Privacy Policy




As a result of accessing and consulting this website, data relating to identified or identifiable persons may be collected.

The data Processing controller is Covivio S.A. through its Italian branch in Milan, at via Carlo Ottavio Cornaggia, 10 (the “Data Controller”) .

The information applies only to this website and not to other websites accessed via links.


Browsing Data

The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This information is not collected to be associated with identified interested parties but it may, by its very nature, through processing and association with data held by third parties, allow for users to be identified. This category of data includes IP addresses or domain names of the computers used by users who connect to the website, the addresses in URI (Uniform Resource Identifier) notation of the requested resources, the time of the request, the methods used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the response given by the server (successful, error, etc.) and other parameters relating to the user’s operating system and IT environment.

They are also collected other data which are processed for promotional purpose and / or identification of services in line with the user’s preferences.

Data provided voluntarily by users

The optional, explicit and voluntary transmission of e-mail to the addresses indicated on this website involves the subsequent acquisition of the sender’s address, required to respond to requests, as well as any other personal data included in the communication.

Please be informed that the Data Controller  uses “cookie” technology in order to offer the best experience to the visitor in the website use.

Cookies are small files that the website visited by the user sends to the browser, where they are stored before being transmitted back to the website the next visit to the same user. For the policy on the use of cookies please refer to the cookie policy.


Except as specified for browsing data, users are free to provide the personal data contained in any request forms or indicated on the website in order to request the sending of informative material or other communications. Any failure to provide it may involve the impossibility of obtaining what is requested.


The personal data is processed using automated tools for the time strictly necessary to achieve the purposes for which it was collected. Specific security measures are respected in order to prevent the loss of data, its unlawful or incorrect use and unauthorized accesses. The Data Controller , based upon international standard principles, has adopted security measures to reduce to a minimum risks relating to the confidentiality, availability and integrity of the personal data collected and processed.


The data collected may be transferred or communicated to internal collaborators or providers of electronic services for activities strictly connected and instrumental to the purposes for which the data was collected (such as the operation of the Internet service, management of the computer and electronic system, processing of special advisory requests). The personal data provided by users who send a request for inclusion in the list of suppliers and/or for informative materials (brochures, etc.) is used for the sole purpose of implementing the service or requested performance and is communicated to third parties only where this is necessary for that purpose (including companies that provide packaging, labelling, shipping services). Beyond those cases, the data will not be communicated or provided to anyone, except where: 1. there is explicit consent to share the data with third parties; 2. there is the need to share the information with third parties in order to provide the requested service; 3. it is necessary to fulfil requests of the Judicial Authority or Public Safety Authority. No data deriving from the web service is disseminated.


Personal data known as “sensitive” that may be sent to us and is not strictly pertinent to the purposes of the collection, or, in any case, does not contain an explicit and contextual written consent to its processing, will be immediately and definitively deleted. Sensitive data, in accordance with Art. 9, of Regulation (EU) 2016/679, is data able to reveal racial or ethnic origin, religious, philosophical or trade union membership as well as genetic data, biometric data for the purpose of uniquely identifying a  natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.The processing of sensitive data that is not, for the above reasons, immediately deleted will occur in full compliance with the applicable law.


The persons to whom the personal data refers, pursuant to artt.15-22 of Regulation (EU) 2016/679, enjoy the rights listed below:

  • the right to access personal data, which also includes the right to obtain a copy of personal data being processed;
  • the right to receive, in a structured format, of general use, readable by an automatic and interoperable device, personal data concerning the latter;
  • the right to obtain the updating, rectification or supplementing of data;
  • the right to obtain the cancellation, limitation, transformation into anonymous form or blocking of data processed in breach of the law, including data that does not need to be kept for the purposes for which data was collected or subsequently processed;
  • the right to obtain certification that the operations referred to in the preceding points have been brought to the attention, including as regards their content, to those to whom the data have been notified, with the exception of cases in which such fulfilment proves impossible or involves use of means manifestly disproportionate to the protected right;
  • the right to object, in whole or in part, for legitimate reasons, to the processing of personal data concerning it, even if it is relevant to the purpose of collection and to the processing carried out for the purposes established by current legislation.
  • the right to lodge a complaint with the Guarantor of personal data, according to the procedure available on the site ( to complain about a breach of the regulations concerning the protection of personal data and request a review by the Authority.



The Data Controller  regularly verifies its policies relating to privacy and security and, where appropriate, reviews them in relation to regulatory or organizational changes or technological evolutions. Where changes are made to the policies, the new version will be published on this page of the website.


Anyone interested in obtaining further information, contributing their own suggestions or making complaints or disputes in relation to the privacy policies of the Data Controller  or the manner in which the same processes personal data, should write to the Data Protection Officer to the following e-mail address: