1. This section contains information on how user data are processed for the service called PotPot,
offered by PotPot S.r.l.
2. This information also has value for the purposes of art. 13 of Legislative Decree No. 196/2003,
code on the protection of personal data, and for the purposes of art. 13 of EU Regulation No
2016/679, relating to the protection of individuals with regard to the processing of personal data as
well as the free movement of such data, for subjects interacting with PotPot and can be reached at
the address corresponding to the home page: www.potpot.biz.
3. The information is real only for PotPot website and related app/ web-app and not also for other
websites that may be consulted by the user through links contained in it.
4. The purpose of this document is to provide information about the methods, times and nature of
the information that data controllers must provide to users at the time of connection to PotPot web
pages and app/ web-app, regardless of the purposes of the connection itself, according to Italian and
5. The information may be subject to change due to the introduction of new rules in this regard,
therefore, the user is invited to periodically check this page.
6. If the user is under sixteen years of age, pursuant to art. 8, c. 1 EU Regulation 2016/679, must
legitimise its consent through the authorisation of parents or those who take their place.
II - DATA PROCESSING
1. Data controller
1.1. The data controller is the natural or legal person, public authority, service or other body that,
individually or together with others, determines the purposes and means of processing personal
data. It also deals with security profiles.
1.2. With regard to this website and its app/ web-app, the data controller is PotPot S.r.l. and for any
clarification or exercise of the user rights he may contact and the company at the following email
2. Data responsible
2.1. The data responsible is the natural or legal person, public authority, service or other body that
processes personal data on behalf of the data controller.
2.2. Pursuant to Article 28 of EU Regulation No 2016/679, on the appointment of the data
controller, the data responsible of the www.potpot.biz site and the app called PotPot is Mr. Antonio
Picozzi, born in Caserta on the 01/03/1995, S.S.N. PCZNTN95A03B963H, administrator and legal
representative of PotPot S.r.l.
3. Place of data processing
3.1. The data generated by the use of the website and the PotPot app/ web-app takes place in Milan,
in via Crema 15.
3.2. In case of need, the data connected to the service can be processed by the data responsible or
subjects appointed by him for this purpose at the relative headquarters.
III - COOKIES
1. Type of cookies
intuitive: cookies are small strings of text used to store some information that may concern the user,
his preferences or the Internet access device (computer, tablet or mobile phone) and are mainly used
to adapt the operation of the site to the user's expectations, offering a more personalized browsing
experience and storing the choices made previously.
1.2. A cookie consists of a small set of data transferred to the user's browser from a web server and
can only be read by the server that made the transfer. This is not executable code and does not
1.3. Cookies do not record any personal information and any identifiable data will not be stored. If
desired, the user can prevent some or all cookies from being saved. However, in this case the use of
the site and the services offered may be compromised. To proceed without changing the options
related to cookies it is enough to continue with the navigation.
Below are the types of cookies that the site uses:
2. Technical cookies
2.1. There are numerous technologies used to store information on the user's computer, which are
then collected from other sites. Among them the best known and used is HTML. They are used for
navigation and to facilitate access and use of the site by the user. They are necessary for the
transmission of communications over an electronic network or to the supplier to provide the service
requested by the customer.
2.2. The settings for managing or deactivating cookies may vary depending on the internet browser
used. In any case, the user can manage or request the general deactivation or deletion of cookies,
changing the settings of his internet browser. Such deactivation may slow down or prevent access to
certain parts of the site.
2.3. The use of technical cookies allows the safe and efficient use of the site.
2.4. Cookies that are inserted into the browser and retransmitted through Google Analytics or
through the statistics service of bloggers or similar are technical only if used for the purpose of
optimizing the site directly by the owner of the site itself, who can collect information in aggregate
on the number of users and how they visit the site. Under these conditions, the same rules apply to
Analytics cookies, in terms of information and consent, provided for technical cookies.
2.5. From the point of view of duration the user can distinguish temporary session cookies that are
automatically deleted at the end of the browsing session and serve to identify the user and therefore
avoid login to each page visited and permanent ones that remain active on the PC until expiration or
cancellation by the user.
2.6. Session cookies may be installed in order to allow access and stay in the reserved area of the
portal as an authenticated user.
2.7. They are not stored persistently but exclusively for the duration of the navigation until the
browser is closed and vanish with the closure of the same. Their use is strictly limited to the
transmission of session identifiers consisting of random server-generated numbers necessary to
enable safe and efficient navigation of the site.
3. Third-party cookies
3.1. In relation to the origin, cookies sent to the browser directly from the site the user is visiting are
distinguished from third-party cookies sent to the computer from other sites and not from the one
the user is visiting.
3.2. Permanent cookies are often third-party cookies.
3.3. Most of the cookies of these parts consist of tracking cookies used to identify online behavior,
understand interests and then customize advertising proposals for users.
3.4. Analytical third-party cookies may be installed. They are sent from domains of aforementioned
third parties outside the site.
3.5. Third-party analytical cookies are used to detect information about user behavior during their
experience on the PotPot website and app/ web-app. The detection takes place anonymously, in
order to monitor the performance and improve the usability of the site. Third-party profiling cookies
are used to create profiles related to users who use the PotPot service in order to offer advertising
messages in line with the manifested choices of the users themselves.
3.6. The use of these cookies is governed by the rules set up by the third parties themselves.
Therefore, users are invited to read the privacy policies and indications to manage or disable
cookies published on the relevant web pages.
4. Analytics cookies and third party ads
These cookies, also the cache cookies, are set by Google Analytics and are used to collect
information on how visitors use the site / app / web-app, including the number of visitors, the sites
of origin and the pages you visit on our website. This information is used to compile reports and to
improve the website / app / web-app; this allows, for example, to know any errors detected by users
and to ensure immediate navigation, to easily find what they are looking for. In general, these
cookies remain on the visitor's computer until they are deleted.
sharing content on social networks or for processing access statistics.
Furthermore, the Facebook Pixel cookie is installed which allows to monitor the conversions that
occur on the website / app / web-app as a result of the advertisements running on Facebook. For
example, if you want to monitor subscriptions to a particular campaign advertised on Facebook, the
cookie communicates to Facebook every time a user has concluded a certain action on the PotPot
website/ app/ web-app. Facebook compares the conversion event with the group of people who
were shown the ad or who clicked on it, in order to provide PotPot with information that helps it
understand the return on investment for its advertising spending.
Finally, the Google Adwords / Doubleclick conversion Pixel cookie is used by PotPot to know
which keywords generate the most clicks on Google and conversions in services requested by
PotPot. This tool indicates what happened after users clicked on the ad in Google, for example if
they joined a campaign. With this information, PotPot identifies the most effective keywords for the
Finally, third parties may use this information, also combining it with others already available to
them for purposes other than purely technical ones (functionality or session), subject to the user's
and manage the options and / or import your browser in the correct way.
5.1. They are profiling cookies that are designed to create user profiles and are used in order to send
advertising messages in line with the preferences expressed by the same in the context of network
5.2. When using these types of cookies, the user must give explicit consent.
5.3. Article 22 of EU Regulation 2016/679 and Article 122 of the Data Protection Code will apply.
IV- DATA PROCESSED
1. Type of data processed
1.1. The www.potpot.biz website and its PotPot app/ web-app process data useful for the purpose of
booking the service provided.
1.2. In particular, the data requested and processed, spontaneously entered by the user, are: name,
surname, telephone number, email address, company name, fiscal code, VAT number, home
address and all the additional data necessary for the proper functioning of the service.
1.4. All data provided by the user will remain stored until the user deletes his profile from the
service, sending a request to firstname.lastname@example.org, and for a maximum of two more years from that
2. Data processing mode
2.1. In addition, as well as all websites, this site (and app/ web-app) also makes use of log files in
which is stored information collected in an automated way is during user visits. The information
collected may be, and not limited to, the following:
– Address Internet Protocol (IP);
– Browser type and device parameters used to connect to the service;
– Name of internet service provider (ISP);
– Date and time of visit;
– Web page of origin of the visitor (referal) and exit;
– Possibly the number of clicks.
2.2. The above information is test rate in automated form and collected in exclusively aggregated
form in order to verify the correct functioning of the site (and app/ web-app) and for security
reasons. This information will be test rate based on the legitimate interests of the holder.
2.3. For security purposes (spam filters, firewalls, virus detection) the automatically recorded data
may also include personal data such as the IP address, which could be used, in accordance with the
relevant laws, for the purpose of blocking attempts to damage the site itself /app/ web-app or to
harm other users or harmful activities or constituting a crime. Such data is never used for the
identification or profiling of the user, but only for the purpose of protecting the site /app/ web-app
and its users, such information will be used according to the legitimate interests of the owner.
2.4. If the site/ app/ web-app allows the insertion of comments, or in case of specific services
requested by the user, including the possibility to send the Curriculum Vitae for a possible
employment relationship, the site/ app/ web-app automatically detects and records some user
identification data, including the email address. This data is intended voluntarily provided by the
user at the time of the request to provide the service. By entering a comment or other information,
freely disseminated to third parties. The data received will be used exclusively for the provision of
the requested service and for the only time necessary for the provision of the service.
2.5. The information that users of the site/ app/ web-app will consider making public through the
services and tools made available to them, are provided by the user knowingly and voluntarily,
exempting this site and its app/ web-app from any responsibility for any violations of the laws. It is
up to the user to verify that he has permission to enter personal data of third parties or content
protected by national and international rules.
3. Purpose of data processing
3.1. The data collected by the site/ app/ web-app during its operation are used exclusively for the
purposes indicated above and stored for the time strictly necessary to carry out the specified
activities and, in any case, no later than two years.
3.2. The data used for security purposes (blocking attempts to damage the site/ app/ web-app) are
stored for the time strictly necessary to reach the previously indicated end.
4. Data provided by the user
4.1. As indicated above, the optional sending, explicit and voluntary, of e-mail/ calls/ messages to
the addresses indicated on this site / app/ web-app involves the subsequent acquisition of the
sender's address, necessary to respond to requests, as well as any other personal data entered in the
4.2. Specific summary information will be progressively reported or displayed on the pages of the
site/ app/ web-app prepared for particular services on request.
5. Support in setting up the user browser
5.1. The user can manage cookies also through the settings of his browser. However, deleting
cookies from the browser may remove the preferences he has set for the site. For more information
and support the user can also visit the specific help page of the web browser he is using.
V - USER RIGHTS
1. Art. 13 co. 2 of the 2016/679 EU Regulation lists the user’s rights.
2. This site www.potpot.biz and its PotPot app/ web-app intend to inform the user of the existence
– the right of the data subject to ask the data controller for access to personal data (Art. 15 EU
Regulation), their updating (Art. 7, co. 3, paragraph a of Legislative Decree 196/2003), the
correction (art. 16 EU Regulation), integration (Art. 7, co. 3 let. a Legislative Decree 196/2003), the
limitation of the processing concerning it (Art. 18 EU Regulation) or to oppose, for legitimate
reasons, to their processing (Art. 21 EU Regulation), in addition to the right to data portability (Art.
20 EU Regulation);
– the right to request the deletion (Art. 17 EU Regulation), the transformation into anonymous form
or the blocking of data processed in violation of the law, including those whose storage is not
necessary in relation to the purposes for which the data were collected or subsequently processed
(Art. 7 co. 3, lit.b of Legislative Decree 196/2003);
– the right to obtain proof that updating operations, rectification, data integration, deletion, data
blocking, processing, have been brought to the attention, including with regard to their content, of
those to whom the data have been communicated or disseminated, except in the event that such
fulfillment proves impossible or involves the use of means manifestly disproportionate to the
protected right (Art. 7 co. 3 let. c of Legislative Decree 196/2003).
3. Requests may be addressed to the data controller at his aforementioned e-mail address (without
formalities) or using the model provided by the Guarantor for the protection of personal data.
4. If the processing is based on art. 6 paragraph 1 letter a – express consent to use – or art. 9
paragraph 2 letter a – express consent to the use of genetic, biometric, health-related data, revealing
religious convictions, philosophical or trade union beliefs, revealing racial or ethnic origin, political
opinions – the user has the right to withdraw his consent at any time without prejudice to the
lawfulness of the consent-based processing given before revocation.
5. Similarly, in case of violation of the legislation, the user has the right to lodge a complaint with
the Guarantor for the Protection of Personal Data, as the authority responsible for monitoring the
data processing in the Italian State.
6. For a more detailed examination of the user rights, see articles 15 and following of the EU
Regulation 2016/679 and art. 7 of Legislative Decree 196/2003.
VI - OBLIGATIONS
1. The data controller notifies the Guarantor of the processing of personal data to which he intends
to proceed, only if the processing concerns:
– genetic, biometric or data data indicating the geographical location of persons or objects through
an electronic communication network;
– data capable of revealing the state of health and sex life, processed for the purposes of assisted
reproduction, provision of health services electronically related to databases or the supply of goods,
epidemiological investigations, detection of mental, infectious and diffusive diseases, HIV-positive,
organ and tissue transplantation and monitoring of health expenditure;
– data capable of revealing sex life or the psychic sphere, processed by associations, institutions and
bodies, even non-recognized, of a political, philosophical, religious or trade union nature;
– data processed with the help of electronic tools aimed at defining the profile or personality of the
data subject or analyzing habits and consumption choices or monitoring the use of electronic
communication services with the exclusion of the treatments technically indispensable to provide
the same services to users;
– sensitive data recorded in databases for the selection of personnel on behalf of third parties, as
well as sensitive data used for opinion polls, market research and other sample research;
– data recorded in specific databases managed with electronic instruments and related to the risk on
economic solvency, the financial situation, the correct fulfillment of obligations, illegal or
VI - SECURITY OF DATA PROVIDED
1. This site/ app/ web-app treats user data in a lawful and correct manner, taking appropriate
security measures to prevent unauthorized access, disclosure, modification or unauthorized
destruction of data. The processing is carried out through IT and /or telematic tools, with
organizational methods and with logics closely related to the indicated purposes.
2. In addition to the controller, in some cases, categories of persons involved in the organization of
the site / app/ web-app (administrative staff, marketing, commercial, legal, system administrators)
or external subjects such as third-party technical service providers, postal couriers, hosting
providers, IT companies, communication agencies may have access to the data.
VIII - AMENDMENTS TO THIS DOCUMENT
1. This document, published at www.potpot.biz and on the PotPot app/ web-app constitutes the
2. It may be subject to changes or updates. In the case of relevant changes and updates, these will be
reported with appropriate notifications to users.
3. Previous versions of the document shall, however, be available at their request.
4. The document was updated on 18/04/2021 to comply with the relevant regulatory provisions and
in particular with EU Regulation 2016/679.