MilanoMilanoTirana Mon - Fri 09:00-17:00 +39 345 166 0285 Mon - Fri 09:00-17:00 +355 69 68 63 786

Privacy & Cookies Policy

Supercapital, for all sensitive personal data processed, acting as a responsible subject, and as Data Controller, recognizing and respecting them in the correct way of management and the importance of protecting them, invites users before sharing any personal data, to read this document carefully.

Privacy Policy document which contains important information on the processing of personal data and on the security-measures adopted to guarantee their protection in full compliance with the applicable legislation.

This Privacy Policy is intended as rendered for the website, of which Supercapital holds all copyright rights, authorizations to use names and trademarks and for Supercapital SRL too, which is the owner. This Privacy Policy does not apply to websites that may be consulted through external links; it is also to be understood pursuant to art. 13 of the European Data Protection Regulation (“GDPR”) to those who interact with the site; complies, where applicable, with Legislative Decree 196/2003, also defined as “Privacy Code”, as last amended by Legislative Decree 101/2018 in the applicable parts.

The Data Controller informs that the processing of personal data will be based on the principles of correctness, lawfulness, transparency and protection of its confidentiality and all rights. Personal data will therefore be processed in accordance with the provisions of the GDPR and the protection obligations therein.


1.Owner, data controllers and data protection officer (“DPO”);

2. The personal data being processed;

2.1 Navigation data;

2.2 Data voluntarily provided by the user;

2.3 Information relating to the use of cookies;

3. Purpose of the processing and mandatory or optional nature of the provision of data;

4. Processing methods, security and data processing place;

5. Communication and diffusion;

6. Data retention;

7. User rights;

8. Changes.


Following consultation and use of the Site, data relating to identified or identifiable natural persons may be processed. The identification details of the Data Controller and site manager are as follows: Supercapital SRL, with registered office in Via U. Hoepli 3, 20121 Milan, tax code and VAT number 10907830961, REA MI – 2565604.

The list of data processors can be requested by sending an email to:

The Data Controller has appointed the Data Protection Officer (hereafter: “DPO”), who can be contacted at the following address: Enrico Viviani,


2.1 Browsing data

The computer systems and software procedures used to operate the Site acquire, during their normal operation, they could acquire some personal data whose transmission is implicit in the use of Internet communication protocols. This is information that is not collected to be associated with identified subjects, but which by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes the IP addresses or domain names of the devices used by users who connect to the Site, the addresses in URI (Uniform Resource Identifier) ​​notation of the requested resources, the time of the request, the method used in submitting the request to the server, the size of the file obtained in response, the numerical code indicating the status of the response given by the server (successful, error, etc.) and other parameters relating to the operating system and the User’s IT environment.

These data are used in order to obtain anonymous statistical information on the use of the Site and to check its correct functioning, to allow – given the architecture of the systems used – the correct delivery of the various functions requested by the User, for security and they are deleted immediately after processing.

In no case, the Data Controller crosses this information with other data that may be in its possession in order to trace the activities of specific users.

2.2 Data voluntarily provided by the User

To access the features offered through the Site and reserved for registered users, registration is required through the following personal data: name, surname, email and telephone number for account verification.

Once registered within the personal area of ​​the User, it will be possible to enter other data related to your profile, such as es. date of birth, tax code, citizenship, gender, address of residence, copy of an identification document as well as expiry date and document number.

These data are provided voluntarily and will be treated in full compliance with data protection legislation. Failure to provide this data will become the only consequence of the impossibility of creating an account and accessing certain features.

The User is responsible for the correctness of the data provided within the profile and guarantees the correctness of the same.

These data can also be processed in relation to the subsequent possible enabling of users to the conditions available in the site area.

Access to the site and services can take place using the credentials provided by a third party, such as Google, Facebook, or similar service (“social log-in”). In this case, the User is required to check the settings of that service and carefully read the policies of the third supplier, as these must authorize the third supplier to share his personal information and authorize Supercapital to search for information such as contacts, friends and other User data. We will keep the identification code associated with the User’s account at the third party’s service when it is used for logging in to Supercapital or for sharing content hosted on the site; storage will take place for as long as necessary to provide the requested services. If the User creates a Supercapital account or uses the site’s services by connecting through the social login, the use of the information provided in the account of origin is used to complete the user profile on the Site. The User can update or modify the information of the profile and contact information at any time through login.

These data are kept for the time necessary to render the services requested and, even for subsequent periods, if the storage is required by law or for other legitimate purposes such as the defense in court of Supercapital, or if there is a legitimate interest of the owner or third party.

2.3 Information collected through cookies

  • Definitions, characteristics and application of the legislation

Cookies are small text files that the sites visited by the User send and record on his computer or mobile device, to be then retransmitted to the same sites on the next visit. Thanks to cookies, a site remembers the User’s actions and preferences (such as, for example, login data, the chosen language, font sizes, other display settings, etc.) so that they do not have to be indicated again when the User returns to visit said site or browse from one page to another. Cookies, therefore, are used to perform computer authentication, session monitoring and storage of information regarding the activities of users who access a site and may also contain a unique identification code that allows you to keep track of the User’s navigation within of the site itself for statistical or advertising purposes. While browsing a site, the User may also receive cookies from sites or web servers other than the one he is visiting on his computer or mobile device (so-called “third party” cookies). Some operations could not be carried out without the use of cookies, which in certain cases are therefore technically necessary for the same functioning of the site.

By using the Site, the user consents to the use of cookies in accordance with this Privacy Policy and as indicated in the pages of the Site itself through the Cookiebot application. Cookies are small files stored on the hard disk of the user’s computer. There are two macro-categories of cookies: technical cookies and profiling cookies.

Technical cookies are necessary for the proper functioning of a website and to allow user navigation; without them the user may not be able to view the pages correctly or to use some services.

Profiling cookies have the task of creating user profiles in order to send advertising messages in line with the preferences expressed by the same while browsing.

Cookies can also be classified as:

“session” cookies, which are deleted immediately upon closing the navigation browser; “persistent” cookies, which remain within the browser for a certain period of time. They are used, for example, to recognize the device that connects to a site facilitating authentication operations for the user; “own” cookies, generated and managed directly by the manager of the website on which the user is browsing; “third party” cookies, generated and managed by subjects other than the manager of the website on which the user is browsing.

It is always possible to disable cookies. To do this, please refer to the instructions of each browser used to navigate the Site.

  • Types of cookies used by the site

The Site uses the following types of cookies, and offers the possibility of de-selecting them, except for third-party cookies for which the User must refer directly to the relative selection and de-selection methods of the respective cookies. , indicated by link:

Technical cookies – navigation or session – strictly necessary for the functioning of the Site or to allow the User to take advantage of the contents and services requested by them.

Analytics cookies, which allow the site operator to understand how this is used by users. These cookies do not collect information on the identity of the User or any personal data. The information is processed in aggregate and anonymous form.

Functionality cookies, used to activate specific Site features and a series of selected criteria (for example, the language, the products selected for purchase) in order to improve the service rendered.

ATTENTION: disabling technical and / or functionality cookies the Site may not be available or some services or certain functions of the site may not be available or may not function properly, and the User may be forced to modify or manually enter some information or preferences every time you visit the Site.

Third-party cookies, i.e. cookies from sites or web servers other than that of the Owner, used for the purposes of these third parties, including also profiling cookies. It should be noted that these third parties, listed below with the relative hypertext links to the privacy policies, act as independent data controllers of the data collected through the cookies they send; therefore, the User must refer to their personal data processing policies, information and any forms for the collection of consent (selection and de-selection of the respective cookies).

The links to the respective information on the use of cookies are listed below:



The data that are provided by the user through the Site will be processed by the Data Controller for the following purposes:

a) purposes related to the provision of the requested services (e.g. contact request, newsletter subscription, registration, presentation of projects, resolution of problems related to the use of the Site, complaints etc.).

The provision of data for the purposes referred to in letter a) is optional, but their failure to provide it could make it impossible to operate the requested functions.

b) statistical research / analysis purposes on aggregate or anonymous data, without therefore the possibility of identifying the User, aimed at measuring the functioning of the Site, measuring traffic and evaluating usability and interest

c) purposes related to the fulfillment of obligations established by law, by a regulation or by community legislation.

The provision of data for the purposes listed above in point (c) is mandatory. Failure to provide them would not allow the holder to satisfy the obligations established by law, by a regulation or by community legislation.

d) marketing purposes

The data provided may be processed, with explicit and specific consent, for sending promotional and marketing communications, including the sending of newsletters and market research, through automated tools (sms, mms, email, push notifications, fax) and not (paper mail, telephone with operator). The legal basis for data processing for these purposes is art. 6, paragraph 1, lett. a) GDPR. The commercial profiling and direct marketing treatments are optional and depend on the free choice of the user; therefore, failure to provide consent by the user for these purposes will not affect the use of the services.


Personal data are processed by the Data Controller – or by third parties selected with care for their reliability and competence and rightly appointed as data processors – limited to the achievement by the same of the purposes specified above, mainly with automated tools, but also in paper form , for the time strictly necessary to achieve the purposes for which they were collected.

Specific security measures are observed to prevent data loss, illicit or incorrect use and unauthorized access in full compliance with the provisions of current regulations.


Personal data may be brought to the attention of employees or collaborators of the Data Controller, belonging to the categories of administrative, commercial, legal, accounting or IT system administrators, depending on the treatment, who, operating under the direct authority of this last, they are appointed managers or processors pursuant to art. 28 and 29 of the GDPR, and receive adequate operating instructions in this regard.

Personal data may be communicated to subjects external to the Data Controller, whose activity is necessary and functional for the provision of the functionality of the Site.

Personal data may be disclosed to third parties such as:

people, companies or professional firms that provide assistance and advice to the Data Controller, rightly appointed as data processors; subjects, entities or authorities to whom the communication of personal data is mandatory pursuant to legal provisions or orders from the competent authorities; subjects delegated and / or appointed by the Data Controller to carry out activities strictly related to the pursuit of the aforementioned purposes (including technical maintenance on the systems), rightly appointed as data processors; to commercial partners, service providers functional to software development, to the provision of services related to the Site.

Where necessary, the Data Controller reserves the right to collect specific consent from the user.

Personal data will not be disclosed by the Data Controller, unless express consent is given. The data could be transferred abroad, to countries of the European Union or to countries outside the European Union that have received an adequacy decision from the Commission, or even to countries that have not received this adequacy decision, in accordance with and within the limits of articles 44 – 49 of the GDPR.


Personal data are stored and processed through IT systems owned by the Data Controller and managed by the Data Controller or by third party suppliers of technical services. The data are processed exclusively by specifically authorized personnel, including the personnel in charge of carrying out extraordinary maintenance operations.

The data will be kept for the time strictly necessary for the contractual or legal purposes for which the same data were provided to the Data Controller and, in any case, no later than ten years from the termination of any relationship with the Data Controller.


At any time, the user can exercise, in accordance with articles 15 to 22 of the GDPR, the right to:

request confirmation of the existence or not of your personal data; obtain information about the purposes of the processing, the categories of personal data, the recipients or categories of recipients to whom the personal data have been or will be communicated and, when possible, the retention period; obtain the correction and deletion of data; obtain the limitation of the treatment; obtain the portability of the data, i.e. receive them from the data controller, in a structured format, commonly used eligible by automatic device, and transmit them to another data controller without hindrance; object to the processing at any time and also in the case of processing for direct marketing purposes; oppose an automated decision-making process concerning individuals, including profiling; ask the data controller to access personal data and to rectify or delete them or limit their processing or to oppose their processing, in addition to the right to data portability; withdraw consent at any time without prejudice to the lawfulness of the treatment based on the consent given before the revocation; propose a complaint to a supervisory authority (Guarantor Authority for the protection of personal data –

Requests can be sent by an email to the address:


This Privacy Policy may be modified to reflect legislative, technological changes, changes in the collection and use of data or to allow us to add new features or services. In the event of changes, we will notify: (i) by means of an announcement published on the main page of the Site and / or (ii) by taking any other action that we deem appropriate. Any changes made will take effect from the moment of their publication, and navigation on the Site after that time will count as acceptance of these changes.

The User declares to have read the information contained herein and to give his consent to the processing of all his data.