Privacy Policy

Dear Data Subject, we at S.O.G.E.O. srl Impresa Sociale have a great respect for the privacy of Users. The data that will be possibly communicated by the User through the Website will be treated with the utmost care and with all the instruments necessary to guarantee their security, in full compliance with the rules and regulations in force in terms of the protection of confidentiality. We wish to inform you that the “European Regulation 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data” (hereafter “GDPR”) provides for the protection of natural persons in relation to the processing of personal data as a fundamental right. According to article 13 of the GDPR, we therefore inform you that:


The data undergoing processing may be your personal data such as:

  • a. Data collected automatically
    The IT systems and the applications dedicated to the operation of this website detect, during their normal operation, certain data (whose transmission is inherent in the using of Internet communication protocols) potentially associated with identifiable users. The collected data include the IP addresses and the domain names of the computers used by the users who connect to the site, the URI (Uniform Resource Identifier) addresses of the requested resources, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (success, error, etc.) and other parameters concerning the operating system, the browser and the computer environment used by the user, name of the Internet service provider (ISP), date and time of visit, web page of origin of the visitor (referral) and exit.
  • b. Data provided voluntarily by the user
    The voluntary and explicit sending of emails to the addresses indicated in the different access channels of this site does not imply a request for consent and involves the acquisition of the address and data of the sender, necessary to respond to requests, as well as any other data personal data included in the message. These data are voluntarily provided by the user at the time of requesting the provision of the service. By inserting a comment or other information, the user expressly accepts the privacy policy, and in particular agrees that the contents included are freely disseminated to third parties. On the contrary, specific summary information will be shown or displayed on the pages of the site prepared for particular services on request (form). The user shall therefore explicitly consent to the use of the data reported in these forms in order to send the request.
  • c. Cookies
    The site uses cookies. The data collected through cookies can be used to access parts of the site or for statistical purposes or to make the browsing experience more enjoyable and more efficient in the future, trying to assess the user behaviour and change the offer contents according to it. For more information, a special cookie policy is available.
  • d. Plug-in
    The site also incorporates plug-ins and/or buttons for social networks, so that contents can easily be shared on your favourite social networks. These plug-ins are programmed so as not to set any cookies when accessing the page, to safeguard the privacy of users. Cookies are possibly set, if so provided by social networks, only when the user effectively and voluntarily uses the plug-in. Please note that if the user browses while he/she is logged into the social network, then he/she has already consented to the use of the cookies conveyed through this site at the time of registration to the social network. The collection and use of the information obtained through the plug-in are governed by the respective privacy policies of the social networks, to which reference should be made.


The Data Controller is S.O.G.E.O. srl Impresa Sociale located in L.go Visconti 4 – 22012 Cernobbio, Como – P.I. 03200630139, contactable by phone at no. 031 3347503 or by email at


The personal data held by the Data Controller are collected directly from the data subject.


The processing of your data has the following purposes and legal basis:

1. For the data collected automatically, the legal basis is the legitimate interest of the Controller and the purpose is to guarantee and improve the web browsing experience.

2. For the data provided voluntarily by the user, the legal basis is the consent and, for sending emails to our addresses, the purpose is to be able to send answers to specific requests made by the user; for the forms the purpose is indicated in the specific notice.

3. For cookies and plug-ins: Please see the specific cookies policy.


Within the scope of the indicated processing purposes, your data may be disclosed to partners, consulting firms, private companies, third party technical service providers, hosting providers, IT companies, communication agencies, and so on.


This site may share some of the data collected with services located outside the European Union area. The transfer of data is permitted by virtue of an adequacy decision issued by the European Commission.


According to the data storage limitation principle (art.5, GDPR), the verification of the obsolescence of the data stored in relation to the purposes for which they were collected is carried out periodically. In particular:

a) The data collected automatically are processed, for the period of time strictly necessary, only to obtain statistical information on the use of the site and to check its regular functioning, even for security purposes or according to the deadlines laid down by law.

b) The data provided voluntarily by the user will be kept for no longer than it is necessary for the purposes for which they are processed or according to the deadlines laid down by law.


The data subject has always the right to request from the Controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing, as well as the right to data portability, the right to withdraw consent claiming these and other rights provided by the GDPR through a simple communication to the Controller. The data subject shall have the right to lodge a complaint with a supervisory authority.


The provision of your data is mandatory during the navigation of our website regarding points D.1 and D.2 of the aforementioned purposes, to allow the correct service provision. The consent to the processing of your data under point D.3 is optional and will not compromise the service provision in any way.


The personal data you provided will undergo the processing in compliance with the aforementioned regulations and the confidentiality obligations central to the Controller’s activity. The data will be processed both with IT tools and on paper and any other type of appropriate support (e.g. cloud systems, filing systems, digital replacement conservation and so on), in compliance with appropriate technical and organizational security measures under the GDPR.


The notice is provided only for this website and not for other websites that may be consulted by the user through links contained on this site. The notice may undergo changes due to the introduction of new rules in this regard, therefore the user is invited to periodically check this page to stay up to date on the latest legislative news. The previous versions of this notice can always be requested from the Data Controller.


The Data Controller is not required to appoint a DPO and therefore they did not proceed to do so. For any clarification concerning the protection of your privacy, the Data Controller can be contacted at the e-mail address: