This Privacy Policy by Goppion S.p.A. (hereinafter Goppion) fulfills the duty of information to data subjects required by Article 13 of the Regulation (EU) 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter GDPR).

1. Data Controller

Data controller is Goppion S.p.A., Via T. Edison, 58/60, 20090 Trezzano sul Naviglio MI - Italy; telephone no.: +39 024844971; e-mail address:

Definition of “Personal Data”

For the purposes of this Privacy Policy, for “personal data” – in compliance with Article 4 of the GDPR we shall mean “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
This Privacy Policy only applies to the personal data collected through the website (hereinafter, the Website) or with any other modality described herewith. This Privacy Policy does not apply to all data collected through other websites belonging to third parties, even if those websites can be accessed by means of a link on the Website. Please refer to the privacy policies of such third parties’ websites for information on the processing of personal data carried out by the them.

2. Categories of Data Processed

(a) Data Provided Voluntarily by the Data Subjects

Goppion collects some personal data (name, surname, e-mail address, telephone number, postal address, etc.) that is voluntarily provided by the users of the Website by means of ad-hoc registration forms filled on the Website (e.g. subscription to our newsletter, application, etc.) or sent by e-mail or provided to Goppion or to its professionals or collaborators by the data subject himself/herself in some other way (for example: exchange of business cards, exchange of emails or other contact that shows through an active behavior an interest towards the activity of Goppion).

(b) Netsurfing Data

Computer systems and software procedures in charge of the correct functioning of the Website may collect, during their normal activity, some personal data, whose transmission is implicit in internet communication protocols. This type of information is not collected in order to be linked to identified subjects, but by its own nature, through processing and in combination with third party’s data, such information might be able to be used to identify users. Such category of data includes, among others: IP addresses relating to the computer used to access the Website, URI (Uniform Resource Identifier) addresses of the requested resources, time of the request, procedure used to forward the request to the server, the size of the answered file, the numeric code that points to the condition of the server’s answer (successful, error etc.) and any other parameter relating to the user’s operating system. This type of data is used only for the purpose of gathering statistic and anonymous information on the usage of the Website and to assure its correct functioning, and is immediately erased after the processing. The above-mentioned data could be used to determine possible criminal liability arising from computer crimes in prejudice of the Website.

3. Purposes and Modalities of Data Processing

Goppion processes the above-mentioned personal data only in relation to:

(a) subscription to newsletter, invitation to events or subscription to mailing lists concerning the sending of communications relating to Goppion (events organized, certifications and prices received);

(b) management of unsolicited job applications, exclusively for purposes of research and selection of personnel in relation to open or future job positions at Goppion and for scheduling an interview (if needed);

(c) requests for information on Goppion or contact requests;

Goppion protects your personal data adopting all security measures prescribed by the GDPR. Goppion shall process the personal data about you only for the time necessary for the achievement of the purposes above described. The processing may be carried out with or without the use of electronic means as well as with automated systems.

4. Legal Basis for the Processing

In relation to the cases described above in sub 3(a):

  • the data subject may request to subscribe to our newsletter through the specific section of the Website, thereby asking to receive articles relating to the activity of Goppion; or
  • the data subject may receive information on our events on the basis of our legitimate interest to keep contacts with the data subject when the data subject already subscribed to one of our events or newsletters (also considering his reasonable expectations), save the right to object (“opt-out”); or
  • the data subject may be entered into a mailing list as a result of contacts with Goppion or with a professional or collaborator of Goppion (for example, exchange of business cards or other contact that may constitute an active behavior demonstrating interest towards Goppion); in such a case it constitutes a legitimate interest of Goppion to keep in contact with him/her by sending communications concerning Goppion as well as events organized by Goppion and that Goppion thinks could be of interest to the data subject (duly considering the expectations of the data subject), save the right to object (“opt-out”).
    In relation to the cases described above in sub 3(b):
  • the data subject may send his application to work with Goppion in relation to open or future job positions, through the specific section of the Website; in this case the processing of personal data is based on one or more of the following legal bases: (i) the performance of pre-contractual measures upon data subject’s explicit request; (ii) Goppion’s legitimate interest to assess data subject’s suitability to collaborate with Goppion; (iii) the consent, which data subject can revoke at any time by contacting us at the addresses indicated below on point 10.

5. Optional Personal Data Provision

Without prejudice to the provisions on netsurfing data, the data subjects have the ability to provide or not provide his/her personal data in the forms on the Website or through e-mail. Not providing Goppion with such data, however, may render it impossible for Goppion to send you the communications and information you asked for.

6. Communication and Disclosure of Personal Data – International Data Transfers

The personal data collected will be accessible to the employees and collaborators of Goppion duly appointed as data processors or to persons in charge of the processing. Some data may be communicated in anonymous and aggregated form to third parties for statistical purposes. In any case, such data shall not permit the identification of the data subjects. With the exception of cases allowed by the law, or provided in this Privacy Policy, personal data shall not be communicated or disseminated without data subjects’ consent.

7. Rights of the Data Subjects with Reference to Their Personal Data

The data subject has the right to obtain at any time confirmation as to whether or not there is personal data concerning him or her being processed, to access such personal data, to ask to receive the data in a structured, commonly used and machine-readable format in order to transmit the data to another controller, as well as to request at any time the erasure of such personal data, to obtain the restriction of processing or to object, in whole or in part, on legitimate grounds, to the processing of his or her personal data, in particular where it is processed for direct marketing purposes, and the data subject may exercise such right also by clicking in the section for such purpose below every communication. The exercise of such rights, however, may be subject to some limitations and exclusions pursuant to the GDPR and the applicable regulations.
Where the processing is based on the consent of the data subject, it shall be understood that the data subject has the right to withdraw his or her consent at any time. Such withdrawal shall not affect the lawfulness of processing based on consent given before withdrawal.

8. Right to lodge a complaint

Without prejudice to any other administrative or judicial remedy, every data subject, where it considers that the processing of personal data relating to him or her infringes the law, shall have the right to lodge a complaint with a supervisory authority.

9. Changes to this Privacy Policy

Goppion can amend this Privacy Policy in order to comply with developments in national and/or European law, as well as to keep up with technology innovations and other similar reasons.
Possible amended versions of this Privacy Policy will be published on the Website. Please read this Privacy Policy carefully and check periodically if there have been any amendments or revisions.

10. Exercise of Users’ Rights and Request of Information

To exercise your rights and for any questions or requests concerning the processing of your personal data by Goppion and this Privacy Policy, please contact us at the following e-mail address: .

11. E-Newsletter

We use a third-party provider, MailChimp, to deliver our e-newsletters. We gather statistics around email opening and clicks using industry standard technologies to help us monitor and improve our e-newsletter. For more information, please see MailChimp’s privacy notice.

12. Use of Cookies

The Website makes use of cookies as explained in our [Cookie Policy].