Privacy Policy Inglese (US)

pursuant to Articles 13 and 14 of Regulation (EU) 2016/679 (GDPR)

This Privacy Notice describes the methods for processing the personal data of users who access the website www.cooperativapam.it (hereinafter, the “Website”).

1. Data Controller

The Data Controller of the personal data is:

Cooperativa Sociale PAM Service
Via Cagliari, 30 – 74121 Taranto (TA), Italy
Tel./Fax: +39 099 7372990
Tax Code and VAT No.: 02332360730
Email: privacy@cooperativapam.it

Legal Representative / Managing Director:
Dr. Addolorata Orlando

2. Types of Data Processed

The Data Controller processes the following categories of personal data:

  • personal identification data (first name, last name);
  • contact details (email address, phone number);
  • data voluntarily provided by the user through contact forms;
  • browsing data (IP address, access logs, technical information about the device and browser);
  • data necessary to respond to informational or operational requests.

Special Categories of Data and Minors

Within the scope of its institutional activities, Cooperativa PAM Service may process personal data relating to minors and, where required by sector-specific regulations, special categories of personal data pursuant to Article 9 of the GDPR, exclusively for socio-educational, welfare, and school inclusion purposes, in compliance with applicable laws, provisions issued by the competent authorities, and the best interests of the child.

The Website is not intended for the direct collection of such data, except in specific cases expressly requested and authorized by the user.

3. Purposes of Processing

Personal data are processed for the following purposes:

  • responding to requests for information or contact;
  • managing institutional and operational communications;
  • fulfilling contractual or pre-contractual obligations;
  • complying with legal or regulatory obligations;
  • ensuring the proper functioning and security of the Website;
  • protecting the rights of the Data Controller in administrative or judicial proceedings;
  • analyzing the use of the Website and services offered in aggregated and anonymous form.

4. Legal Basis for Processing

The processing of personal data is based on one or more of the following legal grounds (Article 6 GDPR):

  • consent of the data subject, where required;
  • performance of pre-contractual or contractual measures;
  • compliance with legal obligations;
  • legitimate interest of the Data Controller;
  • performance of tasks carried out in the public interest or related to the provision of socio-educational and welfare services entrusted to the Cooperative by public bodies or carried out under accreditation schemes.

5. Methods of Processing

Personal data are processed using electronic and/or paper-based tools, in compliance with the principles of:

  • lawfulness;
  • fairness;
  • transparency;
  • data minimization;
  • integrity and confidentiality.

The Data Controller adopts appropriate technical and organizational security measures to prevent unauthorized access, loss, destruction, or unlawful disclosure of personal data.

6. Data Retention

Personal data are retained:

  • for the time strictly necessary to achieve the purposes for which they were collected;
  • for the period required by applicable laws or regulations;
  • until consent is withdrawn, where applicable.

7. Data Disclosure

Personal data are not disclosed.

They may be communicated exclusively to:

  • persons authorized by the Data Controller;
  • technical and IT service providers;
  • legal, tax, or administrative consultants;
  • public bodies or competent authorities, where required by law.

Third parties providing technical, IT, or organizational services operate, where applicable, as Data Processors pursuant to Article 28 GDPR, on the basis of specific contractual agreements.

8. Transfer of Data to Non-EU Countries

Some services used (e.g., Google, Meta) may involve the transfer of personal data to countries outside the European Union.

Such transfers are carried out in compliance with Articles 44–49 GDPR, through the adoption of Standard Contractual Clauses (SCCs) and appropriate security measures.

9. Rights of the Data Subject

The data subject may exercise, at any time, the rights provided for in Articles 15–22 GDPR, including:

  • access to personal data;
  • rectification;
  • erasure;
  • restriction of processing;
  • data portability;
  • objection;
  • withdrawal of consent, where applicable.

Requests may be sent to:
📧 privacy@cooperativapam.it

Data subjects also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la Protezione dei Dati Personali).

10. Cookie Policy

10.1 Consent Management – iubenda

The Website uses iubenda as a Cookie Consent Management Platform (CMP).

The cookie banner allows users to:

  • accept cookies;
  • reject cookies;
  • customize their preferences.

Consent is recorded and may be withdrawn at any time via the dedicated link available on the Website.

10.2 Technical Cookies

The Website uses technical cookies necessary for its proper functioning and for managing user consent.
These cookies do not require the user’s consent.

10.3 Google Analytics 4 (GA4)

The Website uses Google Analytics 4 for aggregated statistical analysis of website traffic.

Data processed:

  • browsing data;
  • events and interactions;
  • technical device data.

Purpose:
statistical analysis and improvement of content.

Legal basis:
user consent.

GA4 is configured to operate only after consent has been provided through the iubenda system.

10.4 Meta Pixel (Facebook / Instagram)

The Website uses Meta Pixel to monitor the effectiveness of informational campaigns.

Data processed:

  • tracking cookies;
  • browsing events;
  • interactions with the Website.

Purpose:
conversion analysis and optimization of digital communications.

Legal basis:
explicit user consent.

Meta Pixel is activated only after consent to marketing cookies has been given.

11. Google reCAPTCHA

The Website uses Google reCAPTCHA to protect forms from automated access and abuse.

Purpose:
Website security and abuse prevention.

Legal basis:
legitimate interest of the Data Controller.

12. Contact Forms

Data entered into contact forms (Elementor Form / Contact Form) are used exclusively to:

  • respond to user requests;
  • manage institutional and operational communications.

Such data are not used for unauthorized marketing purposes.

13. WhatsApp

The Website allows direct contact via WhatsApp.

Data provided by the user are processed exclusively to manage the requested communications and in accordance with WhatsApp’s terms and conditions.

14. Updates to This Notice

This Privacy Notice may be subject to updates.
Users are encouraged to consult it periodically.

Version: rev. 1
Last updated: 01/01/2026