This notice describes which of your personal data is collected by Brand-Cross S.r.l., for what purposes and how they are processed. You will also find the information necessary to exercise your rights under GDPR.

In general, we collect your data when you browse the site (hereinafter “Site“) and when you contact  us through the Site or when you interact with us through our social pages on Instagram,  Twitter, Facebook and LinkedIn (hereinafter “Social Pages“). We inform you that the personal data collected during these processes will be processed as set out above. 

  • Who processes your data: Data Controller 

Brand-Cross S.r.l., having its registered office in Milano, Via Medici 13, Italy, Italian tax registration number and Italian VAT number 09098450969, (hereinafter “Brand Cross” and “Data Controller”) is the data controller of your personal data.

Limited to the data collected through our Social Pages, Instagram, Twitter, Facebook and LinkedIn are joint controllers of the processing of your personal data, as published within the platforms themselves. For more information, please read their privacy policy.

  • What data we process – Type of data processed

Your contact data.  We will retain the contact information you provide (for example, contact details, first and last name) when you contact us through the Site or when you contact us through our Social Pages, through public comments or through private messages. 

Information about your use of the Site and your activities on the Site. Your use of the Site implies the processing by the Data Controller of data on the browser and device you are using and your IP address (this is the number that identifies a specific device on the internet and that is necessary for your device to communicate with the sites). We will be able to analyze from which site you came and what actions you have taken on the site. 

  • Where we get your data – Data collection method

Directly from you. For example, if when you contact us through the Site or by email, you ask us a question through the Social Pages.

Through the use of the features of the Site. We use cookies on the Site in order to collect data about your use. To learn more, please read the Cookie Policy.

  • Why and how long we process your data forPurpose and legal basis for data processing; retention period
  1. a) To answer to your requests collected through the Site and Social Pages. For example, we will use your data to answer to your requests received by email, through the Site or received through our Social Pages, both as public comments and as private messages. 

The legal basis of this processing is the performance of a contract to which the data subject is party, or the performance of pre-contractual obligations and the retention period is equal to the time necessary to comply with the data subject’s requests.

  1. b) To prevent or investigate illegal behavior or to protect and assert rights. We may use your data to prevent the breach of our intellectual property rights (for example, counterfeiting of our and/or our partners’ trademarks) or other illegal activities, as permitted by applicable law. 

The legal basis of this processing is the legitimate interest of the Data Controller. The data retention period is equal to the time that is reasonably necessary to assert our rights from the point at which we become aware of the illegal behavior or the potential to commit illegal behavior.

  • Nature of the provision of personal data

For the purposes of subparagraphs a) and b) referred to in the previous paragraph, the provision of data is necessary. 

  • Where your data is processed – data transfer

Data will be processed and stored at the offices and computer systems of the Data Controller. Exclusively regarding the data collected on our Social Pages, the same will be stored on the aforementioned platforms, namely Instagram, Twitter, Facebook and LinkedIn, according to the privacy policies of the latter that we invite you to consult.

  • Who we share your data with – personal data recipients

On the understanding that, where required by law, we will obtain your prior consent and carry out any formalities required by the law, we may share your data with the following third parties (acting as data processors):

Our service providers We may share your personal data with third parties so that they can provide us with services that will operate as data processors and with whom we will conclude an agreement in accordance with art. 28 GDPR aimed at protecting your data. These parties will only process data strictly necessary perform their functions and may use these data only for the purpose of providing services on our behalf or to comply with law. You can find out details of such data processors pursuant to art. 28 GDRPR by emailing at the above-mentioned addresses.

Where permitted or required by law, we may also share the data requested by a government body or by another authorized third party or organization for the purpose of protecting or exercising our rights or those of third parties, or for the purpose of limiting or preventing fraud or other illegal activities.

  • Minors

The Site is not aimed at under-18s, but rather at an adult audience. If you are a parent or guardian and you think your child may have transmitted data, you can contact us.

  • Security measures

We adopt the security measures required by law.

We adopt security measures to protect your data. The standard security measures that we use depend on the type of data we process and meet the legal requirements and the standards of European government agencies. 

  • Cookies

What are cookies. Cookies are small text files that from the websites visited by users send to their terminals, where they are stored before being re-transmitted to the same websites during subsequent visits. 

Cookies used by the Site and their purpose. The site uses cookies, which have the functionality of enabling the proper functioning of some sections, for example to access to the reserved area of the Site (“technical cookies”), to improve the browsing experience (“analytical cookies”), to help us offer marketing advertisement (“marketing cookies”).

The first time that you visit the Site, you will be asked to accept (or not accept) the cookies through a banner. You may refuse to accept all or some of the cookies, or you may modify your computer settings, also in the future, in order to know when you receive cookies or to disable the function of automatic acceptance of the cookies.

The Site uses the following types of cookies:

  • Technical (or browsing) cookies, which contribute to the functioning of the Site, for instance to enable the browse between pages; the legal basis for processing using these cookies is the Data Controller legitimate interest in providing efficient and well-functioning services to their customers; the retention period of these cookies starts from the date on which the site was first accessed until they are disabled.
  • Analytical cookies, which enable the acquisition of aggregated, anonymous statistical information concerning browsing habits; the legal basis of the processing underlying the use of these cookies is your consent; the retention period of these cookies starts from the date on which they are enabled on the website until they are disabled. The user can accept and disable these cookies – at their convenience – using the following chart and the cookie management tool.
  • Marketing cookies, which allow us to send advertising messages; the legal basis for processing data using these cookies is the consent of the data subjects; the retention period of these cookies runs from the date they are enabled on the site until they are disabled, i.e. for the retention periods indicated below Users may accept and disable these cookies whenever they like using the cookie management tool.

List of cookies

Cookie Provider Purposes Retention Type Deactivation
Tag Management Google Ireland User experience data collection, advertising Analytics, marketing Plug-in

Facebook Like button and social widgets


META Ireland User experience Analytics, marketing Plug-in
Google Fonts   Google Ireland User experience Analytics Plug-in

Instagram widget


META Ireland User experience Analytics, marketing Plug-in


All necessary cookies do not require your prior consent; therefore they are installed automatically after you access the Site but can be deactivated as described in the following paragraph.

For other cookies, you can give your consent by clicking on the acceptance button inside the banner displayed on the Site’s home page, or you can request that the Site use only the necessary cookies by clicking on the relevant button. You may revoke at any time all or part of the consent already expressed, even through the relative link indicated in the table for third party cookies or provide your consent at a later date.

Plugin Social Network

The Site provides plugins and/or buttons in order to allow easy sharing of content on your favorite social networks.

If you are logged into a social network, the social network may add information about your visit to the Site to your profile and collect traffic data, particularly if you are logged in at the time of your visit or if you have recently browsed one of the websites containing social plugins. If you do not want the social network to record information about your visit to the Site, you must log out of your social network account and delete the cookies that the social network has installed in your browser.

The collection and use of information by such third parties is governed by their respective privacy policies to which you should refer.

– Instagram (;

– Twitter ( and );

– Facebook ( );

– LinkedIn (inserire link).

How to disable technical cookies. It is possible to disable cookies through specific settings in your own browser or via the cookie management tool on the home page of the Site. Some of the Site’s functionalities may not work correctly is you refuse to use cookies.

Below you will find links explaining how to disable cookies on the most common browsers (for any other browser you may be using, we suggest that you search for this option in the software’s help section, which you can normally access by pressing the F1 key):

Internet Explorer: Click on the Settings button, then on Internet Options. Click on the Privacy tab and, in the Settings, move the bar to the very top to block all the cookies.

Google Chrome: Click on the menu on the browser toolbar. Select Settings. Click on “Show advanced settings”. In the “Privacy” section, click on the Content Settings button. Select “Prevent sites from saving data”.

Mozilla Firefox: Click on the menu button and select Options. Select the Privacy tab. In the History settings: select “use personal settings”. To enable cookies, tick Accept cookies from websites, and to disable them remove such mark.

Safari: Click on the menu toolbar on “Safari”, then on “Preferences”. Next, click on “Privacy”, then on “Details” to select the website, and click “Remove”.

  • Your rights

You can contact the Data Controller to request access to your personal data, modify it, delete it or limit its processing, to oppose its processing, and to request the portability of your data; you can also withdraw your consent at any time (this will not prejudice the lawfulness of the processing on the basis of the consent granted prior to the withdrawal).

When you exercise the right of access, you have the right to know whether your data is currently being processed, what the purpose of the processing is, what categories of data are being processed, who the recipients or categories of recipients of your data are (and, if they reside in a third country, what guarantees this transfer is based on), the retention period of your data (or the criteria for determining the retention period), whether automated processing is being carried out (for example through profiling), what the reason of the processing is, and the origin of the data (when not initially collected by us).

You have the right to lodge a complaint with the competent supervisory authority and, at any time, to ask the Data Controller for information about the data processors and parties that are authorized by the Data Controller to process your data. 

You can exercise your rights by contacting the Data Controller at the addresses indicated above.

You can also exercise your rights, in relation to the processing of personal data carried out through our Social Pages, by contacting Instagram, Twitter, Facebook and LinkedIn as provided in the respective privacy policies.

  • What happens if we change this privacy policy

We may make changes to our privacy policy. We will notify you of such changes as required by law. We will also post an updated version on the Site. It will have a different date than the one indicated below. Please check the Site periodically for updates.