Skip to content

Privacy Policy

  1. Identity and contact details of the Holder and the Managers

The Data Controller is MAVA CORPORATE SRL.  with registered office in Via Viganò, 8 – 20124 Milano, VAT 09411610968.


The updated list of data processors and persons in charge of data processing is kept at the registered office of the data controller.

For data processed in the name and on behalf of another Data Controller or another Data Processing Manager (e.g. when personal data of third parties are processed in the management of the activities assigned by the Job order under a contract between the parties) MAVA CORPORATE SRL. is the Data Processing Manager on behalf of the Data Controller or Sub-responsible.


MAVA CORPORATE SRL. ., with registered office in Via Viganò, 8 – 20124 Milano, VAT 09411610968, as owner or manager and / or sub-responsible (when appointed by the owner and / or external manager) of the treatment, informs you pursuant to art. 13 EU Regulation no. 2016/679 (hereinafter, “GDPR“) that the personal data we hold will be processed in the manner and for the following purposes:


  1. Object of processing

MAVA CORPORATE processes personal data, identifiers (e.g., first name, last name, company name, address, telephone number, e-mail address, bank and payment details) – later on, “personal data” or even “data” communicated by you on the occasion of the conclusion of contracts for services provided by MAVA CORPORATE (which in this case acts as the data controller) or communicated and transmitted to MAVA CORPORATE (Data Controller or Sub-Contractor appointed by the Data Controller or by another Data Controller) in order to carry out all the activities covered by the service provided, by virtue of a contact signed with the Customer (Data Controller or Data Controller).


  1. Purpose of processing and legitimate interests

The personal data to which MAVA CORPORATE accesses are processed:

1.A) without the express consent of the interested party (art. 6 letter b), e) GDPR), for the following Service Purposes:

the data are processed by MAVA CORPORATE as data controller because the processing is necessary for the execution of a contract to which the data subject is a party or for the execution of pre-contractual measures defined at the request of the data subject (personal data relating to pre-contractual contracts or activities with customers or suppliers; data relating to employees in the course of employment or pre-employment)


– fulfil contractual obligations with its customers who transfer, in their capacity as Data Controller or Data Processor, the personal data of their employees, customers or users to MAVA CORPORATE Srl, which processes them in compliance with and within the purposes set out in the contract with the Principal in place and within the limits of what is defined by the GDPR


– comply with the obligations laid down by law, regulation, Community legislation or an order of the Authority (such as on anti-money laundering);


– exercise the rights of the Holder, such as the right of defense in court;


1.B) Only with your specific and separate consent (art. 7 GDPR) given to the Data Controller, for the Marketing Purposes as specified in the relevant Privacy Policy for marketing purposes:


  1. Recipients of personal data and communication of data

Your data may be made accessible for the purposes referred to in art. 2.A) and 2.B) to employees and collaborators of MAVA CORPORATE Srl, including external ones, in their capacity as persons in charge and/or data processors and/or system administrators; in particular, the personal data of the interested party communicated by the Data Controller or Data Processor to MAVA CORPORATE, which acts as Data Processor or Sub-Responsible, may be transmitted to the following recipients:


  • Other external data processors for the provision of the requested service
  • Internal person in charge of processing the data for the provision of the service (inclusion in databases, development and maintenance of software, etc.)

Personal data are stored on servers located within the European Union. In any case, it is understood that the Owner, if necessary, will have the right to move the servers even outside the EU. In this case, the Owner hereby guarantees that the transfer of non-EU data will take place in accordance with the applicable legal provisions, subject to the stipulation of the standard contractual clauses provided for by the European Commission.

Without the need for express consent (art. 6 letter b) and c) GDPR), the Data Controller may communicate your data for the purposes referred to in art. 2.A) to supervisory bodies (such as IVASS), judicial authorities, insurance companies for the provision of insurance services, as well as to those persons to whom the communication is required by law for the performance of the aforementioned purposes. These subjects will process the data in their capacity as independent data controllers.


  1. Processing methods, security measures and storage period

The processing of the personal data of the person concerned is carried out by means of the operations indicated in art. 4 no. 2) GDPR, namely: collection, recording, organization, storage, consultation, processing, use, interconnection, blocking, communication, cancellation and destruction of the data.

Personal data are processed both in paper and electronic form and in part by automated means.


The personal data of the data subject are processed by applying the following minimum-security measures to the assets held by the data processors:

  • Centralized antivirus,
  • Name user referable to the person (whether asset administrator or not),
  • Mandatory password change at first access,
  • PC serial identification, work environment, software, hardware,
  • Formalization of the obligation of the person in charge not to export acquired customer data
  • The asset held by the person in charge of managing the personal data of the person concerned is returned at the end of the order and the IT Manager physically destroys the hard disk.


MAVA CORPORATE will process personal data for the time necessary to fulfil the above purposes and in any case for no longer than 2 years from the termination of the relationship for the Service Purposes.


  1. Rights of the interested party

As an interested party, you have the rights under Art. 15 GDPR and specifically the rights to:


  1. to obtain confirmation of the existence or not of personal data concerning you, even if not yet recorded, and their communication in intelligible form;
  2. obtain indication of: a) the origin of the personal data; b) the purposes and methods of processing; c) the logic applied in the case of processing carried out with the help of electronic means; d) the identity of the owner, manager and representative appointed pursuant to art. 3, paragraph 1, GDPR; e) the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know them in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing;
  3. obtain: a) the updating, rectification or, when interested, integration of data; b) the cancellation, transformation into anonymous form or blocking of data processed unlawfully, including data whose retention is unnecessary for the purposes for which the data were collected or subsequently processed; c) certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected;
  4. oppose, in whole or in part: a) on legitimate grounds, the processing of personal data concerning you, even if pertinent to the purpose of collection; b) the processing of personal data concerning you for the purpose of sending advertising materials or direct selling or for carrying out market research or commercial communication, through the use of automated calling systems without the intervention of an operator by e-mail and / or traditional marketing methods by telephone and / or mail. It should be noted that the right of opposition of the person concerned, as set out in point b) above, for direct marketing purposes by means of automated methods extends to the traditional ones and that, in any case, the possibility for the person concerned to exercise the right of opposition even in part remains unaffected. Therefore, the interested party may decide to receive only communications by traditional means or only automated communications or neither of the two types of communication.
  5. Right to rectification of his personal data in the event that they are modified and do not respond to those previously acquired or communicated (art. 16)
  6. Right to deletion of data (“right to be forgotten” Art. 17). MAVA CORPORATE, if one of the following cases exists, deletes the data from all the databases and archives in which it is contained:
  7. a) personal data are no longer necessary for the purposes for which they were collected or otherwise processed;
  8. (b) the data subject withdraws his or her consent and if there is no other legal basis for the processing;
  9. (c) the data subject opposes processing pursuant to Article 21(1) and there are no overriding legitimate grounds for processing, or opposes processing pursuant to Article 21(2);
  10. (d) the personal data have been processed unlawfully;
  11. (e) personal data must be erased in order to fulfil a legal obligation under Union or Member State law to which the controller is subject;
  12. (f) personal data have been collected in relation to the provision of information society services as referred to in Article 8(1).
  13. Right of restriction of processing (Art. 18). The data subject has the right to obtain from the data controller the restriction of the processing when one of the following situations occurs:
  14. (a) the data subject contests the accuracy of the personal data, for the period necessary for the controller to verify the accuracy of such personal data;
  15. (b) the processing is unlawful and the data subject objects to the deletion of the personal data and requests instead that their use be limited;
  16. (c) although the controller no longer needs it for the purposes of processing, the personal data are necessary for the data subject to establish, exercise or defend a right in court;
  17. (d) the data subject has objected to the processing pursuant to Article 21(1) pending verification as to whether the legitimate reasons of the controller override those of the data subject.
  18. Right of objection (Articles 21-22): The data subject has the right to object at any time, on grounds relating to his/her particular situation, to the processing of personal data concerning him/her pursuant to Article 6(1)(e) or (f), including profiling on the basis of these provisions. MAVA CORPORATE shall not subject the data to decisions based solely on automated processing.

MAVA CORPORATE shall notify each data subject of any rectification, restriction or erasure of the data.

MAVA CORPORATE shall refrain from further processing personal data unless there are compelling legitimate grounds for processing which take precedence over the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of a right in court.

For the data that MAVA CORPORATE processes for marketing purposes, the rights of the data subject are expressed in the specific Information on data processing for marketing purposes.


  1. Procedures for the exercise of rights

You may at any time exercise your rights by sending:


– an e-mail at the address


  1. Nature of data provision and consequences of refusal to respond

The provision of data for the purposes referred to in Article. 2. In their absence, we cannot guarantee the services of art. 2.A). 3


The provision of data for the purposes referred to in Article. 2. B) is optional and managed as defined in the Information on data processing for marketing purposes




What are cookies?

The website of MAVA CORPORATE SRL. uses cookies to make its services simple and efficient for users who view the pages.

If you visit the login page, a temporary cookie will be set to determine if your browser accepts cookies. This cookie does not contain any personal data and is deleted when you close your browser.

When you sign in, several cookies will be set to save your login information and screen display options. Login cookies last two days and screen options cookies last for one year. If you select “Remind me”, your access will last for two weeks. If you log out of your account, your login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie does not include any personal data, but simply indicates the ID of the article you just modified. Expires after 1 day. Navigation without the use of technical and profiling cookies is possible through what is called incognito navigation and which is feasible with all major browsers.

Users who access the Site will see minimal amounts of information entered into their devices, be they computers or mobile devices, in small text files called “cookies” saved in the directories used by the user’s web browser.

There are various types of cookies, some to make more effective use of the Site, others to enable certain features.


Site operator cookies

Technical cookies


The Site uses only “technical” cookies, such as navigation or session cookies, functionality cookies and analytical cookies.


– Browsing or session cookies

Specifically, navigation or session cookies are used, aimed at ensuring normal navigation and use of the website, and therefore aimed at making functional and optimize the same navigation within the site.


– Functionality cookies

In addition, functionality cookies are installed, strictly necessary to provide services explicitly requested by the user.


– Analytical cookies

Finally, there are cookie analytics, used exclusively by the operator of the Site, to collect information, in aggregate and anonymous form, on the number of users and how users visit the site.

There are no profiling cookies used by the operator of the Site, or third parties.


Installation/uninstallation of cookies. Browser options

The user can oppose the registration of cookies on their device by configuring the browser used for navigation: if they use the Site without changing the settings of the browser, it is assumed that they intend to receive all the cookies used by the Site and enjoy all the features.

Please note that the user can prevent the use of some, or all of the cookies described above, configuring the browser used for navigation, and precisely:




Duration of cookies

Cookies have a duration dictated by the expiration date (or by a specific action such as closing the browser) set at the time of installation.

Cookies can be:


  • temporary or session cookies: they are used to store temporary information, allow you to link actions performed during a specific session and are removed from your computer when you close your browser;
  • persistent cookies: these are used to store information, such as your login name and password, so that you do not have to type them again each time you visit a specific site. These remain stored on your computer even after you close your browser.


How to disable/delete cookies by configuring your browser:


Run the Chrome Browser

Click on the menu in the browser toolbar next to the url insertion window for navigation

3.Select Settings


Click Show Advanced Settings

In the “Privacy” section click on the “Content Settings” button

In the “Cookies” section you can change the following cookie settings:

Allow data to be saved locally

Change local data only until the browser is closed

Preventing sites from setting cookies

Blocking third-party cookies and site data

Manage exceptions for some websites

Delete one or all cookies


Mozilla Firefox

Run the Mozilla Firefox Browser

Click on the menu in the browser toolbar next to the url insertion window for navigation

Select Options

Select the Privacy panel

Click Show Advanced Settings

In the “Privacy” section click on the “Content Settings” button

In the “Tracking” section, you can change the following cookie settings:

Ask the sites not to perform any tracking

Notify sites of their willingness to be tracked

Do not communicate any preference regarding the tracking of personal data

From the “History” section you can:

Enabling “Use custom settings” select to accept third party cookies (always, from the most visited sites or never) and to store them for a certain period (until they expire, at the closure of Firefox or to ask each time)

Remove individual stored cookies


Internet Explorer

Run the Internet Explorer Browser

Click the Tools button and choose Internet Options

Click on the Privacy tab and, in the Settings section, change the slider according to the desired cookie action:

Block all cookies

Allow all cookies

Select the sites from which you want to obtain cookies: move your cursor to an intermediate position so that you do not block or allow all cookies, then click Sites, in the Website Address box enter a website and then click Block or Allow.


Safari 6

Run the Safari Browser

Click on Safari, select Preferences and click on Privacy

In the Block Cookies section, specify how Safari should accept cookies from websites.

To view which sites have stored cookies click on Details


Safari iOS (mobile devices)

Run the iOS Safari Browser

Tap on Settings and then Safari

Tap on Block Cookies and choose from the various options: “Never”, “Third-party and advertisers” or “Always”.

To delete all cookies stored by Safari, tap on Settings, then on Safari and finally on Delete Cookies and Data



Run the Opera Browser

Click on Preferences then on Advanced and finally on Cookie

Select one of the following options:

Accept all cookies

Accepts cookies only from the site you visit: third party cookies and those that are sent from a domain other than the one you are visiting will be rejected

Never accept cookies: all cookies will never be saved


Rights of the data subject:

The User, as a data subject, has the right at any time to exercise the rights recognized by the European Regulation EU 619/2016 (art. 15) and specifically the rights, among others, to obtain a copy of the data processed, their updating, their origin, purpose and method of processing, their rectification or integration, their cancellation, transformation into anonymous form or blocking for processing in violation of the law and to oppose for legitimate reasons to the processing.


To exercise these rights, write to the attention of the Privacy Office of MAVA CORPORATE SRL at the following e-mail address:


If you have already given your consent but want to change your cookie permissions, you must delete them through your browser, as indicated above, because otherwise those already installed will not be removed.


Detailed information:


When visitors leave comments on the site, we collect the data shown in the comments form, as well as the visitor’s IP address and browser user agent string to facilitate spam detection.

An anonymized string created from your email address (or hash) can be provided to the Gravatar service to see if you are using it. The privacy policy of the Gravatar service is available here: After your comment is approved, your profile image is visible to the public in the context of your comment.



If you upload images to the website, you should avoid uploading images that include built-in position data (EXIF GPS). Visitors to the website can download and extract any location data from the images on the website.


Contact form

On our site there are contact forms for the acquisition of personal data for marketing and recruiting purposes.

The contact form used on this website is Contact Form 7.

Marketing purposes do not include newsletters or spam. You will not receive automatic emails from MAVA CORPORATE to your email address.


Content Embodied by Other Websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Content embedded by other websites behaves in exactly the same way as if the visitor had visited the other website.

These websites may collect data about you, use cookies, integrate additional third-party tracking and monitor your interaction with them, including tracking your interaction with embedded content if you have an account and are connected to those websites.

The main external sites used by are:





The services contained in this section allow the data controller to monitor and analyze traffic data and are used to track user behaviour.

Like many other websites and blogs, also uses log files: it records the history of operations as they are performed. The information contained in log files includes IP addresses, browser type, Internet Service Provider, date, time, entry and exit page and the number of clicks.

All this to analyze trends, administer the site, monitor user movement within the site and collect demographic data, IP addresses and other information. Such data cannot be traced back in any way to the identity of the user.


Google Analytics (GOOGLE INC.)

Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google uses the collected personal data for the purpose of tracking and examining the use of this blog, compiling reports and sharing them with other services developed by Google.

Google may use your personal data to contextualize and customize ads from its advertising network.


Personal data collected: cookie, IP address, geographic location, language, duration of visit, age group, gender, browser used and how to traffic on the site (usage data).


Interaction with social networks and external platforms

This type of service allows you to interact with social networks or other external platforms, directly from the pages of this site. The interactions and information acquired by are, in any case, subject to the user’s privacy settings for each social network.

It is possible that, even if users do not use the service, it collects traffic data relating to the pages on which it is installed.

Inside the blog you can find links to the social channels of the blog and buttons that allow you to share the content published. These can potentially place cookies on the device you use when you click them.

The connected Axcent channels are: Facebook, Instagram, Twitter, YouTube, LinkedIn


Personal data collected: cookies and usage data.

Protection from SPAM

We use paid services that analyze the traffic of mailboxes on this website in order to filter messages and content recognized as SPAM.


Last modified: 12/09/2019