Privacy & Cookie policy



Dear User,

according to Art. 13 of the European Regulation 679/2016 (General Data Protection Regulation – GDPR) SG Company S.p.A. intends to inform you that processing of your data will be carried out in accordance with the principles of lawfulness, fairness, tranS.p.A.rency, accuracy, purpose and storage limitations, data minimisation, integrity and confidentiality. Your personal data will be processed in accordance with the legislative provisions of the Applicable Law and of the confidentiality obligations included therein.



The data controller of the processing activates carried out through the Website is SG Company S.p.A. ,with registered offices in Corso Monforte 20 – 20145 Milan (Italy) (hereinafter only “SG Company S.p.A. ” or “DATA CONTROLLER”),



Pursuant to Art. 24 e Art. 37 of Data Protection Regulation UE 679/2016, SG Company S.p.A. has appointed a Data Protection Officer (DPO) who is freely contactable for any information relating to the processing of personal data at the following address:



“Personal Data” means any information relat to an identified or identifiable natural person (‘data subject’). An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, mental, economic, cultural or social identity of that natural person. The entry of data for access to this site involves their acquisition for the purposes indicated below. The User / Customer is clearly free to choose whether to provide their data, inserting them in the appropriate forms for registration.


By means of the Website, SG Company S.p.A.  collects the following Personal Data:

  • Navigation data – The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. Such information, by their very nature, could allow you to identify yourself as a user through processing and association with other data, although they are not collected for the purpose of association with identified users. These types of information may include IP addresses and other potentially identifying parameters of your IT environment. The data just mentioned are used exclusively for statistical purposes on navigation within the site and its proper functioning, also are used anonymously.
  • Data provided voluntarily by the User / Customer – The optional, explicit and voluntary sending of e-mails to the addresses indicated on this site entails the subsequent acquisition of the sender’s address, necessary to respond to requests, as well as any other personal data entered in the missive. The voluntary compilation of the forms on the site involves the acquisition of the data of the User/Customer. Specific summary information will be progressively reported or displayed on the pages of the site prepared for particular services on request. We invite our Users / Customers, in their requests for services or in their queries, not to send names or other personal data of third parties, which are not strictly necessary.
  • Personal data – Personal data relatied to users of the site and to customers who provide them through other channels may be used in order to obtain anonymous statistical information on the use of the site, to check its correct functioning and for the assessment of any liability in case of offenses committed against the site, the owner or third parties. During the provision of services, our company could process personal data (Article 4), Particular Data (Article 9 such as, by way of example but not limited to, data on food intolerance, allergies, health status that implies reduced mobility, etc.) and Judicial Data (Article 10 such as, but not limited to, pending charges necessary for the request of travel visa, etc.). Regarding the data referred to in Art. 4 processing is necessary for the execution of the contractual relationship between the parties. With regard to data Art. 9 and Art. 10, specific consent will be required during registration.


The operations carried out involve the collection, storage and processing of personal data, for the following purposes:

  • Access and navigation on the site
  • Activities preliminary to the conclusion of the contract
  • Provide the User / Customer with the services and information requested
  • Activities related to the execution of the contract itself, such as legal, operational and management needs – within the limits established by laws or regulations – necessary for the operational and administrative activity of our Company
  • Legal obligations related to tax and accounting and to administrative management of the contract
  • Tax requirements, payment of the service provided and application of laws and regulations
  • Processing in aggregate and exclusively anonymous form for statistical-comparative purposes
  • Operations of a commercial or promotional nature


The computer systems and software procedures used to operate our website acquire some personal data whose transmission is implicit in the use of internet communication protocols. Therefore, the access to the site implies the acquisition by the Data Controller of information and data concerning the User / Customer. The provision of data in the registration forms and information request, is optional as they are data collected by the Data Controller to make optimal the performance of his activities. The refusal to provide this data could make it impossible to send any information of an organizational, technical and commercial nature, or to obtain what requested.



The processing related to the consultation of the site takes place at the headquarters of SG Company S.p.A. . We would like to inform you that the data in our possession will be processed in written form and / or on paper, magnetic, electronic or telematic support, with appropriate tools to guarantee the confidentiality and security of the same in accordance with the provisions of EU Regulation 679/2016 (with particular reference to Articles 24, 32 and 35). The data will be processed with lawfulness, fairness, tranS.p.A.rency, and protection of privacy and rights of the User / Customer only by personnel directly authorized by the Data Controller, or by the Data Processors specifically appointed pursuant to Art. 28 of EU Regulation 679/2016 (list available from the Data Controller), in close relation to the purposes specified above.


The data of the “registered” Users / Customers may be communicated to third parties who provide the goods / services available on the site as well as to third parties carrying out data analysis activities for statistical purposes and in any case within the limit of the purposes above described. This communication can be made to subjects allocated on the national territory, and to subjects allocated abroad in countries belonging to and not to the European Union, pursuant to Articles 44, 46 and 49 Paragraph 1 Lett. a) and c) of the Regulation EU 679/2016. Further details may be requested to the Data Controller.


The data may also be disclosed to third parties responsible for maintaining the site. No personal data acquired from the site will be disseminated. No data profiling activities are performed. The data will be stored for a period not exceeding that necessary for the purposes for which they were collected or subsequently processed, according to the applicable provisions of law.



Cookies are small text files that the sites visited by the users send to their terminals, where they are stored to be re-transmitted to the same sites on a later visit. Cookies are used for different purposes: execution of authentications, monitoring of sessions, storage of information regarding specific configurations by users who access the server, storage of preferences, profiling, etc…



The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or not of the data and to know its content and origin, verify its accuracy or request its integration or update, or the correction, cancellation or limitation, or to oppose their treatment, to file a complaint with the supervisory authority pursuant to art. 15 of EU Regulation 679/2016. Furthermore, pursuant to articles 16, 17, 18, 19, 20, 21 and 22 of the same EU Regulation 679/2016, the interested party has the right to request rectification, cancellation (right to be forgotten), limitation treatment, notification in case of rectification or deletion of personal data or limitation of processing, data portability, transformation into anonymous form or blocking of data processed in violation of the law, and to oppose in any case, for legitimate reasons, to their treatment.


To exercise these rights, you can contact the Data Controller as indicated above.

This privacy statement may be subject to updates or changes, in particular following the entry into force of new directives of the competent authority.