The information below is reproduced directly from the official website of "Guarantor of Privacy"
didattic purpose to explain what Cookies are.
In the final part of the page is shown the use that GetMyRefs makes of this information.
WHAT COOKIES ARE
The discipline related to the use of c.d. cookies and other similar tools (web beacons / web bugs, clear GIFs, etc.) in the terminals
(personal computers, notebooks, tablet PCs, smartphones, etc.) used by users has been recently amended following the implementation
of Directive 2009/136 amending the "e-Privacy" Directive (2002/58 / EC).
This document aims to provide, through the FAQ tool, clarifications on the new Italian and European disciplines with particular emphasis,
1. What is meant when talking about cookies?
Cookies are small text files that user-visited sites send to their terminal (usually the browser),
where they are stored to be retransmitted to the same sites at the next visit of the same user.
While surfing a site, the user can also receive site cookies or different web servers on his terminal
("Third Party" cookies); this is because the web site you visit may include items such as images, maps,
sounds, specific links to web pages from other domains that reside on servers other than the one on which the requested page is located.
In other words, those cookies are set from a website other than what you are currently visiting.
Cookies are used to perform computer authentication, session monitoring, and storage of specific information about users who access the server and are normally present in each user's browser in a very large number.
Cookies can remain in the system for long periods and may also contain a unique identifier. This allows sites that use them to track user navigation within the site for statistical or advertising purposes to create a personalized profile of the user from the pages that the site visited and then show them advertising targeted (cd Behavioral Advertising).
2. What is now the e-privacy directive?
The e-Privacy Directive (2002/58 / EC) was amended in 2009 by another directive (2009/136) which introduced the opt-in principle in all cases where access to or they record "information" (including cookies) on the user's terminal or subscriber. Therefore, so that cookies can be stored on the user's terminal while browsing the Internet, the user must always be based on clear and complete information about the ways and purposes of processing his data a prior consent to treatment (see Article 5 (3) of Directive 2002/58 / EC).
3. How does discipline change in Italy?
Changing the cookie discipline in Italy seems less radical than the rest of Europe. In fact, the rule of opt-in (prior consent) was valid, but only for the "technical" cookies mentioned above.
Any other access and any other unauthorized recording on the user / subscriber terminal was prohibited. Therefore, providers of electronic communications services could only use "technical" cookies only and only to users who had expressed their consent on the basis of a suitable information on the purpose and duration of the treatment. The actual regulation of the use of such cookies was then subjected to a code of ethics and good conduct.
By way of example - as clarified by the "Article 29" Group in a recent opinion (WP194) - are cookies for which there is no need to acquire prior informed and informed consent of the user:
• Cookies implanted in the user's / contractor's terminal directly from the individual web site owner if they are not used for further purposes: it is the case of session cookies used to "fill in the cart" in online purchases, authentication, cookies for multimedia content such as flash players if they do not exceed the duration of the session, personalization cookies (for example, navigation language selection) etc .;
• cookies used to statistically analyze site visits / visits (so-called analytics cookies) if they only pursue statistical purposes and collect information in aggregate form; However, the information provided by the website should be clear and adequate and provide users with easy ways to opt-out (including any cookie anonymization mechanisms).
Excluding technical cookies, even in the new legislation, the general rule for "storing information in a contractor's terminal or a user or accessing information already archived" remains the prior informed consent of the user ( opt-in). This means that all cookies that can not be qualified as "technicians", which may be critically vulnerable to the privacy of users, such as those used for profiling and marketing, can not be installed on user terminals if they have not been adequately informed beforehand and have not given them a valid consent.
4. What features must have the informative to users?
As mentioned above, the storage of cookies on user terminals must be preliminarily brought to their knowledge by means of clear information, made using the simplified methods of art. 13, paragraph 3 of the Code. This is true regardless of the need to obtain the consent of users or contractors (see previous paragraph).
In this respect, the new art. 122, paragraph 1, states that the Guarantor, for the purpose of determining the simplified simplified rules, also takes into account the proposals made by the associations that may be representative at national level of the consumers and economic categories involved, also in order to ensure the use of methodologies that ensure the effective awareness of the contractor or the user. "
In addition to preparing these FAQs, the Authority has launched a public consultation aimed at consumers and key industry players in order to obtain their proposals and identify appropriate ways to inform users with messages that are at the same time clear and slim. Although provided in simplified terms, the information must clearly indicate what the purposes of the cookie are.
By way of example, the purpose of creating user profiles in order to send them targeted advertising messages can not be indicated in the information with reference to the mere advertising purpose of using cookies, but it should be specified that they will allow the manager of the site to realize precisely a profile aimed at the subsequent direct marketing activity.
The idea is to use these tools to allow operators to easily acquire user consent to cookies, but that, in order to be valid, must have all the features provided by law. It must, in other words, be specific, free and express, as foreseen by art. 23 of the Code. Directive 2009/136 / EC, moreover, foresees the use of alternative forms of disclosure of the consent of the user, specifies that the same must still comply with the relevant provisions of Directive 95/46 / EC.
First, therefore, the use of any tool in order to acquire the user's consent to installing cookies should be preceded by a proper disclosure, so that the user can choose which cookies to accept and to which purposes.
The tools referred to above are state-of-the-art, and it is not excluded that in the short time the creativity of the advertising industry and network operators will develop new ones.
By way of example, reference is made to:
• Settings in common browsers that allow cookies to be stored in Internet terminal browsers and which normally also allow you to set cookie rules so that "third-party" content is not accepted. Some also allow you to block third-party cookies and not others by using a feature that lets you indicate which domains allow you to send cookies;
• Specific programs that can be added to the browser (plug-ins), which specialize in functions commonly made available by navigation software and which can be configured by the user to make a selection of cookies based on the domains of origin;
• the CD. "do not track", which allows the user to report to each site visited his or her intention to be or not traced during navigation. This technical mode is still being discussed in international standardization bodies; it begins to be made available on some of the latest generation browsers but, since it is not standardized, there is no certainty that the signals that you send to the servers through these features are actually "listened" to them.
6. Who is required to inform users and obtain their consent?
In the event that a site also permits the transmission of "third party" cookies (see point 1), the disclosure and the acquisition of the consent are usually borne by the third party. You need to be properly informed, albeit with the simplified rules provided by law, when you access the site that allows you to store third-party cookies, or when accessing the content provided by third parties, and, in any event, before cookies are downloaded to your terminal.
It is not excluded that, even on the basis of agreements with third-party sites, the information provided to users from the "first part" site also contains cookie information that is automatically transmitted by third parties. Even then, the information should specify the purpose of the cookies used, and then indicate whether they are intended to create user profiles and to send them targeted ads or to make traffic measurements for site performance evaluation.
Similarly, it can not be excluded that the consent is also acquired by third parties through the "first part" site. It should be borne in mind that the request for the consent of the user must be closely related to the information given to him so that he can make real choices. It will then look after the various managers involved to discipline their respective roles with particular regard to the relationship between the holder and the controller in accordance with the rules on the protection of personal data.
These are cookies specifically used to allow the proper functioning and enjoyment of our sites.
For example, technical cookies are used for user login and general portal usage. They are mainly delivered by GetMyRefs servers
or, in the case of the integration of external services such as social networks, by third parties.
These are cookies used to send advertisements in line with user-defined preferences in the scope
of network browsing. They can be delivered through our site by third parties. Companies that offer or advertise
your products through this site may assign cookies to user terminals. The categories of cookies used and the
the kind of personal data processing by these companies are regulated in accordance with the information provided by these companies
GetMyRefs uses specifically:
- Facebook Connect and Facebook Social Graph (to provide social networked services via Facebook APIs);
- Google, Google AdWords, Google Adsense, Google Plus (main advertising service and link to Google social network);
- Twitter Developers (to provide social networking services through Twitter APIs).
These are cookies used for statistical analysis, to improve the site, and to simplify its use, as well as to track it
the correct operation. This type of cookie collects anonymous information about the activity of users on the site.
This type of cookie is delivered exclusively by third parties
GetMyRefs uses specifically:
- Google and Google Analytics (their use is critical to controlling and preventing any problems with Adsense).
How to Give or Cancel Consent
/ banner or continuing navigation on the site, and can be revoked at any time as indicated below.
How to control cookies
Delivering all cookies, both first and third, can be disabled by working on your browser settings;
It's good to note however that this could make sites unusable if they block cookies that are indispensable for
the provision of functionality. Each browser has different settings for disabling cookies. More
information about the procedure to turn off cookies can be found on the website of your internet browser provider.
Below are some important resources to refer to:
- For more information on how Google uses the data when using sites or applications of its partners, visit https://www.google.com/intl/it/policies/privacy/partners/
- For more about Adsense cookies and how to deny consent, visit https://support.google.com/adsense/answer/2839090
- For more about Google Analytics and how to deny consent to using cookies, visit https://support.google.com/analytics/answer/6004245
Third-party sites that you can access via this website are not covered by this information. GetMyRefs declined
any responsibility for them. The categories of cookies used and the type of personal data processing by
these companies are regulated in accordance with the information provided by these companies.
If you want more informations about advertising networks, affiliate programs, how cookies are used for advertising purposes,