SOFFASS S.p.A., with registered office in Via Fossanuova 59, 55016 Porcari (Lucca), Italy (hereinafter “Soffass”) is committed at all times to protecting the online privacy of its users. This document has been prepared pursuant to Art. 13 of EU Regulation 2016/679 (hereinafter the “Regulation”) in order to enable you familiarize yourself with our privacy policy, to understand how your personal information is handled when you use our websites (for Regina brands and products, hereinafter collectively referred to as “Website”) and, if applicable, to give your express and informed consent to the processing of your personal data. The information and data provided by you or otherwise acquired in the context of your use of Regina services, such as for example, accessing the reserved area of the Website or user area, hereinafter the “Services”, will be processed in compliance with the provisions of the Regulation and with the confidentiality obligations that underpin Soffass’ business.

According to the Regulation, the processing carried out by Soffass will be based on the principles of lawfulness, fairness, transparency, purpose and storage limitation, data minimisation, accuracy, integrity and confidentiality.


  1. Data controller
  2. Personal data subject to processing
    1. Browsing data
    2. Data provided voluntarily by the data subject
    3. Cookies
  3. Purpose of processing
  4. Legal basis and mandatory or optional nature of the processing
  5. Recipients of personal data
  6. Transfers of personal data
  7. Storage of personal data
  8. Rights of the data subject
  9. Changes
1. Data Controller and Data Protection Officer “DPO”

The controller of processing carried out through the Website is Soffass SpA, as defined above, which can be contacted at Via Fossanuova 59, 55016 Porcari (Lucca), Italy. For communications on this matter the Controller has set up the email address The Data Protection Officer (hereinafter the “DPO”) pursuant to Art. 37 et seq. of the Regulation can be contacted via the email

The Data Processor is the company Progresso S.r.l. with registered office in Via della Chiesa XXXII Trav.1 – 231, 55100 Lucca (LU), Italy.

2. Personal data subject to processing

Following your browsing of the Website, we inform you that Soffass will process your personal data, which may consist of an identifier such as your name, an identification number, an online identifier or one or more elements characteristic of your physical, economic, cultural or social identity that identify or can identify you (hereinafter just“Personal Data”).

The Personal Data processed through the Website are the following:

a. Browsing data

The computer systems and software procedures used to operate the Website acquire, during their normal operation, some Personal Data whose transmission is implicit in the Internet communication protocols. This information is not collected to be associated with identified data subjects, but by its very nature could, through processing and association with data held by third parties, allow users to be identified. This category of data includes IP addresses or domain names of computers used by users who connect to the Website, URIs (Uniform Resource Identifiers) of requested resources, the time of the request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the server (successful, error, etc.) and other parameters regarding the user’s operating system and IT environment. These data are used for the sole purpose of obtaining anonymous statistical information on the use of the Website and to check its correct functioning, to identify anomalies and/or abuses and are deleted immediately after processing. Data could be used to ascertain responsibility in the event of hypothetical computer crimes against the website or third parties: except for this possibility, at present the data on web contacts do not persist for more than seven days.

b. Data voluntarily provided by the data subject

When you use certain Services on the Website, it may happen that you send Soffass the Personal Data of third parties which is processed. In such cases, you are the independent data controller and you accept all the obligations and responsibilities under the law. On this point you will hold Soffass harmless in the broadest possible sense against any dispute, claim or compensation for damages resulting from such processing, etc. that may be received by Soffass from third parties whose Personal Data has been processed through your use of the Website’s features in breach of the applicable rules on personal data protection. In any case, if you provide or otherwise process the Personal Data of third parties when using the Website, you warrant as of now – accepting all related liability – that this particular case of processing is based on an appropriate legal basis pursuant to Art. 6 of the Regulation legitimising the processing of the information in question.

c. Cookies

Definitions, characteristics and application of the regulation

Cookies are small text files that websites you visit send and record on your computer or mobile device, which are then resent to the same websites the next time you visit them. These cookies allow a website to remember your actions and preferences (such as, for example, your login details, your preferred language, font size, other display settings, etc.) so that they do not need to be indicated again when you return to that website or browse from one page to another. Cookies are used to perform computer authentication, session monitoring and storage of information regarding the activities of users who access a website and may also contain a unique identification code that enables the user’s browsing within the website to be tracked for statistical or advertising purposes. While browsing a website, users may also receive on their computer cookies from websites or web servers other than the one they are visiting (so-called “third party” cookies). Some operations might not be performed without the use of cookies, which in some cases are therefore technically necessary for the website’s operation.

There are various types of cookies, depending on their characteristics and functions, and they can remain on the user’s computer for different periods of time. Session cookies are automatically deleted when the browser is closed, while persistent cookies remain on the user’s device until a set deadline.

According to the laws in force in Italy, the use of cookies does not always require the express consent of the user. In particular, “technical cookies”, i.e. those used exclusively with a view to carrying out the transmission of a communication on an electronic communications network or insofar as this is strictly necessary to provide a service explicitly requested by the user, do not require such consent. In other words, these cookies are essential to the functioning of the website or necessary for carrying out the activities requested by the user.

According to the Italian Data Protection Authority (see the Decision on Simplified Arrangements to Provide Information and Obtain Consent Regarding Cookies dated 8 May 2014 and subsequent clarifications, hereinafter “Decision”), technical cookies, which do not require express consent for their use, also include:

  • “analytics cookies” when used directly by the website operator to collect information, in aggregate form, on the number of users and how they visit the website,
  • browsing or session cookies (to authenticate),
  • function cookies, which allow the user to browse according to a series of selected criteria (for example, language, products selected for purchase) in order to improve the service provided to the user.

On the other hand, “profiling cookies”, i.e. those designed to create user profiles and used to send advertising messages in line with the preferences expressed by the user while browsing the web, require the prior consent of the user.

Types of cookies used by the Website and the possibility of enabling or disabling them

The Website uses the following cookies that can be disabled, except for third party cookies for which you must refer directly to the enabling/disabling methods for the respective cookies, given in the links:

  • Browsing or session technical cookies that are strictly necessary for the functioning of the Website or that allow you to make use of the contents and services requested.
  • Function cookies, which are used to activate specific features of the Website and a series of selected criteria (for example, language) in order to improve the service provided.

WARNING: By disabling technical and/or function cookies, the Website may not be available for consultation or some of the Website’s services or functions may not be available or may not function properly and you may be required to manually change or enter certain information or preferences each time you visit the Website.

  • Third party cookies, i.e. cookies from websites or web servers other than those of Regina, used for the purposes of those third parties. It should be noted that these third parties, listed below with links to their privacy policies, are typically autonomous controllers of the data collected through the cookies they use, so you should refer to their policies on personal data processing, information and consent forms (enabling and disabling of their respective cookies), as specified in the above Decision. For completeness, it should be noted that Soffass does its utmost to track cookies on its Website. These are regularly updated in the table below, where we provide transparency about the cookies Soffass sends directly to you and their purposes. With regard to third parties who send cookies through our Website, links to their privacy policies are provided below: as already mentioned, we delegate to these third parties responsibility for providing the policy and collecting your consent, as required by the Decision. This responsibility applies not just to the cookies that third parties send directly, but also to any additional cookies that are sent through our Website as a result of use of services by the third parties themselves. Soffass has no control over cookies sent by the service providers of these third parties and does not know their characteristics or purposes.

The handling of information collected by “third parties” is governed by the relevant policies, to which you should refer. To ensure greater transparency and convenience, the web addresses of the various policies and methods for managing cookies are given below, while we specify that the Data Controller has no responsibility for the operation of third party cookies on this Website. 

Here are some links to information about third party cookies: 

The cookies sent by Soffass through the Website are indicated below:

Cookies on the Website

Cookie type and ownerTechnical name of the cookiesFunction and purposePersistence time
TechnicalXSRF-TOKENThis cookie is essential for the website’s operation, for the security of the website and of visitors.2 hours
Technicalcookieconsent_statusThis cookie is essential for the website’s operation, it remembers the user’s choice on the cookie bar.1 year
Technicalregina_sessionThis cookie is essential for the website’s operation.2 hours
Technical__cfduidThis cookie is essential for the website’s operation, use of the Cloudflare CDN to speed up downloading.1 year

Cookie settings

You may block or delete (in whole or in part) technical and function cookies through the specific features of your browser. However, please note that not authorising technical cookies may make it impossible for you to use the Website, view its contents and use its services. Blocking function cookies may result in certain services or functions on the Website not being available or not functioning properly and you may be forced to change or manually enter certain information or preferences each time you visit the Website.
The choices made with regard to cookies on the Website will also be recorded in a cookie. However, this cookie may not work properly in some circumstances: in such cases, we recommend that you delete cookies that you do not like and also block their use through your browser’s features.

Your cookie preferences should be reset if you use multiple devices or browsers to access the Website.

How to view and change cookies through your Browser

You may authorise, block or delete (in whole or in part) cookies through the specific features of your browser. For more information on how to set cookie preferences through your Browser, please refer to the instructions:

3. Purpose of processing

The processing that we intend to carry out, with your specific consent where necessary, has the following purposes:

a. allow the provision of the Services you request;

b. respond to enquiries;

c.  respond to requests for information;

d.  comply with any legal, accounting or tax obligations;

e. send you promotional and marketing communications, including the sending of newsletters and market research, via automated means (emails, texts, multimedia messages, push notifications, faxes) and non-automated means (via paper mail or telephone contact with operator);

f. for the analysis of your purchasing choices and behavioural preferences, in order to better structure personalised commercial communications and offers, to carry out general analyses for strategic orientation and commercial intelligence purposes and, in general, for profiling activities;

g. Your personal data may also be communicated, with your consent, to other companies for the sending of their promotional and marketing communications, including the sending of newsletters and market research, via automated means (texts, multimedia messages, emails, push notifications, faxes) and non-automated means (via paper mail or telephone contact with operator);

h.  to enable you to take part in prize competitions.

4. Legal basis and mandatory or optional nature of the processing

The legal basis for the processing of Personal Data for the purposes referred to in section 3 (a-b-c-h) is Art. 6(1)(b) of the Regulation in that the processing is necessary for the provision of the Services or to respond to requests from the data subject. The provision of Personal Data for these purposes is optional, but failure to do so would make it impossible to activate the Services provided by the Website or respond to requests.

The purpose referred to in section 3.d represents a legitimate processing of Personal Data pursuant to Art. 6(1)(c) of the Regulation. Once your Personal Data has been provided, it must to be processed in order to comply with a legal obligation to which Soffass is subject.

The legal basis of the processing for purposes e), f) and g) is Art. 6.1.a) of the Regulation.

Provision of your Personal Data for the purposes referred to in letters e), f) and g) above is optional; no consequences are expected if you refuse.

For the processing carried out for the purpose of sending direct advertising material or direct selling or for carrying out market research or commercial communications in relation to Soffass products or services similar to those you have purchased, Soffass may use, without your consent, e-mail and paper mail in accordance with and within the limits allowed by the Data Protection Authority’s decision dated 19 June 2008, the legal basis for the processing of your data for this purpose is Art. 6, paragraph 1, letter f) of the Regulation.

In any case, pursuant to Art. 21 of the Regulation, you have the possibility to object to such processing at any time, initially or on the occasion of subsequent communications, easily and free of charge by writing to the Controller or to the DPO at the above addresses, and to obtain immediate feedback confirming the interruption of such processing (Art. 15 of the Regulation).

5. Recipients of personal data

Your Personal Data may be shared, for the purposes referred to in section 3 above, with:

a. subjects who typically act as data controllers pursuant to Art. 28 of the Regulation, namely: i) individuals, companies or professional firms that provide assistance and advice to Soffass on accounting, administrative, legal, tax, financial and credit collection matters relating to the provision of the Services; ii) persons with whom it is necessary to interact in order to provide the Services (e.g. hosting providers); iii) or entities delegated to carry out technical maintenance activities (including maintenance of network equipment and electronic communications networks); (collectively, the “Recipients”); the list of data processors that process data can be requested from the Data Controller or the DPO by writing to the following addresses:;

b. subjects, entities or authorities, autonomous data controllers, to whom it is compulsory to communicate your Personal Data pursuant to the provisions of law or orders by the authorities;

c. persons authorised by Soffass to process Personal Data pursuant to Art. 29 of the Regulation needed to carry out activities closely related to the provision of the Services, who have committed themselves to confidentiality or are under an appropriate legal obligation of confidentiality (e.g. Soffass employees).

d. The data may be accessible to the other companies of the Sofidel Group for the same purposes as above and/or for administrative-accounting purposes pursuant to Art. 6.1.f) and Recitals 47 and 48 of the Regulation.

Finally, some of your Personal Data may be disclosed through publication on the Website for the purposes referred to in section 3.h) if you are a prize winner in the prize competitions you have entered.

6. Transfers of personal data

Some of your Personal Data is shared with Recipients who may be located outside the European Economic Area. The data controller ensures that the processing of your Personal Data by these Recipients is carried out in compliance with the Regulation. Transfers may be based on an adequacy decision, on Contractual Clauses approved by the European Commission or on another appropriate legal basis. More information is available from the Controller or the DPO at the following email addresses:;

7. Retention of data

Personal Data processed for the purposes referred to in section 3(a-b) will be kept for the time strictly necessary to achieve those same purposes in accordance with the principles of storage minimisation and limitation pursuant to Art. 5.1.e) of the Regulation. In any case, the Data Controller will process the Personal Data for the time necessary to fulfil the contractual and legal obligations.

Further information on the data retention period and the criteria used to determine this period can be obtained by writing to the Holder or to the DPO at the following address:

8. Rights of data subjects

Pursuant to Art. 15 et seq. of the Regulation, you have the right at any time to request access to your Personal Data, its rectification or erasure, and to restrict its processing in the cases provided for under Art. 18 of the Regulation, to receive the personal data concerning you in a structured, commonly used and machine-readable format in the cases provided for by Art. 20 of the Regulation. At any time, you may revoke your consent pursuant to Art. 7 of the Regulation; lodge a complaint with the competent supervisory authority pursuant to Art. 77 of the GDPR (Data Protection Authority) pursuant to Art. 77 of the Regulation, if you believe that the processing of your data infringes the legislation in force.

You can object to the processing of your data under Art. 21 of the GDPR in which you give evidence of the reasons for your objection: the Controller reserves the right to evaluate the request, which will not be accepted if there are legitimate grounds for the processing which override your interests, rights and freedoms.

Requests should be sent in writing to the Controller or to the DPO at the following email addresses:,

9. Changes

This privacy policy has been in force since 25th May 2018. Soffass reserves the right to modify or simply update the content, in part or in full, also as a result of changes in the applicable legislation. Soffass will inform you of such changes as soon as they are introduced and they will be binding as soon as they are published on the Website. Soffass therefore invites you to visit this section regularly to stay informed about the latest and most updated version of the privacy policy so as to be always up to date with the data collected and the use that Soffass makes of it.