Privacy Policy

Privacy Policy pursuant to art. 13 of EU Regulation 2016/679
(Version updated at 25 May 2018)

Dear User,
Caleido S.r.l. is particularly attentive to the aspects concerning the protection of the personal data of its users and this page is intended to describe the methods used to manage its website ( with reference to the processing and protection of personal data of visiting users. This is a general statement made in compliance with EU General Data Protection Regulation 2016/679 “Regulation on the protection of natural persons with regard to the processing of personal data and the free movement of such data (hereinafter referred to as “EU Regulation”) to those who visit Caleido S.r.l.’s website. The simple consultation of this site and signing in may entail the use, deletion and, more generally, the processing of personal data relating to identified or identifiable users. This statement is provided only for the institutional website of Caleido S.r.l. and not for other websites visited by the user through links on its pages for which Caleido S.r.l. has no liability.

Data Controller

The Controller of the data provided by the user is Caleido S.r.l., based at 52/A Via Pablo Neruda, 25020 Flero (BS), VAT no.  02166350179 , Tel. (0039) 0302530054 - Fax (0039) 0302530533 - E-mail
Type of data collected

Browsing data

The computer systems and software programmes used to operate the website gather certain personal data, which is implicitly transmitted when using Internet communication protocols. This is information which, even when it is not gathered to be associated with the identified subjects, could by its very nature, allow users to be identified through the processing and association with data held by third parties. This category of data includes the IP addresses or domain names of the computers used by the users logging onto the site, the notation addresses in the Uniform Resource Identifier (URI) of the requested resources, the time of the request, the method used to send the request to the server, the size of the file obtained in response, the numerical code indicating the server response status (success, error, etc.) and other parameters relating to the operating system and the user’s computer environment.
Data provided voluntarily by the user (Art. 1 of EU Regulation) No personal data is required from users visiting our website. However, the optional, explicit and voluntary sending to the addresses indicated on this site, the inclusion of personal data for filling in the Contact Us form on our site, or the inclusion for signing in the Press Area section entails the acquisition of the sender’s address and data entered by the user, which are required to follow up the user requests.


Additional information on the use of cookies through this website is provided in the cookie policy.

Purpose and legal basis of the processing

The legal basis for the processing of browsing data (point 2, letter a) is to pursue the legitimate interests of the Data Controller in relation to the management of the website, the aim being to: provide access to the site and browsing ;
collect data and information in an exclusively aggregate and anonymous form to verify the correct functioning of the site; collect data and information in order to protect the site security (spam filters, firewall, virus detection) and users; obtain anonymous statistical information on the use of the site. In case of unlawful actions committed against the Site, browsing data could also be used to ascertain responsibility. Any data provided voluntarily by the user (point 2, letter b) by sending spontaneous e-mails to the contacts indicated on this site, the personal data entered in the “Contact Us” form or when signing in the “Press Area” section of our website is processed for the sole purpose of giving feedback to the interested party, rendering the service or the performance requested, including the processing of career applications sent voluntarily by the user. This data will be processed by the Data Controller in both electronic and, possibly, printed form. It is highlighted that only common data will be processed, and that any “special data” or “judicial data” under articles 9 and 10 of EU Regulation, if provided, will be deleted. The data provided will not be disclosed to third parties without first obtaining an effective and unequivocal consent to the processing from the data subject.

Data Processing Method

Data can be processed with or without the aid of electronic or automated tools and will include all the operations envisaged by art. 4, no.2, of the EU Regulation (the collection, signing in, organisation, structuring, storage, adaptation or change, extraction, consultation, use, communication by transmission, dissemination or any other available form, comparison or interconnection, restriction, deletion or destruction of data) that are necessary for data processing, including any communications to the data subjects listed in the following points “5. Data communication” and “Dissemination of data”. No data-profiling activities are performed.  
The data will be recorded and stored in paper and electronic archives, with organisational systems relating to the purpose of data processing. In addition, in order to prevent data from being destroyed or lost (whether accidentally or not) and ensure its integrity and confidentiality (including against unauthorized access or disclosure) and in general to ensure the rights of the data subject, the Data Controller has adopted security measures of a technical and organisational nature, in accordance with the provisions of EU Regulation (with particular reference to arts. 24, 32 and 35).

Data communication

In addition to the Data Controller, access to data may be given, in certain cases, to subjects authorised to process data under art. 29 of the EU Regulation (Data Controller’s employees) for data processing purposes. The data collected may also be disclosed to third parties (e.g. independent technical service providers, hosting providers, IT companies), who are designated as Data Processors under art. 28 of the EU Regulation and act on behalf of Caleido S.r.l. and in accordance with the Controller’s instructions,  but only for activities strictly related to the purposes outlined above (e.g. to ensure Internet service functionality and the IS and IT management). You can send a request for a complete and updated list of these subjects to any of the contacts specified below.

Data dissemination

Personal data collected for the purposes referred to under point 3 will not be disseminated.
Data storage time Browsing data (point 2, letter a) will be kept in compliance with the provisions of current legislation for a period not exceeding that necessary to achieve the purposes for which it is processed. The Data Controller will process the data provided voluntarily by the user (point 2, letter b) for the time strictly necessary to provide the requested service and, in any case, no later than 10 years.

Data conferral

The browsing data collected under this process (point 2, letter a) is strictly related to site management.  
The provision of personal data provided voluntarily (point 2, letter b) is optional and aimed solely at following up the user’s requests; therefore, failure to provide the necessary data makes it impossible for Caleido S.r.l. to reply.

Data storage place

Personal data is kept at the Data Controller’s operating offices and in the places, within the European Union, where the persons involved in data processing are based.

Rights of the Data Subject

The data subject has the right to request and obtain, at any time, from the Data Controller the right of access (art. 15 of EU Regulation), the right to rectification (art. 16 of EU Regulation) and the right to erasure (so-called “right to be forgotten”) (art. 17 of EU Regulation) of his or her personal data. The user has also the right to restriction of processing (art. 18 of EU Regulation), the right to data portability (art. 205 of EU Regulation) and the right to object on grounds to processing (art. 21 of EU Regulation). In any case, the user has the right either to lodge a complaint with the Supervisory Authority, as envisaged by art. 77 of EU Regulation, or the right to an effective judicial remedy, as envisaged by art. 79 of the EU Regulation where he or she considers that his or her rights under the EU Regulation have been infringed.

How to exercise the rights

The user may exercise his or her rights at any time by sending an e-mail to
a fax to (39)  030 2530533
a registered letter with advice of receipt to: Caleido S.r.l., 52/A Via Pablo Neruda, 25020 Flero (BS)

Changes to this Statement

Caleido S.r.l. reserves the right to modify this Statement. The date shown at the beginning of the Statement indicates the date of the last update. In the event of material changes, a notice will be posted on our website or through other means to give the user the opportunity to verify the changes before they become effective.