (PEC - Certified Email, Tel. +39 031.2561).

The Data Protection Officer (DPO) can be contacted at the following emaill:

Type of data processed

Browsing Data

Use of Matomo, a free web analytics service that anonymously enables the analysis of detailed statistics on website visitors.

Cookies and other tracking systems

No cookies are used for user profiling, nor are any other tracking methods employed.

Instead, session (non-persistent) cookies are used in a strictly limited manner to the extent necessary for the safe and efficient navigation of the sites. The storing of session cookies in terminals or browsers is under the user's control, while on servers, at the end of HTTP sessions, information relating to cookies are stored in the service logs, with a storage period of no more than seven days in any case, like the other browsing data)

The possible collection of individual personal data (name, e-mail, address, etc.) for the purpose of providing a service is followed by specific summary information (disclaimer) containing the information required by law. Failure by the user to enter compulsory data will make it impossible to provide the requested service..

Processing procedure

Data are processed mainly by electronic and computerised means, stored on both computerised and paper media in compliance with security measures. Technical and organisational security measures have been taken in order to guarantee data security, like the use of firewalls, secure server systems, encryption, careful selection of the persons in charge of data processing and other reasonable measures of a technical nature to ensure that your personal data is appropriately protected against unauthorised use or disclosure.

The data are stored for the time strictly necessary to fulfil the purposes for which they were collected and, in any case, no longer than the storage periods provided for by the current legislation.

Rights of the parties concerned

At all times, the data subject may exercise, pursuant to the national legislation in force and Articles 15 to 22 of EU Regulation 2016/679, the right to:

  • request confirmation of the existence or otherwise of their personal data;
  • obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the storage period
  • obtain the rectification and deletion of data;
  • obtain processing restriction;
  • obtain the portability of the data, i.e., receive them from a data controller, in a structured, commonly used and machine-readable format, and transmit them to another data controller without any hindrance
  • object to the processing of data at any time and also in the case of processing for direct marketing purposes;
  • object to an automated decision-making process concerning natural persons, including profiling;
  • to request from the Data Controller access to and rectification or deletion of the personal data concerning him or her or to object to their processing, in addition to the right to data portability
  • withdraw consent at any time without prejudice to the lawfulness of the processing based on the consent given before the revocation;
  • file a complaint with a supervisory authority.