Privacy Policy for tradeshows

1 – Data Controller

The data controller is CogniMade srl, located in via C. Colombo 10, 20066 Melzo (MI). Data Controller’s email:

2 – Types of Data Collected

The Data Controller processes personal identification data (such as name, surname, email, phone number – hereinafter, “Personal Data” or “Data”), data related to your work and professional position, the company you belong to, and the specific interests of the company itself, provided directly by you via business card, orally, or by filling out the visitor registration form during your visit to the CogniMade stand.

3 – Purpose of Data Collection

The collection and processing of personal data are carried out, with your prior consent, for the preparation of commercial, promotional, advertising, and marketing initiatives, as well as for sending advertising and/or informational material about the Company’s products, services, and activities, through traditional (such as postal mail, telephone, etc.) and electronic contact methods.

4 – Legal Basis for Data Processing

The processing of data for the above purposes is carried out based on your consent.

5 – Methods and Location of Data Processing

A – Processing Methods

The Data Controller processes Personal Data by adopting appropriate security measures to prevent unauthorized access, disclosure, modification, or destruction of such Personal Data. The processing is carried out using IT and/or telematic tools, with organizational methods and logic strictly related to the indicated purposes. In addition to the Data Controller, members of the CogniMade staff designated by the Data Controller and, if necessary, appointed as Data Processors by the Data Controller, may have access to the above Data. The updated list of Data Processors can always be requested from the Data Controller. The Personal Data database is accessible only by the personnel appointed by the Data Controller during their work, and the related operations described above and the processing of Personal Data will be carried out using methods and tools suitable to ensure confidentiality, namely through electronic or automated means (FTP Access Management for Domains with Aruba Hosting service) and through non-automated means (paper archives). Both methods are provided with adequate security measures such as personalized passwords with exclusive access.

B – Scope of Communication and Circulation

The processed Personal Data will not be disseminated but communicated to well-defined subjects. Based on the roles and job duties performed, internal and external personnel is authorized to process the data within the limits of their competencies and in accordance with the instructions given by the data controller. The same data may be communicated to entities authorized to access them by law, regulations, and standards.

C – Location of Processing

The data are processed at the operational headquarters of the Data Controller, and there is no transfer of Personal Data to non-EU countries. For more information, please contact the Data Controller at

D – Duration of Processing

The provided data are retained for 60 months.

6 – Nature of Data Provision

Providing data for the aforementioned purposes is optional.

7 – Further Information on Data Processing

A – Defense in Court

The Visitor’s Personal Data may be used for defense by the Data Controller in court or in the preparatory stages leading to possible legal action against abuses in the use of the same or related services by the Visitor. The Visitor declares to be aware that the Data Controller may be required to disclose the Data upon request from public authorities.

B – Information Not Contained in This Privacy Policy

Further information regarding the processing of Personal Data can be requested at any time from the Data Controller using the contact information provided.

C – Rights of Data Subjects

Data subjects have the right to data portability (Art. 20 “Right to Data Portability”) and, at any time, to:

  • Inform the Data Controller of any changes to their Personal Data (Art. 15 “Right of Access”)
  • Request the Data Controller to update, rectify, or integrate any Personal Data in its possession (Art. 16 “Right to Rectification”)
  • Request the Data Controller to delete, block, or restrict the processing of their Personal Data in its possession (Art. 17 “Right to Erasure”). The user has the right to withdraw consent at any time. Withdrawal of consent does not affect the legality of any processing based on consent given before its withdrawal
  • Object, for legitimate reasons, to the way their Personal Data are processed (Art. 18 “Right to Restriction of Processing”)

Additionally, under Art. 21 “Right to Object to Automated Individual Decision-Making of GDPR 2016/679,” the data subject may exercise their rights by writing to the Data Controller at the following email address:

D – Complaints

The data subject has the right to lodge a complaint (Art. 77 “Right to Lodge a Complaint with a Supervisory Authority”) with the Supervisory Authority if their requests for information to the Data Controller have not resulted in satisfactory responses. The relevant authority is the Garante per la Protezione dei Dati Personali: Garante per la Protezione dei Dati Personali website.

8 – Questions

For any questions or concerns regarding the management of Personal Data or to exercise the rights provided under this policy, you can contact the Data Controller by writing to

9 – Information on this Privacy Policy

The Data Controller is responsible for this Privacy Policy.

A – Legal References

Notice to European Users: this Privacy Policy is prepared in compliance with the obligations of the General Data Protection Regulation (GDPR) No. 679/2016.

B – Changes to this Privacy Policy

The Data Controller reserves the right to make changes to this Privacy Policy at any time by informing Visitors on this page. Therefore, please check this page frequently, referring to the date of the last modification indicated at the bottom. If the changes made to this privacy policy are not accepted, the Visitor is required to cease using this Site and may request the Data Controller to remove their Personal Data. Unless otherwise specified, the previous Privacy Policy will continue to apply to Personal Data collected up to that point.

C – Privacy Policy Update

This Privacy Policy is updated as of May 2022.