MINT Privacy Policy
Quick navigation
1. DATA CONTROLLER
2. DATA PROTECTION OFFICER
3. SOURCE AND TYPES OF DATA PROCESSED, PURPOSE OF THE DATA PROCESSING AND LEGAL BASIS
4. COOKIE POLICY AND USER'S CONSENT
5. HOW YOUR PERSONAL DATA IS SHARED
6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
7. AUTOMATED DECISION-MAKING PROCESSING
8. DATA SUBJECTS' RIGHTS
9. HOW WE PROTECT YOUR PERSONAL DATA
10. UPDATES TO THIS POLICY
11. HOW YOU CAN CONTACT US ABOUT THIS POLICY
LAST UPDATED: July 2024
Dear User,
This privacy policy is provided not only to comply with legal obligations relating to the
protection of personal data – Regulation (EU) 2016/679 (hereinafter “GDPR”), Italian
Legislative Decree (D.Lgs.) No 196/2003, as updated by D.Lgs. 101/2018 (or “Data Protection
Code”) and significant orders issued by the Data Protection Authority and other privacy
laws that may apply to our processing of your personal data in other countries, including
the United States. But in addition, we provide you this notice because MINT S.p.A
(hereinafter also “MINT” or the “Company”) believes that the protection of personal data is
a fundamental value of its activities and wishes to provide all information which can help
you to protect your confidentiality and control the use you make of your personal data
when navigating the mint.ai website (hereinafter the “Website”).
Personal data are information relating to an identified or identifiable natural person
defined “data subject” (hereinafter also “User”), including for example name, surname and
navigation data.
This Policy describes our collection and use practices.
Dear User,
This privacy policy is provided not only to comply with legal obligations relating to the
protection of personal data – Regulation (EU) 2016/679 (hereinafter “GDPR”), Italian
Legislative Decree (D.Lgs.) No 196/2003, as updated by D.Lgs. 101/2018 (or “Data Protection
Code”) and significant orders issued by the Data Protection Authority and other privacy
laws that may apply to our processing of your personal data in other countries, including
the United States. But in addition, we provide you this notice because MINT S.p.A
(hereinafter also “MINT” or the “Company”) believes that the protection of personal data is
a fundamental value of its activities and wishes to provide all information which can help
you to protect your confidentiality and control the use you make of your personal data
when navigating the mint.ai website (hereinafter the “Website”).
Personal data are information relating to an identified or identifiable natural person
defined “data subject” (hereinafter also “User”), including for example name, surname and
navigation data.
This Policy describes our collection and use practices.
1. DATA CONTROLLER
The Data Controller is MINT S.p.A., in the person of its legal representative, with its registered office via Ripa di Porta Ticinese 113, 20143 - Milan, Italy (“Company” or “Data Controller”).
2. DATA PROTECTION OFFICER
Due to the processing activities carried out, the Data Controller has deemed it necessary
to appoint a Data Protection Officer, who can be reached by writing to the email address
[email protected].
to appoint a Data Protection Officer, who can be reached by writing to the email address
[email protected].
3. SOURCE AND TYPES OF DATA PROCESSED, PURPOSE OF THE DATA PROCESSING AND LEGAL BASIS
The processed personal data is collected mainly on the User’s device when navigating on the Website or using the services made available by the website. This privacy policy analyses the personal data processed in the different sections of the Website and governs exclusively the processing of personal data on the Website and not any other websites the User may be redirected to. The data collected by the Website are processed mainly using electronic means, with software and IT procedures suited to guaranteeing the technical and IT security measures (e.g. the implementation of the https transmission protocol to transfer information entered in the Website).In order to allow you to use the Website and its services, including the possibility ask for a demo of our products, get a product tour and contact us (collectively, “Services”), the Data Controller needs to collect and process some of your personal data.
DATA YOU PROVIDE TO US
Using the Services. To allow you to use the Services, the Data Controller needs to collect your name, your business email address, your job title, your company and the annual media spend (optional). You may also provide this information to us to ask for a demo of our products, get a product tour and contact us through the Website.
Communicating With Us. The optional, explicit, and voluntary sending of mail involves the collection of your name, your surname, your email address, as well as other personal data included in the requests you submit.
LEGAL BASIS
The legal basis for our processing of the above types of personal data is to take steps at the request of the data subject prior to entering into a contract (in case of trial period of MINT Solutions) or the performance of a Contract (Art. 6 (1) (b) of the GDPR).
NATURE OF PROVISION OF THIS PERSONAL DATA
The provision of personal data for the above-mentioned processing purposes is optional but necessary, since failure to provide such data will make it impossible for the User to use the services provided by the Data Controller.
DATA RETENTION PERIOD
Regarding data voluntarily shared by the User, MINT not being able to predetermine in advance their retention period, as they will be connected to the duration of the Agreement for the provision of the Services. The Data Controller commits as of now to inspire its processing to the principles of adequacy, accuracy, and minimization of data, as required by the GDPR, checking annually the need for its retention. This, except in the case where it is necessary to maintain such data to fulfill regulatory obligations, or to ascertain, exercise or defend a right in court.
Communicating With Us. The optional, explicit, and voluntary sending of mail involves the collection of your name, your surname, your email address, as well as other personal data included in the requests you submit.
LEGAL BASIS
The legal basis for our processing of the above types of personal data is to take steps at the request of the data subject prior to entering into a contract (in case of trial period of MINT Solutions) or the performance of a Contract (Art. 6 (1) (b) of the GDPR).
NATURE OF PROVISION OF THIS PERSONAL DATA
The provision of personal data for the above-mentioned processing purposes is optional but necessary, since failure to provide such data will make it impossible for the User to use the services provided by the Data Controller.
DATA RETENTION PERIOD
Regarding data voluntarily shared by the User, MINT not being able to predetermine in advance their retention period, as they will be connected to the duration of the Agreement for the provision of the Services. The Data Controller commits as of now to inspire its processing to the principles of adequacy, accuracy, and minimization of data, as required by the GDPR, checking annually the need for its retention. This, except in the case where it is necessary to maintain such data to fulfill regulatory obligations, or to ascertain, exercise or defend a right in court.
Subscribe MINT’s Newsletter
In the Website homepage there is a box that permit to the user to submit a request for subscription to the promotional newsletter relating to the MINT’s products. This section collects the email address of the User.
LEGAL BASIS
Consent of the User (Art. 6 (1) (a) GDPR) having entered e-mail address in the specific box. This consent is expressed by clicking the button “SIGN UP” and can be withdrawn at any time, without compromising the lawfulness of the processing performed prior to withdrawal, following the instructions given in the “Rights of the data subject” section or clicking the button “Unsubscribe” at the bottom of each newsletter sent.
NATURE OF THE PROVISION
The provision of your personal data for the purpose above is optional. Failure to authorize its processing would make it impossible for the Users to subscribe the MINT’s newsletter.
DATA RETENTION PERIOD
Until withdrawal of consent by the User.
LEGAL BASIS
Consent of the User (Art. 6 (1) (a) GDPR) having entered e-mail address in the specific box. This consent is expressed by clicking the button “SIGN UP” and can be withdrawn at any time, without compromising the lawfulness of the processing performed prior to withdrawal, following the instructions given in the “Rights of the data subject” section or clicking the button “Unsubscribe” at the bottom of each newsletter sent.
NATURE OF THE PROVISION
The provision of your personal data for the purpose above is optional. Failure to authorize its processing would make it impossible for the Users to subscribe the MINT’s newsletter.
DATA RETENTION PERIOD
Until withdrawal of consent by the User.
DATA COLLECTED AUTOMATICALLY FROM YOUR DEVICES
The computer systems and software procedures used for the Website operations acquire, during their normal functioning, some personal data whose transmission is implicit in the use of Internet communication protocols. MINT Solutions collects personal data automatically from your devices for the following purposes:
Functioning and Statistics of the Services. Website collects certain data automatically
from your devices, for the sole purpose of obtaining statistical information on the use of
Website (e.g., most visited pages, number of visitors per hour or day, geographical areas of origin, etc.) and to check the correct functioning of the Services. This data we collect forthese purposes includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time ofthe request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the
server (e.g., successful, error, etc.) and other parameters regarding the operating system
and computer environment.
Cookies. We automatically collect certain information when you visit, use or navigate the Services. For more information about the use of cookies used in our Services and the choices you have, please see the specific section of this policy.
LEGAL BASIS
The legal basis for the purpose above is the legitimate interest of MINT Solutions (Art. 6 (1) (f) of the GDPR) to maintain the security of MINT Solutions and ensure that they are not used in a way which may harm the rights of others or as a channel for the commission of crimes or fraud (see recital 47 of the GDPR). Furthermore, according to the “Guidelines on the use of cookies and other tracking tools - 10 June 2021”, the use of any technical cookie and/or technical tracking tool made by Data Controller indeed falls within the scope of one of the legally permitted exemptions from the obligation to obtain the data subject’s consent.
NATURE OF THE PROVISION
Except as indicated otherwise in our Cookies Policy, the provision of your personal data for the purpose above is mandatory. Failure to authorize its processing would make it impossible to access MINT Solutions and use the Services. Furthermore, failure to authorize its processing would make it impossible to guarantee network and information security.
DATA RETENTION PERIOD
The navigation data acquired through the use of MINT Solutions will not be kept for more than 6 (six) months. The browsing data does not persist for more than 6 (six) months, except for the possible need to ascertain crimes by the judicial authorities.
Do-Not-Track Features (U.S. Residents only). Many web browsers and some mobile
operating systems and mobile applications include a “do-not-track” feature or setting you can activate to signal your privacy preference not to have data about your online
browsing activities monitored and collected. No uniform technology standard for
recognizing and implementing do-not-track signals has been finalized and, as such, we
do not currently respond to do not track browser signals or any other mechanism that
automatically communicates your choice not to be tracked online. We will update this
policy if that changes in the future. These features are not an alternative to the settings
you choice in our cookie banner.
Functioning and Statistics of the Services. Website collects certain data automatically
from your devices, for the sole purpose of obtaining statistical information on the use of
Website (e.g., most visited pages, number of visitors per hour or day, geographical areas of origin, etc.) and to check the correct functioning of the Services. This data we collect forthese purposes includes IP addresses or domain names of computers used by users who connect to the site, URI (Uniform Resource Identifier) of requested resources, the time ofthe request, the method used to submit the request to the server, the size of the file obtained in reply, the numerical code indicating the status of the response from the
server (e.g., successful, error, etc.) and other parameters regarding the operating system
and computer environment.
Cookies. We automatically collect certain information when you visit, use or navigate the Services. For more information about the use of cookies used in our Services and the choices you have, please see the specific section of this policy.
LEGAL BASIS
The legal basis for the purpose above is the legitimate interest of MINT Solutions (Art. 6 (1) (f) of the GDPR) to maintain the security of MINT Solutions and ensure that they are not used in a way which may harm the rights of others or as a channel for the commission of crimes or fraud (see recital 47 of the GDPR). Furthermore, according to the “Guidelines on the use of cookies and other tracking tools - 10 June 2021”, the use of any technical cookie and/or technical tracking tool made by Data Controller indeed falls within the scope of one of the legally permitted exemptions from the obligation to obtain the data subject’s consent.
NATURE OF THE PROVISION
Except as indicated otherwise in our Cookies Policy, the provision of your personal data for the purpose above is mandatory. Failure to authorize its processing would make it impossible to access MINT Solutions and use the Services. Furthermore, failure to authorize its processing would make it impossible to guarantee network and information security.
DATA RETENTION PERIOD
The navigation data acquired through the use of MINT Solutions will not be kept for more than 6 (six) months. The browsing data does not persist for more than 6 (six) months, except for the possible need to ascertain crimes by the judicial authorities.
Do-Not-Track Features (U.S. Residents only). Many web browsers and some mobile
operating systems and mobile applications include a “do-not-track” feature or setting you can activate to signal your privacy preference not to have data about your online
browsing activities monitored and collected. No uniform technology standard for
recognizing and implementing do-not-track signals has been finalized and, as such, we
do not currently respond to do not track browser signals or any other mechanism that
automatically communicates your choice not to be tracked online. We will update this
policy if that changes in the future. These features are not an alternative to the settings
you choice in our cookie banner.
DATA WE COLLECT FROM THIRD PARTIESWe may use third party service providers to help us with our day-to-day business
activities. Where we use third parties, they may share personal data about you with us. In addition, sometimes in the course of providing the Services, we will collect data from a third party – such as your employer – rather than directly from you.
OTHER PURPOSES FOR WHICH WE MAY USE YOUR PERSONAL DATA
We may use any personal data we collect as described above for the following business purposes:
To develop our products and services. We may use your personal data to further
develop our existing products and services, including artificial intelligence tools and features, or to develop new products and services.
To protect the Services, us, and others. We may use your personal data as part of our efforts to keep the Services safe and secure (for example, for fraud monitoring and prevention) and to protect others from harm or abuse.
To enforce our terms, conditions and policies. We may use your personal data to
ensure you and others are complying with our terms, conditions and policies, including providing your information to law enforcement if we believe it is appropriate to do so and using your information in connection with legal proceedings brought by us or against us.
To respond to legal requests and comply with applicable law. If we receive a subpoena, discovery request, or other legal request, we may need to review and evaluate your personal data and potentially provide your personal data in response to the request. We may also need to use your personal data as needed to comply with applicable laws and regulations.
For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve the Services, products, and your experience.
activities. Where we use third parties, they may share personal data about you with us. In addition, sometimes in the course of providing the Services, we will collect data from a third party – such as your employer – rather than directly from you.
OTHER PURPOSES FOR WHICH WE MAY USE YOUR PERSONAL DATA
We may use any personal data we collect as described above for the following business purposes:
To develop our products and services. We may use your personal data to further
develop our existing products and services, including artificial intelligence tools and features, or to develop new products and services.
To protect the Services, us, and others. We may use your personal data as part of our efforts to keep the Services safe and secure (for example, for fraud monitoring and prevention) and to protect others from harm or abuse.
To enforce our terms, conditions and policies. We may use your personal data to
ensure you and others are complying with our terms, conditions and policies, including providing your information to law enforcement if we believe it is appropriate to do so and using your information in connection with legal proceedings brought by us or against us.
To respond to legal requests and comply with applicable law. If we receive a subpoena, discovery request, or other legal request, we may need to review and evaluate your personal data and potentially provide your personal data in response to the request. We may also need to use your personal data as needed to comply with applicable laws and regulations.
For other business purposes. We may use your information for other business purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns, and to evaluate and improve the Services, products, and your experience.
MINORS’ PERSONAL DATA
Our Services are not directed to minors under the age of 16 (or under the age of majority as determined by applicable, local law) and we do not intend to collect personal data from minors under the age of majority. If you believe that we inadvertently have collected personal data about your child, please contact us at [email protected] and we will promptly delete or de-identify this information. For clarity, we do not knowingly collect or sell the personal data of minors under the age of 16.
DE-IDENTIFIED AND AGGREGATE DATA
MINT may de-identify (as also referred to as “anonymize”) and aggregate data for its
business purposes, including but not limited to, to improve the products and features of its Services, to maintain the security and integrity of its systems, for analytics, and other legitimate business purposes. "De-identified Data" means information that cannot reasonably be used to infer information about, or otherwise be linked to a particular data subject. De-identified Data includes anonymized data and is no longer “personal data” under applicable data protection laws. Where we process De-identified Data, we commit to maintain and use the information in de-identified form and not attempt to reidentify the information, except where permitted by law. MINT may disclose De-identified Data to third parties who commit themselves to maintaining the De-identified Data in anonymized form and not attempt to re-identify the data for any business purpose.
business purposes, including but not limited to, to improve the products and features of its Services, to maintain the security and integrity of its systems, for analytics, and other legitimate business purposes. "De-identified Data" means information that cannot reasonably be used to infer information about, or otherwise be linked to a particular data subject. De-identified Data includes anonymized data and is no longer “personal data” under applicable data protection laws. Where we process De-identified Data, we commit to maintain and use the information in de-identified form and not attempt to reidentify the information, except where permitted by law. MINT may disclose De-identified Data to third parties who commit themselves to maintaining the De-identified Data in anonymized form and not attempt to re-identify the data for any business purpose.
4. Cookie Policy and User’s consent
When connecting for the first time to any page of MINT.ai, the User will see a brief information on the use of cookies appear. The Website remembers the choice made by the user, so the short notice will not be repeated in subsequent links from the same device. However, you always have the option of revoking all or part of the consent you have already given.
If User encounters any technical problems with the provision of consent, please contact us through the appropriate channels on this Website so that we can provide you with assistance
This cookie policy will give you information about:
If User encounters any technical problems with the provision of consent, please contact us through the appropriate channels on this Website so that we can provide you with assistance
This cookie policy will give you information about:
- The different types of cookies
- The cookies that are required on our websites (Essential Cookies)
- The cookies that you can reject (Non-Essential Cookies)
- The cookies we use
- How to manage your cookie preferences
Cookies. "Cookies" are small files which enable us to store individual information related to your computer or other device used to access our websites. Cookies help us in several ways, for example, to determine the frequency of use and the number of people visiting our websites and using the Services, and to make our services as comfortable and efficient as possible for you.
Classes of Cookies. There are two classes of cookies: session cookies, and persistent cookies.
Classes of Cookies. There are two classes of cookies: session cookies, and persistent cookies.
- Session cookies make it easier for you to navigate the websites and they expire and disappear from your device when you close your browser.
- Persistent cookies remain longer and help in understanding how you use the websites, and enhance your user experience, and they stay on your device even after you close your device’s browser or end your session. Session cookies may remain on your hard drive for an extended period of time.
Sources of Cookies. Cookies also come from different sources – from MINT Solutions (these would be “first party cookies” because MINT Solutions places the cookies itself), and from other third parties (these are “third party cookies” because they are not placed by MINT).
- First party cookies are set by the website you are visiting, and they can only be read by that site.
- Third party cookies are not set by the owner of the website you are visiting, but by a different organization. For example, advertisers and other third parties may use their own cookies when you click on an advertisement or link on our website, or we might engage a third-party analytics company that will set their own cookie to perform this service.
Third Party Cookies and Website Analytics. We use third party services including Google analytics to analyze Website activity. When you visit the websites, Google Analytics automatically collects information from you through the use of Google’s analytics IDs, and Google provides some of this information to us. An analytics ID is a specific string of numbers and letters (often called a “character string”) that is assigned to your computer or device but does not name you. The analytics ID allows Google to track usage data of the websites, such as date and time of visit, duration of visit, website traffic patterns, “clickstreams,” other similar information about your use of the websites, the type of web browser used, the operating system/platform you are using, your IP address, the websites that referred or linked you to our Website, and your CPU speed. Google Analytics does not share the analytics ID assigned to your computer or device that you use to access and use the websites. Google Analytics provides information about the use of our websites to us in aggregate form (i.e., data about many website users combined and not just about you). Some of this data might include the regional location of website users, but again, this data will be in aggregate (and not individual) form. We rely on this aggregate data to inform us how users are using the websites and to help us improve the websites.
Types of Cookies. The different types of cookies can be categorized as follows:
Essential Cookies: There are certain cookies that we have to include in order for certain web pages to function. For this reason, they do not require your consent. In particular:
Types of Cookies. The different types of cookies can be categorized as follows:
Essential Cookies: There are certain cookies that we have to include in order for certain web pages to function. For this reason, they do not require your consent. In particular:
- Necessary cookies are cookies that are required for the operation of our website, such as to ensure security. Other necessary cookies allow us to provide features or services that you expressly request. These cookies do not require your consent and cannot be switched off (although in some cases you can change your requests). You can set your browser to block or alert you about these cookies, but some parts of our website may not work if you block these types of cookies.
- Functional cookies are used to provide certain functionalities to you by recording your choices and settings regarding our Services, maintaining your preferences over time and recognizing you when you return to our website so that we can offer you a better experience on this website. We will only store and access functional cookies on your device if you consent to such storage and access. If you do not consent to these types of cookies, we will not be able to provide certain functionalities to you.
Non-Essential Cookies: We use these cookies only for internal research on how we can improve our website for our users. These cookies simply assess how you interact with our website as an anonymous user (meaning the data gathered does not identify you individually).
Also, this data is not shared with any third parties or used for any other purpose. The anonymized statistics may be shared with contractors working on communication projects under a contract with MINT Solutions. However, you are free to refuse these types of cookies, either via the cookie banner you see when you first visit the site or by visiting the cookie preference page.
Also, this data is not shared with any third parties or used for any other purpose. The anonymized statistics may be shared with contractors working on communication projects under a contract with MINT Solutions. However, you are free to refuse these types of cookies, either via the cookie banner you see when you first visit the site or by visiting the cookie preference page.
- Performance cookies are used to improve the performance of our website and to enhance your experience. Google Analytics automatically collects certain usage and performance data from our website users. The information these cookies collect is aggregated and anonymous information, and we are never provided with your personal information from these cookies.
- Analytics cookies allow us to analyze website and Service usage and understand how visitors use it. These cookies recognize and collect information about the number of visitors, the pages they view, how long they view pages and how they move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that visitors are easily finding what they are looking for. We will only store and access analytics cookies on your device if you consent to such storage and access. If you do not consent to these types of cookies, we will not be able to improve our website based on information from your visit.
- Targeting and advertising cookies track browsing habits and are used to deliver targeted (interest-based) advertising. They are also used to limit the number of times you see an ad and to measure the effectiveness of advertising campaigns. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organizations, such as advertisers.
Cookies We Use: We use the following "cookies" on our websites in connection with some of the functionalities described above.
Cookie Type | Name | Purpose | Duration |
---|---|---|---|
Analytics Cookies | Google Analytics | Analyze the statistics of visit to MINT’s website. | 2 Years |
Profiling Cookies | Google Advertising product | Analyze the performance of MINT Google Campaign | 2 Years |
Profiling Cookies | Google conversion linker | Analyze the performance of MINT Google Campaign | 2 Years |
Profiling Cookies | Google Double Click | Double Click is set up on the site by advertising partners and used to profile user interests and show relevant advertisements on other sites | 2 Years |
Profiling Cookies | Identifies visitors from LinkedIn | 2 Years |
The content of a cookie is limited to an identification number. Name, IP-address or other information regarding your true identity is only collected to the extent necessary for the operation of the functionality cookies (i.e., in connection with the log-in function).
Legal Basis. The use of the cookies identified above is based on the consent (Art. 6 (1) (a) GDPR and 122 of the Data Protection Code) expressed by the User through the Consent Management Platform ("CMP") that allows by opt-in the granular expression of consent to the installation of the different cookies at the first access of the User. The User can change the consent expressed at any time by accessing the CMP and modifying his or her choices.
Managing Cookies and Withdrawing Consent. We will obtain your opt-in consent to the use of the non-essential cookies and other tracking technologies on this website when you first access the website and if we introduce any new cookies to the website, unless they are essential cookies, in which case your consent is not required. When you visit this website, a pop up will appear to inform you about our use of such cookies. You can then consent by clicking on “Accept”, or you may refuse cookies (except necessary cookies) by clicking on “Continue without accepting”. You may alternatively click on the link to the cookie manager to visit our Consent Management Platform and decide the categories of cookies that you wish to accept, and the cookies you wish to reject.
You may withdraw your consent at any time with effect for the future. If you deny cookies, we will not set those cookies on your device, except essential cookies and a cookie to remember that you don't want any cookies set when you visit this website.
If you have accepted cookies but want to deny them (withdraw your consent) for the future, you can delete the cookies in your website browser and the cookies window including the link to the cookie manager.
Cookies and Browser Settings. You can disable cookies by changing your website browser settings to reject cookies. How to do this will depend on the browser you use. Rejecting cookies will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new cookie in a variety of ways. You can also delete all cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit this website. All modern browsers allow you to change your cookie settings, typically by going to the ‘options’ or ‘preferences’ menu of your browser. Use the ‘Help’ option in your browser for more details.
Legal Basis. The use of the cookies identified above is based on the consent (Art. 6 (1) (a) GDPR and 122 of the Data Protection Code) expressed by the User through the Consent Management Platform ("CMP") that allows by opt-in the granular expression of consent to the installation of the different cookies at the first access of the User. The User can change the consent expressed at any time by accessing the CMP and modifying his or her choices.
Managing Cookies and Withdrawing Consent. We will obtain your opt-in consent to the use of the non-essential cookies and other tracking technologies on this website when you first access the website and if we introduce any new cookies to the website, unless they are essential cookies, in which case your consent is not required. When you visit this website, a pop up will appear to inform you about our use of such cookies. You can then consent by clicking on “Accept”, or you may refuse cookies (except necessary cookies) by clicking on “Continue without accepting”. You may alternatively click on the link to the cookie manager to visit our Consent Management Platform and decide the categories of cookies that you wish to accept, and the cookies you wish to reject.
You may withdraw your consent at any time with effect for the future. If you deny cookies, we will not set those cookies on your device, except essential cookies and a cookie to remember that you don't want any cookies set when you visit this website.
If you have accepted cookies but want to deny them (withdraw your consent) for the future, you can delete the cookies in your website browser and the cookies window including the link to the cookie manager.
Cookies and Browser Settings. You can disable cookies by changing your website browser settings to reject cookies. How to do this will depend on the browser you use. Rejecting cookies will prevent your browser from accepting new cookies, as well as (depending on the sophistication of your browser software) allow you to decide on acceptance of each new cookie in a variety of ways. You can also delete all cookies that are already on your device. If you do this, however, you may have to manually adjust some preferences every time you visit this website. All modern browsers allow you to change your cookie settings, typically by going to the ‘options’ or ‘preferences’ menu of your browser. Use the ‘Help’ option in your browser for more details.
Blocking all cookies (including necessary cookies) will have a negative impact upon the usability of many websites, including ours. If you block necessary cookies, you may not be able to use all the features on this website. You can also delete cookies already stored on your computer. However, deleting cookies might have a negative impact on the usability of many websites, including ours.
To find out more about cookies, visit www.aboutcookies.org or www.allaboutcookies.org.
To find out more about cookies, visit www.aboutcookies.org or www.allaboutcookies.org.
5. HOW YOUR PERSONAL DATA IS SHARED
The personal data processed will not be disclosed to third parties, but may, however, be shared in relation to the purposes of processing set out above to the following subjects:
- Legal Requirements: those who can access the personal data according to legal provisions provided by the law of the European Union or the law of the Member State to which the Data Controller is subject, or other applicable laws
- Service Providers: subjects that perform ancillary purposes to the activities and services referred to in this policy, including companies that offer IT infrastructures and IT assistance and consultancy services as well as design and implementation of software and websites, companies that offer services useful to customize and optimize our services, companies that offer data analysis and development services (including those related to user interactions with our services), service centers, companies or consultants responsible for providing further services to the Data Controller, within the limits of the purposes for which they were collected
- Related Companies: data controllers belonging to our business group or entities linked to a central body exclusively for internal administrative purposes
- Changes in Business Structure: we may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.
6. TRANSFER OF PERSONAL DATA TO THIRD COUNTRIES
The Data Controller may transfer your personal data to third countries outside the European Union, for the purpose of providing you the Services through the Website. Such transfer is always subject to an adequacy decision, under article 45 of the GDPR, or to the Standard Contractual Clauses, under article 46 of the GDPR. For more information about the rules for transferring data to countries outside the European Union, including the mechanisms on which we rely, you can visit the European Commission’s website here. To request a copy of the Standard Contractual Clauses signed by the Data Controller you can send an email to [email protected].
7. AUTOMATED DECISION-MAKING PROCESSING
The Data Controller does not use automated decision-making processes without your consent, including profiling as referred to in Article 22 paras. 1 and 4 of the GDPR.
8. DATA SUBJECTS’ RIGHTS
The rights described in this section apply to all users.
Right to Access and to Know — You have the right to access the personal data collected about you. You also may request to know the categories of personal data collected about you, the information or categories of information shared with third parties, or the specific third parties or categories of third parties to which the information was shared; or, some combination of similar information. However, there are certain exemptions, meaning that data subjects may not always receive all of the information we process.
Right to Correct — Without prejudice to your right to review or change the information in your account to make sure it is accurate and up-to-date, you also have the right to request rectification of any other of your personal data, provided to us if you consider it to be inaccurate or incomplete.
Right to Data Portability — Under certain circumstances, you may request us to transfer your personal data, provided by you, to another controller. Also, you have the right to receive your personal data, which have been provided by you, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
Right to Delete / Erasure — You generally have a right to request your personal data or part of it to be erased (e.g., when your personal data are no longer necessary for the stated purposes in this policy, the personal data have been unlawfully processed); however, we may not always erase your personal data because sometimes the processing is still necessary. For example, for complying with statutory obligations or for lodging, exercising or substantiating legal claims. Therefore, we will weigh your interest in having your personal data erased against the necessity of maintaining the personal data for our legitimate interests. Please be aware that if you request us to delete your personal data, you may also not be able to continue to use the Services.
Right to Restriction — Under certain circumstances, you may have the right to restrict a business’s ability to process personal data about the you. For example, if the accuracy of your personal data is contested, the processing is unlawful or personal data is no longer needed for purposes of the processing. However, we can still use restricted data in certain circumstances (e.g., when your personal data is needed for legal claims or to protect another data subject’s rights).
Right Against Automated Decision Making/ Profiling — You may have the right to not be subject to a decision based solely on an automated process without human input. However, please note that we will not process your personal data like this without your consent.
Right of Objection — Under certain circumstances, you may object to the processing of your personal data by us or third parties engaged by us. For example, you have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out pursuant to Art. 6 (1), letter (e) or (f) of the GDPR, including profiling on the basis of these provisions, as stated in Art. 21 of the GDPR. In addition, where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you carried out for such purposes. We will consider several factors when assessing an objection to our processing in furtherance of our legitimate interests, including: our users’ reasonable expectations; the benefits and risks to you, us, other users, or third parties; and other available means to achieve the same purpose that may be less invasive and do not require disproportional effort. Your objection will be upheld, and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.
Right to Withdraw Consent — If we have requested your explicit consent for data processing, you have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of the processing prior to the withdrawal.
Right to Opt Out of Sale or Sharing — Where applicable, in the U.S., you may opt out of the Sale or Sharing of personal data to third parties, as those terms are defined by U.S. federal, state and local laws. We do not sell or share your personal data with third parties for the purposes of cross-context behavioral advertising, targeted marketing, or profiling.
Right of Complaint — If you believe that the processing of your personal data violates applicable laws and regulations, please contact us at [email protected]. We will always try to find a solution together. Should this not be possible, you have the right to complain to a Data Protection Authority about our processing of your personal data. If you are in the EEA, please contact your local Data Protection Authority in the EEA. For contact details of your local Data Protection Authority, please see here.
In addition, we will not discriminate against you if you exercise your privacy rights under any applicable privacy and data protection laws, including by:
Right to Access and to Know — You have the right to access the personal data collected about you. You also may request to know the categories of personal data collected about you, the information or categories of information shared with third parties, or the specific third parties or categories of third parties to which the information was shared; or, some combination of similar information. However, there are certain exemptions, meaning that data subjects may not always receive all of the information we process.
Right to Correct — Without prejudice to your right to review or change the information in your account to make sure it is accurate and up-to-date, you also have the right to request rectification of any other of your personal data, provided to us if you consider it to be inaccurate or incomplete.
Right to Data Portability — Under certain circumstances, you may request us to transfer your personal data, provided by you, to another controller. Also, you have the right to receive your personal data, which have been provided by you, in a structured, commonly used and machine-readable format and to transmit those data to another controller.
Right to Delete / Erasure — You generally have a right to request your personal data or part of it to be erased (e.g., when your personal data are no longer necessary for the stated purposes in this policy, the personal data have been unlawfully processed); however, we may not always erase your personal data because sometimes the processing is still necessary. For example, for complying with statutory obligations or for lodging, exercising or substantiating legal claims. Therefore, we will weigh your interest in having your personal data erased against the necessity of maintaining the personal data for our legitimate interests. Please be aware that if you request us to delete your personal data, you may also not be able to continue to use the Services.
Right to Restriction — Under certain circumstances, you may have the right to restrict a business’s ability to process personal data about the you. For example, if the accuracy of your personal data is contested, the processing is unlawful or personal data is no longer needed for purposes of the processing. However, we can still use restricted data in certain circumstances (e.g., when your personal data is needed for legal claims or to protect another data subject’s rights).
Right Against Automated Decision Making/ Profiling — You may have the right to not be subject to a decision based solely on an automated process without human input. However, please note that we will not process your personal data like this without your consent.
Right of Objection — Under certain circumstances, you may object to the processing of your personal data by us or third parties engaged by us. For example, you have the right to object at any time, on grounds relating to your situation, to the processing of your personal data carried out pursuant to Art. 6 (1), letter (e) or (f) of the GDPR, including profiling on the basis of these provisions, as stated in Art. 21 of the GDPR. In addition, where your personal data is processed for direct marketing purposes, you have the right to object at any time to the processing of personal data relating to you carried out for such purposes. We will consider several factors when assessing an objection to our processing in furtherance of our legitimate interests, including: our users’ reasonable expectations; the benefits and risks to you, us, other users, or third parties; and other available means to achieve the same purpose that may be less invasive and do not require disproportional effort. Your objection will be upheld, and we will cease processing your information, unless the processing is based on compelling legitimate grounds or is needed for legal reasons.
Right to Withdraw Consent — If we have requested your explicit consent for data processing, you have the right to withdraw your consent at any time. The withdrawal of consent will not affect the lawfulness of the processing prior to the withdrawal.
Right to Opt Out of Sale or Sharing — Where applicable, in the U.S., you may opt out of the Sale or Sharing of personal data to third parties, as those terms are defined by U.S. federal, state and local laws. We do not sell or share your personal data with third parties for the purposes of cross-context behavioral advertising, targeted marketing, or profiling.
Right of Complaint — If you believe that the processing of your personal data violates applicable laws and regulations, please contact us at [email protected]. We will always try to find a solution together. Should this not be possible, you have the right to complain to a Data Protection Authority about our processing of your personal data. If you are in the EEA, please contact your local Data Protection Authority in the EEA. For contact details of your local Data Protection Authority, please see here.
In addition, we will not discriminate against you if you exercise your privacy rights under any applicable privacy and data protection laws, including by:
- Denying you goods or services.
- Charging you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
- Providing you a different level or quality of goods or services.
- Suggesting that you may receive a different price or rate for goods or services or a different level or quality of goods or services.
HOW TO SUBMIT A REQUEST TO EXERCISE YOUR RIGHTS
Submission of Requests. You may submit a request regarding your personal data by:
Submission of Requests. You may submit a request regarding your personal data by:
- In the U.S. you can call us at [include phone number].
- Email us at [email protected] or [email protected] – please provide your name, telephone number, and type of request.
- Mail us at [insert address]
EEA: Ripa di Porta Ticinese, 113, 20143 Milan, Italy
United States: 1251 Avenue of the Americas, 37th Floor, New York, NY 10020
What We May Need from You. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to someone who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Verifying Your Identity. To protect your privacy and security, we will take reasonable steps to verify your identity before providing your personal data and before deleting your information. Only you or someone legally authorized to act on your behalf may make a verifiable request related to your personal data. For example, if you make a request, we will ask you to confirm your name, email address, and/or other information we in our records to verify your identity, so that we can help protect your information.
Requests from Authorized Agents. You may designate an authorized agent to make a request for you. If you designate an authorized agent to make a request on your behalf, we may require you to verify your identity and provide the authorized agent’s identity and contact information to us.
Responses to Requests. We will respond to your request as soon as possible, and no later than one month from receipt of your request. In doing so, we will also assess whether, and if so to what extent, we can or must comply with your request under the applicable laws. If a longer period of time is needed, we will inform you within one month of receipt of the request. The submission and processing of your request is free of charge, unless your request is manifestly unfounded or excessive, in particular because of a repetitive character.
California Shine the Light Notice
We provide California residents with the option to opt-in to sharing of “personal information” as defined by California’s “Shine the Light” law with third parties, other than with our affiliates, for such third parties’ own direct marketing purposes. We do not share personal information with non-Affiliate third parties for their direct marketing purposes absent your consent. If you are a California resident, you may request information about our compliance with the Shine the Light law and/or withdraw previously given consent to sharing with non-Affiliate third parties for their direct marketing purposes by contacting using the methods in the How to Submit a Request to Exercise Your Rights section. Requests must include “California Direct Marketing Privacy Request” in your description of which right(s) you wish to exercise. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the provided e-mail address or mailing address.
United States: 1251 Avenue of the Americas, 37th Floor, New York, NY 10020
What We May Need from You. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to someone who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
Verifying Your Identity. To protect your privacy and security, we will take reasonable steps to verify your identity before providing your personal data and before deleting your information. Only you or someone legally authorized to act on your behalf may make a verifiable request related to your personal data. For example, if you make a request, we will ask you to confirm your name, email address, and/or other information we in our records to verify your identity, so that we can help protect your information.
Requests from Authorized Agents. You may designate an authorized agent to make a request for you. If you designate an authorized agent to make a request on your behalf, we may require you to verify your identity and provide the authorized agent’s identity and contact information to us.
Responses to Requests. We will respond to your request as soon as possible, and no later than one month from receipt of your request. In doing so, we will also assess whether, and if so to what extent, we can or must comply with your request under the applicable laws. If a longer period of time is needed, we will inform you within one month of receipt of the request. The submission and processing of your request is free of charge, unless your request is manifestly unfounded or excessive, in particular because of a repetitive character.
California Shine the Light Notice
We provide California residents with the option to opt-in to sharing of “personal information” as defined by California’s “Shine the Light” law with third parties, other than with our affiliates, for such third parties’ own direct marketing purposes. We do not share personal information with non-Affiliate third parties for their direct marketing purposes absent your consent. If you are a California resident, you may request information about our compliance with the Shine the Light law and/or withdraw previously given consent to sharing with non-Affiliate third parties for their direct marketing purposes by contacting using the methods in the How to Submit a Request to Exercise Your Rights section. Requests must include “California Direct Marketing Privacy Request” in your description of which right(s) you wish to exercise. Please note that we are only required to respond to one request per customer each year, and we are not required to respond to requests made by means other than through the provided e-mail address or mailing address.
9. HOW WE PROTECT YOUR PERSONAL DATA
We have implemented appropriate technical and organizational security measures designed to protect the security of any personal data we collect, receive, use, or store, including measures designed to protect data transferred to different countries for use or processing in accordance with this privacy policy. We will do our best to protect your personal data taking into account the state of art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for your rights and freedoms posed by the processing. You should however access the Services within a secure environment. If you believe your account has been compromised or you suspect any type of data breach, please contact us at [email protected]
10. UPDATES TO THIS POLICY
We may update this policy from time to time. The updated version will be indicated by the “Last Updated” date and the updated version will be effective as soon as it is accessible. If we make any material changes to the policy, we will notify you by reasonable means, which may be by email or posting a notice of the changes on our website prior to the changes becoming effective. We encourage you to check this policy from time to time.
11. HOW YOU CAN CONTACT US ABOUT THIS POLICY
If you have questions or comments about this policy, you may contact our Data Protection Officer (DPO) by email at [email protected].
ANNEX I – ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS
This Annex summarizes how MINT processes personal data in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”). The terms used in this Annex 1 shall have the same meanings as given to them under the CCPA.
In the last 12 months, we have collected or received the following categories of Personal Information, where we have a legitimate interest, legal obligation or consent for processing:
This Annex summarizes how MINT processes personal data in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (collectively, “CCPA”). The terms used in this Annex 1 shall have the same meanings as given to them under the CCPA.
In the last 12 months, we have collected or received the following categories of Personal Information, where we have a legitimate interest, legal obligation or consent for processing:
Category | Sources | Purpose for Collection and Use | Sharing with Third Parties for a Business Purpose |
---|---|---|---|
A. Identifiers. A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, Social Security number, driver's license number, passport number, or other similar identifiers. | - Directly from you Automatically from your device - From third parties | - Communicating with us - Using the services - Newsletter - Functionality and Statistics - Cookies | - Service providers - Website and application analytics providers - Affiliates and Subsidiaries |
B. Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver's license or state identification card number, insurance policy number, education, employment, employment history, marital status, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | - Directly from you | - Using the services - Communicating with us -Newsletter | - Service providers - Affiliates and Subsidiaries |
C. Characteristics of protected classifications under California or federal law. Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | - Not collected | - Not collected | - Not collected |
D. Commercial information. Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | - Not collected | - Not collected | - Not collected |
F. Internet or other similar network activity. Browsing history, search history, information on an employee's interaction with a website, application, or advertisement. | - Automatically from your device | - Functionality and Statistics - Cookies | - Service providers - Website and application analytics providers |
G. Geolocation data. Data that can identify a consumer's physical location or movements. | - Not collected | - Not collected | - Not collected |
H. Sensory data. Audio, electronic, visual, olfactory, or similar information. | - Not collected | - Not collected | - Not collected |
I. Professional or employment-related information. Current or past job history or performance evaluations. | - Not collected | - Not collected | - Not collected |
MINT does not sell users’ personal data.