INFORMATION ABOUT THE PROCESSING OF PERSONAL DATA

of users who consult the website of Green Arrow Capital SGR S.p.A.

Pursuant to Regulation EU 2016/679 Article 13

INTRODUCTION

Pursuant to Regulation EU 2016/679 (hereinafter “Reg. EU 2016/679” or “GDPR“) this page describes how the personal data of users who consult the website of Green Arrow Capital SGR S.p.A. (below the “SGR“) accessible at https://www.greenarrow-capitalsgr.com/ are processed.

This information does not apply to other sites, pages or online services that can be reached by hyperlinks that may be published on the site but relate to resources outside the SGR domain.

DATA CONTROLLER

Data relating to identified or identifiable individuals may be processed as a result of the consultation of the above site.

The data controller (i.e. the individual/entity that determines the purposes and the means of the processing of personal data) is Green Arrow Capital SGR S.p.A., with registered offices in Rome, Via Parigi, 11 (e-mail: privacy@gacsgr.com – certified e-mail: greenarrowcapitalsgr@legalmail.it).

DATA PROTECTION OFFICER

The Data Controller did not identify the figure of the Data Protection Officer (RPD or DPO), as he is not subject to the designation requirement provided by art. 37 of the GDPR. However, the SGR has designated an Internal Privacy Contact, which can be reached at privacy@gacsgr.com.

LEGAL BASIS OF TREATMENT

Personal data provided by users who make requests or intend to use services or products offered through the SGR website, as well as receiving additional specific content, are used for the sole purpose of responding to their requests or running the required service and are communicated to third parties only if it is necessary for this purpose. The legal basis for these treatments is the need to respond to the requests of the interested persons or carry out activities provided by the agreements defined with the interested person.

With the expressed consent of the user, data may be used for commercial communication activities relating to the holder’s additional product or service offerings. The legal basis for this treatment is the consent freely expressed by the interested person.

Outside of these assumptions, users’ browsing data is retained for the time necessary to manage treatment activities in the limits of the law.

DATA TYPES AND FINALITY OF TREATMENT

Green Arrow Capital SGR does not require users to provide their personal data to consult the Site.

COOKIES

Cookies are text files that the servers of visited websites can store in the memory of the devices used by the user (PC, smartphone, tablet). The information contained in the cookies is then resent to the servers when the user revisits the same websites.

Cookies can be stored permanently until they expire (so-called persistent cookies), but can also be removed by closing the browser or be stored for a limited period of time only (so-called session cookies).

In the same way, cookies can be installed by the website being visited (so-called first party cookies), but also by other websites (so-called third party cookies) and are used to perform computer authentications, monitor sessions and store information on the activities of users that access a particular website. According to the purposes for which they are used, cookies fall into the following categories:

• Browser and functional cookies: used respectively for authentication purposes and to enhance the experience of the user (e.g. storage of language preferences);
• Analytics cookies: used by the website manager to collect information on the users that visit the website;
• Profiling cookies: used for advertising purposes to send messages in line with the preferences expressed by the user when surfing the web;
• Social Cookies: used to allow interaction with social networks.

As per the general provision of the Italian Data Protection Authority of 8 May 2014 on the “Identification of the Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies”, the following are considered technical cookies, and thus, on the basis of the laws in force it is not necessary to acquire the consent of the user for their installation:

• Browser and functional cookies;
• Analytics cookies.

FIRST-PARTY TECHNICAL COOKIES

This Website uses the following kinds of first-party cookies:

1. a) session cookies: fundamental for allowing the user to navigate normally within the Website and make use of the related services correctly. They are not stored on the computer of the user, and are erased when the browser is closed;
2. b) functional cookies: aimed only at improving and speeding up browsing on the Website, through the storage of certain selections made by the user (such as language preferences).

Therefore, these are tools used by the Data Controller to ensure, for example, efficient browsing, session stability, continued log-in settings and the pre-selection of the browsing country. They are also used to remember the choices made by the user, in anonymous form, with regard to the viewing of certain page elements, such as, for example, information and communication banners.

As already specified, the use of cookies and the processing activities connected to them do not require the prior consent of the user. The possibility remains, in any case, for users to prevent the installation of these technical cookies at any time using the settings on their browsers, as indicated later in this policy. However, such a choice could complicate, slow down and sometimes block browsing on the Website, and more generally, the Internet.

THIRD-PARTY TECHNICAL COOKIES

The Website also uses cookies not managed and controlled by the Data Controller, as they belong to third parties.

More specifically, these are Google Analytics cookies, a web analytics service provided by Google, Inc., which uses the cookies to collect information on how users use the Website (number of visitors, pages visited, time spent on the website, conversions, etc.) anonymously and in aggregate form.

This information is used, generally, to improve the functions of the Website, allowing, for example, any errors detected by users to be registered and thus guaranteeing smoother and more immediate browsing.

However, it cannot be ruled it, as this is an activity beyond the control of the Data Controller, that Google may expand or cross-reference the information obtained via these cookies – which the browser of the user sends to Google in the United States according to the related terms of service – with other data at its disposal, for purposes beyond the scope of this policy.

SGR does not use (and does not allow third parties to use) the Google analytics tool to monitor or collect the personal identification information of users. Google does not associate the IP address of users with any other data held by Google, nor does it attempt to link an IP address with the identity of a computer user.

To deactivate the installation of this type of cookie, please follow the procedures indicated in the following links:

• Privacy Policy of Google Analytics;
• Deactivation of Google Analytics cookies.

Several functions of the Website, such as videos, photographs or social widgets (Facebook, Twitter, Pinterest, Linkedin, AddThis) are hosted on external platforms. It is possible that these third parties collect data also if the users do not make use of the service. SGR has no access to the data that has been collected and processed in complete autonomy by the managers of these platforms.

For more information on the processing methods of the data collected, users are invited to read the information notes on privacy provided by the parties that make the services in question available.

• YouTube/Google USA – Privacy Policy
• +1 button and Google+ (Google Inc.) social widgets. – Privacy Policy
• like button and Facebook (Facebook, Inc.) social widgets.- Privacy Policy
• Tweet button and Twitter social widgets (Twitter, Inc.) – Privacy Policy
• Pin-it button and Pinterest social widgets (Pinterest, Inc.) – Privacy Policy
• Linkedin social widgets (LinkedIn Corporation)– Privacy Policy
• AddThis (Addthis Inc.) – Privacy Policy

HOW TO DISABLE COOKIES

Without prejudice to the right to object to the installation of the cookies as illustrated above, considering that the majority of browsers are programmed in such a way as to accept cookies automatically, the user can choose to not receive them, especially when the third party involved does not offer the possibility of correctly exercising the opt-out option, also by accessing the browser settings and deactivating their use, according to the procedures described at the following addresses:

• Internet Explorer • Mozilla Firefox
• Google Chrome • Apple Safari • Opera

It is to be noted, however, that deactivation of the cookies may complicate browsing on the Internet or hinder the free movement from one page to another and the ability to use of all the functions of the Website.

For more information on cookies, please visit the website www.youronlinechoices.com (limited to the services registered by this platform) to obtain information on how to remove or manage the cookies on the basis of the browser used or to set user preferences for third-party cookies.

INTERESTED PERSON’S RIGHTS

Interested person, may exercise his rights on obtain access to his personal data, to rectify or cancel their treatment or to oppose the treatment (Article 15 and ss. of the Regulation). The appropriate request to the Authority is submitted by contacting the Internal Privacy Contact, which can be reached at the e-mail address privacy@gacsgr.com.

COMPLAINT’S RIGHTS

The client who believe that the processing of personal data reported to them through this site is in breach with the Regulation, have the right to complain to the Control Authority, as required by art. 77 of the Regulation itself, or to take appropriate legal action (Article 79 of the Regulation).