Privacy policy
Contents
WEBSITE PRIVACY POLICY AND COOKIE POLICY
Processing of the personal data of users of the website www.sib.it (Article13 of Regulation (EU) 2016/679)
Società Italiana Brevetti S.p.A.
PART A – INFORMATION ON DATA PROCESSING
INFORMATION ON DATA PROCESSING
With this policy, Società Italiana Brevetti S.p.A. (hereinafter the “Company” or the “Data Controller”) informs you, pursuant to Article 13 of Regulation (EU) 2016/679 (hereinafter “GDPR”), of the methods and purposes of processing the personal data of users collected through the website www.sib.it (the “Site”). This policy applies exclusively to data processing carried out through the Site; for processing related to professional assignments, please refer to section 15.
1. Data Controller
The Data Controller is Società Italiana Brevetti S.p.A. with registered office in Rome Piazza di Pietra, 39, tel.: +39 06695441, fax: +39 0669544810, e-mail: [email protected]. It is possible to contact the Data Controller about all issues relating to the processing of personal data.
2. Data Protection Officer (RPD / DPO)
The Controller, following accountability assessments, has not designated a Data Protection Officer, as the requirements set forth in Article 37 of the GDPR do not apply. The interested party may contact the Data Controller for any questions regarding the processing of their data and the exercise of their rights.
3. Types of data processed through the Site
Browsing data. The computer systems and software procedures used to operate the Site acquire, during normal operation, certain data whose transmission is implicit in the use of Internet communication protocols (IP addresses, URIs of requested resources, time of the request, parameters relating to the user’s operating system and IT environment). This data is used for aggregate statistical purposes and to ensure the security of the Site.
Data provided voluntarily. This data is provided by the user by filling out the forms on the Site or by sending communications to the addresses indicated: personal and contact information, content of the request, data entered for newsletter subscription, and data contained in CVs submitted through the “Careers” section.
Data collected via cookies. This data is collected via cookies and similar technologies, as described in detail in Part B of this policy.
4. Purpose of the processing, legal bases and nature of the provision
Each purpose is processed on the legal basis specifically indicated below.
| Purpose of the processing | Legal base (GDPR) | Provision |
|
Allow browsing of the site, guarantee its correct functioning and the security of the systems (logs and technical data)
|
Article 6, par. 1, letter f) – legitimate interest in the security and operation of the site; letter c) for any obligations
|
Necessary for using the site |
|
Respond to contact requests or information sent via the contact form or by email
|
Article 6, paragraph 1, letter b) – pre-contractual measures; where the request is not pre-contractual, letter f)
|
Optional; necessary for receiving a response |
|
Subscribe to and receive the newsletter
|
Article 6, par. 1, letter a) – consent
|
Optional; can be withdrawn at any time |
|
Management of applications and CVs submitted through the “Careers” section
|
Article 6, par. 1, letter b) – pre-contractual measures; letter a) for any further storage
|
Optional |
| Installation of cookies and non-technical statistical measurement tools (see Part B – Cookie Policy) |
Article 6, par. 1, letter a) and Article 122 Privacy Code – consent
|
Optional; manageable through the banner
|
5. Processing methods
The data is processed electronically, using appropriate technical and organizational measures to ensure its security, confidentiality, and integrity pursuant to Article 32 GDPR, and for the time strictly necessary for the purposes for which it is collected.
6. Recipients and categories of recipients
The data is processed by authorized personnel and by persons designated as Data Processors pursuant to Article 28 GDPR. Within the limits of the purposes indicated above, the data may be disclosed to: Website hosting and maintenance service providers; newsletter delivery platform providers; statistical analysis tool providers; and public and judicial authorities, where required by law. The updated list of Data Processors is available upon request from the Data Controller.
7. Transfer of data to third countries
Data is generally processed within the European Economic Area. The use of third-party analytics tools (Google Analytics) may involve the transfer of data to the United States. In this case, the transfer is carried out exclusively in the presence of adequate safeguards pursuant to Chapter V of the GDPR, namely an adequacy decision by the European Commission—including, for certified entities, the decision relating to the EU–U.S. Data Privacy Framework (Implementing Decision (EU) 2023/1795)—or the Standard Contractual Clauses adopted by Decision (EU) 2021/914. The data subject may request evidence and a copy of the safeguards adopted from the Data Controller.
8. Retention period
Browsing data and logs are retained for a period not exceeding 60 days, except for the retaining for the time necessary to defend a right in legal proceedings if litigation is ongoing or reasonably foreseeable. Data provided via contact forms is retained for the time necessary to process the request and, in the absence of a subsequent relationship, for 24 months. Data processed for sending the newsletter is retained until consent is revoked. Unselected CVs are retained for a maximum of 12 months. Cookies are retained according to the periods indicated in Part B. After these periods, the data is deleted or anonymized.
9. Automated decision-making and profiling
The Data Controller does not carry out fully automated decision-making processes that produce legal effects or likewise significantly affect the data subject pursuant to Article 22 GDPR.
10. Processing of the data of minors
The Site is not intended for minors under the age of 16, and the Data Controller does not process their data without the authorization of the holder of parental responsibility, in accordance with Article 8 GDPR and Article 2-quinquies of Legislative Decree 196/2003.
11. Data subject rights and how to exercise them
The data subject may exercise the rights provided for in Articles 15-22 of the GDPR at any time, and in particular:
– access to their data and information on processing (Article 15);
– rectification of inaccurate data and completion of incomplete data (Article 16);
– erasure in the cases provided for (Article 17);
– restriction of processing (Article 18);
– data portability (Article 20);
– objection to processing for reasons related to their particular situation (Article 21).
These rights may be exercised by writing to [email protected]. The Data Controller requests information to verify the applicant’s identity only where there are reasonable doubts, and in a proportionate manner pursuant to Article 12, paragraph 6, GDPR; a copy of an identity document is therefore not systematically requested.
12. Withdrawal of consent
Where processing is based on consent, the data subject may withdraw it at any time as easily as when consent was given, and also by contacting the Data Controller at the contact details above. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.
13. Complaint to the Supervisory Authority
Any interested party who believes the processing violates current legislation has the right to lodge a complaint with the Italian Data Protection Authority (Piazza Venezia 11, 00187 Rome – [email protected]), pursuant to Article 77 of the GDPR, without prejudice to any other administrative or judicial remedy.
14. Cookies
The Site uses cookies and similar technologies as described in Part B of this policy (Extended Cookie Policy), to which reference is made in full.
This policy does not govern the processing carried out by the Company in connection with professional assignments relating to industrial and intellectual property (e.g., data of clients, principals, inventors, and counterparties, data acquired from registers and databases, and related communications to offices such as UIBM, EUIPO, EPO, and WIPO). The separate Privacy Policy for professional relationships, provided upon assignment, applies to such processing.
16. Updates and version
This policy is subject to periodic review, including in connection with the entry into force of new regulations or updates to services. Users are encouraged to consult this page periodically; the current version is always the one published on the Website.
Version 2.0 – June 2026 (replaces version 1.1 of May 2018)
PART B – EXTENDED COOKIE POLICY
Cookies are small text files that websites send to the user’s device, where they are stored before being retransmitted to the same websites upon the user’s next visit. Similar technologies (e.g., web beacons, local storage) allow us to collect browsing information and are collectively referred to here as “cookies.” Cookies can be installed by the Website Owner (first-party cookies) or by third parties (third-party cookies).
Technical cookies (necessary). They are essential for the functioning of the Site and the use of its services (for example, for session management and storing cookie preferences). They do not require the user’s consent, pursuant to Article 122 of Legislative Decree 196/2003 and the Guidelines of the Italian Data Protection Authority of 10 June 2021.
The Site uses cookies that are listed and managed through the Cookiebot Consent Management Platform, which is accessible upon reaching the Site.
B.4 Legal basis and consent management
For technical cookies related to the operation of the Site, the legal basis is Article 122 of the Privacy Code. For non-technical cookies, the legal basis is the user’s consent (Article 6, paragraph 1, letter a, GDPR and Article 122 of the Privacy Code), collected via a banner compliant with the Guidelines of the Italian Data Protection Authority. The banner allows you to accept all cookies, reject them, and/or select individual categories; if no choice is made, or if the banner is closed without acceptance, no cookies other than technical cookies are installed. Consent can be revoked at any time, just as easily as it was given, via the accessible preferences management panel.
The use of Google Analytics involves processing by Google and possible transfer of data to the United States, governed by the guarantees indicated in Part A, Section 7. Google’s privacy policy is available at policies.google.com/privacy.
Users can manage cookies through the banner and also through their browser settings, which can be configured to block or delete them. Please note that disabling technical cookies may affect the use of the Site. Instructions for the main browsers are available on the following support pages:
– Google Chrome – support.google.com/chrome/answer/95647
– Mozilla Firefox – support.mozilla.org (cookies section)
– Microsoft Edge – support.microsoft.com (cookies section)
– Apple Safari – support.apple.com (privacy/cookies section)
To specifically disable Google Analytics cookies, a browser add-on provided by Google is available at tools.google.com/dlpage/gaoptout.
B.7 Duration of consent and updates
The consent given will be renewed after six months, or in the event of significant changes to the processing conditions or installed cookies. This Cookie Policy may be updated; the current version is always the one published on the Website.
Download PDF
