Privacy & Cookie Policy

Privacy & Cookies

In this page, DigitalGO S.p.A., a company with registered offices in Via della Sierra Nevada, 60, 00144 Rome (the “Data Controller” or the “Company”) describes the manner in which the personal data of persons (“Data Subjects” or “Visitors”) who visit the DigitalGo website (“Website”) is processed.

This Privacy Policy is provided pursuant to article 13 of the Regulation (EU) 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (the “Regulation”).

Please note that this notice regards the Website only, and does not cover other websites that the Visitor may access via links included in the Website, nor does it cover other services provided by the Data Controller through other means/websites. Please refer to the specific privacy notices of such other websites or services, to understand the respective data processing policies.


Personal Data processed

Pursuant to Regulation, personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Against this background, we inform you that we process the following personal data:


  1. Personal data spontaneously submitted by the Visitor

The spontaneous sending of e-mails to the addresses indicated in the Website determines that the Company acquires the sender’s e-mail address (which is needed in order to allow the Company to reply) and any other personal data that the sender may include in said e-mails.

This data will be processed and used by the Data Controller, in compliance with the provisions of the Regulation and the applicable Italian legislation, for the time strictly necessary to replied to the masse and/or provide the requested information. Except for the e-mail address – the processing of which is inherent to e-mail communication – the spontaneous provision of any other personal data within a message addressed to the Data Controller is voluntary. However, the fact that the Data Subject does not supply additional personal data, might, in some circumstances, make it impossible for the Data Controller to adequately answer the request.

Should the Visitor send a message in reply to a job posting, or generally aimed at working with DigitalGO, their personal data (including CV’s, cover letters, or any other information) shall be processed only for the purposes of assessing a possible recruitment by the Company (or its subsidiaries), and in any case in compliance with the provisions of the Regulation and the applicable Italian legislation.

If the application is unsuccessful, the Visitor’s personal data will be deleted within one month. However, if the Visitor expressly provides their consent, the Visitor’s data will be archived for an additional period of two years, with the exclusive aim of considering the Visitor’s profile as a potential candidate for future openings (“Additional Processing”).

If the information submitted by the Visitor contains any of the data referred to in article 9 of the Regulation (data revealing racial or ethnic origin, political opinions, religious or philosophical convictions, union membership, genetic data, biometric data intended to uniquely identify a physical person, data relating to the health, sexual life or sexual orientation), it must be accompanied by a written declaration of consent regarding the processing of such data. In lack thereof, the Visitor’s data will be cancelled immediately.

Except as provided for above with regard to article 9 data, the provision of your personal data to us required in order to achieve the scope set forth above; thus, on the terms of article 6(1)(b) of the Regulation, their processing does not require your consent. We underline that you are not obligated to provide us with your personal data – however, if you choose not to provide us with said data, or if you provide us with only part of your data, we will not be able to proceed with the necessary pre-contractual steps.


  1. Navigation Data

The technological systems and procedures that make this Website work, acquire personal data as they function, the processing of which is implicit while using internet communication protocols (“Navigation Data”). This category of data includes IP addresses or domain names of the device used by the Visitor to access the Website, the requests made by the Visitor while interacting with the Website (e.g. opening a specific section of the Website), the timing of said requests, etc. We do not process Navigation Data in order to associate it with identified persons. However, by its very nature, Navigation Data might – if elaborated and associated with data held by third parties – allow the identification of the Visitors.

We process Navigation Data with the sole scope of obtaining statistical and anonymous information regarding the Visitors’ use of the Website and to ensure that the Website works correctly. Except as provided below on cookies, this data is erased immediately after being used. We might also use navigation data for the identification of liabilities in case of electronic crimes against the Website. Said processing activity is carried out in order to defend the Data Controller’s legitimate interest.


  1. Cookies

Cookies are small text files that are placed on your device by websites that you visit, designed to be a reliable mechanism for websites to remember relevant information (such as items in a shopping cart) or to record the user’s browsing activity (clicking particular buttons, logging in etc.). Cookies can be “persistent” or “session” cookies. During the navigation, the user’s device may also receive cookies from other web servers (“third party cookies”) where certain elements visualized in the website that the user is visiting (such as maps, images, sounds, or links) are stored.

Depending on their scope, cookies may be classified as technical cookies or profiling cookies.

Technical cookies may be classified in: (a) navigation or session cookies, which guarantee the correct function and use of the website (e.g. allow for a purchase to be completed or for a user to log-in to a private area); (b) analytic cookies, which constitute technical cookies to the extent that the website owner uses them to collect aggregated information on the number of visitors and how they interact with the website; and (c) feature cookies, which allow the user to browse on the basis of a series of selected criteria (such as language, or selected items for purchase) in order to improve the service.

While browsing through the Website, the following Cookies (or similar instruments) may be dropped on the Visitor’s device:

  1. Google Analytics: These monitor how Visitors arrive to the Website and move around the Website itself. These cookies, owned by Google, are the only ones actually managed by us. We use these cookies inn order to have a general overview on things like the type of content Visitors prefer, or the number of pages visited per browsing session. All data retrieved from these cookies is processed in an aggregate form. .See more information on google analytics here: ;
  2. Twitter plug-in: The Website has integrated the twitter plug-in. Twitter may thus drop cookies on your device if you navigate on the Website while you are logged-in to your twitter account. We have no access to the information which Twitter might possibly collect through such cookies. See more information here:;

Most internet browsers accept cookies automatically, but you can change the settings of your browser prevent automatic acceptance or erase them.

You can find here more information:

Internet Explorer:






Modalities of data processing, communication and disclosure

The data is processed in compliance with article 5 of the Regulation, and the processing activities may involve either hard copy or software tools to store and manage the data. Moreover, within the limits set forth by the Regulation and the applicable Italian provisions on data security, the processing may involve any operation or set of operations which are required to achieve the aims set forth herein. The data shall be processed for as long as strictly necessary in order to achieve such aims.

Specific security measures are in place which aim at preventing the loss of data, possible illegal or otherwise misuse of the data, as well as unauthorized access to the data.

The personal data will be processed by persons acting under the authority of the Company and duly instructed with regard to the processing activities, as well as by persons who perform certain services in favor of the Company (in particular technical support services, communication services and/or recruitment services), and which the Company has appointed as data processors pursuant to art. 28 of the Regulation. Please refer to the Data Controller for a full list of external processors.

Finally, please note that we might communicate personal data to our subsidiaries, in case the Visitor has applied to a position opened by one of said subsidiaries or, if the Visitor has provided their consent to the Additional Processing, if their profile is compatible with an opening with one of our subsidiaries. Our subsidiaries have been appointed as data processors and the possible transfer of data to a subsidiary located outside the EU shall be based on the basis of the standard data protection clauses adopted by the Commission. Their processing of the Visitors’ data who browse through the “Work with us” section of the Website is thus based on art. 46 of the Regulation.

Except as expressly described above, we will not disclose personal data to any third party, nor will we make it public.


Rights of the data subjects

The Regulation requires the data controller to provide the Data Subjects with all the above information. In particular, each Data Subject is entitled to receive information on the identity and the contact details of the controller and, where applicable, of the controller’s representative and/or data protection officer. The Data Subject is also entitled to information on: (i) the purposes of the processing and its legal basis (and, if applicable, the legitimate interests pursued by the controller which justify the processing activities); (ii) the existence of any recipients or categories of recipients of the personal data; and (iii) the fact that the controller

intends to transfer personal data to a third country, as well as the legal basis for such transfer. Moreover, where personal data have not been obtained from the data subject, the data subject is entitled to receive all available information as to the origin of the data. The Data Subject is also entitled to receive information on the period for which the personal data will be stored and, if applicable, the existence of automated decision-making, including profiling. Where such activities are carried out, the Data Subject is entitled to obtain meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject.

Lastly, the Regulation provides you with the following rights:

  1. the right to request from the controller access to and rectification or erasure of personal data or restriction of processing concerning the data subject or to object to processing;
  2. the right to lodge a complaint with a supervisory authority;
  3. the right to data portability.

Where the processing of personal data is based on your consent, you are entitled to withdraw such consent at any time. The withdrawal of the Data Subject’s consent determines that the controller may no longer process the data, without however affecting the lawfulness of processing based on consent before its withdrawal.

You may direct any requests relating to the exercise of their rights and/or any requests for additional information on the processing activities described above to the Data Controller or to the Data Protection Officer, if appointed. DigitalGO has appointed Mr. Lapo Curini Galletti as DPO. You may contact the Data Controller and/or the DPO at the following e-mail address: