Information on the processing of personal data pursuant to articles 12 and ss. of Regulation (EU) 2016/679

The Regulation (EU) 2016/679 ("General Data Protection Regulation"), hereinafter the "GDPR" provides for the protection of individuals with reference to the processing of their personal data. According to this legislation, the processing of personal data relating to a person, specifically to be defined as "interested", is based on principles of correctness, lawfulness and transparency, as well as the protection of the privacy and rights of the interested party.
This is to inform you, in compliance with the aforementioned rule, that in relation to the relationship or relationship you have with our structure, as a Customer, our organization is in possession of some data relating to you, which have been acquired, even verbally , directly or through third parties who carry out operations concerning you or who, to satisfy your request, acquire and provide us with information. Pursuant to the GDPR, since these data are information that refer to you, they must be qualified as "personal data", and must therefore benefit from the protection provided by these provisions. Specifically, according to this legislation, you are the data subject who benefits from the rights established to protect your personal data. Pursuant to art. 12 and ss GDPR, our structure, as Data Controller, will process the personal data you have provided in compliance with the law, with the utmost care, implementing effective management procedures and processes to ensure the protection of the processing of your personal data. To this end, the writer, using material and management procedures to safeguard the collected data, undertakes to protect the information communicated, in order to avoid unauthorized access or disclosure, as well as to maintain the accuracy of the data and also to guarantee the use appropriate of the same.
As Data Controller, the Company uses your personal data to operate at its best in the exercise of its high-tech data processing center. The following data may be requested, even if only partially:
personal data, tax code, VAT number, name, registered office, residence and domicile and contact details;
data relating to the contractual relationship describing the type of contract, as well as information relating to its execution and necessary for the fulfillment of the contract itself;
accounting data relating to the economic relationship, the sums due and payments, their periodic trend, the summary of the accounting status of the relationship;
data to make the relationship with our structure more defined and our collaboration and operational efficiency more effective;
data relating to: your employees and / or collaborators, information on your profession or your company.

Retention times of your data

The collected data will be kept for the entire duration of the relationship or collaboration with our organization and for 10 years from the date of termination of the relationship or, if the processing is aimed at commercial activities, for 5 years from the collection. If data not related to the administrative and accounting obligations connected to it are processed during the contractual relationship, such data will be kept for the time necessary to achieve the purpose for which they were collected and then deleted. The retention times of such data will be communicated to you when such data is collected with specific information.

Compulsory or optional nature of providing data and consequences of any refusal

The essential data for carrying out the contractual relationship must be provided to the writer, as well as the data necessary to fulfill the obligations established by laws, regulations, community regulations, or by provisions of Authorities legitimated by the law and by supervisory bodies and control. Non-essential data for the performance of the contractual relationship must be qualified and considered additional information and their provision, if requested, is optional. Your refusal to provide such data, however, will result in our structure less efficient in carrying out relations with third parties.
In the event that "sensitive data or the processing of which presents specific risks" are essential for the performance of the relationship or for the performance of specific services as well as legal obligations, the provision of such data will be mandatory and since their processing is permitted only with the prior written consent of the interested party (pursuant to articles 9 and 10 GDPR), you must also consent to their treatment.

Processing methods

Pursuant to and for the purposes of articles. 12 and ss. of the GDPR, we wish to inform you that the personal data communicated by you will be recorded, processed and stored in our archives, both paper and electronic, in compliance with the appropriate technical and organizational measures pursuant to art. 32 of the GDPR. The processing of your personal data may consist of any operation or set of operations among those indicated in art. 4, paragraph 1, point 2 of the GDPR. The processing of personal data will take place through the use of tools and procedures suitable for guaranteeing security and confidentiality and can be carried out, directly and / or through delegated third parties, either manually by means of paper supports, or by means of computer or electronic tools. The data, for the purposes of the proper management of the relationship and the fulfillment of legal obligations, may be included in the Owner's own internal documentation and if necessary also in the records and registers required by law.

Activities possibly entrusted to third parties

The Data Controller, in carrying out its business, may occasionally request other operators to carry out certain ancillary services on its behalf, such as, for example, necessary services for the execution of operations specifically requested by the interested party; accounting records; administrative activities. If the operator delegated by the Owner to carry out certain activities was a company that performs payment services, tax collection and treasury, banking and financial intermediation, the following services could be carried out: massive operations relating to payments, bills, checks and other securities; transmission, enveloping, transport and sorting of communications; archiving of documentation, detection of financial risks; fraud control; credit recovery. The above operators will only be provided with information necessary for the provision of the commissioned services and will be required to respect confidentiality, prohibiting the use of the data provided for a purpose other than that agreed. Operators who are not appointed by us for the processing of personal data will be appointed as Data Processors (pursuant to Article 28 of the GDPR) and will process the data within the limits strictly necessary to provide the commissioned service and exclusively for this purpose and they will guarantee themselves that their agents have signed a confidentiality agreement. Although not indicated here, these subjects must provide specific information on the processing of personal data they carry out. Transfer of personal data abroad - The data you provide will be processed only in Italy. If your data are processed in a non-EU state during the contractual relationship, the rights attributed to you by EU legislation will be guaranteed and you will be promptly notified.

Purpose of the processing for which the personal data

Purpose of the processing for which the personal data are intended
The main purpose of the processing of your personal data that the writer intends to carry out is to allow an establishment and / or evolution in compliance with the rules and "compliance", as well as a correct and transparent administration of the relationship between our structure and the interested. In particular, the purposes of the processing are as follows:

Statistical, economic and financial analysis and risk analysis;
Services and fulfillment of tax and / or accounting obligations;
Customer management (customer administration; administration of contracts, orders, shipments and invoices; reliability and solvency control);
Management of commercial marketing activities (market analysis and surveys);
Promotional activities;
Detection of the degree of customer satisfaction.
Personal data will be processed for the fulfillment of legal obligations, as well as to fulfill administrative, insurance and tax obligations required by current legislation and also to satisfy accounting and commercial purposes, or to be able to regularly fulfill contractual and legal obligations deriving the legal relationship with the interested party. Furthermore, the data provided may possibly also be used to contact the data subject in the context of market research regarding products or services or in the context of offers or commercial campaigns. In any case, the interested party may freely choose not to give his consent for these purposes and also indicate how to be contacted or with which to receive commercial information.

Scope of knowledge of your data

The following categories of persons appointed as responsible or in charge of the processing by the writer may become aware of your data: Employees or collaborators in general; Consultants appointed for consultancy, assistance or services to our structure; Managers and administrators; Our agents, representatives and distributors. Personal data may also be known by subjects affiliated with the writer, indicated in the paragraph entitled "Processing methods". The writer can delegate to these subjects the execution of certain obligations or the performance of particular acts due for the execution of the relationship with the interested party.

Communication and dissemination: Your data may be communicated, meaning by this term the disclosure of it to one or more specific subjects, by the writer outside the company to implement all the necessary legal and / or contractual obligations. In particular, your data may be disclosed to:
a) other partner companies, including parent companies, subsidiaries and associates;
b) Public Bodies or Offices or supervisory authorities according to legal and / or contractual obligations;
c) banks and / or credit institutions for the management of payments deriving from the contractual relationship.

Your data may be communicated by the writer:

to subjects who can access the data by virtue of the provision of law, regulation or community legislation, within the limits set by these rules
to subjects who need to access your data for purposes auxiliary to the relationship between you and our services, within the limits strictly necessary to carry out the auxiliary tasks (credit institutions and freight forwarders are mentioned as an indication);
to our consultants and / or professionals, within the limits necessary to carry out their assignment at our or their organization, subject to our appointment as a manager who imposes the duty of confidentiality and security.


The writer will not indiscriminately disclose your data, or in other words, will not disclose it to undetermined subjects, even by making it available or consulting. Trust and confidentiality - The writer considers the trust shown by the interested parties who have consented to the processing of their personal data to be precious and for this he undertakes not to sell, rent or rent personal information to others.

Rights referred to in articles 15 et seq. GDPR

Pursuant to art. 15 GDPR You have the right to obtain confirmation of the existence or otherwise of the processing of personal data concerning you, even if not yet registered. The exercise of rights is subject to ascertaining the identity of the interested party, by delivery of the identity document, which will not be kept by the writer, but only consulted for the purpose of verifying the legitimacy of the request. You have the right to access personal data and the following information:
a) the purposes of the processing;
b) the categories of personal data being processed;
c) the recipients or categories of recipients to whom the personal data have been or will be communicated, in particular if they are recipients of third countries or international organizations;
d) when possible, the retention period of the personal data envisaged or, if not possible, the criteria used to determine this period;
e) if the data are not collected from the data subject, all available information on their origin;
f) the existence of an automated decision-making process, including the profiling referred to in Article 22, paragraphs 1 and 4, and, at least in such cases, significant information on the logic used, as well as the importance and expected consequences of such processing for the interested party.

If the data is transferred to a third country or to an international organization, you have the right to be informed of the existence of adequate guarantees pursuant to art. 46 of the GDPR. You have the right to ask the data controller to correct or cancel, even partially, personal data or limit the processing of personal data concerning you or to oppose, in whole or in part, their processing.
To exercise these rights, you can contact our Structure "Data Controller" at The Data Controller will reply to you within 30 days of receiving your formal request.
We remind you that in the event of a breach of your personal data, you can lodge a complaint with the competent authority: "Guarantor for the protection of personal data".

Identification of the Data Controller and, if designated, of the Representative in the territory of the State and of the Data Protection Officer (DPO)

The data controller is the undersigned Company, for organizational reasons regarding the GDPR we are always reachable through Mail:

Responsible for the treatment
External companies with which a contractual work / collaboration relationship has been established and which need to receive your personal data to fulfill these agreements play the role of Data Processors. To know the Data Processors if they were appointed by the Data Controller and to know the people who will be appointed in the future for this function, any interested party may send an explicit request letter to the Data Controller, at the above address. It is intended to clarify that the aforementioned Managers do not deal with the requests for the exercise of the rights of the interested parties referred to in Articles. 15 and ss. of the GDPR. This activity is carried out exclusively by the writer as the Data Controller.

Representative established in the territory of the State
We inform you that our organization pursuant to art. 4 paragraph 1 point 17 of the GDPR, since there are no circumstances provided for by the aforementioned Regulation, which requires this appointment, it has not appointed any Representative established in the territory of the State for the purposes of applying the regulations on the processing of personal data.

Processing without the need for the consent of the interested party
It should be noted that the writer, even without your consent, will be entitled to process your personal data if this is necessary for:
fulfill an obligation established by law, by a regulation or by community legislation;
perform obligations deriving from a contract to which you are a party or to fulfill, before the conclusion of the contract, specific requests of yours.
Furthermore, your express consent is not required when the processing:
a) concerns data from public registers, lists, deeds or documents that can be known by anyone, without prejudice to the limits and procedures established by laws, regulations or community legislation for the disclosure and publicity of data or data relating to the performance of activities economic, processed in compliance with current legislation on business and industrial secrecy;
b) it is necessary for the protection of the life or physical safety of a third party (in this case, the owner is required to inform the interested party of the processing of personal data through the information also after the processing itself, but without delay. In this case, therefore, consent is expressed following the presentation of the information);
c) with the exclusion of dissemination, it is necessary for the purposes of carrying out the defensive investigations pursuant to law no. 397, or, in any case, to assert or defend a right in court, provided that the data are processed exclusively for these purposes and for the period strictly necessary for their pursuit, in compliance with current legislation on business and industrial secrecy;
d) with the exclusion of disclosure, it is necessary, in the cases identified by the Guarantor on the basis of the principles established by law, to pursue a legitimate interest of the owner or a third party recipient of the data, also with reference to the activity of banking groups and companies controlled or connected, if the fundamental rights and freedoms, dignity or legitimate interest of the data subject do not prevail.

Collected data

The data collected by this Web Application independently or through third parties in their capacity as "users", are public domain data accessible by anyone who is interested. Among the Personal Data of the "users" there are the Email, Name and Surname and Password.

Other Personal Data collected may be indicated in other sections of this privacy policy or by means of information texts displayed together with the collection of the Data.

The Personal Data of "users" can only be entered with the will expressed by the User who declares to have read this Privacy Policy and gives consent to the processing of data.

Any use of Cookies - or other tracking tools - by this Application or by the owners of third party services used by this Application, has the purpose of identifying the User and recording the related preferences for purposes strictly related to a better and efficient provision of the service requested by the User. Failure by the User to provide certain Personal Data may prevent this Application from providing its services.

The User assumes responsibility for the Personal Data of third parties published or shared through this Application and guarantees to have the right to communicate or disseminate them, freeing the Owner from any liability to third parties.

Method and place of processing of the collected data

Processing methods

The Data Controller processes Users' Personal Data by adopting appropriate security measures to prevent unauthorized access, disclosure, modification or destruction of Personal Data.

The data is stored in the databases of Google Inc, a web company that guarantees privacy pursuant to the European Regulation on the protection of personal data. The processing is carried out using IT and / or telematic tools, with organizational methods that are arranged by the services of Google Inc. and with logic strictly related to the purposes indicated. In addition to the Data Controller, in some cases, categories of employees involved in the organization of the site (administrative, commercial, marketing, legal, system administrators, programmers) or external subjects (such as third party technical service providers, hosting providers, IT companies, communication agencies) who are also appointed, if necessary, as Data Processors by the Data Controller. The updated list of Managers can always be requested from the Data Controller at any time by Users and by the Guarantor Authorities.

The data that are released to the owner with the express consent of the user are stored in the European servers of Google Inc. The data are processed at the operational headquarters of the owner and in any other place where the parties involved in the processing are located. For more information, contact the owner.


The Data is processed for the time necessary to perform the service requested by the User, or required by the purposes described in this document, and the User can always request the interruption of the processing or the cancellation of the Data.

Purpose of processing the collected data

The Data collected by the User is collected to allow the Owner to provide its professional services, as well as for the following purposes: Economic and financial analysis and Statistical Analysis. Address management and sending of email messages, Interaction with external social networks and platforms, Statistics, and Contacting the User to update him on professional technical news, Remarketing and Behavioral Targeting, Content commenting, Payment Management and SPAM Protection.

The types of Personal Data used for each purpose are indicated in the specific sections of this document.

Details on the processing of Personal Data

Personal Data is collected for the following purposes and using the following services:

Access and use the services of the web application that is made available to carry out "Financial Statements Analysis" of companies that have submitted the financial statements of the following types to the Italian Chamber of Commerce (Financial statements in ordinary form, Financial statements in abbreviated form and financial statements in the form of a micro enterprise) in the standard XBRL format.
Content commenting: Commenting services allow Users to make and publish their comments on the content of this Application. Users, depending on the settings decided by the Owner, can also leave comments anonymously. If there is an email among the Personal Data released by the User, this could be used to send notifications of comments regarding the same content. Users are responsible for the content of their comments. In the event that a comment service provided by third parties is installed, it is possible that, even if the Users do not use the comment service, it collects traffic data relating to the pages in which the comment service is installed. .
Address management and sending of email messages: These services allow you to manage a database of email contacts, telephone contacts or contacts of any other type, used to communicate with the User. These services may also allow the collection of data relating to the date and time the messages are displayed by the User, as well as to the User's interaction with them, such as information on clicks on links inserted in messages.

Interaction with external social networks and platforms through our Site

These services allow interaction with social networks, or other external platforms, directly from the pages of this Application.

The interactions and information acquired by this Application are in any case subject to the User's privacy settings relating to each social network.

In the event that an interaction service with social networks is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.

+1 button and Google+ social widgets (Google)

The +1 button and Google+ social widgets are interaction services with the Google+ social network, provided by Google Inc.

Personal data collected: Cookies and Usage data.

Place of processing: USA / EU - Privacy Policy

Like button and Facebook social widgets (Facebook)

The "Like" button and Facebook social widgets are interaction services with the Facebook social network, provided by Facebook Inc.

Personal data collected: Cookies and Usage data.

Place of processing: USA / EU - Privacy Policy

Tweet button and Twitter social widgets (Twitter)

The Tweet button and Twitter social widgets are interaction services with the Twitter social network, provided by Twitter Inc.

Personal data collected: Cookies and Usage data.

Place of processing: USA / EU - Privacy Policy

SPAM protection

These services analyze the traffic of this Application, potentially containing Users' Personal Data, in order to filter it from parts of traffic, messages and contents recognized as SPAM.


These services allow you to use User Data for commercial communication purposes in various forms of advertising, such as banners, also in relation to the User's interests.

This does not mean that all Personal Data is used for this purpose. Data and conditions of use are indicated below.

Some of the services listed below may use cookies to identify the user or use the behavioral retargeting technique, ie display personalized advertisements based on the interests and behavior of the user, also detected outside this application. For more information on this, we suggest you check the privacy policies of the respective services.

Facebook Custom Audience (Facebook)

Facebook Custom Audience is a Remarketing and Behavioral Targeting service provided by Facebook Inc. that connects the activity of this Application with the Facebook advertising network.

Personal data collected: Cookies and Email.

Place of processing: USA - Privacy Policy 


The services contained in this section allow the Data Controller to monitor and analyze traffic data and are used to keep track of User behavior.

Google Analytics (Google)

Google Analytics is a web analysis service provided by Google Inc. ("Google"). Google uses the Personal Data collected for the purpose of tracking and examining the use of this Application, compiling reports and sharing them with other services developed by Google.

Google may use the Personal Data to contextualise and personalize the advertisements of its own advertising network.

Personal data collected: Cookies and Usage data.

Place of processing: USA - Privacy Policy - Opt Out

Google AdWords conversion tracking (Google)

Google AdWords Conversion Tracking is a statistics service provided by Google, Inc. that connects data from the Google AdWords ad network with actions performed within this Application.

Personal data collected: Cookies and Usage data.

Place of processing: USA - Privacy Policy

Facebook Ads conversion tracking (Facebook)

Facebook Ads conversion tracking is a statistics service provided by Facebook, Inc. that connects data from the Facebook ad network with actions performed within this Application.

Personal data collected: Cookies and Usage data.

Place of processing: USA - Privacy Policy

Viewing content from external platforms

These services allow you to view content hosted on external platforms directly from the pages of this Application and interact with them.

If a service of this type is installed, it is possible that, even if the Users do not use the service, it collects traffic data relating to the pages in which it is installed.

Google Fonts (Google)

Google Fonts is a font style visualization service managed by Google Inc. that allows this application to integrate such content within its pages.

Personal data collected: Cookies and Usage data.

Place of processing: USA - Privacy Policy

UNIGIRO Fintech: Key Performance Indicators XBRL Data Analytics Engine.

MONITORIG ENTERPRISE CREDIT RISK: ein XBRL-Toolkit in einem diagramm mit indikatoren die zum vershtändnis und zur vorhersage von situationen mit finanzieller belastung und mehr nützlich sind

uniGiro Broschüre



Allgemeine Information