This Privacy Policy, issued by THRON S.p.A. relates to the collection and use of personal information through THRON service in order to inform Users about what type of personal data is gathered, how it is used, which third parties can access it, and how the User can access, update or delete his information.

The next few sections below describe how THRON collects user information in connection with the operation of its Services for its clients, such as through content embeds that may appear on various websites on the Internet. Therefore, certain data collection by THRON through the use of cookies (or other means) used in the Services, as described below, may occur on numerous websites across the Internet.

The Policy has been drafted in accordance with Italian laws (Legislative Decree 196/2003 “Data Protection Code”) and the EU Directive 95/46/EC.

Users shall read the Privacy Policy before providing their personal information.

Definitions

Customer/Client: THRON’s customer, a company that is using THRON service to manage content and its distribution.
User: end user accessing content through Customer’s sites and applications.
Device: software tool used to access content (includes but not limits to Internet Browser and mobile app).

Data controller means the natural or legal person, public authority, agency or other body which, alone or jointly with others who determines the purposes of, and means for, the Processing of Personal Data. Customer is The Data Controller.
Data processor means the natural or legal person, public authority, agency or other body who Processes Personal Data on behalf of the Data Controller. THRON is The Data Processor.

Personally identifiable information

THRON does not collect personally identifiable information (“PII”) from users online through contents it manages on behalf of its clients unless users affirmatively and deliberately choose to release that information by submitting it through customer’s interfaces and applications, in a text field for example. PII generally refers to identifying information such as an individual’s name, mailing address, phone number or e-mail address.

THRON does collect non-personally identifiable information (“Non-PII”) to identify computers that have interacted with THRON before. For instance, by using Non-PII, THRON may be able to identify a computer that has previously seen a content that has been published on behalf of a Client. In the context of Non-PII, whenever THRON refers to ‘you’ or ‘yours‘, notice that this might be referring to a computer and not an identifiable person since THRON generally does not know who is using a computer at any particular time (unless he willingly provides that information himself).
Through the collection and use of Non-PII, THRON offers a range of Services to allow customers to show you the most useful and relevant content across numerous websites and to prevent excessive or repeated deliveries of the same content.

Browser data

When User access THRON published content, THRON automatically receives the URL (uniform resource locator) of the Site from which the User originated or visits when leaving the Site, the IP (internet protocol) address of the User’s computer (which will be masked to reduce its power of user identification), the type of operating system and browser, whether they are using a mobile device, details of the mobile device, the operating system and the name of the device’s ISP (internet service provider).
This data is only used to obtain anonymous statistical information on the use of the Site and to check that it is functioning correctly.

The personal data provided by the data subject (the "data”) will be processed for the following purposes:

1. to provide access to content published by the Customer;
2. to analyse the behaviour, habits and propensity to consume content (with his/her consent), with a view to improving the products and services provided by THRON and the Customer to meeting the specific needs of customers ("profiling");

THRON collects Non-PII through the use of cookies, pixels and related technologies. A cookie is a file on your browser that uniquely identifies your browser and computer. A pixel is a line of code which is used by a website or third party to assign online activities to a computer or browser. The use of a pixel allows websites and THRON to record, for example, that a user has viewed a particular content. Additional Non-PII from an earlier period or interaction may be included in the pixel. Though Non-PII does not personally identify anyone, THRON is still committed to giving users the opportunity to exercise choice about the Non-PII it collects.
See Section titled: Allow THRON tracking.

How to disable cookies in your Internet Browser

The data gathered using cookies is processed electronically.
Use of cookies is voluntary.
Even though most of the browsers currently being used automatically accept cookies, the User has the option to configure his/her browser to block the downloading of cookies at any time and also to delete already-downloaded cookies from their navigation device.
For an illustration of the procedure used to block any cookie for the main browsers, follow these links:
IE: http://windows.microsoft.com/it-it/windows7/block-enable-or-allow-cookies
Safari: https://support.apple.com/kb/ph19214?viewlocale=it_it&locale=it_it
Chrome: https://support.google.com/chrome/answer/95647?hl=it-it&hlrm=fr&hlrm=en
Firefox: http://support.mozilla.org/it-it/kb/enable-and-disable-cookies-website-preferences
Nonetheless, blocking cookies can slow down your browsing or prevent you accessing certain sections of the site. Deleting cookies already received will result in the deletion of the favourites saved and managed by those cookies.

THRON technical cookies

NV4ME-bacheca-[client-id]: First party. Used to store user preferences and optional “remember me” hashed login info. Duration: never expires.
NV4ME-bacheca-last-searched: First party. Optional list of recently searched contacts strings, used to improve search speed. Duration: never expires.
NV4ME-bacheca-tabs: First party. Lists all open dashboard tabs to manage desktop notifications. Duration: current session.
Nv4ME-bacheca-cookiePolicyOk: First Party. Flags whether the user has accepted the cookie policy (and hence whether the dashboard needs to show the notification). Duration: never expires.

THRON tracking cookies

_TA_tracking: Third party, used to identify subsequent content views from same device. Duration: 1 year.
_TA_privacy: Third party, used to store user opt-out status. If value is 1, user will not be tracked. Duration: 1 year.
_sp_ses: session cookie. First party. It is used to identify different browsing sessions. Duration: 30 minutes.
_sp_id: user visits cookie. First party. Lasts 2 years. Stores last user visits timestamps, per domain.
sp: clojure collector cookie. Third party. It is used by the tracking library gather anonymous analytics data. Duration: 1 year.

Google Analytics cookies

_ga: Used to distinguish users. Duration: 2 years.
_gat: Used to throttle request rate. Duration: 10 minutes.

Twitter cookies

Facebook cookies

Google+ cookies

Pingdom cookies

The data processed in order to provide the service and to deliver customer satisfaction will be kept by the company for the period considered strictly necessary to achieve these ends.
Furthermore, the data processed in order to provide the service may be stored for a longer period, to enable any disputes relating to the provision of the service to be handled.

We follow generally accepted industry standards to protect against the unauthorized access to, retention of, and disclosure of information. This includes undertaking necessary physical, electronic, and management activities required to protect information integrity, access, and use. Any information that is stored on our server is treated as confidential information.
Please keep in mind, however, that despite these reasonable efforts to protect information on our servers, no method of transmission over the Internet is guaranteed to be secure.
Therefore, while we strive to protect your information at all times, we cannot guarantee its absolute security.

THRON does not sell, rent, or share PII collected on its or other Systems to third parties. If users deliberately provide PII to Data Controller or Data Processor then such PII shall be subject to Data Controller’s Privacy Policy.
Further, we encourage THRON clients, as applicable, to use any Non-PII they receive in compliance with applicable laws and regulations and to publish privacy policies that tell you about how the information they are gathering is being used. We urge you to always read the Privacy Policies of the websites you visit to understand issues relating to your online privacy.

THRON might disclose a user’s Non-PII to third parties when it reasonably believes it is obligated to do so by law, and in order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including, but not limited to, fraud and situations involving potential threats to the physical safety of any person. In addition, and if permitted by applicable law, THRON may also disclose and provide access to a user’s PII and Non-PII to our vendors and contractors who are performing services on our behalf. However, such vendors and contractors are not permitted to use such user information for any purpose other than providing services to us.

THRON’s Customer

The User’s Personal Information can be accessed by THRON’s Customer appointed data Controller for the purposes indicated in this Privacy Policy, and by the Data Processors authorized to access the information as part of their duties.

THRON’s authorized personnel

The User’s Personal Information can be accessed by THRON’s technicians in relation to the provision of products or services through the Service. By way of example only, these parties may include personnel responsible for management and maintenance of the Service.

Public authorities

The Personal Information may be disclosed to public authorities where required by law.

Circulation

The User’s Personal Information will not be circulated.
However, certain details such as the User’s nickname and/or image, and any other information published by the User on his/her profile or in other communications on the Service, will be accessible to other Users when the User chooses to participate in the blog or Community.

Please note that because of the changing nature of privacy laws, user needs, and our business, THRON might update this Privacy Policy from time to time. Accordingly, since THRON wants to help you clearly understand its Privacy Policy, and any pertinent revisions, it encourages you to review this Privacy Policy periodically to become aware of any changes that may have occurred.

The User (“data subject”) shall have the following rights:

1. the right of access, i.e. the right to obtain confirmation from the Data Controller or the Data Processor as to whether or not personal data concerning him or her are being processed, and where this is the case, to obtain access thereto;
2. the right to rectification and erasure, i.e. the right to have inaccurate data rectified and/or to have incomplete data completed, and the right to have personal data erased for legitimate reasons;
3. the right to impose restrictions on the processing of personal data, i.e. the right to request the suspension of data processing for legitimate reasons;
4. the right to data portability, i.e. the right to receive the data in a structured, commonly-used and easily readable format, as well as the right to transmit the data to another data controller;
5. the right to object, i.e. the right to oppose the processing of data where legitimate reasons for this exist;
6. the right to contact the competent data protection authority in case of unlawful data processing.

Our website and databases are maintained in public cloud services that are located inside the European Union. By using our Services, you freely and specifically give us your consent to collect and store, your information in the EU and to use your information as specified within this Privacy Policy.

If you have questions or concerns regarding this statement, you should contact us through email. You can address your general questions and comments by e-mail to support@thron.com .