Cookie Policy : Racetrack San Siro Milan

COOKIE POLICY

	1. IDENTITY AND CONTACT DETAILS OF THE DATA CONTROLLER AND THE DATA PROTECTION OFFICER The Data Controller is SNAITECH S.p.A., with registered office at Via Vittor Pisani n. 22, 20124 Milan, certified email address (PEC) snaispa@snaitech.legalmail.it, email privacy@snaitech.it, Companies Register and Fiscal Code 00754850154, VAT number 01729640464. The Data Protection Officer (DPO) can be contacted at the following email address: dpo@snaitech.it
	2. PURPOSES Your personal data may be processed for the following purposes (for details on the cookies present, please refer to the information in the control panel): • to ensure navigation and use of the website; • to optimize the functionality of the site by storing certain choices made by the user (such as language preferences, user authentication for the duration of the session, or relating to the use of multimedia content on the site); • to improve the use of the website through the analysis of data/information collected through it; • to send communications, including informational/commercial ones, in line with the user’s tastes and/or preferences, with the aim of improving the experience of using the Site itself by creating specific user profiles.
	3. LEGAL BASIS FOR THE PROCESSING OF PERSONAL DATA The processing related to purpose (1) has a contractual legal basis. The processing related to purposes (2), (3), and (4) has consent as its legal basis. The processing of personal data will be carried out using IT tools in compliance with the provisions on the protection of personal data and, in particular, the security measures that guarantee its confidentiality.
	4. TYPES OF DATA Browsing data (by way of example, IP address, pages visited, server response status code, types of devices and operating system used for connection to the site).
	5. WHAT ARE COOKIES Cookies are small text strings exchanged between a server and a web client. Specifically, these are files that a website sends to the user’s browser and that are saved on their device. During navigation, minimal amounts of information will be collected on the devices in use (whether computers or mobile devices) in small text files – precisely called “cookies” – saved in the directories used by the User’s web browser, for varying periods of time depending on the need and generally ranging from a few hours to several years. The information recorded on the user’s device may be reused during the same visit to the sites (session cookies) or later, even after several days (persistent cookies). Cookies are stored, based on the user’s preferences, by the individual browser on the specific device used (computer, tablet, smartphone). Cookies can be classified based on: • duration: session or persistent cookies; • origin: first-party or third-party cookies; • nature: technical, analytical, or profiling cookies. Regarding duration, cookies that expire at the end of a browser session (normally when a user closes their browser) are defined as session cookies and are useful, for example, for remembering a user’s purchase order or for security purposes, such as when accessing their Internet banking or webmail account. Cookies that, instead, are stored for a longer period (between sessions) are called persistent cookies and are useful, for example, for remembering user preferences or for proposing targeted advertising. Regarding origin, the definition of first-party or third-party refers to the website or domain that installs the cookie. First-party cookies are installed directly by the website the user is visiting, while third-party cookies are installed by a domain different from the one the user is visiting, for example, if the website incorporates elements from other sites, such as images, social media plugins, or advertising. Regarding nature, the classification of cookies made by the Data Controller is as follows: • strictly necessary cookies: these are essential for the proper functioning and navigation of a website, as well as for managing various services related to it (such as a login or access to restricted functions on the site); • functionality cookies: these allow the optimization of website functionalities (for example, by remembering choices made by the user) and provide advanced personalization; • statistical cookies: these allow the collection of information on the use of a site in order to measure and improve its performance, for example, to evaluate the effectiveness of a service or to help measure “traffic” (e.g., the number of visitors, possibly also broken down by geographical area, time slot of the connection, or other characteristics); • profiling cookies: these store specific information to link specific actions or recurring behavioral patterns in the use of the offered functionalities (patterns) to determined, identified, or identifiable subjects, for the purpose of grouping different profiles within homogeneous clusters of varying size, so that the Data Controller can, among other things, also modulate the provision of the service in an increasingly personalized way beyond what is strictly necessary for the provision of the service, as well as send targeted advertising messages, i.e., in line with the preferences expressed by the user while browsing the internet.
	6. DATA TRANSFER ABROAD Personal data will not be transferred abroad except to non-EU countries that ensure adequate levels of security.
	7. MANDATORY OR OPTIONAL NATURE OF DATA PROVISION AND CONSEQUENCES OF FAILURE TO PROVIDE DATA The provision of personal data processed through the installation of strictly necessary cookies is mandatory to ensure navigation/use of the website. The provision of personal data processed through the installation of the other categories of cookies mentioned above is optional; failure to provide such data implies the impossibility of carrying out the activities indicated in the purposes referred to in point 2.
	8. COOKIES INSTALLED/TRANSMITTED BY THIRD PARTIES These cookies: • are installed/transmitted by third parties; • originate from websites other than the one currently being visited; • may also be transmitted by other domains owned by SNAITECH, always governed by third parties. Third parties act as Data Controllers and are required to adopt policies on the protection of personal data. For the list of Third Parties and links to their data processing information, please refer to the control panel, under the item “Provider” in “Show details” of each cookie category.
	9. TYPES OF COOKIES AND RETENTION PERIOD Complete information on the installed cookies is available within the control panel by selecting “COOKIE SETTINGS” in the cookie banner and/or the dedicated “CO” icon within the site.
	10. MANAGING COOKIES FROM BROWSER SETTINGS Users can still express their preferences regarding browser cookies through the browser settings themselves. By default, almost all web browsers are set to automatically accept cookies, but users can change the default configuration through the settings of the browser used, which allow disabling and/or deleting all or some cookies or blocking the sending of cookies or limiting it to certain sites. Disabling or deleting cookies may compromise the optimal use of some areas of the site or prevent certain functionalities, as well as affect the operation of third-party services. The configuration of cookie management depends on the browser used. For further details, please refer to the instructions within each browser used (by way of example, Chrome, Firefox, Edge, Safari, Opera).
	11. RIGHTS OF THE DATA SUBJECT The Data Subject, in the presence of the necessary conditions, may exercise at any time, through the contact details provided above, the rights provided for by the legislation, including the right: • to access their personal data, obtaining evidence of the purposes, the categories of data involved, the recipients to whom they may be communicated, the applicable retention period, the existence of automated decision-making processes (Art. 15 GDPR 2016/679); • to obtain the rectification of inaccurate personal data or the integration of incomplete data (Art. 16 GDPR 2016/679); • to obtain the erasure of data (Art. 17 GDPR 2016/679); • to obtain the restriction of processing (Art. 18 GDPR 2016/679); • to receive in a structured, commonly used, and machine-readable format the personal data concerning them that has been provided to a data controller and has the right to transmit such data to another data controller without hindrance from the controller to whom it has been provided, where the conditions required by law are met (Art. 20 GDPR 2016/679); • to object to the processing and to withdraw their consent, without prejudice to the lawfulness of the processing based on the consent given before the withdrawal (Art. 21 GDPR 2016/679); • not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning them or similarly significantly affects their person (Art. 22 GDPR 2016/679). Furthermore, the Data Subject has the right to lodge a complaint with the Supervisory Authority, pursuant to Art. 77 of the GDPR 2016/679, following the procedures and indications published on the official website of the Authority at www.garanteprivacy.it, as well as to take appropriate legal action pursuant to Articles 78 and 79 of the GDPR 2016/679. The exercise of rights is not subject to any formal constraints and is free of charge. If the Data Subject’s requests are manifestly unfounded or excessive, in particular due to their repetitive nature, the Data Controller may: • charge a reasonable fee taking into account the administrative costs incurred in providing the information or communication or taking the action requested; or • refuse to act on the request. In accordance with Article 12, paragraph 3, GDPR 2016/679, the Data Controller will provide a response to the Data Subject without undue delay and, in any case, no later than one month after receipt of the request. This period may be extended by two months if necessary, taking into account the complexity and number of requests (in this case, the Data Controller will inform the Data Subject of the extension and the reasons for the delay, always within one month of receiving the request). Without prejudice to Article 11 of the European Regulation 2016/679, if the Data Controller has reasonable doubts about the identity of the natural person making the request referred to in Articles 15 to 22 GDPR 2016/679, they may request additional information necessary to confirm the identity of the Data Subject.
	12. REGULATIONS AND REQUIREMENTS RELATING TO THE PROCESSING OF PERSONAL DATA THROUGH COOKIES The contents of this document comply with the provisions of: • EU Regulation 2016/679 (GDPR); • European Directive 2009-136-EC (so-called ePrivacy Directive) and subsequent amendments, as transposed into national law in Article 122 of Legislative Decree 30 June 2003, no. 196 and subsequent amendments (“Privacy Code”); • contained in the documents issued on the matter by the Article 29 Working Party on Data Protection (“WP29”) and subsequently named the European Data Protection Board (“EDPB”), with particular regard to “Opinion 04/2012 on Cookie Consent Exemption” of 7 June 2012 and “Guidelines 05/2020 on Consent under Regulation 2016/679” of 4 May 2020; • contained in Provision no. 229 of 8 May 2014 by the Italian Data Protection Authority; • recalled in the “Guidelines on the use of cookies and other tracking tools” of the Italian Data Protection Authority, which came into force on 10 January 2022; • of the European Commission’s Adequacy Decision of 10 July 2023 relating to the “EU-US Data Privacy Framework”. The Data Controller reserves the right to revise, modify, or update this cookie policy at any time, also in response to changes and/or new national and European regulations on the protection of personal data. Please therefore consult the dedicated section regularly to check the latest version of the document, referring to the date of the last revision indicated at the bottom of the document.