Privacy Policy

Data Controller

COVISIAN S.P.A., with registered office in via dei Valtorta, 47 – 20127 Milano (MI) (“Company”) – email:

The contact details of the company’s DPO are as follows:

Categories of Data Processed

Among the Personal Data collected by this Website (hereinafter, also “Data”), either autonomously or through third parties, there are: IP addresses or domain names of the computers used by the Users who connect to the Website, Usage Data.

Full details on each category of Data collected are provided in the dedicated sections of this Privacy Policy or by means of specific information texts displayed prior to the collection of such Data.

Personal Data may be freely provided by the User or, in the case of User Data, automatically collected during the use of this Web Site.

Unless otherwise specified, all Data requested by this Web Site are mandatory. If the User refuses to provide it, it may be impossible for this Web Site to provide the Service. In cases where this Web Site indicates certain Data as optional, Users are free to refrain from communicating such Data, without any consequences on the availability of the Service or its operation.

Any use of cookies – or of other tracking tools – by this Website or by the owners of third party services used by this Website, unless otherwise specified, is for the purpose of providing the Service requested by the User, in addition to the further purposes described in this document and in the Cookie Policy.

The User assumes responsibility for the Personal Data of third parties obtained, published or shared through this Web Site and warrants that he/she has the right to communicate or disseminate it, releasing the Owner from any liability towards third parties.

Purposes of Data Processing

The User Data are collected to enable the Controller to provide the Service, to comply with legal obligations, to respond to requests or enforcement actions, to protect its rights and interests (or those of Users or third parties), to detect any malicious or fraudulent activities, and for statistical purposes.

Legal basis for processing

The Controller processes Personal Data relating to the User if one of the following conditions is met:

  • the User has given consent for one or more specific purposes (Art. 6(1)(a) GDPR);
  • processing is necessary for the performance of a contract with the User and/or the performance of pre-contractual measures (Art. 6(1)(b), GDPR);
  • processing is necessary for compliance with a legal obligation to which the Controller is subject (Art. 6(1)(c), GDPR);
  • processing is necessary for the pursuit of the legitimate interest of the Controller or a third party (Art. 6(1)(f), GDPR).

However, it is always possible to request the Controller to clarify the concrete legal basis of each processing.

Mode of treatment

The Data Controller takes appropriate security measures to prevent unauthorised access, disclosure, modification or destruction of Personal Data.

The processing is carried out by means of computer and/or telematic instruments, with organisational methods and logics strictly related to the purposes indicated. In addition to the Data Controller, in some cases, other employees involved in the organisation of this Web Site (administrative, sales, marketing, legal, system administrators) or external parties (such as third party technical service providers, hosting providers, IT companies, communication agencies) also appointed, if necessary, as Data Processors by the Data Controller, may have access to the Data. The updated list of Data Processors can always be requested from the Data Controller.


The Data are processed at the operational headquarters of the Data Controller and in any other place where the parties involved in the processing are located.

Retention Period

The Data are processed and stored for the time required by the purposes for which they were collected.

  • Personal Data collected for purposes related to the performance of a contract between the Data Controller and the User will be kept until the performance of such contract is completed.
  • Personal Data collected for purposes related to the legitimate interest of the Data Controller will be kept until that interest is satisfied. The User may obtain further information regarding the legitimate interest pursued by the Controller by contacting the Controller.

When the processing is based on the User’s consent, the Controller may retain the Data until such consent is revoked. The Owner may also be obliged to keep the Data for a longer period in compliance with a legal obligation or by order of an authority.

At the end of the retention period, the Personal Data will be deleted.

User rights

User has the right to ask the Data Controller, in compliance with the conditions set out in the GDPR:

  • The access to the Data concerning you, as well as their rectification;
  • the erasure of the Data;
  • the limitation of the processing;
  • within the limits of the Data processed for contractual purposes and / or based on your consent, and processed with automated methods, to receive such Data in a structured format, commonly used and readable by automatic devices and / or the transmission of the same to another data controller (so-called “portability”).

Right to object: User has the right to object at any time, for reasons related to your particular situation, to the processing of Data by the Company for the pursuit of its legitimate interest and to the processing of your personal data for marketing purposes.

To exercise your rights, please contact the Data controller at the following address:

The exercise of the rights of the data subject is subject to some exceptions, in particular aimed to the safeguard of the public interest (e.g., the prevention or identification of crimes) and/or protecting the Company’s rights. In the event you have exercised any of the aforementioned rights, the Company shall check that you are entitled to exercise it and provide you feedback, normally, within one month.

If you believe that the processing of Data does not comply with the provisions of the GDPR, you also have the right to lodge a complaint to the Supervisory Authority of your Country, or to refer the matter to the appropriate courts.

Cookie Policy

This Website makes use of Tracking Tools. To learn more, the User can consult the Cookie Policy

Amendments to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by notifying Users on this page and, if possible, on this Website.

Last modified: 5 January 2024

Ready to start delivering smiles

Contact us

© Covisian 2024 | All rights reserved
C.F./P.IVA 07466520017 - R.E.A. MI 2112944 - Cap. Soc. € 837.323,04 i.v.