Glossario Privacy

“Data Protection Authority”: the public authority, independently established by a member state of the European Union, or by the European Union itself, in charge of supervising the application of the Privacy Regulation (In Italy, l’Autorità Garante della Protezione dei dati Personali, ).

“Authority”: Institution or Organization, public or private, having administrative, judicial, police, disciplinary and supervisory power.

“Authorized”: Natural Person, under the direct authority of the data controller, who receives instruction by the latter, concerning the processing of Personal Data, under article 29 of the GDPR.

“Client”: The party, natural or legal person, who signs the Contract, as well as his legal representatives, managers, administrators, workers (employees and/or collaborators) and, eventually, agents.

“Privacy Code”: the LD 196/2003 and following modifications and/or integrations (In particular following the LD n. 101/2018).

“Committee” or “EDPB”: The European committee for data protection established by art.68 of the GDPR and regulated by the art. From 68 to 76 of the GDPR, that replace the WP29 since 25/5/2018.

“Communication”: “disclosing personal data to one or more identified entities other than the data subject, the data controller’s representative in the EU, the data processor or the data processor’s representative in the EU, the persons which, under article 2-quaterdecies process personal data under the direct authority of the controller or of the processor, in any form whatsoever, including by making them available, interrogating such data or interconnection” ” (as defined by article 2-b, subparagraph 4, let. A of the Privacy Code.

“Contract”: Deal occurred with the Client, for the sale of products and/or the provision of services owned by the data Controller.

“Cookies”: Short texts (number and/or letter) that allow the web server to memorize information in the browser, which can be used during the visit of the website (session cookies), or later on, even days later (persistent cookies). Cookies are memorized, based on the user’s preferences, by the browser on the specific device that has been used (computer, tablet, smartphone).  The following categories should be considered:

Technical Cookies:  These cookies are indispensable for the proper functioning of the website and they are only used to “to carry out the transmission of a communication over an electronic communications network, or, to the extent strictly necessary, to the provider of an information society service explicitly to which the subscriber or User has explicitly requested to provide such service”  (cfr. art. 122, subparagraph. 1, of the Privacy Code).

Analytical Cookies: These cookies are used to collect and analyse the traffic and the website usage, anonymously. These cookies do identify users and they allow, for example, to detect whether the same user visits the website again, at different times. They allow to monitor the system and to improve its performance and the usability. Such cookies can be deactivated without losing any functionality.

Profiling Cookies: These are pre-existing cookies, used to identify (anonymously and not anonymously) user’s preferences and to improve his/her experience.

Third-party cookies (analytical and/or profiling):  these are cookies generated by organisations that are not part of the website, but they are integrated in the website page. For example,  the Google “widgets” (for ex. Google Maps) or as the “social plugin” (Facebook, Twitter, LinkedIn, Google+, etc.).

“Browsing Data”: The information systems and software procedures relied upon to operate the web site acquire personal data as part of their standard functioning; the transmission of such data is an inherent feature of Internet communication protocols. The data are not able to identify any data subject but they may, by their nature, through elaborations and combination with data held by third parties, permits to identify users. This data category includes the IP addresses and/or the domain names of the computers and terminal equipment used by any user, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of such requests, the method used for submitting a given request to the server, returned file size, a numerical code relating to server response status (successfully performed, error, etc.), and other parameters related to the user’s operating system and computer environment. These data are processed in order to extract statistical information on service usage and check functioning of the services. They get immediately deleted after their elaboration.


Special Categories of Data”: Personal data “revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, …, data concerning health or data concerning a natural person’s sex life or sexual orientation” (art. 9.1 GDPR), “concerning health” (“Personal Data concerning physical or mental health or a natural person, including the provision of health care services, which reveals information about his or her status”, as stated in article 4, subparagraph 1, n. 15, GDPR), as well as “ Personal Data concerning criminal convictions and offenses” (art. 10 GDPR), as well as “Genetic Data” (“personal data relating to the inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question”, as stated in article 4, subparagraph 1, n. 13, GDPR) and “biometric”,  (“personal data resulting from specific technical processing relating to the physical, physiological or behavioral characteristics of a natural person, which allow or confirm the unique identification of that natural person, such as facial images or dactyloscopy data”, as stated in article 4, subparagraph 1, n.14, GDPR).


“Personal Data”: Any information concerning an identified or identifiable natural person, (“data subject”): It is considered identifiable any natural person who can be identified, directly or indirectly, “in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person” , as stated in article 4, subparagraph 1, n. 1, GDPR).

“DATA”: One or more categories indicated as Personal Data or Special Categories of Data.

“Recipient”: a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not, , as stated in article 4, subparagraph 1, n. 9, of GDPR.

“Dissemination”: “disclosing personal data to unidentified entities, in any form whatsoever, including by making available or interrogating such data (as stated In article 2-ter, subparagraph 4, lett .b of the Privacy Code).

“GDPR”: The Regulation UE 2016/679 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

“Data subject”: “Identified or identifiable Natural person”, as stated in article 4, subparagraph 1 n. 1, of the Regulation UE 2016/679 (c.d. “GDPR”).

“Registered”: The data subject who has activated the Newsletter service.

“Lead”: The subject, natural or legal person, potentially interested in stipulating a contract with the data controller, as well as with his legal representative, directors, official, staff, (employees or collaborators) and possibly consultants.

“Restriction of processing’”: “the marking of stored personal data with the aim of limiting their processing in the future”, as stated in article 4, subparagraph 1 n. 3, of GDPR.

“Contact Form” Is The home page section on the website, through which the visitor can send requests or information (

“Marketing”:  It is the singular or cumulative transmission of advertising material, commercial communication, direct sale, complete market surveys.

“Newsletter”: Editorial or promotional content sent to Users.

“Legislation” or “Legislations”: One or more Legislation mentioned in the present document as Privacy Notice and Applicable Law.

“Applicable Law”: Any disposition which is part of the Italian Law or of The European Union Law, applicable to the site and the contract.

Privacy Regulation”: The Legislative decree 196/2003 and subsequent modifications and/or additions (“Privacy Code”), general measures taken in accordance with article 154 of the same code, Regulation UE 2016/679 (“GDPR”), and any other  applicable legislation including opinions and guidelines developed from the WP29 and, from 25/5/2018, by the Committee.

Profiling”: “any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements;” in accordance with article 4, subparagraph 1, n. 4, GDPR.

Prospect”: The subject, natural or legal person, interested in stipulating a contract with the data controller, his/her legal representatives, managers, staff, employees (workers or collaborators) and possibly agents.

Publication”: The action whereby the data controller communicates an information on the website,  without the implementation of procedures which impose the Visitor to see it.

Processor”: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller; as stated in article 4, subparagraph 1, n. 8, GDPR.


Website”: Web pages displayed through the website and any included subdomains.

Third party”: a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data; as stated in article 4, subparagraph 1, n. 10, GDPR.

Controller”: “natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data” ”. As stated in article 4, subparagraph 1, n.7, of the GDPR, and in specific Coinbar Spa, through the Destinated Asset.

Processing”: “any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction””, as stated in article 4, subparagraph 1, n. 1, GDPR.


Visitor”: Natural person who use the device or browse, through the internet, the public pages of the website.


WP29”: Article 29 Data Protection Working Party, established in accordance with art. 29 of the directive 95/46/CE which deals with issues relating to the protection of privacy and personal data. Its duties are established under art.30 of the directive 95/46/CE and art.15 of the directive 2001/58/CE.