top of page





Sferova S.r.l. (from now on, for the sake of brevity, “Sferova”, or the “Company”, or “us” or “we”), informs you that your personal data acquired when you browse this site shall be processed in accordance with the law on the protection of personal data.

With reference to the methods used for the management and processing of your personal data, as a user who consults this site, we are providing the following information pursuant to Article 13 of EU Regulation No. 679/2016:


·       1. Types of data collected, purposes, legal basis for processing operations and retention period of data storage

·       Cookies

What are cookies?

Cookies are small text strings that the sites you visit send to your computer (normally your browser), where they are stored and then re-transmitted back to the sites when you visit them again.

Types of cookies used by this site:

Technical and analytical cookies with limited potential to identify you.

Technical cookies are those used for the sole purpose of transmitting a communication on an electronic communications network, or, to the extent strictly necessary for the supplier of a company service, transmitting the information explicitly requested by the subscriber or the user with a view to providing said service. Analytical cookies, on the other hand, are used to analyse and measure use of the website by users. Analytical cookies are similar to technical cookies when used directly by the site manager to collect information, in aggregate form, on the number of users to the site and on how they visit it. The legal basis that legitimises the processing of personal data for this purpose is set out in the circumstances described by Article 6, section 1, letter b) of EU Regulation No. 679/2016 – i.e. processing is necessary for the performance of a contract to which the Data Subject is party or in order to take steps at the request of the Data Subject prior to entering into a contract.

The technical cookies used by the site are:

- Cookie name: XSRF-TOKEN

Technical cookie: this cookie is used to guarantee the user normal browsing and use of the site; these are cookies necessary to prevent data from being sent to another website.

Type of data processed: session data.

Expiry of the cookie: session.

- Cookie name: hs

Technical cookie: this cookie is used to guarantee the user normal browsing and use of the site.

Type of data processed: session data.

Expiry of the cookie: session.

- Cookie name: svSession

Technical cookie: this cookie is used in connection with user login.

Type of data processed: session data.

Expiry of the cookie: 12 months.

- Cookie name: consent-policy

Technical cookie: this cookie is used for cookie banner parameters.

Type of data processed: user’s data.

Expiry of the cookie: 12 months.


Disabling cookies.

All modern browsers make it possible for you to decide whether or not you want to block the installation of cookies on your computer or to cancel any that may already have been installed. This also applies to cookies installed following browsing on this site. In this case, failure/refusal to install cookies may render browsing the site difficult or even impossible. 

The methods for deactivating the installation of cookies on the most modern browsers are shown below: 


Google Chrome.

For further information visit this page.


Microsoft Edge

For further information visit this page.



For further information visit this page.


Mozilla Firefox

For further information visit this page.


Without prejudice to the above, the Data Controller hereby informs you that you can make use of Your Online Choices. Through this service you can manage the tracking preferences of most advertising tools. The Data Controller recommends using this resource in addition to the information provided in this document. 


·       2. Period of data storage

Your personal data that are collected and processed once you have started browsing this site shall be stored for the entire period of service delivery and thereafter immediately deleted. Cookies installed via the site are temporary, and are deleted automatically at the expiry shown in this statement. 


·       3. Methods of processing

Any personal data collected shall be processed, retained and analysed using electronic tools and shall be stored both in electronic format and in hard copy, organised into databases, and on any other appropriate type of media.

Specific security measures are implemented to prevent the loss, illegal or unfair use of the data, or unauthorised access to them.

The processing of your personal data carried out by Sferova does not involve any automated decision-making.


·       4. Disclosure of the personal data

The disclosure of the browsing data is required in order to supply the requested service (browsing of the site) and is, therefore, compulsory for that purpose: failure/refusal on your part to provide your personal data shall make it impossible for Sferova to allow you to browse this site. The installation of technical from this site is optional (it can be blocked via the browser settings), but it could make the site, or some of its services, unusable.


·       5. Parties to which your personal data may be disclosed

Any of your personal data that is collected shall not be disclosed indiscriminately, but may be communicated to those parties that have the right to access your personal data to ensure compliance with legal and secondary and/or EU regulations, and to the Data Controller’s own personnel, and also to companies, associations or professional firms that provide services and operations on behalf of the Data Controller, operating as Data processors, to ensure compliance with legal obligations, and for every other organisational and/or administrative requirement that is necessary to provide the requested services.

The names of the additional parties to which your personal data may be disclosed, operating as Data processors, are shown in an up-to-date list that can be requested from (using the data indicated at Point 9).


·       6. Transfer of data outside the European Economic Area or to international organisations

For specific needs connected to the location of the servers of Sferova’s suppliers, the company also uses suppliers located in third countries outside the European Economic Area (United States of America, Israel, Taiwan, South Korea) for the provision of services. Sferova undertakes to transfer data with adequate protection and safeguards: adequacy decisions and standard contractual clauses. A copy of the standard contractual clauses stipulated by Sferova and of the adequacy decision can be requested by writing to the Data Controller’s contact details indicated in Section 9 of this privacy notice.


·       7. Links to sites or services of third parties

This statement is provided solely for the processing operations carried out on your personal data through this site or the tools available on it, and does not apply to other sites that you may browse through links, the managers of which operate as independent data controllers. Before accessing third-party services, please read their privacy statements carefully.


·       8. Your rights as the Data Subject

In relation to the aforementioned processing operations carried out on your personal data, you are entitled to exercise at all times those rights set out by EU Regulation No. 679/2016 (GDPR), including, for example, the right to be informed as to:

- the origin of any personal data held that concerns you;

- the purposes and methods of the processing operations;

- the logic applied in the case of processing operations carried out using electronic instruments;

- the identification of the Data Controller, the Data Processors and the designated representative.

As the Data Subject, you have the right to obtain:

- access to the data, and their updating, rectification or (where in your interest) completion;

- the erasure, transformation into anonymous form or blocking of access to any data processed in breach of the law;

- the limitation of the processing of those data that concerns you, or to request that the Data Controller or the Data Processor reduce the purposes and/or methods for/with which your data are being processed.

You can also request a copy of your data in a standard format (the so-called “Right to data portability”).

As the Data Subject, you also have the right to object, at any time and at no cost, wholly or partially:

- for legitimate reasons, to processing of your personal data, even if the processing operations are still relevant to the purpose for which the data were collected in the first place;

- to processing of your personal data carried out pursuant to Article 6, Paragraph 1 of the GDPR, Letters e. (“processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller”) or f. (“processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party”) including profiling on the basis of these provisions;

- to processing of your personal data for the purposes of sending advertising or direct sales material or for the completion of market research or commercial communications (direct marketing), including any relevant profiling operations.

You have the right to withdraw your consent for the processing operations when that consent is based on the circumstances described  by Article 6, Paragraph 1, Letter a. (when “the data subject has given consent to the processing of his or her personal data for one or more specific purposes”), or by Article 9, Paragraph 2, Letter a. (when “the data subject has given explicit consent to the processing of those personal data for one or more specified purposes”) of EU Regulation No. 679/2016, at any time, without affecting the lawfulness of processing based on the consent before its withdrawal.

Should you consider the processing operations to have been carried out in breach of current legislation, you have the right to lodge a complaint with a supervisory authority, specifically in the Member State in which you habitually reside or work, or the Member State where the alleged breach has taken place. The Italian supervisory authority can be contacted using the contact data on its website.


·       9. Data Controller - Contact Data

The Data Controller is Sferova S.r.l., with its registered offices at Via delle Industrie 30/32, 20884, Sulbiate (MB), VAT no. 00725270961. The company can also be contacted at the following email addresses and the latter being the company’s “certified e-mail” address. To exercise the rights listed above, the data subject may make a request using the email address gdpr_privacy@sferova.comSferova reserves the right to update this Privacy Policy.  

bottom of page