Skip navigation

Privacy Policy and GDPR Data Processing Notice for Users

This document defines the data processing rules, retention practices, and user rights for visitors engaging with the expomo.com domain.

About This Policy

Last updated: November 2023

This privacy notice outlines the data processing practices for Promos Italia S.c.r.l., operating from its Milan headquarters (VAT 10322390963), and PROMEC (PROmozione Modena EConomica). We process personal information in accordance with EU Regulation 2016/679, commonly known as the General Data Protection Regulation (GDPR). The rules detailed here apply exclusively to the expomo.com domain and its associated subdirectories.

We aim to explain clearly how user data is managed when visitors access export intelligence and training resources. This document describes what we collect, how long we store it, and the specific ways users can exercise their regulatory rights.

Information We Collect

Before a user actively engages with our platform, the underlying server infrastructure automatically logs standard technical data. This initial phase captures IP addresses, browser types, operating system specifications, and the specific sequence of pages visited. We use this technical data strictly for network security and capacity planning.

During active engagement, such as when a visitor submits an inquiry through our designated channels, we collect explicit identifiers. Contact form data typically includes names, professional email addresses, and the specific contents of the user's message. We do not scrape secondary contact details from external databases to append to these user-provided records.

This separation helps maintain a clear boundary between anonymous traffic monitoring and identifiable user communication.

Cookies and Tracking

The expomo.com domain uses technical cookies to maintain core site functionality and store user consent preferences. These essential trackers do not require explicit opt-in under current ePrivacy directives, as the website cannot function securely without them. They manage session continuity and prevent cross-site request forgery attacks.

We also implement analytics cookies to evaluate traffic patterns and user behavior across our export training program pages. These scripts measure aggregate engagement metrics, helping us identify which resources deliver the most value to our audience. While we currently focus on functional and analytical tracking, our infrastructure supports the future integration of advertising cookies for personalized content delivery.

Configuration Notice: Users retain control over non-essential tracking mechanisms. You can modify your browser settings to reject specific cookie categories or clear existing trackers through your device's privacy dashboard.

External Services

The site uses hosting and Content Delivery Network (CDN) providers to support reliable access from different locations. These caching mechanisms store static assets closer to the user's geographic location, which inherently requires the brief processing of regional IP data to route traffic efficiently and mitigate distributed denial-of-service threats.

When integrating analytics platforms and planned ad networks, user data may occasionally be transferred to servers located outside the European Economic Area. To maintain GDPR compliance during these routing events, Promos Italia S.c.r.l. executes standard contractual clauses with all external processors. These legally binding agreements ensure that international data transfers maintain the same level of technical and administrative protection required within the EU.

How We Use Information

Users need secure, uninterrupted access to market intelligence and training resources. To meet this operational need, we process technical data to optimize website performance and address navigation bottlenecks. Server logs allow our technical team to identify broken links, optimize page load speeds, and ensure compatibility across mobile devices.

Information submitted voluntarily through contact forms directly facilitates our communication response. We route these inquiries to the appropriate subject matter experts within PROMEC or Promos Italia S.c.r.l. to provide accurate, timely assistance regarding our export training programs.

All processed information is protected against unauthorized access through strict access controls and encryption protocols. We do not sell user data to third-party data brokers, nor do we utilize automated decision-making algorithms that produce legal effects concerning our users.

Data Subject Rights

Under EU Regulation 2016/679, individuals maintain specific rights over their personal information. You possess the right to request a complete export of the personal data we currently hold about you. If you identify inaccuracies within this dataset, you may request correction.

Users also hold the right to data portability, allowing them to receive their information in a structured, machine-readable format. You can object to specific processing activities or withdraw previously granted consent for analytics tracking at any time without affecting the lawfulness of processing based on consent before its withdrawal.

To exercise these rights, individuals must reach out via our Contact page to connect with our designated Data Protection Officer (DPO). The DPO oversees our privacy compliance and serves as the primary liaison for all privacy-related inquiries submitted by the public or regulatory authorities. Upon receiving a formal request, our compliance team initiates the verification process and provides the requested documentation within the standard 30-day regulatory window.

Storage and Deletion

Data minimization—collecting only what is strictly necessary, guides our infrastructure design. We enforce a strict 60-day retention policy for all data submitted through our contact forms. Once an inquiry reaches this limit, automated scripts purge the identifiable information from our active databases.

While our 60-day retention protocol applies strictly to contact form submissions, server-level backup cycles may retain encrypted fragments for an additional 30 days before permanent overwrite. This specific limitation ensures disaster recovery capabilities remain intact without violating our data minimization approach.

Users requesting immediate deletion under their Right to be Forgotten bypass this standard timeline. Upon verifying the identity of the requester, our database administrators manually execute the removal procedures across both active environments and accessible archives.

Policy Changes

Privacy rules and the services used by expomo.com may change over time. As Promos Italia S.c.r.l. updates its website or integrates new external services, this processing notice will undergo necessary revisions. We communicate material updates by modifying the timestamp at the beginning of this document and, when legally required, deploying a notification banner across the expomo.com domain.

Navigate to your browser's privacy settings menu and configure your tracking prevention preferences to align with your personal data sharing boundaries before continuing to use this platform.

Customise cookies