Cookies policy


Key-One srl, in order to offer a better digital experience with its website, uses third party’s cookies, namely statistical analytical cookies provided by Google Inc. as part of its aggregate statistical analysis service called Google Analytics.

If you continue to navigate, accessing a further section of the website or selecting a part of it (for example an icon or a link) you give your consent to use the cookies.

If you agree to navigate, then, you allow us to record and access those cookies on your device.

If you want to learn more, please click here, if you do not accept, we invite you to close this window on your browser.

Learn more

“Web Privacy Policy and Cookies”

In compliance with the Italian Legislative Decree 30 June 2003, no. 196 –art.13 and with the Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies of 8 May 2014.

Dear User,

Key-One Srl (hereinafter “Key-One Srl”) owns the information you are asked to use the services provided by the websites “” (hereinafter sites or websites) as personal data.


Hereafter please find some information about how “Key-One Srl” uses your data.


The new rules will be periodically updated as better specified in paragraph “12. Modifications”.

Therefore, we invite you to read them regularly.

Anyway, should you not agree with them, you might ask to cancel your registration on the website, expressing your will via email to the following email address: The cancellation will imply that you are not allowed to use any further the Products and Services, which require the registration.

Your personal data will be used with paper, computer or telecommunication supports for the purposes stated below, in compliance with the norms concerning the protection of personal data stated in the Italian Data Protection Code –Legislative Decree no. 196/2003” and in the specific sectorial provisions issued by the Italian Data Protection Authority (hereinafter “Data Protection Authority”).

The information is given only for the present website and not for other websites which might be consulted through other links (hereinafter “links”), also within this website, but that lead to websites not owned by “Key-One Srl”.

This document deliberately recalls the contents of the Privacy Policy applied by the Italian Data Protection Authority for the personal data processing of the users who are connected to the official website

The Data Controller wants to conform its privacy policy to the “Code” and to the procedures and specifications issued by the Italian Data Protection Authority in its Privacy Policy document published on its official website and to the Simplified arrangements to Provide Information and Obtain Consent Regarding Cookies of 8 May 2014.

The users’ data are collected and processed for purposes connected or instrumental to the activities of “Key-One Srl”.

“Key-One Srl” collects, keeps and processes your personal data to provide you with the services offered on their websites and for legal obligations.

For some specific Services, Products, Offers, etc. “Key-One Srl” will process your personal data for commercial and/or profile purposes. You will be asked a specific consent, which is separate, optional and always revocable.

No personal data processing operations defined as “judicial” or “sensitive” (personal data which reveal your race or ethnic origin, your religious, philosophical or other kinds of beliefs, your political opinions, the adhesion to parties, unions, association or religious, philosophical, political or union organizations, or your personal data which reveal any health or sexual life conditions) are provided for by the Data Controller. The communication and the general data processing might be focused on a group of aggregate and non-defining data for statistic analysis or anonymous data. The data will not be disseminated.


The data provided will be used for these purposes:

  1. A) to consent users to complete the registration process to access specific sections of the website, where it is necessary;
  2. B) for purposes connected or instrumental to the establishment and execution of the obligations implied by the orders placed by the users (including the post-sales warranty fulfilments, support and so on) through special links on the website or to fulfil, before completing an order, the users’ specific requests;
  3. C) for an effective management of the website and of the services offered;

The data cannot be periodically updated with information acquired during the course of the established relation.


The data processing is carried out with manual and electronic tools and, in any case, the safety and protection of the data themselves is guaranteed.

Since there is a close and undeletable instrumental connection between the completion of the activities requested by the user to “Key-One Srl” and the purposes listed above at letters A), B) and C), if the user does not give his/her personal data and his/her consent to communicate the personal data to third parties for the above-mentioned purposes, no contract will be stipulated.


In any case, “Key-One Srl” reminds you that the consent of the users is not required if the personal data processing, in compliance with section 24 of the “Code”, is necessary for the following situations:

  1. a) the processing is necessary to comply with an obligation imposed by a law, regulations or Community legislation;
  2. b) the processing is necessary for the performance of obligations resulting from a contract to which the data subject is a party, or else in order to comply with specific requests made by the data subject prior to entering into a contract;
  3. c) the processing concerns data taken from public registers, lists, documents or records that are publicly available, without prejudice to the limitations and modalities laid down by laws, regulations and Community legislation with regard to their disclosure and publicity;
  4. d) the processing concerns data relating to economic activities that are processed in compliance with the legislation in force as applying to business and industrial secrecy;
  5. e) the processing is necessary to safeguard life or bodily integrity of a third party. If this purpose concerns the data subject and the latter cannot give his/her consent because (s)he is physically unable to do so, legally incapable or unable to distinguish right and wrong, the consent shall be given by the entity legally representing the data subject, or else by a next of kin, a family member, a person cohabiting with the data subject or, failing these, the manager of the institution where the data subject is hosted. Section 82(2) shall apply;
  6. f) the processing is necessary for carrying out the investigations by defence counsel referred to in Act no. 397 of 07.12.2000, or else to establish or defend a legal claim, provided that the data are processed exclusively for said purposes and for no longer than is necessary therefor by complying with the legislation in force concerning business and industrial secrecy, dissemination of the data being ruled out;
  7. g) […omissis…]


On their websites, “Key-One Srl” will be allowed to provide you with new Products and Services, including “social” services(for example, exchange of opinions and messages, video messages, chats, etc), supporting services, newsletters, etc. It will be furthermore allowed to promote special offers, games and contests on its websites, organized and managed by partnering companies. A part or the whole amount of data collected during the promotions or contests might be shared with sponsors or third parties. If there are prize contests or lotteries, the names of the winners might be published on the website or be advertised through the media (newspapers, magazines etc.). In those cases, the winner will be informed in advance about his/her data collection or communication in various ways (participation forms, contest/promotion rules etc.) and (s)he will have to expressly accept it.

To access and use such offers, “Key-One Srl” invites you to read the specific regulations, which clarify how they work and how to use them.

We invite you to read the specific information about each Product, Service, Promotion, Game or Prize Contest in its dedicated website.

The website offers “links” to other websites or resources from the Internet. You accept and acknowledge that “Key-One Srl” is not responsible for such websites or external resources.

The hyper textual links to the website or any other type of links based on any other type of technology cannot be created without the previous written consent of “Key-One Srl”, being understood that it has the right to ask the removal of such “links” at any time. “Key-One Srl” is not compelled to control and actually it does not control the content of those websites and is not responsible for the contents and/or material, including all the ads, published on those websites or external resources or for the products or services offered. If not otherwise stated, those products or services cannot be considered sponsored, shared or supported by “Key-One Srl” and therefore the user is responsible for their use and for the purchase of those services or products.

You acknowledge that if you provide the personal or contact data of a third party, they become part of a personal data processing and you become the Data Controller and accept the relative legal obligations and responsibilities. In this sense, you guarantee to “Key-One Srl” that all data of third parties you have acquired in this way (and consequently processed as if the third party had given his/her written consent to the processing) are in compliance with the “Code”. As far as this point is concerned, you agree to totally indemnify “Key-One Srl” for any contestation, demand, damage claim, etc. that “Key-One Srl” might receive from any third parties involved due to the personal data you gave, violating the applicable norms concerning the personal data protection.

The data processing is carried out also with the help of electronic or anyway automatized tools and is carried out by “Key-One Srl” and/or third parties used by “Key-One Srl” to record, manage and communicate the data themselves.

The data are stored for the period of time stated in the “Code” and in the other applicable laws. In any case, the period of time to store your data is represented by the necessary time to pursue the above-mentioned purposes or until “Key-One Srl” receives your request of cancellation of the data whose consent to be processed is optional and non-mandatory.

All the employees of “Key-One Srl” who have access to your data are in charge of the personal data processing, in compliance with the “Code”.

In addition to the communications made to fulfil specific legal obligations, rules or EU norms, your personal data might be communicated to:

  1. a) Natural or legal persons of whom “Key-One Srl” have decided to avail themselves to carry out some services or connected activities;
  2. Delegated subjects and/or entrusted by “Key-One Srl” to carry out technical maintenance (including the maintenance of the Internet devices or the electronic communications networks where the websites are published).

In any case, the above-mentioned subjects will receive only the necessary and relevant data for the processing purposes they are entrusted with, being external data controllers as stated in art. CosmalO of the “Code”. The personal data shall not be disseminated.

“Key-One Srl” informs you that some Services will be managed by some suppliers on the websites of “Key-One Srl”, without our intermediation. If you choose to use the additional services, the data protection will be supervised by the suppliers of those services, in compliance with the Privacy protection norms.

“Key-One Srl” collaborates with the police and other public entities and authorities to make their users respect the law, the rights of the other users and of the third parties, including their intellectual property rights. Therefore, your personal data might be communicated, as an example, to public entities if this is necessary for defence purposes, State safety, prevention, inspection or repression of crimes, in compliance with the norms on the subject. These public entities have the right to ask and obtain your personal data if it is necessary or useful for investigations or inspections for frauds, computer frauds, violation of intellectual property rights, hacker activities or other illegal activities which might expose “Key-One Srl” or our users to legal, civil or penal responsibilities.

“Key-One Srl” guarantees the safety and protection of your data, safeguarded by adequate protection measures, according to what is stated in the “Code”, part 1, section 5 and in the Technical specifications concerning minimum security measures annexed to the “Code” in order to reduce the risks of data destruction or loss –even accidental, non authorized access or non authorized processing or non conformed to the data collection purposes.

In some pages of “Key-One Srl” some automatic methods of data collection are applied, like for example the “cookies”. They are small files sent to the User’s computer (usually to the web browser).  The term “cookies” refers to the cookies and to any other similar technology.

Most cookies are “session” cookies, and are automatically deleted at the end of each session, except for some types, which are, instead, saved on the hard disk and can be read only by the server that had previously sent them. A cookie cannot collect any other data from the user’s hard disk or spread computer viruses or collect email addresses.

The use of cookies makes the use of the Internet more effective. One of the reasons why they are used is that, for example, they allow the users to write fewer passwords during the same Internet session on the pages of “Key-One Srl. The cookies used on the websites have therefore the purpose to login or monitor the session and the memorization of specific technical information concerning the users who access the servers of “Key-One Srl” etc. In this perspective, some of the operations on the websites might not be carried out without the use of the cookies, which are in these cases technically necessary. For example, the access to your Personal Page and to the restricted areas on the website and the activities carried out there would be far more complex and less safe without the use of the cookies, which allow to identify the user and keep its identification valid during the session.

In any case, the use of the cookies or similar techniques will be carried out in compliance with article 122 of the “Code” and of the Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies of 8 May 2014, which specify that those technologies are allowed for specific legitimate purposes, concerning the technical memorization for the time needed to pass the communication or provide a specific service requested by the User, who can at any time object to the processing of his/her data for the above-mentioned purposes.

The User, actually, who is to be considered informed in compliance with art. 13 of the “Code” and with what is stated in the current Paragraph, will have the right to accept all cookies, to be informed about the use of one cookie or to block all cookies modifying the setting of his/her browser. Should the cookies be blocked, the quality and features of the website might decrease.

Here are the instructions for the management of the cookies for the most common browsers:

  • Internet explorer: click here
  • Mozilla Firefox: click here
  • Google Chrome: click here

In compliance with article 122, provision 1, of the Personal Data Protection Code (in the current statement after the enforcement of the legislative decree 69/2012) and with the Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies of 8 May 2014, the “technical” cookies might be used also without the consent of the data subject. Furthermore, the same European body, which unifies all the Data Protection Authorities of the member states (the so-called “Article 29 Data Protection working party”), has clarified in the Opinion on Cookie Consent Exemption that some cookies are exempted from the requirement of informed consent:

1) User input cookies (session-id), for the duration of a session or persistent cookies limited to a few hours in some cases.

2) Authentication cookies, used for authenticated services, for the duration of a session.

3) User centric security cookies, used to detect authentication abuses, for a limited persistent duration.

4) Multimedia content player session cookies, such as flash player cookies, for the duration of a session.

5) Load balancing session cookies, for the duration of session.

6) UI customization persistent cookies, for the duration of a session (or slightly more).

7) Third party social plug-in content sharing cookies, for logged in members of a social network.


Cosmal informs you that it will use only the technical cookies necessary to navigate on its websites, because they allow some essential functions like the authentication, validation, management of a session and the prevention of frauds and they also allow for example to: know if the user regularly accesses his/her Restricted Area or validate the user’s login, manage his/her sessions related to the various services and applications, store the data of the partnering shops to have a safe access or control and prevent frauds.

In order to be totally transparent, here is a list of the technical cookies and the specific situations on the Portal:

  • The cookies sent to the User/Contractor’s terminal (which will not be used for further purposes) like for example the session cookies used to “add to cart” for online purchase of services on the Portal, authentication cookies, cookies for multimedia contents like Flash Player which do not exceed the duration of one session, customization cookies (for example, for the choice of the language, the recognition of the user ID and his/her complete passwords writing only the first letters etc.);
  • The cookies used to make statistical analyses concerning the accesses/visits to the website (the so-called “analytics” cookies) which pursue only statistical goals (no profile or marketing goals) and collect aggregate information without the possibility to identify each single user. In these cases, since the current legislation states that for the analytics cookies the user must be clearly and adequately allowed to opt out (including the possible mechanisms to anonymize the cookies themselves), we specify that you can block Google Analytics like this: open your browser, select the settings, click on the Internet options, open the privacy page and choose the cookies block. Should you be willing to delete the already stored cookies, it is enough to open the security page and delete the chronology, ticking the box “Delete cookies”.

Except for the technical cookies, we inform you that in its websites “Key-One Srl” will not use other non “technical” cookies or cookies which have critical issues for the protection of the user’s personal data, like for example the ones used for profiling and marketing purposes that are not installed on the users’ terminals.

In addition to the cookies directly coming from “Key-One Srl” and therefore called “First Party or Editor’s cookies”, “Key-One Srl” informs you that on its websites there might be also “Third party cookies”, cookies working on behalf of the Editor, but not owned by him/her. “Key-One Srl” has no control on such third party cookies, you must refer to the third party’s website every time.

In order to comply with the information transparency required for “first party websites” (namely the Portal managed by Key-One Srl) where some “third party cookies” are present, we inform you that the following  third party cookies are operating on our Portal:


The Portal uses Google Analytics, an analytic tool service offered by Google, Inc. (“Google”). Google Analytics uses “cookies” that are text files deposited on the user’s terminal to allow some aggregate statistical analyses. Google Inc. is the reference Data Controller.

The computer systems and software procedures of the website acquire some personal data during their normal operations, implicitly transmitted by the use of the communication protocols of the Internet.

Such information is not collected to be associated to specific subjects, but, for its very nature, it might allow to identify the users through elaborations and associations with data obtained by third parties.

This category includes the IP addresses or the domain names of the computers used by the users to connect to the website, the time of the request, the method to send the request to the server, the size of the answer file received, the numeric code showing the answer given by the server (successful operation, error, etc) and other parameters related to the users’ operative system and to the computer environment.

Such data are collected only to infer anonymous statistical information about the use of the website and to control its correct functioning and are immediately deleted after their elaboration. The data might be used to verify the responsibility in case of hypothetical IT crimes damaging the website. Except for this situation, the data concerning the web contacts are not further stored.

“Key-One Srl” has the right to make changes on its website, the current Web Privacy Policy and the Cookies published on the website at any time. When consulting it, the user must always refer to the published text as the applicable version.

The modifications will be operative since they are published on the website. If the User continues to use the website after any modification, it will be considered as if (s)he accepts such modifications.

All the users are allowed to verify, at any time, the latest version of the Web Privacy Policy and the Cookies updated by “Key-One Srl” from time to time connecting to its website.

You can always exercise any of the rights stated in art.7 of the “Code”, whose text is entirely quoted below to help you.

Art. 7 -Right to Access Personal Data and Other Rights

  1. A data subject shall have the right to obtain confirmation as to whether or not personal data concerning him exist, regardless of their being already recorded, and communication of such data in intelligible form.
  2. A data subject shall have the right to be informed
  3. a)of the source of the personal data;
  4. b) of the purposes and methods of the processing;
  5. c) of the logic applied to the processing, if the latter is carried out with the help of electronic means;
  6. d) of the identification data concerning data controller, data processors and the representative designated as per Section 5(2); and
  7. e) of the entities or categories of entity to whom or which the personal data may be communicated and who or which may get to know said data in their capacity as designated representative(s) in the State’s territory, data processor(s) or person(s) in charge of the processing.
  8. A data subject shall have the following rights:
  9. a) to obtain updating, rectification or, where interested therein, integration of the data;
  10. b) to obtain erasure, anonymization or blocking of data that have been processed unlawfully, including data whose retention is unnecessary for the purposes for which they have been collected or subsequently processed;
  11. c) to obtain certification to the effect that the operations as per letters a) and b) have been notified, as also related to their contents, to the entities to whom or which the data were communicated or disseminated, unless this requirement proves impossible or involves a manifestly disproportionate effort compared with the right that is to be protected.
  12. A data subject shall have the right to object, in whole or in part:
  13. a) on legitimate grounds, to the processing of personal data concerning him/her, even though they are relevant to the purpose of the collection;
  14. b) to the processing of personal data concerning him/her, where it is carried out for the purpose of sending advertising materials or direct selling or else for the performance of market or commercial communication surveys.

Data controller is Key-One Srl, with legal headquarters in Milano (MI), via Donatello 30.

For any information or request, you can directly go to Key-One Srl  via Donatello 30, 20131 Milano (MI) or write an email to