Privacy Policy

INFORMATION IN ACCORDANCE WITH ART. 13 – 14 OF EU REG. NO. 679/2016 (“GDPR”)

1. Who processes your data: Data Controller
Brand-Cross S.r.l., with registered office in Milan, Via Medici 13, Italy, Italian tax registration number and Italian VAT number 09098450969, info@brand-cross.com (hereinafter “Brand Cross” and “Data Controller“) is the data controller of your personal data.
Limited to the data collected through our Social Pages, Instagram, Twitter, Facebook, Telegram and LinkedIn are joint controllers of the processing of your personal data, as published within the platforms themselves. For more information, please read their privacy policy.

2. What data we process – Type of data processed
Your contact data. We will retain the contact information you provide (for example, contact details, first and last name) when you contact us through the Site or when you contact us through our Social Pages, through public comments or through private messages.

Information about your use of the Site and your activities on the Site. Your use of the Site implies the processing by the Data Controller of data on the browser and device you are using and your IP address (this is the number that identifies a specific device on the internet and that is necessary for your device to communicate with the sites). We will be able to analyze from which site you came and what actions you have taken on the Site.

3. Where we collect your data – How we collect data
Directly from you. For example, if when you contact us by email, you ask us a question through
the Social Pages.
Through the use of the features of the Site. We use cookies on the Site in order to collect data about your use. To learn more, please read the Cookie Policy.

4 Why and how long we process your data for – Purpose and legal basis for data processing; retention period
a) To answer to your requests collected through the Site and Social Pages. For example, we will use your data to answer to your requests received by email (also concerning the App) or received through our Social Pages, both as public comments and as private messages.
The legal basis of this processing is the performance of a contract to which the data subject is party, or the performance of pre-contractual obligations and the retention period is equal to the time necessary to comply with the data subject’s requests.
b) To prevent or investigate illegal behavior or to protect and assert rights. We may use your data to prevent infringement of our intellectual property rights (for example, counterfeiting of our and/or our partners’ trademarks) and other illegal activities, as permitted by applicable law.
The legal basis of this processing is the legitimate interest of the Data Controller. The retention period is equal to the time that is reasonably necessary to assert our rights from the moment at which we become aware of the illegal behavior or the potential to commit illegal behavior.

4. Nature of the provision of personal data
For the purposes of subparagraphs a) and b) referred to in the previous paragraph, the provision of data is necessary.

5. Where your data is processed – data transfer
Data will be processed and stored at the offices and computer systems of the Data Controller. Exclusively with regard to the data collected on our Social Pages, the same will be stored on the aforementioned platforms, namely Instagram, Twitter, Facebook, Telegram and LinkedIn, according to the privacy policies of the latter that we invite you to consult.

6. Who we share your data with – personal data recipients
On the understanding that, where required by law, we will obtain your prior consent and carry out any formalities required by the law, we may share your data with the following third parties (also as data processors):
Our service providers We may share your personal data with third parties so that they can provide us with services that will operate as data processors and with whom we will conclude an agreement in accordance with art. 28 GDPR aimed at protecting your data. These parties will only process data strictly necessary to perform their functions and may use these data only for the purpose of providing services on our behalf or to comply with law. You can find out details of such data processors pursuant to art. 28 GDPR by emailing at the above-mentioned addresses.
Where permitted or required by law, we may also share the data requested by a government body or by other authorized third party or organization for the purpose of protecting or exercising our rights or those of third parties, or for the purpose of limiting or preventing fraud or other illegal activities.

7. Minors
The Site is not aimed at under-18s, but rather at an adult audience. If you are a parent or guardian and you think your child may have transmitted data to us, you can contact us.
8. Security measures
We adopt the security measures required by law.
We adopt security measures to protect your data. The standard security measures we use depend on the type of data we process and meet the legal requirements and the standards of European government agencies.

9. Cookies
What are cookies. Cookies are small text files that the sites visited by users send to their terminals, where they are stored before being re-transmitted to the same sites on subsequent visits.
Cookies used by the Site and their purpose. The Site uses cookies, which have the functionality of enabling the proper functioning of some sections, for example to access the reserved area of the Site (“technical cookies”), to improve the browsing experience (“analytical cookies”) to help us offer you marketing advertisement (“marketing cookies”), help us to formulate personalized offers of products that you may like (“profiling cookies”).
The first time you visit the Site, you will be asked to accept (or not accept) the cookies through a banner. You may refuse to accept all or some of the cookies or you can modify your computer settings, also in the future, in order to know when you receive cookies or to disable the function of automatic acceptance of the cookies.
The Site uses the following types of cookies:
• Technical (or browsing) cookies, which contribute to the functioning of the Site, for instance to enable the browse between pages and access the reserved area of the Site; the legal basis for processing using these cookies is the Data Controller legitimate interest in providing efficient and well-functioning services to their customers; the retention period of these cookies starts from the date on which the

Site was first accessed until the end of the session.
• Analytical cookies, enable the acquisition of aggregated, anonymous statistical information concerning browsing habits; the legal basis of the processing underlying the use of these cookies is your consent; the retention period of these cookies starts from the date on which they are enabled on the website until they are disabled. The user can accept and disable these cookies – at their convenience – using the following chart and the cookie management tool.
• Marketing cookies, which allow us to send advertising messages; the legal basis for processing data using these cookies is the consent of the data subjects; the retention period of these cookies runs from the date they are enabled on the Site until they are disabled, i.e. for the retention periods indicated below. Users may accept and disable these cookies whenever they like using the cookie management tool.
• Profiling cookies, which allow us to personalize advertising messages according to your interests and preferences, in order to send you only the advertisements that you may find relevant or interesting. The legal basis for processing data using these cookies is the consent of the data subject; the retention period of these cookies starts from the date on which they are enabled on the Site until they are disabled, and in any case no more than 12 months. Users may accept and disable these cookies from the table below whenever they like or using the management tool.
List of cookies

All necessary cookies do not require your prior consent; therefore they are installed automatically after you access the Site but can be deactivated as described in the following paragraph.
For other cookies, you can give your consent by clicking the acceptance button inside the banner displayed on the Site’s home page, or you can request that the Site uses only the necessary cookies by clicking on the relevant button. You can revoke at any time in whole or in part the consent already expressed, also through the relative link indicated in the table for third- party cookies or provide your consent at a later date.

Plugin Social Network
The Site provides plugins and/or buttons in order to allow easy sharing of content on your favorite social networks. If you are logged in to a social network, the social network may add information about your visit to the Site to your profile and collect traffic data, particularly if you are logged in at the time of your visit or if you have recently browsed one of the websites containing social plugins. If you do not want the social network to record information about your visit to the Site, you must log out of your social network account and delete the cookies that the social network has installed in your browser.
The collection and use of information by such third parties is governed by their respective privacy policies to which you should refer.
– Instagram (https://www.instagram.com/mondodileo/);
– Twitter (https://twitter.com/IlMondodiLeo1);
– Facebook (https://www.facebook.com/mondodileo);
– LinkedIn (https://www.linkedin.com/showcase/il-mondo-di-leo/?viewAsMember=truand);
– Telegram (https://t.me/+DhcsCiSrC8c3NTE0)

How to disable technical cookies. It is possible to disable cookies through specific settings in your own browser or via the cookie management tool on the home page of the Site. Some of the Site’s functionalities may not work correctly is you refuse to use cookies.
Below you will find links explaining how to disable cookies on the most common browsers (for any other browser you may be using, we suggest that you search for this option in the software’s help section, which you can normally access by pressing the F1 key):
Internet Explorer: Click on the Settings button, then on Internet Options. Click on the Privacy tab and, in the Settings, move the bar to the very top to block all the cookies.
Google Chrome: Click on the menu on the browser toolbar. Select Settings. Click on “Show advanced settings”. In the “Privacy” section, click on the Content Settings button. Select “Prevent sites from saving data”.
Mozilla Firefox: Click on the menu button and select Options. Select the Privacy tab. In the History settings: select “use personal settings”. To enable cookies, tick Accept cookies from websites, and to disable them remove such mark.
Safari: Click on the menu toolbar on “Safari”, then on “Preferences”. Next, click on “Privacy”, then on “Details” to select the website, and click “Remove”.

You can contact the Data Controller to request access to your personal data, modify it, delete it or limit its processing, to oppose its processing, and to request the portability of your data; you can also withdraw your consent at any time (this will not prejudice the lawfulness of the processing on the basis of the consent granted prior to the withdrawal).
When you exercise the right of access, you have the right to know whether your data is currently

being processed, what the purpose of the processing is, what categories of data are being processed, who the recipients or categories of recipients of your data are (and, if they reside in a third country, what guarantees this transfer is based on), the retention period of your data (or the criteria for determining the retention period), whether automated processing is being carried out (for example through profiling), what the reason of the processing is, and the origin of the data (when not initially collected by us).
You have the right to lodge a complaint with the competent supervisory authority and, at any time, to ask the Data Controller for information about the data processors and parties that are authorized by the Data Controller to process your data.
You can exercise your rights by contacting the Data Controller at the addresses indicated above.
You can also exercise your rights, in relation to the processing of personal data carried out through our Social Pages, by contacting Instagram, Twitter, Facebook, Telegram and LinkedIn as provided in the respective privacy policies.

11. What we do if we change this policy
We may make changes to our privacy policy. We will notify you of such changes as required by law. We will also post an updated version on the Site. It will have a different date than the one indicated below. Please check the Site periodically for updates.

Version updated February 26, 2023