Complete cookies policy information – website users

Who are we and how do we use your personal data?

The European House – Ambrosetti, with registered office located in via F. Albani, 21 - 20149 Milan (hereinafter also the Controller), in its capacity as Controller is concerned about the privacy of your personal data and guarantees that they are sufficiently protected against any event that could jeopardize their security.

The Controller puts the policy into practice with regard to the collection and processing of personal data and to the exercise of your rights recognized by the applicable regulations. The Controller takes care to update the policies and practices applied for the protection of personal data whenever this becomes necessary and in any case when there are amendments to the legislation and changes within the organization that could affect the processing of personal data.

The Controller has appointed a Data Protection Officer (DPO) whom you can contact should you have any questions concerning the policies and practices adopted.

You may contact the DPO at the address

How does the Controller collect and process your data?

Your personal data will be processed for the following purposes:

  1. Navigation of the website

Your personal data, including navigation data, e.g. the IP address and cookies issued during navigation of the website are processed by the Controller to manage the website and gather information, also in aggregated form.

Your personal data will not be disseminated or shared indiscriminately in any form to unspecified parties.


  1. Notification to third parties and recipients

Your personal data are disseminated primarily to third parties and/or recipients whose activity is required for fulfilling the activities related to the aforementioned purposes and also for meeting precise legal requirements. Any communication that does not serve these purposes will be subject to your consent.

In particular, your data will be communicated to third parties/recipients for the following purposes:

  1. provision of the service (e.g. IT services providers);
  2. communication to financial administrations, public supervisory and control bodies in relation to whom the Controller is required to meet specific obligations deriving from the specific nature of the activity performed.

The personal data the Controller processes for these purposes are:

  • the navigation data (IP address).
  1. Reasons of IT security

Including through its suppliers (third parties and/or recipients), the Controller processes your personal data (e.g., IP address) or data pertaining to traffic collected or obtained in case of services offered on the website that are strictly necessary and proportional to ensure the security and capability of a network or servers connected with it to withstand, at a given level of security, unforeseen events or illicit or criminal acts that would endanger the availability, authenticity, integrity and confidentiality of the personal data stored or transmitted.

Towards this end, the Controller has provided for procedures to manage data breaches.

What are cookies and what is their primary use?

A "cookie" is a small text file created by certain websites on the user’s computer when the user accesses a site, for the purpose of storing and transmitting information. The cookies are sent by a web server (which is the computer on which the website visited is running) to the user’s browser (Internet Explorer, Mozilla Firefox, Google Chrome, etc.) and stored on the latter’s computer; they are then re-sent to the website during the user’s subsequent visits to the website.






Technical cookies


Website management Used for the operation and safe and efficient exploration of the website 

Valid for the navigation session 

These cookies are required for the use of the website, if you block them the website will not work 

Functionality cookies (login)


Cookie that maintains the user login active 

14 days 

It would be impossible to remain logged in during navigation. The login request would be displayed for each page. 

Cookie analytics



Used to gather aggregated information on user navigation to optimize the navigation experience and the services provided. 


Valid for the navigation session. 

It would no longer be possible for the Controller to acquire aggregated information. 


Established by the third party 

Profiling cookies


Monitoring cookie that analyzes user behavior on the website 

Established by the third party 

User operations on the site will not be tracked 



Some operations could not be performed without the use of cookies which, in certain cases, are, therefore, technically necessary. In other cases, the site uses cookies to facilitate and streamline navigation by the user or to allow the user to access specifically requested services.

The cookies can remain in the system for long periods of time and can also contain a unique identification code. This enables the websites that use them to track the navigation of the user inside the website itself, for statistical or advertising purposes, in order to create a personalized profile of the user based on the pages visited and show or send him/her targeted advertising messages (so-called Behavioral Advertising).

Which cookies are used and for what primary purpose?

Below, the Controller has provided the specific types of cookies utilized, their purpose and what happens if they are disabled.

Third party cookies

Third party cookies also run on this website: these are cookies created by a website other than the one the user is currently visiting.

Specifically, we would like to inform users that this website utilizes the following services that generate cookies:

- The "Google Analytics” web analysis service provided by Google, Inc. is a World Wide Web analysis service that utilizes “cookies” which are stored on the user computer to allow the website visited to analyze how users make use of it. The information generated by the cookie on the use of the websites visited by the user (including the IP address) is sent to Google, and deposited on the Google servers in the United States. Google will employ this information to track and analyze the use of the website by users, compile reports on website activities for website operators and provide other services concerning website activities and use of the Internet. To consult the Google privacy notice related to the Google Analytics service, and to express your consent for the use of the cookies described above, please refer to the following web page

– The Hotjar service provided by Hotjar Ltd. is a monitoring cookie that analyzes user behavior on the website. To consult the Hotjar Ltd. privacy notice related to the Hotjar service, and to express your consent for the use of the aforementioned cookies, please refer to the website

Social buttons

The contains certain “buttons” (known as “social buttons/widgets”) which display social network icons (e.g., Facebook, LinkedIn) and icons of other web services (e.g., YouTube). These allow users navigating the Controller’s web page to access the referred social networks with a “click”. In this case, the social network and the web services acquire the data concerning the user, but the Controller will not share any navigation information or user data acquired through its own website with the social networks and the web services that are accessible via the social buttons/widgets. These services issue “third party cookies”. The links to the privacy notices of the most commonly used social networks and websites the buttons send users to are given below:

Disabling and enabling cookies “review your cookie preferences”

What happens if you do not provide your data?

We invite you to examine the consequences of disabling individual cookies, provided in the table above.

How, where and for how long is your data stored?

How do we process your data?

Your personal data are processed via electronic procedures by specially authorized and trained internal employees. They are allowed access to your personal data in the measure and within the limits necessary for processing of your personal data.

The Controller periodically audits the tools whereby your data are processed and the security measures contemplated for them, which require constant updating; the Controller verifies, also via the authorized processors, that no personal data are collected, processed, filed or held unless it is necessary; regular audits ensure that the data are preserved with the guarantee of integrity and authenticity and that they are used for the purposes of the processing effectively done.

Where do we process your data?

The data are stored in computer and telematic archives located within the European Economic Area.



How long do we process your data for?


Please refer to the personal data storage terms as provided in the table above.

Website navigation:

The personal data are kept for the time required to allow navigation of the website and in any case no longer than XX months, except in cases in which events occur that require the intervention of the competent authorities, also in cooperations with third parties/recipients appointed to manage the Controller’s data IT security activities, for the time required to investigate the causes determining the event and to protect the interests of the Controller in relation to any liability related to the use of the website and the relative services.

What rights do you have?

In essence, at any time, free of charge and without any special procedures for making the request, you can:

  • obtain confirmation that your data are being processed by the Controller;
  • access your personal data and know the origin (when the data were not obtained from you directly), the purposes and aims of processing, the data of the subjects receiving them, the period of conservation of your data or the criteria used to determine it;
  • update or correct your personal data so that they are always exact and accurate;
  • delete your personal data from the databases and/or archives, including backup archives, of the Controller when, among other things, they are no longer necessary for the purpose for which they were processed or if they received illegitimately, and whenever there are any of the conditions contemplated by law; and in any case if processing is not justified by another equally legitimate reason;
  • limit processing of your personal data to certain circumstances, such as those in which their accuracy has been challenged, for the period necessary to the Controller to check their accuracy. You must be informed, within a congruous time, also about when the period of suspension is terminated or the cause of the limitation to processing has been resolved, and the limitation revoked;
  • obtain your personal data, if received or processed by the Controller with your consent and/or if they are processed on the basis of a contract and using automatic methods, in a computerized form, including for sharing them with another processing entity.

In this case, the Controller must proceed without delay and, in any case, no longer than one month from receiving your request. If necessary, this deadline may be extended to two months, given the complexity and number of requests received by the Controller. In such situations, within a month of receiving your request, the Controller must inform you and provide the reasons for the deadline extension. To exercise your rights, write to the address

How and when can you object to the processing of your personal data?

For reasons regarding your personal situation, you may at any time object to the processing of your personal data, if it is based on legitimate interests, by sending your request to the Controller to:

You have the right to deletion of your personal data if there is no prevalent legitimate reason with respect to the one that originated your request.

How can you lodge a complaint?

Without prejudice to any other administrative or judicial action, you may lodge a complaint to the relevant authority operating and with jurisdiction in Italy where you regularly reside or work, or if different from the member state in which the violation of Regulation (EU) 2016/679 occurred.