Privacy Policy

1. WHY THIS PRIVACY POLICY?

This Privacy Policy describes how Colliers Global Investors Italy SGR S.p.A. (hereinafter “Colliers” or the “Data Controller”) manages its website, and in particular the purposes for which the personal data (hereinafter “Personal Data”) of the users who consult it (hereinafter the “Data Subjects” or “Users”) are collected, recorded and used and the related modalities.

This document refers solely to the site www.colliersglobalinvestors.it (hereinafter the “Site”), and not also to any other websites consulted by the User via links contained in the pages of such sites. The Site is controlled and managed by Colliers, with registered office in Milan at Via Giuseppe Mazzini 9 – 20123, in its capacity as the Data Controller of the Personal Data collected via it.

This Privacy Policy is addressed to those who use Colliers’ Web services and is intended to meet the requirements of Regulation (EU) No. 679/2016 (hereinafter the “Regulation“) and Italian Legislative Decree No. 196/2003. It is also inspired by Recommendation No. 2/2001, adopted on 17 May 2001 by the European personal data protection authorities, grouped together in the Working Party established by Article 29 of Directive 95/46/EC, in order to define certain minimum requirements for collecting Personal Data online. In particular, these include the methods, timing and nature of the information that Data Controllers must provide to Data Subjects when the latter connect to Web pages, regardless of the purposes of such connections.

2. TYPE OF DATA PROCESSED

2.1. Browsing data: the information technology systems and software procedures responsible for the functioning of the Site acquire, in the normal course of operation, some Personal Data that is then transmitted implicitly in the use of Internet communications protocols.

Such information is not collected to be associated with specifically identified Data Subjects, but by its nature it could nonetheless be used to identify Data Subjects through further processing and association with other data.

This category of data includes personal particulars (such as name, surname and e-mail address), the IP addresses or domain names of the computers used by the Users who connect to the Site, the URI (Uniform Resource Identifier) addresses of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response provided by the server (success, error, etc.) and other parameters relating to the User’s operating system and IT environment.

2.2. Data voluntarily provided by the User: the optional, explicit and voluntary sending of contact requests via e-mail to the addresses indicated on this Site and/or through the use of the form contained in the specific section of the Site entails the acquisition of the sender’s name, surname and e-mail address, necessary to respond to any requests, as well as of any other Personal Data included in the message.

2.3. In any event, and where necessary, specific policy summaries and appropriate consent requests are presented or displayed on the pages of the Site set up for the various on-demand services.

3. PURPOSES AND LEGAL BASIS OF THE PROCESSING

3.1. Browsing data is only used to obtain anonymous statistical information on the use of the Site and to monitor that it is functioning properly. Once processed, browsing data is therefore deleted immediately. Data could be used to ascertain responsibility in the event of a cybercrime against the Site.

3.2. The Personal Data provided by Users who send contact requests pursuant to Article 2.2 above is only used to fulfil or respond to the requests submitted and is only disclosed to third parties where necessary for that purpose. The legal basis for collecting and processing such Personal Data, pursuant to Article 6 of the Regulation, is the provision of services expressly requested by the Users and the legitimate interest of the Data Controller in responding promptly to the requests received.

3.3. Colliers may process the personal data of Users in order to pursue its own or third-party “legitimate interests”, such as the management of any disputes, grievances, controversies or complaints, as well as to protect its IT systems and comply with applicable laws and regulations.

3.4. Processing relating to the services offered through this Site is handled by Colliers’ personnel specifically appointed to processing personal data, as well as by third parties acting as data processors.

4. CATEGORIES OF RECIPIENTS TO WHOM PERSONAL DATA MAY BE DISCLOSED

4.1. The Data Subject’s Personal Data may be processed by Colliers contractors and/or employees in the context of their respective functions or by any third parties appropriately designated “data processors” from time to time pursuant to Article 28 of the Regulation, in accordance with the instructions provided by the Data Controller.

4.2. Where necessary, data may be accessible to a judicial authority or police upon specific request. Where necessary or required by laws, regulations, European legislation or decisions of courts, arbitrators or public authorities, or in order to fulfil contractual obligations (e.g., public entities, supervisory authorities, banking institutions, etc.), personal data may be transmitted to parties to which disclosure has been envisaged. Data may also be disclosed to Internet providers, Web administrators and data entry and mailing companies.

5. Cookies

No Personal Data of Data Subjects is acquired by the Site through profiling cookies or other tracking tools.

The use of “session cookies” (which are not stored permanently on the User’s computer and are erased when the browser is closed) is strictly limited to the transmission of the session identifiers (consisting of random numbers generated by the server) needed to permit secure, efficient navigation of the Site.

The session cookies used by the Site avoid the use of other IT techniques potentially detrimental to the confidentiality of Data Subjects’ navigation, and in any case do not permit the acquisition of Personal Data identifying the Data Subject.

For more information, the User is invited to read the extended Cookie Policy.

5. Data Processing modalities

Colliers Global Investors Italy SGR S.p.A, will carry out operations of collection, registration, conservation and archiving of personal data by means of manual, computeri and telematic tools with logic strictly related to the purposes and, in any case, in such a way as to guarantee the security and confidentiality of the data collected.

The security of the data and their transmission is guaranteed by adequate protection systems such as antivirus, anti-ramsonware, firewalls and access passwords, and by physical measures to select and prevent access to the premises where the data are stored.

6. OPTIONAL NATURE OF DATA CONFERMENT

Except as specified for browsing data, the Data Subject has the right to decide whether to provide Personal Data by sending an e-mail or filling in the contact form for submitting a request to Colliers.

In such cases, failure to provide the above Personal Data may render it impossible for the Data Controller to fulfil the Data Subjects’ requests.

7. DATA PROCESSING MODALITIES AND DATA RETENTION CRITERIA

Personal Data is processed using automated tools for the time strictly necessary to achieve the purposes for which it has been collected. Personal Data processed to fulfil Users’ requests will be retained for as long as needed to provide the requested services and, where applicable, for the additional periods established by specific legal provisions, in accordance with current legal and tax obligations.

Specific security measures are adopted to prevent data loss, illegal or improper data use or unauthorised access to data. The technical security measures implemented by Colliers include antivirus and anti-ransomware systems, firewalls and access passwords, in addition to physical security measures designed to prevent access to the premises in which data is kept.

8. RIGHTS OF THE DATA SUBJECTS

The persons to whom the Personal Data refers have the right of access at all times, where the legal requirements have been met, in order to obtain confirmation of whether such data exists, in addition to the right to know the content and origin of the data, request that inaccurate data be rectified, request the supplementation or updating of incomplete data, or request the restriction of processing and data portability (Articles 15-22 of the Regulation).

The Data Subject also has the right to request the erasure, anonymisation or blocking of personal data processed in a structured format legible by an automatic device, as well as to object to the processing of such data for legitimate reasons. Requests may be sent by e-mail to the address: privacyitaly@colliersglobalinvestors.com.

With regard to the processing of personal data described in this Privacy Policy, Data Subjects may also lodge complaints with the Italian Data Protection Authority (www.garanteprivacy.it).

9. DATA PROTECTION OFFICER

The contact data of Colliers’ Data Protection Officer (“DPO”), Atty. Francesco Conti, of the Court of Milan, are as follows:

• address – Milan, Corso Europa 12, 20122;
• telephone – +39 02 30309396;
• e-mail – privacyitaly@colliersglobalinvestors.com.

10. TRANSFER ABROAD

Personal Data will not be transferred to non-EU countries.

December 2022