This page describes how to manage the site with reference to the processing of personal data of users who consult and use it. The information pursuant to Reg (EU) 2016/679 and recommendation no. 2/2001 of WP 29 provides information on the collection of personal data online and, in particular, concerns the methods, timing and nature of the information that the data controllers must provide to users when they connect to web pages, regardless of the purpose of the link.


Data Controller

The Data Controller is SESTRIERES SPA, which is based in Piazza Agnelli n. 4 – 10058 Sestriere (TO)
Sestrieres S.p.A. has appointed the Data Protection Officer (DPO): Spaziottantotto Srl and as contact person Eng. Bonsignori Massimiliano.


Place of data processing and staff

The treatments connected to the web services of this site take place at the headquarters of Sestrieres Spa and of the internet service providers (hosting service provider) used for the creation and making available of the site and at the offices of the Data Controller. they are handled only by the personnel in charge, also for any maintenance and administration operations of the processing systems.


Types of data processed

Navigation data and technically indispensable The computer systems and software procedures used to operate this website acquire, during their normal operation, some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified interested parties, but which by their very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the computers used by users who connect to the site, the URI (Uniform Resource Identifier) ​​addresses of the requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the user’s IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the site and to check its correct functioning and are deleted immediately after processing. The data could be used to ascertain responsibility in the event of hypothetical computer crimes against the site. 

The site uses cookies to transmit information of a personal nature. In particular, so-called session cookies are used, which are not stored permanently on the user’s computer and disappear when the browser is closed and whose use is strictly limited to the transmission of session identifiers (consisting of random numbers generated by the server) necessary to allow safe and efficient exploration of the site and which avoid the use of other IT techniques that are potentially prejudicial to the confidentiality of users’ browsing and do not allow the acquisition of personal identification data of the user.

In addition, the site incorporates third-party cookies (autonomous) that perform technical functions (eg video, weather plugins, photogallery, analytics activities) and in some cases of commercial profiling; for the relative methods of managing cookies, please refer to cookie policy.


Methods of data processing

The processing of personal data, understood as collection, registration, organization, storage, processing, modification, cancellation and destruction or the combination of two or more of these operations, takes place using manual, IT and telematic tools, also in an automated way, with logic strictly related to the declared purposes and, in any case, in order to guarantee security and confidentiality and for the time strictly necessary to achieve the purposes for which they were collected. The data are processed lawfully and fairly, collected and recorded for specific, explicit and legitimate purposes, exact, and if necessary updated, relevant, complete and not excessive in relation to the purposes of the processing, in compliance with the minimum safety standards and fundamental rights and freedoms, as well as the dignity of the interested party with particular reference to confidentiality and personal identity. Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access.


Rights of interested parties

The subjects to whom the personal data refer have the right at any time to obtain confirmation of the existence or otherwise of the same data and to know its content and origin, verify its accuracy or request its integration or updating, or rectification. Furthermore, there is the right to request the cancellation, transformation into anonymous form or blocking of data processed in violation of the law, as well as to oppose in any case, for legitimate reasons, to their processing. The rights of (access, rectification, cancellation, limitation, portability, opposition …) when provided and where the conditions exist pursuant to art. from 15 to 22 of the GDPR may be protected through a complaint to the Guarantor (, and if the processing is based on consent, revoke this consent given, taking into account that the withdrawal of consent does not affect the lawfulness of the treatment based on consent before revocation.


Applicable standard

The European regulation Reg (EU) 2016/679 applies to the processing of personal data relating to the site


Contact details

The data controller is SESTRIERES SPA based in 10058 Sestrieres (TO), Piazza Agnelli, n. 4, tax code and VAT number 00941880015.

Sestrieres S.p.A. has appointed the Data Protection Officer (DPO): Spaziottantotto Srl and as contact person Eng. Bonsignori Massimiliano. Requests should be sent through the address or at the following addresses Tel. +39 0122.799.411, Fax. +39 0122.799.460