Privacy Policy

This Privacy Policy describes the purposes and methods by which COIMA SGR S.p.A., on behalf of Fondo Odissea, in the capacity of Data Controller (“Company”, “Data Controller” or “Controller”), collects and processes personal data relating to the user (”User”) who interacts with the website http://www.ivory.com (“Website”) and with the various services it offers.

The information contained in this Privacy Policy is provided under Art. 13 of Regulation EU of 27 April 2016 no. 679 (“Regulation”), as well as the Measures issued by the Data Protection Supervisory Authority and the Guidelines of the European authorities.

Information on the processing of data is provided only for the Website and for data processing operations carried out by the Company and it does not extend to processing carried out by third parties on other websites that may be consulted by Users via links. The Company does not accept any liability for this further processing; the User should refer to the individual Privacy Policies of the third party websites.

1. Data Controller

The Data Controller is the Company COIMA SGR S.p.A., on behalf of Fondo Odissea, based in Milan (Italy), Piazza Gae Aulenti no. 12, 20154.

2. Data processing methods

The Company processes Users’ data while adopting all appropriate data security measures to prevent unauthorised access, unauthorised disclosure, modification or destruction of data. Data processing is carried out using manual and/or electronic tools, according to organisational methods and logics strictly related and limited to the indicated purposes.

3. Purpose and legal basis of data processing

The Company, through the Website, may process the User’s data for the following purposes:

1. Contacting the Company. The User may contact the Company to request information using the contact details specified on the Website. Personal data provided voluntarily by the User (e.g. email address, telephone number if any or other information freely provided to the User) will be processed by the Company to manage and respond to the User's communications or requests. The legal basis of the data processing is the implementation of the service specifically requested by the User, and any refusal to provide the personal data will make it impossible for the Company to manage and respond to communications or requests for information.

1. Pursuit of the legitimate interests of the Company and/or third partiesThe User’s data may be used to exercise the rights and legitimate interests of the Company or third parties, for example, handling claims and litigation, fraud prevention or prevention of unlawful activities. In these cases, although the provision of the User’s personal data is not mandatory, it is necessary as those data are closely linked and are instrumental to the pursuit of those legitimate interests, which do not prevail over the rights and fundamental freedoms of the User, and any refusal to provide them could make it impossible to implement the requested services (e.g. requesting information from the Company).

1. Fulfilling applicable legal or other obligationsThe Company may also use personal data that are provided by the User or otherwise acquired during the User’s interaction with the Website for purposes of compliance with legislative and regulatory obligations, national and EU legislation, as well as obligations deriving from measures issued by authorities who are legally authorised to do so, which represent the legal basis of data processing, without the need to obtain the User’s prior consent.

1. Performance of aggregate statistical analyses on an anonymous basis in order to improve the performances and services offered by the Company via the Website. In this case, the User’s consent will not be required, as the indicated data processing operations will be carried out only on anonymous data.

4. Categories of data subject to processing

Through the Website, the Company receives and collects information on Users visiting its pages and using web services available on the Website. The Company obtains and processes the following information.

4.1 Data collected through navigation and cookies e tramite cookie

When the User visits the Website, the latter collects certain data, such as pages viewed, connections or buttons clicked by the User, date and time of access, IP address, browser and operating system used (known as “navigation data”). The Company uses this data for the sole purpose of obtaining statistical and anonymous information on the use of the Website for purposes strictly related to its operation and assess the effectiveness of the services offered by the Website. Navigation data could be used to ascertain responsibility in the event of any computer crimes being committed against the Website.

For the collection of the User’s data through cookies and similar technologies, please visit the Cookie Policy.

4.2 Data voluntarily provided by the User

The Company limits the gathering of voluntarily provided information to data necessary to achieve the purposes described in paragraph 3 above and receive the services requested. In addition, the Company may collect and process additional personal data, if such data are voluntarily provided by Users in relation to services offered by the Website, for example in the event that Users contact the Company to report inefficiencies or malfunctions, or to exercise their rights regarding the processing of personal data, etc. Such data will be processed by the Company solely for purposes strictly related to Users’ requests. Any failure to provide the data may involve the impossibility of obtaining the requested service.

5. Disclosure of data to third parties

The data provided by the User as well as those collected by the Website as part of the relevant services (e.g. IP address) will not be disseminated and may be communicated - for the purposes and using the methods illustrated in this Privacy Policy - to the categories of persons/entities listed below:

• COIMA platform companies, for organisational purposes, internal control purposes, pursue the Company or third-party legitimate interests and carry out the User services/requests;
• companies, collaborators, consultants or freelancers used by the Company to carry out duties of a technical or organisational nature (for example, providers of IT services, agents) or with which the Company collaborates (including the Companies DILS and JLL whose details are indicated at the foot of the Website) for purposes of providing and ensuring the functioning of its services, for any communication activities;
• persons, companies or professional firms that provide support and consultancy to the Company, particularly (but not exclusively) in accounting, administrative, legal, tax and financial matters;
• persons/entities entitled by law or by order of a public authority to access such data.

The persons/entities belonging to the categories indicated above will use the data as independent data controllers pursuant to law or as data processors duly appointed by the Company.

The list of entities to which the data are or may be disclosed, can be requested from the Company by using the contact details indicated in the “Rights of Users and Contact Details” section of this document.

6. Data storage

Data are processed for the time necessary to perform the activities indicated in paragraph 3 above, and are erased when the purposes for which they were collected and processed no longer apply.

In particular, the Company will erase the personal data of Users who requested information or sent communications by contacting the Company through the Website after 6 months have elapsed from the date the data were initially communicated. 

The information collected through cookies will be stored for the periods specified in the Cookie Policy [link]

7. User rights and contact details

The User may exercise the rights provided for by the Regulation in the cases expressly envisaged by law and where applicable. In particular, Users have the right to:

• obtain confirmation as to whether or not their personal data are being processed and, if this is the case, to request information on data processing from the Data Controller (e.g. purpose, categories of data processed, recipients or categories of recipients of data, storage period, etc.);
• request the rectification of inaccurate or incomplete data;
• request that the Controller delete the data (e.g. if the personal data are no longer necessary for the purposes for which they were collected, or if the consent on which data processing is based is withdrawn, etc.);
• request the restriction of processing (e.g. if the User challenges the accuracy of data; if data processing is unlawful and the User objects to the deletion of the personal data; if the data are necessary for the exercise or defence of a right of the User in court, even if the data controller no longer requires them; when the User exercises the right to object to data processing, for the time necessary to verify whether legitimate reasons exist);
• receive personal data relating to him/her in a commonly-used and machine-readable format (e.g. pdf) and to send them to a different data controller, or to obtain direct transmission from one controller to the other, if technically possible (known as data portability).

Users have the right to object to the processing of their personal data, in whole or in part, for legitimate reasons.

Those rights may be exercised by sending a communication to the following email address: www.privacy.coimasgr.com

Finally, if Users consider that data have been processed in violation of legislation on the protection of personal data, they have the right to lodge a complaint with the Italian Data Protection Authoritywww.garanteprivacy.it ).