This website privacy policy describes the methods adopted by CRIF S.p.A., a company registered in Italy and located at Bologna, Via Mario Fantin 1-3, (“CRIF”)–, as the operator of the website (“Website”) with reference to the processing of Website users’ personal data. This is a general notice addressed to those who visit the Website, in compliance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (“General Data Protection Regulation”). When using certain products and services offered and provided through this Website, users will provide certain information about themselves, may make certain requests and may grant their consent to the processing of personal data if applicable law, in particular the General Data Protection Regulation, so requires.

The Data Controller

The data controller is CRIF S.p.A, with registered offices in Via M. Fantin 1-3, 40131 Bologna.

Purposes of processing

The data shall be processed for the purposes time to time needed on the base of the service asked by CRIF’s customer. For each service asked by CRIF’s customer CRIF will provide a specific privacy notice with a detail of the applicable purposes of processing.

Ground of processing

The data shall be processed on the base of different ground of processing, in accordance with the type of service provided by CRIF. For each service asked by CRIF’s customer CRIF will provide a specific privacy notice with a detail of the applicable ground of processing.

Data Processing

Access to this Website may result in processing data about identified or identifiable natural persons (known as data subjects). CRIF, as data controller, shall ensure proper organisational and technical processing of data in order to protect it from unauthorised access, loss, damage, theft, unauthorised use or any other disclosure.

Data Processing Location

Personal data is processed at the premises of CRIF. The data is handled solely by persons with relevant technical skills and abilities who have been assigned specific data processing roles and made familiar with the content of the General Data Protection Regulation.

Data Processing Methods

Data is processed in a correct manner and in full compliance with the General Data Protection Regulation so as to ensure data security and protect data confidentiality. Data is processed using electronic or automated means and kept in secured systems.

Processed Data Types

The information systems involved in the operation of this Website use certain personal data during their normal operation. The transmission of this data is implicit in the use of ICP protocols. The data is not collected in order to associate it with specific entities; however, due to its nature, the processing and relation to other data possessed by third parties allow to identify the users. This data category includes IP addresses and the domain names of the computers used by the users connecting to the network, the URL addresses of the requested sources, the time the request was made, the method used in making the request and other parameters related to the user’s operating system and information environment. The data also includes information provided by cookies on the user’s hard disk – see the section below. We also collect aggregate data on Website use, such as the traffic the Website gets, the number of Website visits per day and the average time spent by users on each Website.

If a Website user decides to register to obtain access to useful information provided by the operator, we use in particular the following data: first name and surname, company name, company ID No., address, telephone number, email address and other information about the user that is necessary for us to identify the user and to know and respond to their needs.

It is at the discretion of Website users if they provide the personal data that CRIF needs to be able to provide the user with value-added information and/or other services. Failure to provide such data may make it impossible for CRIF to supply the requested information or products and services.

Use of Collected Data

Collected data may be used, for example, to meet the user’s requirements, provide useful advice and instructions, provide quotes on demand and/or process and fulfil the user’s offers. Furthermore, the data may be used to provide order status details and information on services and new content on the Website, etc.
Some operational data may also be processed to ensure the security and availability of the Website and related services. Statistical data on Website use is processed to improve the Website functionality and user-friendliness and prepare aggregate and anonymous information used for marketing and similar activities.

Recipients of Collected Data

CRIF may provide the information collected through the Website to other companies of the CRIF Group, and to third parties such as contractors or other entities that provide services (or products) demanded by the user. We may also provide these companies with aggregate statistics on visitors, transactions and other activities on the Website. Information on users may also be disclosed to other entities if it is required by the relevant law or necessary to safeguard the rights and legally protected interests of the GRIF Group members or another entity.

Third companies that provide services, advertise or have their link on this Website may use cookies on their websites or collect information on users in a different manner. CRIF has no control over how these companies collect and use information. Any enquiries regarding such data processing must be addressed to the operator of the respective website.

Privacy Protection and User Rights

The transmission of all information through the Website is encrypted. Nevertheless, CRIF provides no warranties as to the security of the transmission of information a user sends to CRIF .Any use of the Website is at the user’s sole responsibility. We also inform you that, under provisions of GDPR, on the base of lawfulness of processing and of the modalities of processing, if the conditions are met, you have the following rights: access to and rectification or erasure of personal data or the restriction of processing concerning your data or to object to processing as well as the right to data portability. Furthermore, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before this withdrawal. In these cases, requests should be sent to CRIF SpA, Via M. Fantin, 1-3, 40131 Bologna​The data subject can lodge a complaint with supervisory authority, using the following link:


For more information on our cookie policy, please click here

Data Protection Officer

For any questions regarding the processing of your personal data, please contact our Data Protection Officer, using the following contact details: e-mail:; pec: